@agent-vm/openclaw-agent-vm-plugin 0.0.82 → 0.0.84

package/dist/index.js

@@ -1,4 +1,5 @@
-import { OPENCLAW_STATE_SANDBOXES_VM_ROOT, TOOL_VM_SCRATCH_GUEST_ROOT, TOOL_VM_WORKSPACE_GUEST_ROOT, createToolVmActiveUseHandle, isToolVmLeasePeek, isToolVmSshLease, translateRuntimePath } from "@agent-vm/gateway-interface";
+import path from "node:path/posix";
+import { ControllerRequestPolicyTransportError, OPENCLAW_STATE_SANDBOXES_VM_ROOT, TOOL_VM_SCRATCH_GUEST_ROOT, TOOL_VM_WORKSPACE_GUEST_ROOT, createToolVmActiveUseHandle, drainControllerResponseBody, fetchControllerWithPolicy, gatewayControlLinkHealthPins, isToolVmLeasePeek, isToolVmSshLease, translateRuntimePath } from "@agent-vm/gateway-interface";
 import { z } from "zod";
 //#region src/controller-lease-client.ts
 var ControllerLeaseRequestError = class extends Error {
@@ -86,15 +87,30 @@ async function readJsonResponse(response, context, isExpectedResponse) {
 function createLeaseClient(options) {
 	const fetchImpl = options.fetchImpl ?? fetch;
 	const baseUrl = options.controllerUrl.replace(/\/$/u, "");
+	const fetchController = async (optionsForRequest) => await fetchControllerWithPolicy({
+		fetchImpl,
+		input: optionsForRequest.input,
+		operation: optionsForRequest.operation,
+		...optionsForRequest.init === void 0 ? {} : { init: optionsForRequest.init },
+		...options.requestPolicy === void 0 ? {} : { policy: options.requestPolicy }
+	});
 	const renewLease = async (leaseId) => {
-		return await readJsonResponse(await fetchImpl(`${baseUrl}/lease/${encodeURIComponent(leaseId)}/renew`, { method: "POST" }), "Controller lease renew API", isToolVmSshLease);
+		return await readJsonResponse(await fetchController({
+			input: `${baseUrl}/lease/${encodeURIComponent(leaseId)}/renew`,
+			init: { method: "POST" },
+			operation: "lease-renew"
+		}), "Controller lease renew API", isToolVmSshLease);
 	};
 	return {
 		endActiveUse: async (leaseId, useId, request) => {
-			const response = await fetchImpl(`${baseUrl}/lease/${encodeURIComponent(leaseId)}/uses/${encodeURIComponent(useId)}`, {
-				body: JSON.stringify(request),
-				headers: { "content-type": "application/json" },
-				method: "DELETE"
+			const response = await fetchController({
+				input: `${baseUrl}/lease/${encodeURIComponent(leaseId)}/uses/${encodeURIComponent(useId)}`,
+				init: {
+					body: JSON.stringify(request),
+					headers: { "content-type": "application/json" },
+					method: "DELETE"
+				},
+				operation: "lease-use-end"
 			});
 			if (!response.ok) {
 				const errorBody = await readErrorBody(response, "Controller active-use end API");
@@ -105,23 +121,35 @@ function createLeaseClient(options) {
 					status: response.status
 				});
 			}
+			await drainControllerResponseBody(response);
 		},
 		heartbeatActiveUse: async (leaseId, useId, request) => {
-			return await readJsonResponse(await fetchImpl(`${baseUrl}/lease/${encodeURIComponent(leaseId)}/uses/${encodeURIComponent(useId)}/heartbeat`, {
-				body: JSON.stringify(request),
-				headers: { "content-type": "application/json" },
-				method: "POST"
+			return await readJsonResponse(await fetchController({
+				input: `${baseUrl}/lease/${encodeURIComponent(leaseId)}/uses/${encodeURIComponent(useId)}/heartbeat`,
+				init: {
+					body: JSON.stringify(request),
+					headers: { "content-type": "application/json" },
+					method: "POST"
+				},
+				operation: "lease-heartbeat"
 			}), "Controller active-use heartbeat API", isHeartbeatActiveUseResponse);
 		},
 		renewLease,
 		peekLease: async (leaseId) => {
-			return await readJsonResponse(await fetchImpl(`${baseUrl}/lease/${encodeURIComponent(leaseId)}/peek`), "Controller lease peek API", isToolVmLeasePeek);
+			return await readJsonResponse(await fetchController({
+				input: `${baseUrl}/lease/${encodeURIComponent(leaseId)}/peek`,
+				operation: "lease-peek"
+			}), "Controller lease peek API", isToolVmLeasePeek);
 		},
 		publishOpenClawRuntimeStatus: async (report) => {
-			const response = await fetchImpl(`${baseUrl}/zones/${encodeURIComponent(report.zoneId)}/openclaw-runtime-status`, {
-				body: JSON.stringify(report),
-				headers: { "content-type": "application/json" },
-				method: "POST"
+			const response = await fetchController({
+				input: `${baseUrl}/zones/${encodeURIComponent(report.zoneId)}/openclaw-runtime-status`,
+				init: {
+					body: JSON.stringify(report),
+					headers: { "content-type": "application/json" },
+					method: "POST"
+				},
+				operation: "openclaw-runtime-status"
 			});
 			if (!response.ok) {
 				const errorBody = await readErrorBody(response, "Controller OpenClaw runtime status API");
@@ -132,11 +160,16 @@ function createLeaseClient(options) {
 					status: response.status
 				});
 			}
+			await drainControllerResponseBody(response);
 		},
 		releaseLease: async (leaseId, releaseOptions = {}) => {
 			const releaseUrl = new URL(`${baseUrl}/lease/${encodeURIComponent(leaseId)}`);
 			if (releaseOptions.force === true) releaseUrl.searchParams.set("force", "true");
-			const response = await fetchImpl(releaseUrl.toString(), { method: "DELETE" });
+			const response = await fetchController({
+				input: releaseUrl.toString(),
+				init: { method: "DELETE" },
+				operation: "lease-release"
+			});
 			if (!response.ok) {
 				const errorBody = await readErrorBody(response, "Controller lease release API");
 				throw new ControllerLeaseRequestError({
