oomi-ai 0.3.0 → 0.3.2

package/README.md

@@ -28,7 +28,12 @@ The current model is:
 - Files: `persona-app/*`, `lib/personaApiClient.js`, `bin/oomi-ai.js`
 - Purpose: inspect account-linked component-composed persona apps and apply approved backend actions.
 
-4. Agent/operator instructions
+4. Permissioned context tools
+
+- Files: `lib/personaApiClient.js`, `bin/oomi-ai.js`
+- Purpose: read user-approved Oomi backend context, such as HealthKit summaries synced by the mobile app.
+
+5. Agent/operator instructions
 
 - Files: `agent_instructions.md`, `skills/oomi/*`
 - Purpose: tell OpenClaw agents how to connect, repair, and use Oomi without local UI code generation.
@@ -164,6 +169,22 @@ oomi persona-apps apply-action fitness-today --action fitness.complete_goal --pa
 oomi persona-apps apply-action fitness-today --action fitness.complete_workout --payload-json '{"goalId":"easy-run","minutes":20}' --json
 ```
 
+## Context Tools
+
+Use context tools when the user asks a data-backed question that should come from Oomi-approved mobile permissions, not model memory. For health and fitness questions, read the latest backend HealthKit context first:
+
+```bash
+oomi context health --json
+```
+
+Rules for agents:
+
+- Answer from `healthContext.summary` and `healthContext.derived`.
+- Respect `healthContext.agentGuidance.canAnswerFromContext`.
+- If context is `missing`, `needs_sync`, `permission_denied`, `disabled_by_user`, or `unavailable`, tell the user what repair action is needed instead of guessing.
+- If context is `stale`, mention freshness when timing matters.
+- Do not ask the phone for HealthKit directly; the Oomi mobile app syncs HealthKit to the backend.
+
 ## Voice Contract
 
 Managed voice uses the same Oomi plugin and bridge layer as managed chat.

package/agent_instructions.md

@@ -12,6 +12,7 @@ Get OpenClaw into a state where:
 - Oomi device-backed voice can start cleanly
 - the bridge is supervised or restartable
 - component-composed persona apps can be inspected and updated through Oomi API tools
+- approved user context, such as HealthKit data synced by the Oomi mobile app, can be read through Oomi backend context tools
 - the user never has to paste raw pair identifiers or gateway secrets manually when managed connect is available
 
 ## Standard Connect Flow
@@ -260,3 +261,22 @@ Strict rules:
 - Do not install app framework dependencies for persona UI work.
 - Do not present local URLs as persona app URLs.
 - If a persona app needs to be created, tell the user to add it from the Oomi client first so permissions and hydration run correctly.
+
+## Permissioned Context Tools
+
+Use Oomi context tools when the user asks about personal data that should come from mobile permissions instead of model memory.
+
+For health, fitness, sleep, workout, cardio, or movement questions:
+
+```bash
+oomi context health --json
+```
+
+Rules:
+
+- Answer only from `healthContext.summary` and `healthContext.derived`.
+- Respect `healthContext.agentGuidance.canAnswerFromContext`.
+- If `canAnswerFromContext` is false, tell the user the relevant `healthContext.repair.label` or `healthContext.repair.reason`.
+- If `healthContext.status` is `stale`, mention that the latest HealthKit sync may be out of date when timing matters.
+- Do not infer unavailable health fields.
+- Do not request HealthKit directly from the phone; the Oomi mobile app owns permission prompts and syncs approved data to the backend.

package/bin/oomi-ai.js

@@ -227,6 +227,9 @@ Commands:
   persona-apps apply-action <slug>
     Apply an approved persona app action through the Oomi backend.
 
+  context health
+    Show the latest account-linked health context available to this paired OpenClaw device.
+
 Common flags:
   --agents-file PATH     Override AGENTS.md path
   --workspace PATH       Override OpenClaw workspace root
@@ -566,6 +569,12 @@ async function handlePersonaAppApplyActionCommand(slug, flags = {}) {
   printStructuredResult(result, isTruthyFlag(flags.json));
 }
 
+async function handleContextHealthCommand(flags = {}) {
+  const client = createCliPersonaApiClient(flags);
+  const payload = await client.getHealthContext();
+  printStructuredResult(payload, isTruthyFlag(flags.json));
