feat(runtime,bridge): v0.3 phase-2 — TCB guards, cold plasticity, replay#83
Conversation
…, replay Extend in-proc ReflexMonitor to spawn/message/queue hooks, export all action kinds, add cold lift/archive on heartbeat, and deterministic r_t JSONL replay tests so users can enable one config flag and get full hot-path + plasticity loop. Co-authored-by: Cursor <cursoragent@cursor.com>
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
OpenCOAT/integrations/openclaw-opencoat-bridge/src/index.ts
Lines 485 to 486 in 809327d
Fail closed on non-tool in-proc guard exceptions
The catch path still fails closed only for tool_guard; for message_out, subagent_spawn, and queue_guard it falls through to undefined (allow). That is now a safety gap because the new in-proc branches can throw (for example during payload serialization), and any such error bypasses blocking instead of enforcing the documented fail-closed behavior for these hooks.
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
…food test Apply ruff format on phase-2 Python files so CI passes. Extend in-proc ReflexMonitor error handling to fail-closed for message, spawn, and queue hooks (not only tool_guard). Improve live queue block script to wait for an active run and recognize in-proc deny log lines. Co-authored-by: Cursor <cursoragent@cursor.com>
1 participant
Summary
Merged #83–#86 scope into one PR for faster user-facing delivery:
reflex.policies.exportnow supportstool_call,spawn,message_out,queue_enqueue, andall. Bridge runs ReflexMonitor onbefore_tool_call,subagent_spawning,message_sending, andqueue_before_enqueuewheninProcReflexToolGuard/inProcReflexGuardsis enabled (fail-closed).oc.dogfood.queue-block(QUEUE_DOGFOOD_BLOCK); built-in demo fallback when daemon export is empty.PlasticityEngine.cold_steplifts high-score reinforced concerns toreflex=Trueand archives very weak concerns; wired viaColdPlasticityWorkeron heartbeat.rt_replay.replay_rt_jsonl+ tests prove identical scores on repeated replay.Test plan
uv run pytest— reflex export, plasticity cold, r_t replay, plasticity enginenpm testinintegrations/openclaw-opencoat-bridge(35 tests)pipx install --force packages/opencoat-runtime && opencoat runtime upinProcReflexToolGuardin openclaw.jsonQUEUE_DOGFOOD_BLOCK→ enqueue blocked in gateway logcredit.r_t.consume+ heartbeat → concern score /reflexflag updatesMade with Cursor