@@ -146,27 +179,36 @@ function createLeaseClient(options) {
 					status: response.status
 				});
 			}
+			await drainControllerResponseBody(response);
 		},
 		requestLease: async (request) => {
-			return await readJsonResponse(await fetchImpl(`${baseUrl}/lease`, {
-				body: JSON.stringify({
-					agentId: request.agentId,
-					agentWorkspaceDir: request.agentWorkspaceDir,
-					...request.idleTtlMs !== void 0 ? { idleTtlMs: request.idleTtlMs } : {},
-					profileId: request.profileId,
-					sessionKey: request.sessionKey,
-					workMountDir: request.workMountDir,
-					zoneId: request.zoneId
-				}),
-				headers: { "content-type": "application/json" },
-				method: "POST"
+			return await readJsonResponse(await fetchController({
+				input: `${baseUrl}/lease`,
+				init: {
+					body: JSON.stringify({
+						agentId: request.agentId,
+						agentWorkspaceDir: request.agentWorkspaceDir,
+						...request.idleTtlMs !== void 0 ? { idleTtlMs: request.idleTtlMs } : {},
+						profileId: request.profileId,
+						sessionKey: request.sessionKey,
+						workMountDir: request.workMountDir,
+						zoneId: request.zoneId
+					}),
+					headers: { "content-type": "application/json" },
+					method: "POST"
+				},
+				operation: "lease-create"
 			}), "Controller lease API", isToolVmSshLease);
 		},
 		startActiveUse: async (leaseId, request) => {
-			return await readJsonResponse(await fetchImpl(`${baseUrl}/lease/${encodeURIComponent(leaseId)}/uses`, {
-				body: JSON.stringify(request),
-				headers: { "content-type": "application/json" },
-				method: "POST"
+			return await readJsonResponse(await fetchController({
+				input: `${baseUrl}/lease/${encodeURIComponent(leaseId)}/uses`,
+				init: {
+					body: JSON.stringify(request),
+					headers: { "content-type": "application/json" },
+					method: "POST"
+				},
+				operation: "lease-use-start"
 			}), "Controller active-use start API", isStartActiveUseResponse);
 		}
 	};
@@ -194,6 +236,12 @@ const OPENCLAW_GONDOLIN_SANDBOX_REQUIREMENTS = [
 	}
 ];
 const OPENCLAW_GONDOLIN_LEASE_SCOPE_GUIDANCE = "Managed OpenClaw/Gondolin leases are agent-scoped. The plugin derives agentId from sessionKey and does not send OpenClaw scope keys to the controller.";
+var OpenClawAgentIdError = class extends Error {
+	constructor(message) {
+		super(message);
+		this.name = "OpenClawAgentIdError";
+	}
+};
 function isOpenClawAgentId(value) {
 	return agentIdPattern.test(value.trim());
 }
@@ -211,11 +259,13 @@ function formatOpenClawGondolinRequirementHint(options) {
 }
 function normalizeOpenClawAgentId(value) {
 	const trimmed = (value ?? "").trim().toLowerCase();
-	return isOpenClawAgentId(trimmed) ? trimmed : OPENCLAW_DEFAULT_AGENT_ID;
+	if (trimmed === "") return OPENCLAW_DEFAULT_AGENT_ID;
+	if (!isOpenClawAgentId(trimmed)) throw new OpenClawAgentIdError(`Invalid OpenClaw agentId '${value}'.`);
+	return trimmed;
 }
 function resolveOpenClawAgentIdFromSessionKey(sessionKey) {
 	const parts = sessionKey.trim().split(":");
-	if (parts[0] !== "agent" || !parts[1]) return OPENCLAW_DEFAULT_AGENT_ID;
+	if (parts[0] !== "agent" || !parts[1] || !isOpenClawAgentId(parts[1])) throw new OpenClawAgentIdError(`OpenClaw sessionKey '${sessionKey}' must be agent-shaped and include a valid agentId.`);
 	return normalizeOpenClawAgentId(parts[1]);
 }
 function isOpenClawAgentSessionKey(sessionKey) {
@@ -234,6 +284,97 @@ function findOpenClawGondolinSandboxMismatch(sandbox) {
 	return OPENCLAW_GONDOLIN_SANDBOX_REQUIREMENTS.find((requirement) => sandbox[requirement.key] !== requirement.expectedValue);
 }
 //#endregion
+//#region src/sandbox-backend/openclaw-agent-workspace-source.ts
+var OpenClawAgentWorkspaceSourceError = class extends Error {
+	constructor(message) {
+		super(message);
+		this.name = "OpenClawAgentWorkspaceSourceError";
+	}
+};
+function isRecord(value) {
+	return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+function normalizeAbsolutePosixPath(inputPath) {
+	return `/${inputPath.split("/").filter((segment) => segment !== "" && segment !== ".").join("/")}`;
+}
+function containsParentTraversal(inputPath) {
+	return inputPath.split(/\/+/u).includes("..");
+}
+function pathIsInsideOrEqual(inputPath, rootPath) {
+	return inputPath === rootPath || inputPath.startsWith(`${rootPath}/`);
+}
+function isRuntimePathLeak(inputPath, defaultWorkspaceDir) {
+	const normalized = normalizeAbsolutePosixPath(inputPath);
+	const normalizedDefaultWorkspace = defaultWorkspaceDir === void 0 ? void 0 : normalizeAbsolutePosixPath(resolveUserPathLikeOpenClaw(defaultWorkspaceDir));
+	const implicitWorkspaceFamilyRoot = normalizedDefaultWorkspace === void 0 ? void 0 : normalizedDefaultWorkspace.replace(/(?:-[^/]+)?$/u, "");
+	return normalized === TOOL_VM_WORKSPACE_GUEST_ROOT || normalized.startsWith(`${TOOL_VM_WORKSPACE_GUEST_ROOT}/`) || normalized === TOOL_VM_SCRATCH_GUEST_ROOT || normalized.startsWith(`${TOOL_VM_SCRATCH_GUEST_ROOT}/`) || normalized === OPENCLAW_STATE_SANDBOXES_VM_ROOT || normalized.startsWith(`${OPENCLAW_STATE_SANDBOXES_VM_ROOT}/`) || normalizedDefaultWorkspace !== void 0 && (pathIsInsideOrEqual(normalized, normalizedDefaultWorkspace) || normalized.startsWith(`${normalizedDefaultWorkspace}-`)) || implicitWorkspaceFamilyRoot !== void 0 && (pathIsInsideOrEqual(normalized, implicitWorkspaceFamilyRoot) || normalized.startsWith(`${implicitWorkspaceFamilyRoot}-`));
+}
+function resolveUserPathLikeOpenClaw(inputPath) {
+	const trimmedPath = inputPath.trim();
