Summary

• Problem: HEARTBEAT_OK replies with a configured responsePrefix were not stripped before delivery, leaking to Telegram DM even when showOk=false.
• Why it matters: Heartbeat acks should be silently suppressed so users don’t receive empty/no-op heartbeats.
• What changed: Heartbeat normalization now removes responsePrefix before HEARTBEAT_OK detection and a regression test ensures Telegram suppression; HeartbeatDeps exported for test helpers (see normalizeHeartbeatReply and heartbeat-runner.respects-ackmaxchars-heartbeat-acks.test.ts).
• What did NOT change (scope boundary): No channel/plugin behavior outside heartbeat acks; no config or version changes; no dependency updates.

Change Type (select all)

• Bug fix
• Feature
• Refactor
• Docs
• Security hardening
• Chore/infra

Scope (select all touched areas)

• Gateway / orchestration
• Skills / tool execution
• Auth / tokens
• Memory / storage
• Integrations
• API / contracts
• UI / DX
• CI/CD / infra

Linked Issue/PR

• Closes HEARTBEAT_OK response leaks to Telegram DM instead of being discarded #12767
• Related fix(heartbeat): suppress HEARTBEAT_OK token delivery #12837, Fix #12767: suppress HEARTBEAT_OK leakage in Telegram DM replies #16321

User-visible / Behavior Changes

• HEARTBEAT_OK with responsePrefix is now suppressed on Telegram when showOk=false. No config changes required.

Security Impact (required)

• New permissions/capabilities? No
• Secrets/tokens handling changed? No
• New/changed network calls? No
• Command/tool execution surface changed? No
• Data access scope changed? No
• If any Yes, explain risk + mitigation: N/A

Repro + Verification

Environment

• OS: Any
• Runtime/container: Node 22+ (per project baseline)
• Model/provider: N/A
• Integration/channel: Telegram DM (streamMode off)
• Relevant config: showOk=false (default)

Steps

1. Configure Telegram as heartbeat target with showOk=false and a responsePrefix (e.g., [openclaw]).
2. Trigger a heartbeat when the model replies [openclaw] HEARTBEAT_OK.
3. Observe delivery behavior.

Expected

• No message is delivered to the Telegram DM.

Actual (pre-fix)

• [openclaw] HEARTBEAT_OK was delivered to the user.

Evidence

• Failing test/log before + passing after
• Trace/log snippets
• Screenshot/recording
• Perf numbers (if relevant)
  (Note: Tests not run here; pnpm unavailable in this environment.)

Human Verification (required)

What you personally verified (not just CI), and how:

• Verified scenarios: Code path ensures prefix stripping before heartbeat token detection; regression test added to cover Telegram showOk=false.
• Edge cases checked: Prefixed HEARTBEAT_OK; default showOk=false path.
• What you did not verify: Runtime send on real Telegram; full test suite (pnpm missing locally).

Compatibility / Migration

• Backward compatible? Yes
• Config/env changes? No
• