* feat: add support for extra headers in Tavily API requests
* test(tavily-client): add unit tests for X-Client-Source header in API calls
* fix(tavily): add client source attribution (#55335) (thanks @lakshyaag-tavily)
---------
Co-authored-by: Nimrod Gutman <nimrod.gutman@gmail.com>
* fix(agents): enforce visibility guard after sessionId resolution in session_status
When a sessionId (rather than an explicit agent key) is passed to the
session_status tool, the sessionId resolution block rewrites
requestedKeyRaw to an explicit "agent:..." key. The subsequent
visibility guard check at line 375 tested
`!requestedKeyRaw.startsWith("agent:")`, which was now always false
after resolution — skipping the visibility check entirely.
This meant a sandboxed agent could bypass visibility restrictions by
providing a sessionId instead of an explicit session key.
Fix: use the original `isExplicitAgentKey` flag (captured before
resolution) instead of re-checking the dynamic requestedKeyRaw.
This ensures the visibility guard runs for sessionId inputs while
still skipping the redundant check for inputs that were already
validated at the earlier explicit-key check (lines 281-286).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* test: cover session status sessionId guard
* test: align parent sessionId guard coverage
---------
Co-authored-by: Kevin Sheng <shenghuikevin@github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* feat: add video generation core infrastructure and extend image generation parameters
Add full video generation capability to OpenClaw core:
- New `video_generate` agent tool with support for prompt, duration, aspect ratio,
resolution, seed, watermark, I2V (first/last frame), camerafixed, and draft mode
- New `VideoGenerationProvider` plugin SDK type and `registerVideoGenerationProvider` API
- New `src/video-generation/` module (types, runtime with fallback, provider registry)
- New `openclaw/plugin-sdk/video-generation` export for external plugins
- 200MB max file size for generated videos (vs default 5MB for images)
Extend image generation with additional parameters:
- `seed`, `watermark`, `guidanceScale`, `optimizePrompt`, `providerOptions`
- New `readBooleanParam()` helper in tool common utilities
Update plugin registry, contracts, and all test mocks to include
`videoGenerationProviders` and `videoGenerationProviderIds`.
Made-with: Cursor
* fix: validate aspect ratio against target provider when model override is set
* cleanup: remove redundant ?? undefined from video/image generate tools
* chore: regenerate plugin SDK API baseline after video generation additions
---------
Co-authored-by: yongliang.xie <yongliang.xie@bytedance.com>
Peter Steinberger
Mariano
助爪
Vincent Koc
huntharo
Lakshya Agarwal
Tak Hoffman
Jacob Tomlinson
scoootscooob
kevinlin-openai
George Zhang
Ted Li
xieyongliang