+	const homeDirectory = process.env.HOME?.trim();
+	if (trimmedPath === "~" && homeDirectory) return homeDirectory;
+	if (trimmedPath.startsWith("~/") && homeDirectory) return path.resolve(path.join(homeDirectory, trimmedPath.slice(2)));
+	return path.resolve(trimmedPath);
+}
+function assertCanonicalSourcePath(inputPath, context) {
+	const trimmedPath = inputPath.trim();
+	if (trimmedPath === "" || containsParentTraversal(trimmedPath)) throw new OpenClawAgentWorkspaceSourceError(`${context} must be a non-empty path without parent traversal.`);
+	if (!trimmedPath.startsWith("/") && !trimmedPath.startsWith("~")) throw new OpenClawAgentWorkspaceSourceError(`${context} must be an absolute or home-relative path.`);
+	const normalized = normalizeAbsolutePosixPath(resolveUserPathLikeOpenClaw(trimmedPath));
+	if (normalized === "/" || normalized === TOOL_VM_WORKSPACE_GUEST_ROOT || normalized.startsWith(`${TOOL_VM_WORKSPACE_GUEST_ROOT}/`) || normalized === TOOL_VM_SCRATCH_GUEST_ROOT || normalized.startsWith(`${TOOL_VM_SCRATCH_GUEST_ROOT}/`)) throw new OpenClawAgentWorkspaceSourceError(`${context} must resolve to an OpenClaw/Gondolin source path, not Tool VM guest path '${normalized}'.`);
+	if (normalized === OPENCLAW_STATE_SANDBOXES_VM_ROOT || normalized.startsWith(`${OPENCLAW_STATE_SANDBOXES_VM_ROOT}/`)) throw new OpenClawAgentWorkspaceSourceError(`${context} must resolve to a stable agent workspace path, not transient OpenClaw sandbox path '${normalized}'.`);
+	return normalized;
+}
+function assertLeaseBackedSourcePath(inputPath, context, defaultWorkspaceDir) {
+	const normalized = assertCanonicalSourcePath(inputPath, context);
+	if (isRuntimePathLeak(normalized, defaultWorkspaceDir)) throw new OpenClawAgentWorkspaceSourceError(`${context} must resolve to a controller lease-backed OpenClaw/Gondolin source path, not OpenClaw runtime fallback path '${normalized}'.`);
+	return normalized;
+}
+function readWorkspace(value) {
+	return typeof value === "string" && value.trim() !== "" ? value.trim() : void 0;
+}
+function readAgentId(value) {
+	return normalizeOpenClawAgentId(typeof value === "string" ? value : void 0);
+}
+function agentEntries(config) {
+	return config?.agents?.list?.filter(isRecord) ?? [];
+}
+function findAgentEntry(config, agentId) {
+	return agentEntries(config).find((entry) => readAgentId(entry.id) === agentId);
+}
+function resolveDefaultAgentId(config) {
+	const entries = agentEntries(config);
+	return readAgentId((entries.find((entry) => entry.default === true) ?? entries[0])?.id);
+}
+function resolveOpenClawAgentWorkspaceSource(options) {
+	const agentId = normalizeOpenClawAgentId(options.agentId);
+	const agentWorkspace = readWorkspace(findAgentEntry(options.openClawConfig, agentId)?.workspace);
+	if (agentWorkspace !== void 0) return {
+		kind: "configured-agent-workspace",
+		sourceDir: assertLeaseBackedSourcePath(agentWorkspace, `agents.list workspace for '${agentId}'`, options.defaultWorkspaceDir)
+	};
+	const defaultsWorkspace = readWorkspace(options.openClawConfig?.agents?.defaults?.workspace);
+	if (defaultsWorkspace !== void 0) {
+		const defaultsRoot = assertLeaseBackedSourcePath(defaultsWorkspace, "agents.defaults.workspace", options.defaultWorkspaceDir);
+		const defaultAgentId = resolveDefaultAgentId(options.openClawConfig);
+		return {
+			kind: agentId === defaultAgentId ? "default-agent-workspace" : "default-workspace-child",
+			sourceDir: agentId === defaultAgentId ? defaultsRoot : path.join(defaultsRoot, agentId)
+		};
+	}
+	if (!isRuntimePathLeak(options.paramsAgentWorkspaceDir, options.defaultWorkspaceDir)) return {
+		kind: "sdk-agent-workspace",
+		sourceDir: assertCanonicalSourcePath(options.paramsAgentWorkspaceDir, "OpenClaw backend agentWorkspaceDir")
+	};
+	const stateRoot = options.stateDir === void 0 ? void 0 : assertCanonicalSourcePath(options.stateDir, "OpenClaw stateDir");
+	if (stateRoot === void 0) throw new OpenClawAgentWorkspaceSourceError(`OpenClaw provided agentWorkspaceDir '${options.paramsAgentWorkspaceDir}' for agent '${agentId}', which is a runtime path. Provide an OpenClaw stateDir provider or configure agents.list[].workspace.`);
+	if (agentId === resolveDefaultAgentId(options.openClawConfig)) throw new OpenClawAgentWorkspaceSourceError(`OpenClaw provided agentWorkspaceDir '${options.paramsAgentWorkspaceDir}' for default agent '${agentId}', but OpenClaw's implicit default workspace is not controller lease backed; configure agents.list[].workspace or agents.defaults.workspace for managed Gondolin agents.`);
+	return {
+		kind: "state-workspace-child",
+		sourceDir: path.join(stateRoot, `workspace-${agentId}`)
+	};
+}
+//#endregion
 //#region src/sandbox-backend/openclaw-tool-vm-path-mapping.ts
 var OpenClawToolVmPathIntentError = class extends Error {
 	details;
@@ -269,8 +410,6 @@ function createOpenClawToolVmPathMapping(options) {
 		roots: [
 			{
 				id: "agent-workspace",
-				guestRoot: TOOL_VM_WORKSPACE_GUEST_ROOT,
-				hostRoot: options.agentWorkspaceDir,
 				backing: {
 					kind: "host-realfs",
 					durability: "durable",
@@ -280,12 +419,15 @@ function createOpenClawToolVmPathMapping(options) {
 					executionCwd: true,
 					leaseMount: true
 				},
+				locations: {
+					"openclaw-gateway": options.agentWorkspaceDir,
+					"tool-vm-guest": TOOL_VM_WORKSPACE_GUEST_ROOT
+				},
 				rootPathAllowed: true,
 				guidanceLabel: "agent workspace"
 			},
 			{
