[Repo Assist] fix: guard bootstrap prompt against already-configured workspaces

[github-actions]

🤖 This PR was created by Repo Assist, an automated AI assistant.

Summary

Fixes an issue where the first-run bootstrap ritual prompt could be injected into the chat even when the user already had a configured workspace with OpenClaw files (SOUL.md, AGENTS.md, etc.).

Closes #729

Root Cause

OnboardingChatBootstrapper.BootstrapAsync() only checked the HasInjectedFirstRunBootstrap flag before sending the first-run prompt. This flag could be false even on an established workspace if:

• The user reinstalled the Windows Companion app over an existing workspace
• Settings were migrated and the flag wasn't carried over
• The flag was reset for any reason

In those cases, the bootstrap prompt would fire and ask the agent to start the first-run ritual, potentially rewriting SOUL.md and other workspace personality/config files.

Fix

Added an optional GatewayRegistry parameter to BootstrapAsync(). Before sending the bootstrap message, the method now calls SetupExistingGatewayClassifier.HasAnyExistingGatewayConnection(). If an existing gateway configuration is found (shared token, bootstrap token, or device token in any registry record), the gate is silently consumed (MarkBootstrapped() is called) without sending the prompt.

ChatPage.xaml.cs now passes app.Registry to BootstrapAsync() to enable this guard in the live UI path.

The change is backward-compatible: callers that don't pass a registry (existing tests, other call sites) get the old behavior unchanged.

Files Changed

• src/OpenClaw.Tray.WinUI/Services/OnboardingChatBootstrapper.cs — added GatewayRegistry? param and existing-gateway guard
• src/OpenClaw.Tray.WinUI/Pages/ChatPage.xaml.cs — passes app.Registry to BootstrapAsync
• tests/OpenClaw.Tray.Tests/OnboardingChatBootstrapperTests.cs — 4 new tests covering the skip path (SharedGatewayToken, BootstrapToken), empty-registry first-run, and no-registry backward compat

Test Status

Passed!  - Failed: 0, Passed: 996, Skipped: 2, Total: 998, Duration: 13s

All existing tray tests pass. 4 new tests were added for the guard behavior.

The 8 pre-existing failures in OpenClaw.Shared.Tests (MxcPolicyBuilderTests, ExecApprovalV2NormalizationTests, McpHttpServerTests) are unrelated to this change and pre-date it (Windows-specific sandbox/path features not available in the Linux CI environment).

Generated by 🌈 Repo Assist, see workflow run. Learn more.

Add this agentic workflows to your repo

To install this agentic workflow, run

gh aw add githubnext/agentics/workflows/repo-assist.md@97143ac59cb3a13ef2a77581f929f06719c7402a

[clawsweeper]

Codex review: found issues before merge. Reviewed June 9, 2026, 9:52 PM ET / 01:52 UTC.

Summary
The branch adds a GatewayRegistry-based skip guard to OnboardingChatBootstrapper, passes app.Registry from ChatPage, and adds tray unit tests for skip and send paths.

Reproducibility: Do we have a high-confidence way to reproduce the issue? Source inspection gives a high-confidence path: current main only checks HasInjectedFirstRunBootstrap before sending, while the PR guard would return early for setup-created registry credentials.

Review metrics: 3 noteworthy metrics.

• Files changed: 3 files, +109/-4. The PR changes one live ChatPage call path, the bootstrapper service, and its unit tests.
• Tests added: 4 unit tests. The added coverage validates registry skip behavior but misses the fresh setup-code registry case.
• Live UI call sites: 1 ChatPage call changed. One user-facing tray chat path now passes the registry into the bootstrap decision.

Merge readiness
Overall: 🧂 unranked krab
Proof: 🌊 off-meta tidepool
Patch quality: 🧂 unranked krab
Result: blocked by patch quality or review findings.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• [P2] Add a regression test for a fresh setup-created active gateway record with a bootstrap or device token.
• Refine the guard to distinguish established workspace state from normal setup credentials before marking the gate consumed.

Mantis proof suggestion
A short tray/chat proof would materially help because the changed behavior is visible in the first-run chat flow. A maintainer can ask Mantis to capture proof by posting a new PR comment that starts with the OpenClaw Mantis account mention, followed by:

visual task: verify that fresh setup still sends the first-run bootstrap prompt, while an already configured workspace does not.

Risk before merge

• [P1] Merging the PR as-is can make fresh setup-created gateway records skip the hatching bootstrap and permanently set HasInjectedFirstRunBootstrap without sending the prompt.
• [P1] The new empty-registry first-run test does not match the documented setup-code path, where the registry already has a bootstrap token before chat connects.
• [P1] The correct established-workspace signal may need a maintainer decision because registry credentials alone do not distinguish an old workspace from a newly paired gateway.

Maintainer options:

1. Preserve Fresh Setup Bootstrap (recommended)
   Change the guard and tests so a newly created setup-code or paired gateway record still sends the first-run bootstrap unless separate established-workspace evidence is present.
2. Accept Registry-Only Suppression
   Maintainers can intentionally decide that any configured gateway should suppress the hatching prompt, but that should be called out as a first-run behavior change.
3. Pause For Classifier Policy
   If the right existing-workspace signal is unclear, pause this PR until the onboarding classifier policy is settled.

Next step before merge

• A maintainer should choose the durable existing-workspace signal before this guard is repaired, because registry credentials alone are not enough.

Security
Cleared: The diff reads existing registry state and adds tests; it does not add dependencies, workflow execution, secret logging, or credential persistence changes.