+}
+
 async function refreshBridgeForUpdate(flags = {}, options = {}) {
   const logger = options.logger || null;
   if (process.platform === 'darwin') {
@@ -1346,6 +1355,127 @@ function extractTextFromGatewayMessage(message) {
     .join(' ');
 }
 
+function normalizeWhitespace(value) {
+  return String(value || '')
+    .replace(/[ \t]+\n/g, '\n')
+    .replace(/\n{3,}/g, '\n\n')
+    .replace(/[ \t]{2,}/g, ' ')
+    .trim();
+}
+
+function sanitizeUserVisibleText(value) {
+  let text = String(value || '');
+  if (!text.trim()) return '';
+
+  text = text.replace(/<think>[\s\S]*?<\/think>/gi, ' ');
+  if (/<think>/i.test(text)) {
+    text = text.replace(/<think>[\s\S]*$/i, ' ');
+  }
+  text = text.replace(/<\/think>/gi, ' ');
+
+  text = text.replace(/(?:^|\n)System \(untrusted\):[\s\S]*?(?=\n\n|$)/gi, '\n');
+  text = text.replace(
+    /(?:^|\n)An async command you ran earlier has completed\.[\s\S]*?(?:\nCurrent time:[^\n]*(?:\n|$)|$)/gi,
+    '\n'
+  );
+
+  return normalizeWhitespace(text);
+}
+
+function shouldSuppressOomiVisibleText(value) {
+  const text = String(value || '').trim();
+  if (!text) return true;
+
+  if (/System \(untrusted\):/i.test(text)) return true;
+  if (/An async command you ran earlier has completed\./i.test(text)) return true;
+  if (/Handle the result internally\. Do not relay it to the user/i.test(text)) return true;
+  if (/Exec (failed|completed) \([^)]+\) ::/i.test(text)) return true;
+  if (/^\s*<think>[\s\S]*$/i.test(text) && !/<\/think>/i.test(text)) return true;
+
+  return !sanitizeUserVisibleText(text);
+}
+
+function sanitizeGatewayMessageForOomi(message) {
+  if (!message || typeof message !== 'object') return null;
+
+  const role = typeof message.role === 'string' ? message.role.trim().toLowerCase() : '';
+  if (role && !['assistant', 'user'].includes(role)) {
+    return null;
+  }
+
+  const rawText = extractTextFromGatewayMessage(message);
+  if (shouldSuppressOomiVisibleText(rawText)) {
+    return null;
+  }
+
+  const content = sanitizeUserVisibleText(rawText);
+  if (!content) return null;
+
+  return {
+    ...message,
+    role: role || 'assistant',
+    content,
+  };
+}
+
+function sanitizeGatewayFrameForOomiClient(frameText) {
+  const frame = parseJsonPayload(frameText);
+  if (!frame || typeof frame !== 'object') {
+    return { frameText, changed: false, suppressed: false };
+  }
+
+  if (frame.type === 'res' && frame.payload && typeof frame.payload === 'object' && Array.isArray(frame.payload.messages)) {
+    const nextMessages = frame.payload.messages
+      .map((message) => sanitizeGatewayMessageForOomi(message))
+      .filter(Boolean);
+    const nextFrame = {
+      ...frame,
+      payload: {
+        ...frame.payload,
+        messages: nextMessages,
+      },
+    };
+    const nextFrameText = JSON.stringify(nextFrame);
+    return {
+      frameText: nextFrameText,
+      changed: nextFrameText !== frameText,
+      suppressed: nextMessages.length < frame.payload.messages.length,
+    };
+  }
+
+  if (frame.type === 'event' && frame.event === 'chat') {
+    const payload = frame.payload && typeof frame.payload === 'object' ? frame.payload : null;
+    const message = payload?.message && typeof payload.message === 'object' ? payload.message : null;
+    if (!payload || !message) {
+      return { frameText, changed: false, suppressed: false };
+    }
+
+    const sanitizedMessage = sanitizeGatewayMessageForOomi(message);
+    const nextFrame = {
+      ...frame,
+      payload: {
+        ...payload,
+        message: sanitizedMessage || {
+          ...message,
+          content: '',
+          metadata: {
+            ...(message.metadata && typeof message.metadata === 'object' && !Array.isArray(message.metadata) ? message.metadata : {}),
+            oomiSuppressed: true,
+          },
+        },
+      },
+    };
+    const nextFrameText = JSON.stringify(nextFrame);
+    return {
+      frameText: nextFrameText,
+      changed: nextFrameText !== frameText,
+      suppressed: !sanitizedMessage,
+    };
+  }
+
+  return { frameText, changed: false, suppressed: false };
+}
+
 function summarizeVoiceFrameContract(frameText) {
   const frame = parseJsonPayload(frameText);