 				id: "tool-vm-scratch",
-				guestRoot: TOOL_VM_SCRATCH_GUEST_ROOT,
 				backing: {
 					kind: "guest-rootfs-cow",
 					durability: "vm-lifetime"
@@ -294,12 +436,12 @@ function createOpenClawToolVmPathMapping(options) {
 					executionCwd: true,
 					leaseMount: false
 				},
+				locations: { "tool-vm-guest": TOOL_VM_SCRATCH_GUEST_ROOT },
 				rootPathAllowed: true,
 				guidanceLabel: "Tool VM scratch"
 			},
 			{
 				id: "openclaw-sandboxes",
-				hostRoot: OPENCLAW_STATE_SANDBOXES_VM_ROOT,
 				backing: {
 					kind: "host-realfs",
 					durability: "durable",
@@ -309,6 +451,7 @@ function createOpenClawToolVmPathMapping(options) {
 					executionCwd: true,
 					leaseMount: true
 				},
+				locations: { "openclaw-gateway": OPENCLAW_STATE_SANDBOXES_VM_ROOT },
 				rootPathAllowed: false,
 				guidanceLabel: "OpenClaw sandbox work directory"
 			}
@@ -317,7 +460,7 @@ function createOpenClawToolVmPathMapping(options) {
 }
 function resolveOpenClawSandboxPathIntent(translation) {
 	const [sandboxChild, ...guestCwdSegments] = translation.relativePath.split("/");
-	const leaseWorkMountDir = sandboxChild === void 0 || sandboxChild === "" ? translation.hostPath ?? OPENCLAW_STATE_SANDBOXES_VM_ROOT : `${OPENCLAW_STATE_SANDBOXES_VM_ROOT}/${sandboxChild}`;
+	const leaseWorkMountDir = sandboxChild === void 0 || sandboxChild === "" ? translation.outputPath : `${OPENCLAW_STATE_SANDBOXES_VM_ROOT}/${sandboxChild}`;
 	return {
 		effectiveGuestCwd: guestCwdSegments.length === 0 ? TOOL_VM_WORKSPACE_GUEST_ROOT : `${TOOL_VM_WORKSPACE_GUEST_ROOT}/${guestCwdSegments.join("/")}`,
 		leaseWorkMountDir
@@ -327,29 +470,72 @@ function kindForTranslation(translation) {
 	const isRoot = translation.relativePath === "";
 	if (translation.rootId === "tool-vm-scratch") return isRoot ? "scratch-root" : "scratch-subpath";
 	if (translation.rootId === "openclaw-sandboxes") return "openclaw-sandbox-path";
-	if (translation.inputNamespace === "host") return isRoot ? "host-workspace-root" : "host-workspace-subpath";
+	if (translation.inputNamespace === "openclaw-gateway") return isRoot ? "host-workspace-root" : "host-workspace-subpath";
 	return isRoot ? "workspace-root" : "workspace-subpath";
 }
+function leaseRootForTranslation(translation) {
+	return translation.relativePath === "" ? translation.outputPath : translation.outputPath.slice(0, -(translation.relativePath.length + 1));
+}
 function resolveOpenClawToolVmPathIntent(options) {
 	const agentWorkspaceDirError = validateAgentWorkspaceDir(options.agentWorkspaceDir);
 	if (agentWorkspaceDirError !== void 0) return {
 		error: agentWorkspaceDirError,
 		ok: false
 	};
-	const translation = translateRuntimePath({
+	const mappings = [createOpenClawToolVmPathMapping({ agentWorkspaceDir: options.agentWorkspaceDir }), ...(options.equivalentAgentWorkspaceDirs ?? []).map((equivalentAgentWorkspaceDir) => createOpenClawToolVmPathMapping({ agentWorkspaceDir: equivalentAgentWorkspaceDir }))];
+	const invalidEquivalentRoot = (options.equivalentAgentWorkspaceDirs ?? []).map((equivalentAgentWorkspaceDir) => validateAgentWorkspaceDir(equivalentAgentWorkspaceDir)).find((error) => error !== void 0);
+	if (invalidEquivalentRoot !== void 0) return {
+		error: invalidEquivalentRoot,
+		ok: false
+	};
+	const mapping = createOpenClawToolVmPathMapping({ agentWorkspaceDir: options.agentWorkspaceDir });
+	const sandboxTranslation = translateRuntimePath({
 		inputPath: options.inputPath,
-		mapping: createOpenClawToolVmPathMapping({ agentWorkspaceDir: options.agentWorkspaceDir }),
-		purpose: "executionCwd"
+		mapping,
+		purpose: "executionCwd",
+		sourceNamespace: "openclaw-gateway",
+		targetNamespace: "openclaw-gateway"
+	});
+	if (sandboxTranslation.ok && sandboxTranslation.value.rootId === "openclaw-sandboxes") {
+		const sandboxPathIntent = resolveOpenClawSandboxPathIntent(sandboxTranslation.value);
+		return {
+			ok: true,
+			value: {
+				effectiveGuestCwd: sandboxPathIntent.effectiveGuestCwd,
+				hostEquivalentPath: sandboxTranslation.value.outputPath,
+				kind: kindForTranslation(sandboxTranslation.value),
+				leaseWorkMountDir: sandboxPathIntent.leaseWorkMountDir
+			}
+		};
+	}
+	const translationResults = mappings.map((candidateMapping) => translateRuntimePath({
+		inputPath: options.inputPath,
+		mapping: candidateMapping,
+		purpose: "executionCwd",
+		targetNamespace: "tool-vm-guest"
+	}));
+	const translation = translationResults.find((candidateTranslation) => candidateTranslation.ok);
+	if (translation === void 0) {
+		const primaryTranslation = translationResults[0];
+		if (primaryTranslation === void 0 || primaryTranslation.ok) return {
+			error: invalidAgentWorkspaceRootError(options.agentWorkspaceDir),
+			ok: false
+		};
+		return primaryTranslation;
+	}
+	const hostEquivalentTranslation = translateRuntimePath({
+		inputPath: options.inputPath,
+		mapping,
+		purpose: "executionCwd",
+		targetNamespace: "openclaw-gateway"
 	});
-	if (!translation.ok) return translation;
-	const sandboxPathIntent = translation.value.rootId === "openclaw-sandboxes" ? resolveOpenClawSandboxPathIntent(translation.value) : void 0;
 	return {
 		ok: true,
 		value: {
-			effectiveGuestCwd: sandboxPathIntent !== void 0 ? sandboxPathIntent.effectiveGuestCwd : translation.value.guestPath ?? TOOL_VM_WORKSPACE_GUEST_ROOT,
-			...translation.value.hostPath !== void 0 ? { hostEquivalentPath: translation.value.hostPath } : {},
+			effectiveGuestCwd: translation.value.outputPath,
