Thanks to visit codestin.com
Credit goes to github.com

Skip to content

fix: sanitize tool call text in sessions-helpers extractAssistantText #1456

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
steipete merged 1 commit into from
Jan 23, 2026
Merged

fix: sanitize tool call text in sessions-helpers extractAssistantText #1456

steipete merged 1 commit into from
Jan 23, 2026
+34 −10

Conversation

@zerone0x
Copy link
Contributor

@zerone0x zerone0x commented Jan 22, 2026

Summary

Fixes #1269

Adds sanitization to extractAssistantText in sessions-helpers.ts to prevent tool call text from leaking to users. Previously, messages retrieved from chat history via sessions-helpers.ts could expose:

  • Minimax XML tool calls (<invoke>...</invoke>)
  • Downgraded tool call markers ([Tool Call: name (ID: ...)])
  • Thinking tags (<think>...</think>)

Changes

  • Export the stripping functions (stripMinimaxToolCallXml, stripDowngradedToolCallText, stripThinkingTagsFromText) from pi-embedded-utils.ts
  • Add a new sanitizeTextContent helper in sessions-helpers.ts that chains the sanitization functions
  • Update extractAssistantText in sessions-helpers.ts to sanitize text content before returning
  • Update extractMessageText in commands-subagents.ts to use the same sanitization

Test plan

  • pnpm lint passes
  • pnpm test src/agents/pi-embedded-utils.test.ts passes (existing tests for the stripping functions)
  • Manual testing: verify tool call markers no longer appear in /subagents log output

🤖 Generated with Claude Code

@zerone0x @claude
fix: sanitize tool call text in sessions-helpers extractAssistantText
8089f9c 
Adds sanitization to extractAssistantText in sessions-helpers.ts to
prevent tool call text from leaking to users. Previously, messages
retrieved from chat history via sessions-helpers.ts could expose:

- Minimax XML tool calls (<invoke>...</invoke>)
- Downgraded tool call markers ([Tool Call: name (ID: ...)])
- Thinking tags (<think>...</think>)

This fix:
- Exports the stripping functions from pi-embedded-utils.ts
- Adds a new sanitizeTextContent helper in sessions-helpers.ts
- Updates extractAssistantText to sanitize before returning
- Updates extractMessageText in commands-subagents.ts to sanitize

Fixes clawdbot#1269

Co-Authored-By: Claude <[email protected]>
@steipete
Copy link
Contributor

steipete commented Jan 23, 2026

This really needs upstreaming to pi-mono.

@steipete steipete self-assigned this Jan 23, 2026
steipete added a commit that referenced this pull request Jan 23, 2026
@steipete
fix: sanitize assistant session text (#1456) (thanks @zerone0x)
957605f
@steipete steipete merged commit 03bec49 into openclaw:main Jan 23, 2026
20 of 22 checks passed
steipete added a commit that referenced this pull request Jan 23, 2026
@steipete
fix: sanitize assistant session text (#1456) (thanks @zerone0x)
5516853
@steipete
Copy link
Contributor

steipete commented Jan 23, 2026

Landed via temp rebase onto main.

  • Gate: pnpm lint && pnpm build && pnpm test
  • Land commit: 5516853
  • Merge commit: 03bec49

Thanks @zerone0x!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@steipete steipete

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Tool call text leaks through unsanitized extractAssistantText in sessions-helpers.ts

2 participants

@zerone0x @steipete