Review findings

• [P1] Preserve the bootstrap for fresh gateway setup — src/OpenClaw.Tray.WinUI/Services/OnboardingChatBootstrapper.cs:53-54

Review details

Best possible solution:

Refine the guard so it skips only when existing workspace state is proven, while preserving the first-run bootstrap for normal setup-created gateway records and covering both paths in tests.

Do we have a high-confidence way to reproduce the issue?

Do we have a high-confidence way to reproduce the issue? Source inspection gives a high-confidence path: current main only checks HasInjectedFirstRunBootstrap before sending, while the PR guard would return early for setup-created registry credentials.

Is this the best way to solve the issue?

Is this the best way to solve the issue? No; using any gateway credential as non-first-run evidence conflates established workspaces with the documented fresh setup-code pairing path.

Full review comments:

• [P1] Preserve the bootstrap for fresh gateway setup — src/OpenClaw.Tray.WinUI/Services/OnboardingChatBootstrapper.cs:53-54
  This guard treats any registry record as an existing workspace because HasAnyExistingGatewayConnection returns true for BootstrapToken and stored device tokens. A normal first-run setup creates a GatewayRecord with a bootstrap token before connecting and then persists a device token, so ChatPage will pass app.Registry and MarkBootstrapped without sending the hatching prompt. The empty-registry test misses the live setup path; add coverage for a freshly created active gateway and only skip when existing workspace state is proven.
  Confidence: 0.86

Overall correctness: patch is incorrect
Overall confidence: 0.86

AGENTS.md: found and applied where relevant.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 0e61fa287afb.

Label changes

Label changes:

• add P2: This is a normal-priority onboarding/chat bug fix PR with a blocking regression risk, not an emergency runtime outage.
• add merge-risk: 🚨 compatibility: The PR changes upgrade and setup classification semantics by treating normal saved gateway credentials as non-first-run evidence.
• add merge-risk: 🚨 message-delivery: The PR can suppress the first-run bootstrap chat message and mark the one-shot gate consumed without delivery.
• add rating: 🧂 unranked krab: Overall readiness is 🧂 unranked krab; proof is 🌊 off-meta tidepool and patch quality is 🧂 unranked krab.
• add status: ⏳ waiting on author: ClawSweeper has contributor-facing work open and is waiting for author action. Not applicable: This is a Repo Assist bot PR, so the external-contributor real behavior proof gate is not applied.

Label justifications:

• P2: This is a normal-priority onboarding/chat bug fix PR with a blocking regression risk, not an emergency runtime outage.
• merge-risk: 🚨 compatibility: The PR changes upgrade and setup classification semantics by treating normal saved gateway credentials as non-first-run evidence.
• merge-risk: 🚨 message-delivery: The PR can suppress the first-run bootstrap chat message and mark the one-shot gate consumed without delivery.
• rating: 🧂 unranked krab: Overall readiness is 🧂 unranked krab; proof is 🌊 off-meta tidepool and patch quality is 🧂 unranked krab.
• status: ⏳ waiting on author: ClawSweeper has contributor-facing work open and is waiting for author action. Not applicable: This is a Repo Assist bot PR, so the external-contributor real behavior proof gate is not applied.

Evidence reviewed

What I checked:

• PR diff: The patch adds an optional GatewayRegistry parameter and returns true after MarkBootstrapped when SetupExistingGatewayClassifier.HasAnyExistingGatewayConnection returns true. (src/OpenClaw.Tray.WinUI/Services/OnboardingChatBootstrapper.cs:53, 2df3564ad477)
• Live call site: Current main sends the bootstrap prompt from ChatPage after operator handshake and chat surface readiness; the PR changes this live path to pass app.Registry. (src/OpenClaw.Tray.WinUI/Pages/ChatPage.xaml.cs:499, 0e61fa287afb)
• Current bootstrap gate: Current main gates the first-run bootstrap only on HasInjectedFirstRunBootstrap and connected client state before sending the hatching message. (src/OpenClaw.Tray.WinUI/Services/OnboardingChatBootstrapper.cs:43, 0e61fa287afb)
• Classifier behavior: HasAnyExistingGatewayConnection delegates to HasUsableGatewayRecord, which treats SharedGatewayToken, BootstrapToken, or stored device tokens as existing gateway evidence. (src/OpenClaw.Tray.WinUI/Services/SetupExistingGatewayClassifier.cs:49, 0e61fa287afb)
• Fresh setup flow: The documented setup-code flow creates or updates a GatewayRecord with a bootstrap token before connecting, then persists a device token after pairing, so registry credentials are also normal fresh-setup artifacts. (docs/CONNECTION_ARCHITECTURE.md:160, 0e61fa287afb)
• Feature provenance: The post-wizard chat handoff intentionally sends the first-run hatching prompt through gateway chat.send after readiness checks. (src/OpenClaw.Tray.WinUI/Pages/ChatPage.xaml.cs:499, fd8ff7dad9d4)

Likely related people:

• Mike Harsh: Introduced/restored the post-wizard chat handoff and first-run hatching prompt behavior that this PR changes. (role: introduced behavior; confidence: high; commits: fd8ff7dad9d4, 7f49beb0f571; files: src/OpenClaw.Tray.WinUI/Pages/ChatPage.xaml.cs, tests/OpenClaw.Tray.Tests/OnboardingChatBootstrapperTests.cs)
• Ranjesh Jaganathan: Authored recent registry, credential, and fresh-install chat/session work that defines how gateway records and pairing tokens behave around setup. (role: adjacent connection owner; confidence: high; commits: e3c6504aaf27, 7747e6075052; files: src/OpenClaw.Connection/GatewayRegistry.cs, src/OpenClaw.Tray.WinUI/Services/SetupExistingGatewayClassifier.cs, src/OpenClaw.Tray.WinUI/Pages/ChatPage.xaml.cs)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.