+			...hostEquivalentTranslation.ok ? { hostEquivalentPath: hostEquivalentTranslation.value.outputPath } : {},
 			kind: kindForTranslation(translation.value),
-			leaseWorkMountDir: sandboxPathIntent !== void 0 ? sandboxPathIntent.leaseWorkMountDir : translation.value.hostRoot ?? options.agentWorkspaceDir
+			leaseWorkMountDir: hostEquivalentTranslation.ok && hostEquivalentTranslation.value.rootId !== "tool-vm-scratch" ? leaseRootForTranslation(hostEquivalentTranslation.value) : options.agentWorkspaceDir
 		}
 	};
 }
@@ -378,11 +564,34 @@ var ToolVmSshOperationStaleError = class extends Error {
 function formatUnknownError$1(error) {
 	return error instanceof Error ? error.message : String(error);
 }
+function defaultWriteLog$1(message) {
+	process.stderr.write(`[tool-vm-ssh-operation-guard] ${message}\n`);
+}
+async function publishHealthEvent(options) {
+	if (!options.guardOptions.healthEvent) return;
+	const event = {
+		agentId: options.guardOptions.healthEvent.agentId,
+		elapsedMs: options.elapsedMs,
+		...options.errorCode === void 0 ? {} : { errorCode: options.errorCode },
+		kind: "tool-vm-ssh",
+		leaseId: options.guardOptions.healthEvent.leaseId,
+		observedAtMs: options.observedAtMs,
+		operation: options.guardOptions.healthEvent.operation,
+		result: options.result,
+		zoneId: options.guardOptions.healthEvent.zoneId
+	};
+	try {
+		await options.guardOptions.healthEvent.publish(event);
+	} catch (error) {
+		(options.guardOptions.writeLog ?? defaultWriteLog$1)(`tool-vm-ssh health publish failed operation=${options.guardOptions.healthEvent.operation} elapsedMs=${String(options.elapsedMs)} error=${formatUnknownError$1(error)}`);
+	}
+}
 async function runToolVmSshOperationWithGuard(options) {
 	const now = options.now ?? Date.now;
 	const setTimeoutImpl = options.setTimeoutImpl ?? setTimeout;
 	const clearTimeoutImpl = options.clearTimeoutImpl ?? clearTimeout;
 	const abortController = new AbortController();
+	const startedAtMs = now();
 	let timeoutHandle;
 	options.report({
 		observedAtMs: now(),
@@ -405,6 +614,13 @@ async function runToolVmSshOperationWithGuard(options) {
 			phase: "completed",
 			ssh: { probeSucceeded: true }
 		});
+		const observedAtMs = now();
+		publishHealthEvent({
+			elapsedMs: observedAtMs - startedAtMs,
+			guardOptions: options,
+			observedAtMs,
+			result: "ok"
+		});
 		return result;
 	} catch (error) {
 		const staleError = error instanceof ToolVmSshOperationStaleError ? error : new ToolVmSshOperationStaleError({
@@ -420,6 +636,14 @@ async function runToolVmSshOperationWithGuard(options) {
 				message: staleError.message
 			} }
 		});
+		const observedAtMs = now();
+		publishHealthEvent({
+			elapsedMs: observedAtMs - startedAtMs,
+			errorCode: staleError.reason,
+			guardOptions: options,
+			observedAtMs,
+			result: "failed"
+		});
 		throw staleError;
 	} finally {
 		if (timeoutHandle !== void 0) clearTimeoutImpl(timeoutHandle);
@@ -469,6 +693,24 @@ function isActiveUseFinalizeToken(value) {
 function activeUseOutcomeForFinalizeParams(finalizeParams) {
 	return finalizeParams.timedOut ? "timed-out" : finalizeParams.status === "completed" ? "completed" : "failed";
 }
+async function publishFinalizeToolVmSshHealthEvent(options) {
+	const event = {
+		agentId: options.agentId,
+		elapsedMs: 0,
+		...options.timedOut ? { errorCode: "ssh-command-timed-out" } : {},
+		kind: "tool-vm-ssh",
+		leaseId: options.leaseId,
+		observedAtMs: Date.now(),
+		operation: "finalize",
+		result: options.timedOut ? "failed" : "ok",
+		zoneId: options.zoneId
+	};
+	try {
+		await options.publishHealthEvent(event);
+	} catch (error) {
+		writeSandboxBackendLog(`tool-vm-ssh finalize health publish failed for zone '${options.zoneId}' lease '${options.leaseId}': ${formatUnknownError(error)}`);
+	}
+}
 function mergedAbortSignal(firstSignal, secondSignal) {
 	if (firstSignal === void 0) return secondSignal;
 	return AbortSignal.any([firstSignal, secondSignal]);
@@ -482,6 +724,18 @@ function mergedAbortSignals(signals) {
 function resolveLeaseRequestAgentId(sessionKey) {
 	return resolveOpenClawAgentIdFromSessionKey(sessionKey);
 }
+function defaultOpenClawStateDir() {
+	const explicitStateDir = process.env.OPENCLAW_STATE_DIR?.trim();
+	if (explicitStateDir) return path.resolve(explicitStateDir);
+	const homeDirectory = process.env.HOME?.trim();
+	return homeDirectory ? path.join(homeDirectory, ".openclaw", "state") : void 0;
+}
+function defaultOpenClawWorkspaceDir() {
+	const homeDirectory = process.env.HOME?.trim();
+	if (!homeDirectory) return;
+	const profile = process.env.OPENCLAW_PROFILE?.trim().toLowerCase();
+	return profile && profile !== "default" ? path.join(homeDirectory, ".openclaw", `workspace-${profile}`) : path.join(homeDirectory, ".openclaw", "workspace");
+}
 function assertPluginLeaseContract(params) {
 	const mismatch = findOpenClawGondolinSandboxMismatch(params.cfg);
 	if (mismatch) throw new Error(`OpenClaw Gondolin sandbox requires ${mismatch.key}=${mismatch.expectedValue}; received ${String(params.cfg[mismatch.key])}.`);
@@ -493,8 +747,18 @@ function createGondolinSandboxBackendFactory(options, dependencies) {
 		const profileId = options.profileId ?? "standard";
 		const agentId = resolveLeaseRequestAgentId(params.sessionKey);
 		assertPluginLeaseContract({ cfg: params.cfg });
+		const defaultWorkspaceDir = options.openClawDefaultWorkspaceDirProvider?.() ?? defaultOpenClawWorkspaceDir();
