Skip to content

fix(kiloclaw): resolve kilo-chat attachments against the agent working dir#4381

Open
iscekic wants to merge 5 commits into
mainfrom
fix/kilo-chat-attach-agent-workdir
Open

fix(kiloclaw): resolve kilo-chat attachments against the agent working dir#4381
iscekic wants to merge 5 commits into
mainfrom
fix/kilo-chat-attach-agent-workdir

Conversation

@iscekic

@iscekic iscekic commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Problem

A user asked the KiloClaw agent for a markdown report and the agent could not attach the file to any message.

The attachment pipeline (plugin → kilo-chat backend → mobile) is fully implemented; the failure is a workspace mismatch in the sandbox:

  • kiloclaw runs the agent in /root/clawd (bootstrap.ts chdirs there) and tells it so in prompts.
  • The generated openclaw.json never sets agents.defaults.workspace, so OpenClaw's outbound-media machinery resolves the agent workspace to its default ~/.openclaw/workspace, with allowed local media roots /tmp/openclaw + ~/.openclaw/{media,canvas,workspace,sandboxes}. /root/clawd is in neither.

Verified by executing the deployed openclaw@2026.6.11 with kiloclaw's config shape, for a report.md written in the agent's cwd:

Agent's attempt Result
filePath: "report.md" (relative) Local media file not found: /root/.openclaw/workspace/report.md
absolute /root/clawd/report.md ✅ only because granted host readFile skips root checks
absolute, when host fs read is restricted Local media path is not under an allowed directory

So attaching only worked when the model happened to pass an absolute path and fs read was allowed — flaky in exactly the way users report.

Fix (contained to the kiloclaw-owned plugin)

In media-delivery.ts:

  • resolve agent-relative paths against the process cwd (the agent's real workspace) first, falling back to the OpenClaw workspace;
  • append the cwd to the local roots passed to loadOutboundMediaFromUrl, so absolute paths under /root/clawd pass root gating even without host readFile.

In channel.ts: hint the model toward absolute paths for upload-file — that action's buffer is hydrated by OpenClaw core (with OpenClaw's own workspace notion) before the plugin runs, so the plugin cannot fix relative paths there. send + filePath (the recommended route for generated text files) is fully plugin-handled and now works with either path form.

An alternative was setting agents.defaults.workspace = '/root/clawd' in config-writer.ts, but OpenClaw loads IDENTITY.md/TOOLS.md/mcporter from its workspace and kiloclaw deliberately seeds those into ~/.openclaw/workspace, so repointing it has wider blast radius.

Tests

Two regression tests mirroring the reproduced failure modes (relative path from agent cwd; absolute path outside configured roots without readFile, exercising the real OpenClaw loader). Both fail on main and pass with the fix; full plugin suite: 200/200.

Note: existing machines pick up the fix on their next restart/redeploy (image update).

iscekic added 3 commits July 3, 2026 13:28
…the screen

PermissionCard rendered patterns/metadata (often a full command) in plain
Views with no height limit. As a pinned footer below the message list it
could grow past the screen, pushing the Deny/Allow buttons off-screen with
no way to scroll — approvals became impossible to act on.

Wrap the card body in a ScrollView capped at max-h-96 (same pattern as
QuestionCard) and let both cards shrink when the available height is
smaller (e.g. keyboard open on small screens), keeping the action buttons
pinned and reachable while the content scrolls.
…n modal

Tables previously rendered inside a horizontal ScrollView within the
message bubble, which caused two Android-reported bugs:

- Scrolling the table leftward activated the bubble's swipe-to-reply pan
  gesture (12px activation offset), making tables with more than 2
  columns unusable.
- A horizontal ScrollView inside a width-constrained bubble mis-measures
  its height on RN Fabric (same bug already worked around for code
  blocks), producing overlapping messages in the FlashList.

Tables now render as a compact 'View table' chip inline; tapping it opens
a full-screen modal where the table scrolls both ways with roomier
columns. No horizontal ScrollView ever renders inside a bubble anymore.

Applies to both kiloclaw chat and cloud agents chat via the shared
MarkdownText renderer.
…g dir

OpenClaw resolves the media workspace to ~/.openclaw/workspace and gates
local attachment paths to its own local roots. The kiloclaw agent works in
/root/clawd (process cwd), which is neither — so a generated file (e.g. a
markdown report) could not be attached: relative filePaths resolved into
the wrong directory (file not found) and absolute paths under /root/clawd
were rejected by local-roots gating whenever host fs read was restricted.

Resolve agent-relative paths against the process cwd (falling back to the
OpenClaw workspace) and append the cwd to the allowed local roots passed
to the OpenClaw media loader. Also hint the model toward absolute paths
for upload-file, whose buffer is hydrated by OpenClaw core before the
plugin can fix up the path.
@iscekic iscekic self-assigned this Jul 3, 2026
@iscekic iscekic requested review from St0rmz1 and pandemicsyn July 3, 2026 12:04
Comment thread services/kiloclaw/plugins/kilo-chat/src/media-delivery.ts Outdated
@kilo-code-bot

kilo-code-bot Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Code Review Summary

Status: No Issues Found | Recommendation: Merge

Executive Summary

The previously flagged hasUriScheme edge case (colon-containing filenames misclassified as URIs) is fixed by requiring ://, with a regression test covering report:2026-07-03.md; no new issues found in the incremental diff.

Files Reviewed (2 files)
  • services/kiloclaw/plugins/kilo-chat/src/media-delivery.ts
  • services/kiloclaw/plugins/kilo-chat/src/media-delivery.test.ts
Previous Review Summary (commit 53128a7)

Current summary above is authoritative. Previous snapshots are kept for context only.

Previous review (commit 53128a7)

Status: 1 Issue Found | Recommendation: Address before merge

Executive Summary

A narrow filename-classification edge case in the new hasUriScheme helper (media-delivery.ts) can cause the cwd-based attachment resolution fix to skip resolving relative filenames that contain a colon.

Overview

Severity Count
CRITICAL 0
WARNING 0
SUGGESTION 1
Issue Details (click to expand)

SUGGESTION

File Line Issue
services/kiloclaw/plugins/kilo-chat/src/media-delivery.ts 103 hasUriScheme regex matches any letters: prefix, misclassifying relative filenames containing a colon (e.g. report:2026-07-03.md) as already-resolved paths
Files Reviewed (3 files)
  • services/kiloclaw/plugins/kilo-chat/src/channel.ts - 0 issues
  • services/kiloclaw/plugins/kilo-chat/src/media-delivery.ts - 1 issue
  • services/kiloclaw/plugins/kilo-chat/src/media-delivery.test.ts - 0 issues

Note: this PR's branch also contains two fix(mobile) commits (approval-card scrolling, markdown table modal), but those changes already landed on main via separate PRs (#4378, #4379) before this branch was updated, so they are no longer part of this PR's diff and were excluded from this review.

Fix these issues in Kilo Cloud


Reviewed by claude-sonnet-5-20260630 · Input: 32 · Output: 7K · Cached: 901.6K

Review guidance: REVIEW.md from base branch main

@iscekic iscekic enabled auto-merge (squash) July 3, 2026 12:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant