feat: add sanitized diagnostics log bundle

[christineyan4]

Summary

• Add a sanitized diagnostics bundle export flow for the WinUI tray app, including generated debug summary, connection event timeline, tray log tails, structured diagnostics JSONL, crash log, and setup log tails.
• Shift the privacy boundary toward source-side sanitization before logs/diagnostics are written or recorded, with DiagnosticsExportRedactor kept as defense-in-depth for older/raw export text.
• Refactor export redaction away from a broad regex-only approach: parser-style handling now covers private keys, signed handshakes, DPAPI blobs, agent session keys, command-line secret options, sensitive key/value pairs, GUID-like IDs, and common URL/path/token cleanup.
• Improve diagnostics preview/copy readability by decoding common JSON escape sequences like \u0022 and escaped CRLFs before final redaction, while keeping plain Windows paths stable and guarding control/backslash unicode escapes.
• Add fail-closed sanitizer-timeout handling for log-tail section sanitization and final full-bundle sanitization so a timeout produces [REDACTED_SANITIZER_TIMEOUT] instead of aborting export.
• Preserve the preview-before-copy/save full diagnostics flow and native Win32 Save dialog for the self-hosted WinUI app.
• Add regression coverage for redaction safety, readability, timeout behavior, split-line/nested secrets, missing files, and diagnostics page copy/preview contracts.

Validation

• dotnet test .\tests\OpenClaw.Shared.Tests\OpenClaw.Shared.Tests.csproj --no-restore --filter FullyQualifiedName~DiagnosticsExportRedactorTests
• dotnet test .\tests\OpenClaw.Tray.Tests\OpenClaw.Tray.Tests.csproj --no-restore --filter "FullyQualifiedName~DiagnosticsBundleBuilderTests|FullyQualifiedName~DiagnosticsPageContractTests"
• .\build.ps1
• dotnet test .\tests\OpenClaw.Shared.Tests\OpenClaw.Shared.Tests.csproj --no-restore
• dotnet test .\tests\OpenClaw.Tray.Tests\OpenClaw.Tray.Tests.csproj --no-restore
• dotnet test .\tests\OpenClaw.Connection.Tests\OpenClaw.Connection.Tests.csproj --no-restore
• git diff --check
• Hanselman-style adversarial review completed with Opus + Codex; follow-up fixes added for nested/double-escaped JSON secrets, conservative escape decoding for Windows paths, unicode control/backslash guards, deterministic escaped-CRLF decoding, and additional timeout/readability regression tests.

[clawsweeper]

Codex review: needs real behavior proof before merge. Reviewed June 11, 2026, 3:04 PM ET / 19:04 UTC.

Summary
The PR adds a preview-gated, sanitized diagnostics bundle containing summaries, connection events, log tails, and native Windows save support, with source-side sanitization and regression coverage.

Reproducibility: not applicable. This PR introduces a new diagnostics export capability rather than reporting broken existing behavior.

Review metrics: 3 noteworthy metrics.

• Patch surface: 22 files, +1,588/-141. The feature crosses diagnostics privacy, tray UI, native save behavior, localization, and tests.
• Export sources: 6 bundle sections. The builder combines summaries, connection events, tray logs, structured diagnostics, crash logs, and setup logs into one shareable artifact.
• Regression coverage: 2 suites added, 2 changed. Focused redactor and bundle-builder tests supplement existing connection and diagnostics-page contracts.

Merge readiness
Overall: 🦐 gold shrimp
Proof: 🦐 gold shrimp
Patch quality: 🐚 platinum hermit
Result: blocked until stronger real behavior proof is added.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• Post final-head runtime proof showing representative fake secrets are absent from the preview or saved bundle.
• Redact private IPs, endpoints, usernames, tokens, phone numbers, and paths before posting evidence.

Proof guidance:

• [P1] Needs stronger real behavior proof before merge: Screenshots prove the preview and native save workflow, but for this security-sensitive export they do not visibly demonstrate removal of deliberately seeded secrets; post redacted runtime output, then update the PR body to trigger a fresh review or ask a maintainer to comment @clawsweeper re-review.

Mantis proof suggestion
A disposable Windows run can materially prove both the preview/save workflow and seeded-secret removal from the actual bundle. A maintainer can ask Mantis to capture proof by posting a new PR comment that starts with the OpenClaw Mantis account mention, followed by:

visual task: seed disposable tray, JSONL, crash, setup, and connection logs with fake credentials and private paths, then prove the final diagnostics preview and saved file omit every seed.

Risk before merge

• [P1] The bundle expands shareable output to several local log sources, so an unrecognized secret shape or private identifier could cross the support-export boundary despite the preview step.
• [P1] The screenshots prove the UI and native save path but do not demonstrate that representative credentials, private paths, and endpoint data seeded into real inputs are absent from the resulting preview or saved file.

Maintainer options:

1. Add seeded redaction proof (recommended)
   Run the final head with disposable tray, JSONL, crash, setup, and connection logs containing representative fake secrets and post redacted output showing every seed is absent.
2. Accept the unproven boundary
   Maintainers may merge based on source review and tests while explicitly accepting that real exported-secret removal has not been demonstrated.
3. Pause the export feature
   Pause or close the PR if maintainers do not want core to own a broad shareable-log sanitization boundary.

Next step before merge

• [P1] The contributor must supply real seeded-secret behavior proof; this cannot be established through an automated code-only repair.

Security
Needs attention: No definite code-level leak was found, but the new shareable-log boundary lacks real seeded-secret export proof.

Review details

Best possible solution:

Keep the layered implementation and require a disposable final-head run with representative fake secrets seeded into every included source, showing that the preview or saved bundle preserves useful context while omitting every seed.

Do we have a high-confidence way to reproduce the issue?

Not applicable; this PR introduces a new diagnostics export capability rather than reporting broken existing behavior.

Is this the best way to solve the issue?

Yes in design: source-side sanitization, defense-in-depth export redaction, truncation, fail-closed timeout handling, and mandatory preview form a maintainable layered solution; real security-boundary proof remains necessary.

AGENTS.md: found and applied where relevant.

Codex review notes: model internal, reasoning high; reviewed against 913ba4e8f504.

Label changes

Label changes:

• add proof: 📸 screenshot: Contributor real behavior proof includes screenshot evidence. Screenshots prove the preview and native save workflow, but for this security-sensitive export they do not visibly demonstrate removal of deliberately seeded secrets; post redacted runtime output, then update the PR body to trigger a fresh review or ask a maintainer to comment @clawsweeper re-review.
• add rating: 🦐 gold shrimp: Overall readiness is 🦐 gold shrimp; proof is 🦐 gold shrimp and patch quality is 🐚 platinum hermit.
• add status: 📣 needs proof: The PR needs real behavior proof before ClawSweeper can clear the contributor ask. Needs stronger real behavior proof before merge: Screenshots prove the preview and native save workflow, but for this security-sensitive export they do not visibly demonstrate removal of deliberately seeded secrets; post redacted runtime output, then update the PR body to trigger a fresh review or ask a maintainer to comment @clawsweeper re-review.
• remove rating: 🌊 off-meta tidepool: Current PR rating is rating: 🦐 gold shrimp, so this older rating label is no longer current.

Label justifications:

• P2: This is a normal-priority supportability feature with meaningful but bounded privacy implications.
• merge-risk: 🚨 security-boundary: Merging enables export of several local log sources, so sanitizer completeness directly controls sensitive-data exposure.
• rating: 🦐 gold shrimp: Overall readiness is 🦐 gold shrimp; proof is 🦐 gold shrimp and patch quality is 🐚 platinum hermit.
• status: 📣 needs proof: The PR needs real behavior proof before ClawSweeper can clear the contributor ask. Needs stronger real behavior proof before merge: Screenshots prove the preview and native save workflow, but for this security-sensitive export they do not visibly demonstrate removal of deliberately seeded secrets; post redacted runtime output, then update the PR body to trigger a fresh review or ask a maintainer to comment @clawsweeper re-review.
• proof: 📸 screenshot: Contributor real behavior proof includes screenshot evidence. Screenshots prove the preview and native save workflow, but for this security-sensitive export they do not visibly demonstrate removal of deliberately seeded secrets; post redacted runtime output, then update the PR body to trigger a fresh review or ask a maintainer to comment @clawsweeper re-review.

Evidence reviewed

Security concerns:

• [medium] Prove redaction in a real exported bundle — src/OpenClaw.Tray.WinUI/Services/DiagnosticsBundleBuilder.cs:78
  The screenshots verify preview and save behavior but do not show known fake credentials or private identifiers being removed from actual tray, JSONL, crash, setup, and connection-event inputs.
  Confidence: 0.94

What I checked:

• Exact PR head inspected: A scratch checkout resolved to the provided final head SHA and showed 22 changed files with 1,588 additions and 141 deletions; the target checkout remained clean. (9c6a48479e6f)
• Layered export sanitization: The builder sanitizes generated sections and timelines, sanitizes each log-tail section, then sanitizes the complete assembled bundle again with a fail-closed timeout sentinel. (src/OpenClaw.Tray.WinUI/Services/DiagnosticsBundleBuilder.cs:76, 9c6a48479e6f)
• Source-side sanitization: Connection diagnostics now sanitize fields before buffering, while tray, structured diagnostics, and crash writers use the shared sanitizer before persistence. (src/OpenClaw.Connection/ConnectionDiagnostics.cs:27, 9c6a48479e6f)
• Preview-only full bundle: The full log-tail bundle is constructed from the preview workflow, while the direct copy action continues to use the summary-only debug bundle. (src/OpenClaw.Tray.WinUI/Pages/DebugPage.xaml.cs:410, 9c6a48479e6f)
• Real Windows flow proof: The submitted final screenshots show the complete bundle in a review-before-sharing dialog and the native Windows save dialog with a generated diagnostics filename, but they do not show removal of known seeded secrets. (src/OpenClaw.Tray.WinUI/Windows/DiagnosticsBundleDialog.xaml:10, 9c6a48479e6f)
• Diagnostics history: Current-main history ties the underlying diagnostics page, clipboard flow, and sanitizer behavior to commits by bakudies, Scott Hanselman, and RBrid. (src/OpenClaw.Shared/TokenSanitizer.cs:11, 753828f63e96)

Likely related people:

• RBrid: Recently hardened the shared TokenSanitizer implementation used as the final common redaction layer. (role: recent sanitizer contributor; confidence: high; commits: 753828f63e96; files: src/OpenClaw.Shared/TokenSanitizer.cs)
• shanselman: Recently hardened diagnostics paths on main and provided detailed reliability and timeout review for this PR. (role: recent diagnostics contributor and reviewer; confidence: high; commits: 0d4fcbd50ad5, 088b96d6c032, 5cacfe934c67; files: src/OpenClaw.Tray.WinUI/Helpers/CommandCenterTextHelper.cs, src/OpenClaw.Tray.WinUI/Windows/DiagnosticsBundleDialog.xaml.cs)
• bakudies: Introduced the current task-oriented Diagnostics page and bundle/copy actions that this PR extends. (role: diagnostics UX introducer; confidence: high; commits: 84ceee19c03d, 0da3ca5b2101; files: src/OpenClaw.Tray.WinUI/Pages/DebugPage.xaml.cs)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

[clawsweeper]

ClawSweeper PR egg

🔥 Warming up: real-behavior proof passed; findings, security review, or rank-up moves are still in progress.

Hatch command

Comment @clawsweeper hatch when this PR is hatchable.

Hatchability rules:

• Merged PRs are hatchable.
• Open PRs are hatchable when they are status: 👀 ready for maintainer look, status: 🚀 automerge armed, or labeled clawsweeper:automerge.
• Closed unmerged PRs are hatchable only when one of those hatchable labels is still present in the durable record.

What is this egg doing here?

• Eggs appear after the PR passes real-behavior proof. It is here for vibes, not verdicts: it does not change labels, ratings, merge decisions, or automation.
• The shell reacts to review momentum: open follow-up work warms it up, re-review makes it wobble, and a clean final review lets it hatch.
• Hatchability usually comes from sufficient real-behavior proof, no blocking P0/P1/P2 findings, no security attention needed, and clean correctness. A merged PR is already final, so merge makes the egg hatchable independently.
• The hatch is seeded from this repository and PR number, so the same PR keeps the same creature; the reviewed head SHA can only change safe visual details.
• Rarity is just collectible sparkle: 🥚 common, 🌱 uncommon, 💎 rare, ✨ glimmer, and 🌈 legendary.

[Copilot]

Pull request overview

This PR adds a sanitized “diagnostics bundle” export flow for the WinUI tray app, including robust redaction of secrets/identifiers and expanded bundle contents (log tails + structured diagnostics + crash/setup tails + connection timeline), along with new regression tests and a Win32-native “Save as” dialog for self-hosted WinUI.

Changes:

• Introduce DiagnosticsExportRedactor and apply it to bundle generation and log tail reading (including final “whole-bundle” sanitization).
• Add DiagnosticsBundleBuilder + DiagnosticsLogTailReader and update the debug/diagnostics UI to preview/copy/save the sanitized bundle.
• Add new Shared/Tray tests covering redaction shapes, split-line secrets, missing files behavior, and bundle safety guarantees.

Show a summary per file

File	Description
tests/OpenClaw.Tray.Tests/OpenClaw.Tray.Tests.csproj	Links new WinUI diagnostics services/helpers into Tray test project.
tests/OpenClaw.Tray.Tests/DiagnosticsPageContractTests.cs	Adds contract tests to enforce “summary-only vs full bundle” UX boundaries.
tests/OpenClaw.Tray.Tests/DiagnosticsBundleBuilderTests.cs	Adds tests for bundle contents, missing-file behavior, and split-line redaction.
tests/OpenClaw.Shared.Tests/DiagnosticsExportRedactorTests.cs	Adds broad regression coverage for redaction patterns and context preservation.
src/OpenClaw.Tray.WinUI/Windows/DiagnosticsBundleDialog.xaml.cs	Reworks Save flow to use Win32 picker + deferral so errors surface in UI.
src/OpenClaw.Tray.WinUI/Windows/DiagnosticsBundleDialog.xaml	Replaces InfoBar with a custom “review before sharing” card-style header.
src/OpenClaw.Tray.WinUI/Strings/en-us/Resources.resw	Updates strings for “summary debug bundle” and new dialog header UIDs.
src/OpenClaw.Tray.WinUI/Strings/fr-fr/Resources.resw	Same localization updates as en-us.
src/OpenClaw.Tray.WinUI/Strings/nl-nl/Resources.resw	Same localization updates as en-us.
src/OpenClaw.Tray.WinUI/Strings/zh-cn/Resources.resw	Same localization updates as en-us.
src/OpenClaw.Tray.WinUI/Strings/zh-tw/Resources.resw	Same localization updates as en-us.
src/OpenClaw.Tray.WinUI/Services/DiagnosticsLogTailReader.cs	Adds sanitized + truncated log tail reader for bundle sections.
src/OpenClaw.Tray.WinUI/Services/DiagnosticsClipboardService.cs	Renames “debug bundle” copy label to “summary debug bundle”.
src/OpenClaw.Tray.WinUI/Services/DiagnosticsBundleBuilder.cs	Adds full bundle builder composing summaries, timeline, and sanitized tails.
src/OpenClaw.Tray.WinUI/Pages/DebugPage.xaml.cs	Wires diagnostics bundle preview flow and copy actions.
src/OpenClaw.Tray.WinUI/Pages/DebugPage.xaml	Updates UX copy to “Copy summary debug bundle” with exclusions noted.
src/OpenClaw.Tray.WinUI/Helpers/Win32FilePickerHelper.cs	Adds Win32 Save dialog via COM IFileSaveDialog on STA thread.
src/OpenClaw.Tray.WinUI/App.xaml.cs	Exposes recent connection diagnostic events for bundling.
src/OpenClaw.Shared/DiagnosticsExportRedactor.cs	Adds centralized regex-based redaction for bundles/log exports.

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

• Files reviewed: 19/19 changed files
• Comments generated: 9

[christineyan4]

Real behavior proof for diagnostics bundle privacy boundary:

• “Create diagnostics bundle” opens a preview before log-tail diagnostics can be copied or saved.
• Preview shows sanitized diagnostics/log content with useful context preserved.
• “Save to file” opens the native Windows Save dialog.
• Direct “Copy summary debug bundle” is summary-only and explicitly excludes log tails; log-tail diagnostics
  require the preview flow.

[shanselman]

This direction makes sense for a shareable diagnostics bundle, but the redactor is carrying a lot of regex responsibility in one place. I would not block solely because it uses regex — conservative over-redaction is probably right here — but I think it needs a maintainability/perf pass before merge: group the rules by threat class, consider source-generated regexes or clearly named rule objects, and add a worst-case/perf regression test so a long log line or malformed URL/token cannot cause pathological backtracking. The current test coverage for common secret shapes is good; my concern is mostly long-term maintainability and worst-case behavior.

[shanselman]

I took a closer pass on the redaction implementation. The feature is valuable and regex is not inherently the wrong tool for free-form diagnostics, but I think this needs a small reliability/perf cleanup before merge.

Concrete concerns:

1. RegexMatchTimeoutException can abort the whole export. DiagnosticsLogTailReader.BuildSection() calls DiagnosticsExportRedactor.Sanitize(...), but its catch filter only handles IO/unauthorized/not-supported exceptions. If a regex hits the 100ms timeout on a long/malformed log line, the timeout escapes and the diagnostics export fails. Please catch RegexMatchTimeoutException there and around the final full-bundle Sanitize(builder.ToString()) pass in DiagnosticsBundleBuilder.Build() so the bundle can include a sanitization-timeout sentinel instead of failing.

2. SlackSigningSecretPattern looks redundant/dead. It matches exactly 32 hex chars, but HexTokenPattern runs earlier and matches 32+ hex chars, so it should already replace every value that SlackSigningSecretPattern could see. I’d remove the Slack-specific regex and document/test that HexTokenPattern covers that shape.

3. KeyValueSecretPattern has unbounded key-prefix scans before a large alternation. With MaxLineChars = 8000, a long non-matching key can burn work until the timeout. Consider bounding the key prefix/suffix length, or using a small rule pipeline that parses the key and then checks sensitive-key words outside regex.

4. Please add tests for the scary cases: timeout does not abort bundle export, redaction is idempotent, JSON non-string secret values are handled or explicitly documented as a known gap, version strings/IP false positives are documented, and one max-size/perf smoke proves the redactor budget stays reasonable.

Longer-term, because this is net10.0, source-generated regexes ([GeneratedRegex]) or named redaction-rule objects would make this much easier to audit than a flat list of compiled regex fields. I would not block on “regex exists”, but I would block on timeout handling and at least one worst-case/perf regression guard.

[christineyan4]

[clawsweeper]

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

Re-review progress:

• State: Complete
• Detail: The targeted re-review finished, the durable review comment was updated, and the synced verdict was routed.
• Run: https://github.com/openclaw/clawsweeper/actions/runs/27370565497
• Updated: 2026-06-11T19:05:01.181Z

[christineyan4]

@clawsweeper re-review

[kmahone]

@christineyan4, take a look at Scott's feedback so that the sanitization is happening at log time instead of cleaning the log at export time.