+		const equivalentAgentWorkspaceDirs = defaultWorkspaceDir === void 0 ? [] : [defaultWorkspaceDir];
+		const workspaceSource = resolveOpenClawAgentWorkspaceSource({
+			agentId,
+			defaultWorkspaceDir,
+			openClawConfig: options.openClawRuntimeConfigProvider?.(),
+			paramsAgentWorkspaceDir: params.agentWorkspaceDir,
+			stateDir: options.openClawStateDirProvider?.() ?? defaultOpenClawStateDir()
+		});
 		const pathIntent = assertOpenClawToolVmPathIntent({
-			agentWorkspaceDir: params.agentWorkspaceDir,
+			agentWorkspaceDir: workspaceSource.sourceDir,
+			equivalentAgentWorkspaceDirs,
 			inputPath: params.workspaceDir
 		});
 		const cacheKey = agentLeaseCacheKey({
@@ -502,11 +766,27 @@ function createGondolinSandboxBackendFactory(options, dependencies) {
 			zoneId: options.zoneId
 		});
 		const requestedCacheEntry = {
-			agentWorkspaceDir: params.agentWorkspaceDir,
+			agentWorkspaceDir: workspaceSource.sourceDir,
 			leaseWorkMountDir: pathIntent.leaseWorkMountDir,
 			profileId
 		};
 		const leaseClient = dependencies.createLeaseClient?.({ controllerUrl: options.controllerUrl }) ?? createLeaseClient({ controllerUrl: options.controllerUrl });
+		const publishHealthEvent = async (event) => {
+			const response = await fetchControllerWithPolicy({
+				input: `${options.controllerUrl.replace(/\/+$/u, "")}/zones/${encodeURIComponent(options.zoneId)}/health-events`,
+				init: {
+					body: JSON.stringify(event),
+					headers: { "content-type": "application/json" },
+					method: "POST"
+				},
+				operation: "health-event-publish"
+			});
+			if (!response.ok) {
+				await response.text().catch(() => void 0);
+				throw new Error(`health event publish returned HTTP ${String(response.status)}`);
+			}
+			await response.text().catch(() => void 0);
+		};
 		const markLeaseStale = async (lease, reason, error) => {
 			agentLeaseCache.delete(cacheKey);
 			writeSandboxBackendLog(`lease marked stale for zone '${options.zoneId}' agent '${agentId}' lease '${lease.leaseId}' reason '${reason}': ${formatUnknownError(error)}`);
@@ -526,6 +806,13 @@ function createGondolinSandboxBackendFactory(options, dependencies) {
 			try {
 				const renewedLease = await leaseClient.renewLease(cachedEntry.lease.leaseId);
 				await runToolVmSshOperationWithGuard({
+					healthEvent: {
+						agentId,
+						leaseId: renewedLease.leaseId,
+						operation: "probe",
+						publish: publishHealthEvent,
+						zoneId: options.zoneId
+					},
 					operation: async (signal) => await dependencies.runRemoteShellScript({
 						allowFailure: false,
 						script: "true",
@@ -565,7 +852,7 @@ function createGondolinSandboxBackendFactory(options, dependencies) {
 					if (runtimeStatus && leaseClient.publishOpenClawRuntimeStatus) await leaseClient.publishOpenClawRuntimeStatus(runtimeStatus);
 					const leaseResponse = await leaseClient.requestLease({
 						agentId,
-						agentWorkspaceDir: params.agentWorkspaceDir,
+						agentWorkspaceDir: workspaceSource.sourceDir,
 						profileId,
 						sessionKey: params.sessionKey,
 						workMountDir: pathIntent.leaseWorkMountDir,
@@ -597,6 +884,7 @@ function createGondolinSandboxBackendFactory(options, dependencies) {
 			markCachedLeaseStale: async (reason, error) => {
 				await markLeaseStale(lease, reason, error);
 			},
+			publishHealthEvent,
 			runRemoteShellScript: dependencies.runRemoteShellScript,
 			buildExecSpec: dependencies.buildExecSpec,
 			sessionKey: params.sessionKey,
@@ -649,6 +937,13 @@ function createSandboxBackendHandle(options) {
 		sessionKey: options.sessionKey,
 		toolName: "fs-bridge"
 	}, async (activeUseHandle) => await runToolVmSshOperationWithGuard({
+		healthEvent: {
+			agentId: options.lease.agentId,
+			leaseId: options.lease.leaseId,
+			operation: "file-bridge",
+			publish: options.publishHealthEvent,
+			zoneId: options.zoneId
+		},
 		operation: async (signal) => {
 			const operationSignal = mergedAbortSignals([
 				shellParams.signal,
@@ -740,6 +1035,13 @@ function createSandboxBackendHandle(options) {
 					} }
 				});
 				await endActiveUseFinalizeToken(finalizeParams.token, activeUseOutcomeForFinalizeParams(finalizeParams));
+				publishFinalizeToolVmSshHealthEvent({
+					agentId: options.lease.agentId,
+					leaseId: options.lease.leaseId,
+					publishHealthEvent: options.publishHealthEvent,
+					timedOut: finalizeParams.timedOut,
+					zoneId: options.zoneId
+				});
 				if (finalizeParams.timedOut) await options.markCachedLeaseStale("ssh-command-timed-out", void 0);
 				return;
 			}
@@ -749,6 +1051,13 @@ function createSandboxBackendHandle(options) {
 			sessionKey: options.sessionKey,
 			toolName: "runShellCommand"
 		}, async (activeUseHandle) => await runToolVmSshOperationWithGuard({
+			healthEvent: {
+				agentId: options.lease.agentId,
+				leaseId: options.lease.leaseId,
+				operation: "command",
+				publish: options.publishHealthEvent,
+				zoneId: options.zoneId
+			},
 			operation: async (signal) => await options.runRemoteShellScript({
 				script: commandParams.script,
 				signal: mergedAbortSignal(activeUseHandle.signal, signal),
@@ -788,10 +1097,20 @@ function createGondolinSandboxBackendManager(options, dependencies) {
 }
 //#endregion
 //#region src/gondolin-plugin-config.ts
+function isObjectRecord$1(value) {
+	return typeof value === "object" && value !== null && !Array.isArray(value);
+}
 function resolveGondolinPluginConfig(config) {