   if (!frame || typeof frame !== 'object') {
@@ -2988,6 +3118,13 @@ async function startOpenclawBridge(flags) {
 
       gatewaySocket.on('message', runBridgeCallbackSafely((gatewayRaw) => {
         let frame = typeof gatewayRaw === 'string' ? gatewayRaw : gatewayRaw.toString();
+        const visibleSanitized = sanitizeGatewayFrameForOomiClient(frame);
+        if (visibleSanitized.changed) {
+          frame = visibleSanitized.frameText;
+          bridgeDebugLog(
+            `[bridge] oomi.visible_sanitized ${sessionId} suppressed=${visibleSanitized.suppressed ? 'yes' : 'no'}`
+          );
+        }
         const spokenNormalized = normalizeAssistantGatewayFrame(sessionId, frame);
         if (spokenNormalized.changed) {
           frame = spokenNormalized.frameText;
@@ -4181,6 +4318,11 @@ async function main() {
     return;
   }
 
+  if (command === 'context' && subcommand === 'health') {
+    await handleContextHealthCommand(args.flags);
+    return;
+  }
+
   console.error(`Unknown command: ${command} ${subcommand || ''}`.trim());
   usage();
   process.exit(1);
@@ -4199,6 +4341,9 @@ if (__isDirectExecution) {
 
 export {
   prepareGatewayFrameForLocalGateway,
+  sanitizeGatewayFrameForOomiClient,
+  sanitizeUserVisibleText,
+  shouldSuppressOomiVisibleText,
   ensureAssistantSpokenMetadata,
   normalizeAssistantGatewayFrame,
   runAssistantFinalDebugCheck,

package/lib/personaApiClient.js

@@ -139,5 +139,14 @@ export function createPersonaApiClient({
         },
       });
     },
+
+    getHealthContext() {
+      return getJson({
+        fetchImpl,
+        backendUrl: resolvedBackendUrl,
+        deviceToken: resolvedDeviceToken,
+        path: '/v1/context/health',
+      });
+    },
   };
 }

package/openclaw.extension.js

@@ -107,6 +107,46 @@ function extractText(payload) {
   return '';
 }
 
+function normalizeWhitespace(value) {
+  return String(value || '')
+    .replace(/[ \t]+\n/g, '\n')
+    .replace(/\n{3,}/g, '\n\n')
+    .replace(/[ \t]{2,}/g, ' ')
+    .trim();
+}
+
+function sanitizeUserVisibleText(value) {
+  let text = String(value || '');
+  if (!text.trim()) return '';
+
+  text = text.replace(/<think>[\s\S]*?<\/think>/gi, ' ');
+  if (/<think>/i.test(text)) {
+    text = text.replace(/<think>[\s\S]*$/i, ' ');
+  }
+  text = text.replace(/<\/think>/gi, ' ');
+
+  text = text.replace(/(?:^|\n)System \(untrusted\):[\s\S]*?(?=\n\n|$)/gi, '\n');
+  text = text.replace(
+    /(?:^|\n)An async command you ran earlier has completed\.[\s\S]*?(?:\nCurrent time:[^\n]*(?:\n|$)|$)/gi,
+    '\n'
+  );
+
+  return normalizeWhitespace(text);
+}
+
+function shouldSuppressOomiVisibleText(value) {
+  const text = String(value || '').trim();
+  if (!text) return true;
+
+  if (/System \(untrusted\):/i.test(text)) return true;
+  if (/An async command you ran earlier has completed\./i.test(text)) return true;
+  if (/Handle the result internally\. Do not relay it to the user/i.test(text)) return true;
+  if (/Exec (failed|completed) \([^)]+\) ::/i.test(text)) return true;
+  if (/^\s*<think>[\s\S]*$/i.test(text) && !/<\/think>/i.test(text)) return true;
+
+  return !sanitizeUserVisibleText(text);
+}
+
 function extractConversationKey(payload) {
   const candidates = [
     payload?.conversationKey,
@@ -290,7 +330,16 @@ const oomiChannelPlugin = {
         };
       }
 
-      const content = extractText(payload);
+      const rawContent = extractText(payload);
+      if (shouldSuppressOomiVisibleText(rawContent)) {
+        return {
+          ok: true,
+          suppressed: true,
+          reason: 'internal_content',
+        };
+      }
+
+      const content = sanitizeUserVisibleText(rawContent);
       if (!content) {
         return {
           ok: false,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "oomi-ai",
-  "version": "0.3.0",
+  "version": "0.3.2",
   "description": "Managed Oomi channel, bridge, voice, and persona app API tooling for OpenClaw",
   "bin": {
     "oomi": "bin/oomi-ai.js"

package/persona-app/README.md

@@ -24,4 +24,10 @@ oomi persona-apps show fitness-today --json
 oomi persona-apps apply-action fitness-today --action fitness.complete_workout --payload-json '{"goalId":"easy-run","minutes":20}' --json
 ```
 
+When answering data-backed health or fitness questions, agents should read approved backend context first:
+
+```bash
+oomi context health --json
+```
+
 If a persona app is missing, ask the user to add it from the Oomi client first so platform-specific permissions and hydration can run.

package/persona-app/registry/v1.json

@@ -1,6 +1,17 @@
 {
   "schemaVersion": "persona-app.v1",
-  "registryVersion": "2026-04-23.1",
+  "registryVersion": "2026-04-24.1",
+  "contextTools": [
+    {
+      "id": "health.context.read",
+      "command": "oomi context health --json",
+      "endpoint": "/v1/context/health",
+      "description": "Reads the latest account-linked health context synced by Oomi mobile clients.",
+      "permissions": ["healthkit.read", "health_connect.read"],
+      "readOnly": true,
+      "targets": ["ios", "android", "web"]
+    }
+  ],
   "sharedComponents": [
     {
       "type": "shared.personaHero",
@@ -27,6 +38,16 @@
           "type": "fitness.goalChecklist",
           "description": "Checklist of suggested goals for today.",
           "targets": ["ios", "android", "web"]
+        },
+        {
+          "type": "fitness.metricGrid",
+          "description": "Grid of approved HealthKit or Health Connect activity, sleep, cardio, and body metrics.",
+          "targets": ["ios", "android", "web"]
+        },
+        {
+          "type": "fitness.workoutList",
+          "description": "Recent workouts synced from the user's approved mobile health source.",
+          "targets": ["ios", "android", "web"]
         }
       ],
       "actions": [
@@ -55,9 +76,10 @@
       ],
       "permissions": [
         "fitness.state.read",
-        "fitness.state.write"
+        "fitness.state.write",
+        "healthkit.read",
+        "health_connect.read"
       ]
     }
   ]
 }
-

package/skills/oomi/SKILL.md

@@ -10,6 +10,7 @@ Use this skill when you need to:
 - repair the Oomi plugin or bridge on a machine
 - inspect managed chat or voice health
 - inspect or update component-composed Oomi persona app state
+- read approved Oomi backend context such as HealthKit summaries synced by the mobile app
 - control the Oomi avatar with inline tags
 
 ## Primary Operator Workflow
@@ -112,6 +113,22 @@ Rules:
 - do not create local persona UI projects from the OpenClaw machine
 - do not execute persona UI jobs or start local persona app runtimes
 
+## Permissioned Context Tools
+
+Use context commands before answering personal data questions that should come from Oomi-approved permissions.
+
+For health, fitness, sleep, workout, cardio, or movement questions:
+
+```bash
+oomi context health --json
+```
+
+Rules:
+- answer only from `healthContext.summary` and `healthContext.derived`
+- respect `healthContext.agentGuidance.canAnswerFromContext`
+- if context is missing, stale, denied, disabled, or unavailable, follow `healthContext.repair`
+- do not ask HealthKit directly; the Oomi mobile app syncs approved HealthKit data to the backend
+
 ## Hidden Speech Payload
 
 Managed voice can carry a hidden TTS-only speech sidecar alongside the normal assistant message.

package/skills/oomi/agent_instructions.md

@@ -97,3 +97,21 @@ Rules:
 - apply updates only through approved `persona-apps apply-action` actions
 - if the persona app is missing, ask the user to add it from the Oomi client first so permissions and hydration can run
 - do not execute persona UI jobs or start local persona app runtimes
+
+## Permissioned Context Tools
+
+Use Oomi context tools when the user asks about personal data that should come from mobile permissions instead of memory.
+
+For health, fitness, sleep, workout, cardio, or movement questions:
+
+```bash
+oomi context health --json
+```
+
+Rules:
+- answer only from `healthContext.summary` and `healthContext.derived`
+- respect `healthContext.agentGuidance.canAnswerFromContext`
+- if `canAnswerFromContext` is false, tell the user the relevant `healthContext.repair.label` or `healthContext.repair.reason`
+- if `healthContext.status` is `stale`, mention that the latest HealthKit sync may be out of date when timing matters
+- do not infer unavailable health fields
+- do not request HealthKit directly from the phone; the Oomi mobile app owns permission prompts and syncs approved data to the backend