OpenClaw issue flags an internal-planning text leak in channel output
OpenClaw issue #80578 reports a high-priority privacy/safety regression: a user-visible iMessage reply began with an internal planning paragraph before the intended final message. The issue argues this should be treated as a shared output-boundary problem, because the same class of leak could reach any channel adapter if final delivery accepts hidden planning, draft rationale, or self-instructions as normal text.
ImpactRisk Sources2 Audienceoperator · developer · team
This is the trust boundary users rarely see but deeply depend on. Long-running agents may hold private scheduling, relationship, strategy, or operational context in their internal notes. If that text can be delivered to a human, the issue is not cosmetic — it is a privacy and safety failure in the last mile.
- Issue #80578 includes a concrete leaked prefix and says the incident was first observed on iMessage
- The issue describes the bug as channel-agnostic because the shared runtime/message-rendering path may be involved
- Suggested fixes include a hard final-delivery sanitizer, regression tests for shared delivery, and audits across adapters
- The issue was freshly opened and may not yet have a merged fix
- The known evidence is one reported screenshot-backed incident, so operators should verify their own surfaces
- Naive phrase blocking could remove legitimate prose; the safer fix is a delivery-boundary contract and tests