 	if (typeof config.controllerUrl !== "string" || typeof config.zoneId !== "string") throw new Error("Gondolin plugin config requires controllerUrl and zoneId.");
+	const rawGatewayControlLinkMonitor = config.gatewayControlLinkMonitor;
+	const gatewayControlLinkMonitor = isObjectRecord$1(rawGatewayControlLinkMonitor) ? {
+		baseIntervalMs: typeof rawGatewayControlLinkMonitor.baseIntervalMs === "number" ? rawGatewayControlLinkMonitor.baseIntervalMs : 1e4,
+		enabled: typeof rawGatewayControlLinkMonitor.enabled === "boolean" ? rawGatewayControlLinkMonitor.enabled : true,
+		maxIntervalMs: typeof rawGatewayControlLinkMonitor.maxIntervalMs === "number" ? rawGatewayControlLinkMonitor.maxIntervalMs : 12e4
+	} : void 0;
 	return {
 		controllerUrl: config.controllerUrl,
+		...gatewayControlLinkMonitor ? { gatewayControlLinkMonitor } : {},
 		...typeof config.profileId === "string" ? { profileId: config.profileId } : {},
 		...typeof config.zoneGitToken === "string" ? { zoneGitToken: config.zoneGitToken } : {},
 		...typeof config.zoneGitTokenEnv === "string" ? { zoneGitTokenEnv: config.zoneGitTokenEnv } : {},
@@ -799,6 +1118,119 @@ function resolveGondolinPluginConfig(config) {
 	};
 }
 //#endregion
+//#region src/gateway-control-link-monitor.ts
+function defaultWriteLog(message) {
+	process.stderr.write(`[gateway-control-link-monitor] ${message}\n`);
+}
+function joinUrl(baseUrl, path) {
+	return `${baseUrl.replace(/\/+$/, "")}${path}`;
+}
+function nextIntervalMs(options) {
+	const multiplier = 2 ** Math.min(options.consecutiveFailureCount, 8);
+	return Math.min(options.maxIntervalMs, options.baseIntervalMs * multiplier);
+}
+function createGatewayControlLinkMonitor(options) {
+	const fetchImpl = options.fetchImpl ?? fetch;
+	const setTimeoutImpl = options.setTimeoutImpl ?? setTimeout;
+	const clearTimeoutImpl = options.clearTimeoutImpl ?? clearTimeout;
+	const writeLog = options.writeLog ?? defaultWriteLog;
+	let consecutiveFailureCount = 0;
+	let stopped = true;
+	let timer;
+	const publish = async (event) => {
+		const response = await fetchControllerWithPolicy({
+			fetchImpl,
+			input: joinUrl(options.controllerUrl, `/zones/${encodeURIComponent(options.zoneId)}/health-events`),
+			init: {
+				body: JSON.stringify(event),
+				headers: { "content-type": "application/json" },
+				method: "POST"
+			},
+			operation: "health-event-publish"
+		});
+		if (!response.ok) {
+			await response.text().catch(() => void 0);
+			throw new Error(`health event publish returned HTTP ${String(response.status)}`);
+		}
+		await response.text().catch(() => void 0);
+	};
+	const scheduleNext = () => {
+		if (stopped) return;
+		if (timer) return;
+		timer = setTimeoutImpl(() => {
+			timer = void 0;
+			tick().finally(scheduleNext);
+		}, nextIntervalMs({
+			baseIntervalMs: options.baseIntervalMs,
+			consecutiveFailureCount,
+			maxIntervalMs: options.maxIntervalMs
+		}));
+		timer.unref?.();
+	};
+	const tick = async () => {
+		const startedAtMs = options.now();
+		let event;
+		try {
+			const response = await fetchControllerWithPolicy({
+				fetchImpl,
+				input: joinUrl(options.controllerUrl, gatewayControlLinkHealthPins.path),
+				init: { method: "GET" },
+				operation: "controller-health"
+			});
+			const ok = response.ok;
+			await response.text().catch(() => void 0);
+			consecutiveFailureCount = ok ? 0 : consecutiveFailureCount + 1;
+			event = {
+				controllerHost: gatewayControlLinkHealthPins.controllerHost,
+				controllerPort: gatewayControlLinkHealthPins.controllerPort,
+				elapsedMs: options.now() - startedAtMs,
+				kind: "gateway-control-link",
+				observedAtMs: options.now(),
+				operation: gatewayControlLinkHealthPins.operation,
+				path: gatewayControlLinkHealthPins.path,
+				result: ok ? "ok" : "failed",
+				zoneId: options.zoneId
+			};
+		} catch (error) {
+			consecutiveFailureCount += 1;
+			event = {
+				controllerHost: gatewayControlLinkHealthPins.controllerHost,
+				controllerPort: gatewayControlLinkHealthPins.controllerPort,
+				elapsedMs: options.now() - startedAtMs,
+				kind: "gateway-control-link",
+				observedAtMs: options.now(),
+				operation: gatewayControlLinkHealthPins.operation,
+				path: gatewayControlLinkHealthPins.path,
+				result: error instanceof ControllerRequestPolicyTransportError && error.code === "controller-request-timeout" ? "timeout" : "failed",
+				zoneId: options.zoneId
+			};
+			writeLog(`gateway-control-link fetch failed operation=controller-health elapsedMs=${String(event.elapsedMs)} errorCode=${error instanceof ControllerRequestPolicyTransportError ? error.code : "controller-request-failed"}`);
+		}
+		try {
+			await publish(event);
+		} catch (error) {
+			writeLog(`gateway-control-link publish failed operation=health-event-publish elapsedMs=${String(event.elapsedMs)} errorCode=${error instanceof ControllerRequestPolicyTransportError ? error.code : "health-event-publish-failed"} message=${error instanceof Error ? error.message : String(error)}`);
+		}
+	};
+	return {
+		consecutiveFailureCount: () => consecutiveFailureCount,
+		noteFailureForTest: () => {
+			consecutiveFailureCount += 1;
+		},
+		start: () => {
+			stopped = false;
+			scheduleNext();
+		},
+		stop: () => {
+			stopped = true;
+			if (!timer) return;
+			clearTimeoutImpl(timer);
+			timer = void 0;
+		},
+		tick
+	};
+}
+//#endregion
 //#region src/openclaw-backend-dependencies.ts
 const OPENCLAW_SSH_SESSION_SCRATCH_ROOT = "/work";
