Use this file to discover all available pages before exploring further.
Agent loop
An agentic loop is the full “real” run of an agent: intake → context assembly → model inference →
tool execution → streaming replies → persistence. It’s the authoritative path that turns a message
into actions and a final reply, while keeping session state consistent.
In OpenClaw, a loop is a single, serialized run per session that emits lifecycle and stream events
as the model thinks, calls tools, and streams output. This doc explains how that authentic loop is
wired end-to-end.
Entry points
- Gateway RPC: and .
- CLI: command.
How it works (high-level)
- RPC validates params, resolves session (sessionKey/sessionId), persists session metadata, returns immediately.
- runs the agent:
- resolves model + thinking/verbose/trace defaults
- loads skills snapshot
- calls (pi-agent-core runtime)
- emits lifecycle end/error if the embedded loop does not emit one
- :
- serializes runs via per-session + global queues
- resolves model + auth profile and builds the pi session
- subscribes to pi events and streams assistant/tool deltas
- enforces timeout -> aborts run if exceeded
- for Codex app-server turns, aborts an accepted turn that stops producing app-server progress before a terminal event
- returns payloads + usage metadata
subscribeEmbeddedPiSession
- tool events =>
- assistant deltas =>
- lifecycle events => (
phase: "start" | "end" | "error"
- uses :
- waits for lifecycle end/error for
- returns
{ status: ok|error|timeout, startedAt, endedAt, error? }
Queueing + concurrency
- Runs are serialized per session key (session lane) and optionally through a global lane.
- This prevents tool/session races and keeps session history consistent.
- Messaging channels can choose queue modes (collect/steer/followup) that feed this lane system.
See Command Queue.
- Transcript writes are also protected by a session write lock on the session file. The lock is
process-aware and file-based, so it catches writers that bypass the in-process queue or come from
another process.
- Session write locks are non-reentrant by default. If a helper intentionally nests acquisition of
the same lock while preserving one logical writer, it must opt in explicitly with
.
Session + workspace preparation
- Workspace is resolved and created; sandboxed runs may redirect to a sandbox workspace root.
- Skills are loaded (or reused from a snapshot) and injected into env and prompt.
- Bootstrap/context files are resolved and injected into the system prompt report.
- A session write lock is acquired; is opened and prepared before streaming. Any
later transcript rewrite, compaction, or truncation path must take the same lock before opening or
mutating the transcript file.
Prompt assembly + system prompt
- System prompt is built from OpenClaw’s base prompt, skills prompt, bootstrap context, and per-run overrides.
- Model-specific limits and compaction reserve tokens are enforced.
- See System prompt for what the model sees.
Hook points (where you can intercept)
OpenClaw has two hook systems:
- Internal hooks (Gateway hooks): event-driven scripts for commands and lifecycle events.
- Plugin hooks: extension points inside the agent/tool lifecycle and gateway pipeline.
Internal hooks (Gateway hooks)
- : runs while building bootstrap files before the system prompt is finalized.
Use this to add/remove bootstrap context files.
- Command hooks: , , , and other command events (see Hooks doc).
See Hooks for setup and examples.
Plugin hooks (agent + gateway lifecycle)
These run inside the agent loop or gateway pipeline:
- : runs pre-session (no ) to deterministically override provider/model before model resolution.
- : runs after session load (with ) to inject , , , or before prompt submission. Use for per-turn dynamic text and system-context fields for stable guidance that should sit in system prompt space.
- : legacy compatibility hook that may run in either phase; prefer the explicit hooks above.
- : runs after inline actions and before the LLM call, letting a plugin claim the turn and return a synthetic reply or silence the turn entirely.
- : inspect the final message list and run metadata after completion.
- / : observe or annotate compaction cycles.
- / : intercept tool params/results.
- : inspect built-in scan findings and optionally block skill or plugin installs.
- : synchronously transform tool results before they are written to an OpenClaw-owned session transcript.
- / / : inbound + outbound message hooks.
- / : session lifecycle boundaries.
- / : gateway lifecycle events.
Hook decision rules for outbound/tool guards:
- : is terminal and stops lower-priority handlers.
- : is a no-op and does not clear a prior block.
- : is terminal and stops lower-priority handlers.
- : is a no-op and does not clear a prior block.
- : is terminal and stops lower-priority handlers.
- : is a no-op and does not clear a prior cancel.
See Plugin hooks for the hook API and registration details.
Harnesses may adapt these hooks differently. The Codex app-server harness keeps
OpenClaw plugin hooks as the compatibility contract for documented mirrored
surfaces, while Codex native hooks remain a separate lower-level Codex mechanism.
Streaming + partial replies
- Assistant deltas are streamed from pi-agent-core and emitted as events.
- Block streaming can emit partial replies either on or .
- Reasoning streaming can be emitted as a separate stream or as block replies.
- See Streaming for chunking and block reply behavior.
Tool execution + messaging tools
- Tool start/update/end events are emitted on the stream.
- Tool results are sanitized for size and image payloads before logging/emitting.
- Messaging tool sends are tracked to suppress duplicate assistant confirmations.
Reply shaping + suppression
- Final payloads are assembled from:
- assistant text (and optional reasoning)
- inline tool summaries (when verbose + allowed)
- assistant error text when the model errors
- The exact silent token / is filtered from outgoing
payloads.
- Messaging tool duplicates are removed from the final payload list.
- If no renderable payloads remain and a tool errored, a fallback tool error reply is emitted
(unless a messaging tool already sent a user-visible reply).
Compaction + retries
- Auto-compaction emits stream events and can trigger a retry.
- On retry, in-memory buffers and tool summaries are reset to avoid duplicate output.
- See Compaction for the compaction pipeline.
Event streams (today)
- : emitted by
subscribeEmbeddedPiSession
- : streamed deltas from pi-agent-core
- : streamed tool events from pi-agent-core
Chat channel handling
- Assistant deltas are buffered into chat messages.
- A chat is emitted on lifecycle end/error.
Timeouts
- default: 30s (just the wait). param overrides.
- Agent runtime:
agents.defaults.timeoutSeconds
- Cron runtime: isolated agent-turn is owned by cron. The scheduler starts that timer when execution begins, aborts the underlying run at the configured deadline, then runs bounded cleanup before recording the timeout so a stale child session cannot keep the lane stuck.
- Stuck-session recovery: with diagnostics enabled,
diagnostics.stuckSessionWarnMs
- Model idle timeout: OpenClaw aborts a model request when no response chunks arrive before the idle window.
models.providers.<id>.timeoutSeconds
agents.defaults.timeoutSeconds
- Provider HTTP request timeout:
models.providers.<id>.timeoutSeconds
Where things can end early
- Agent timeout (abort)
- AbortSignal (cancel)
- Gateway disconnect or RPC timeout
- timeout (wait-only, does not stop agent)
Related
- Tools — available agent tools
- Hooks — event-driven scripts triggered by agent lifecycle events
- Compaction — how long conversations are summarized
- Exec Approvals — approval gates for shell commands
- Thinking — thinking/reasoning level configuration