 function createBackendDeps(ssh) {
@@ -977,13 +1409,18 @@ function registerZoneGitTool(options) {
 		},
 		execute: async (_toolCallId, input) => {
 			const expectedHead = readExpectedHead(input);
-			const response = await (options.fetchImpl ?? fetch)(buildControllerUrl(options.controllerUrl, options.zoneId), {
-				body: JSON.stringify({ expectedHead }),
-				headers: {
-					"content-type": "application/json",
-					...options.zoneGitToken ? { [zoneGitCapabilityHeader]: options.zoneGitToken } : {}
+			const response = await fetchControllerWithPolicy({
+				fetchImpl: options.fetchImpl ?? fetch,
+				input: buildControllerUrl(options.controllerUrl, options.zoneId),
+				init: {
+					body: JSON.stringify({ expectedHead }),
+					headers: {
+						"content-type": "application/json",
+						...options.zoneGitToken ? { [zoneGitCapabilityHeader]: options.zoneGitToken } : {}
+					},
+					method: "POST"
 				},
-				method: "POST"
+				operation: "zone-git-push"
 			});
 			const responseText = await readResponseText(response);
 			if (!response.ok) throw new Error(`zone_git_push failed: ${response.status} ${responseText.slice(0, 500)}`);
@@ -1000,22 +1437,8 @@ function registerZoneGitTool(options) {
 }
 //#endregion
 //#region src/openclaw-plugin-registration.ts
-const runtimeStatusPublishMaxAttempts = 30;
-const runtimeStatusPublishRetryDelayMs = 1e3;
-function sleep(ms) {
-	return new Promise((resolve) => {
-		setTimeout(resolve, ms);
-	});
-}
-async function publishRuntimeStatusWithRetry(options) {
-	const leaseClient = createLeaseClient({ controllerUrl: options.controllerUrl });
-	for (let attemptIndex = 0; attemptIndex < runtimeStatusPublishMaxAttempts; attemptIndex += 1) try {
-		await leaseClient.publishOpenClawRuntimeStatus?.(options.report);
-		return;
-	} catch (error) {
-		if (attemptIndex === runtimeStatusPublishMaxAttempts - 1) throw error;
-		await sleep(runtimeStatusPublishRetryDelayMs);
-	}
+async function publishRuntimeStatus(options) {
+	await createLeaseClient({ controllerUrl: options.controllerUrl }).publishOpenClawRuntimeStatus?.(options.report);
 }
 const plugin = {
 	id: "gondolin",
@@ -1036,6 +1459,13 @@ const plugin = {
 			zoneId: pluginConfig.zoneId
 		});
 		if (api.registrationMode !== "full") return;
+		if (pluginConfig.gatewayControlLinkMonitor?.enabled) createGatewayControlLinkMonitor({
+			baseIntervalMs: pluginConfig.gatewayControlLinkMonitor.baseIntervalMs,
+			controllerUrl: pluginConfig.controllerUrl,
+			maxIntervalMs: pluginConfig.gatewayControlLinkMonitor.maxIntervalMs,
+			now: () => Date.now(),
+			zoneId: pluginConfig.zoneId
+		}).start();
 		const buildRuntimeStatus = () => {
 			const runtimeConfig = api.runtime?.config?.current?.() ?? api.config;
 			return runtimeConfig ? buildOpenClawRuntimeStatusReport({
@@ -1044,7 +1474,7 @@ const plugin = {
 			}) : void 0;
 		};
 		const initialRuntimeStatus = buildRuntimeStatus();
-		if (initialRuntimeStatus) publishRuntimeStatusWithRetry({
+		if (initialRuntimeStatus) publishRuntimeStatus({
 			controllerUrl: pluginConfig.controllerUrl,
 			report: initialRuntimeStatus
 		}).catch((error) => {
@@ -1066,6 +1496,7 @@ const plugin = {
 			sdkRaw.registerSandboxBackend("gondolin", {
 				factory: createGondolinSandboxBackendFactory({
 					...pluginConfig,
+					openClawRuntimeConfigProvider: () => api.runtime?.config?.current?.() ?? api.config,
 					openClawRuntimeStatusProvider: buildRuntimeStatus
 				}, backendDependencies),
 				manager: createGondolinSandboxBackendManager(pluginConfig, backendDependencies)
@@ -1080,6 +1511,6 @@ const plugin = {
 //#region src/index.ts
 const OPENCLAW_GONDOLIN_PLUGIN_PACKAGE_NAME = "@agent-vm/openclaw-agent-vm-plugin";
 //#endregion
-export { ControllerLeaseRequestError, OPENCLAW_DEFAULT_AGENT_ID, OPENCLAW_GONDOLIN_LEASE_SCOPE_GUIDANCE, OPENCLAW_GONDOLIN_PLUGIN_PACKAGE_NAME, OPENCLAW_GONDOLIN_SANDBOX_REQUIREMENTS, OPENCLAW_SSH_SESSION_SCRATCH_ROOT, buildOpenClawRuntimeStatusReport, createBackendDeps, createGondolinSandboxBackendFactory, createGondolinSandboxBackendManager, createLeaseClient, plugin as default, effectiveOpenClawGondolinSandboxValue, findOpenClawGondolinSandboxMismatch, formatOpenClawGondolinRequirementFieldPath, formatOpenClawGondolinRequirementFindingId, formatOpenClawGondolinRequirementHint, isOpenClawAgentId, isOpenClawAgentSessionKey, normalizeOpenClawAgentId, resolveGondolinPluginConfig, resolveOpenClawAgentIdFromSessionKey, snapshotOpenClawGondolinSandboxConfig };
+export { ControllerLeaseRequestError, ControllerRequestPolicyTransportError, OPENCLAW_DEFAULT_AGENT_ID, OPENCLAW_GONDOLIN_LEASE_SCOPE_GUIDANCE, OPENCLAW_GONDOLIN_PLUGIN_PACKAGE_NAME, OPENCLAW_GONDOLIN_SANDBOX_REQUIREMENTS, OPENCLAW_SSH_SESSION_SCRATCH_ROOT, OpenClawAgentIdError, buildOpenClawRuntimeStatusReport, createBackendDeps, createGatewayControlLinkMonitor, createGondolinSandboxBackendFactory, createGondolinSandboxBackendManager, createLeaseClient, plugin as default, drainControllerResponseBody, effectiveOpenClawGondolinSandboxValue, fetchControllerWithPolicy, findOpenClawGondolinSandboxMismatch, formatOpenClawGondolinRequirementFieldPath, formatOpenClawGondolinRequirementFindingId, formatOpenClawGondolinRequirementHint, isOpenClawAgentId, isOpenClawAgentSessionKey, normalizeOpenClawAgentId, resolveGondolinPluginConfig, resolveOpenClawAgentIdFromSessionKey, snapshotOpenClawGondolinSandboxConfig };
 
 //# sourceMappingURL=index.js.map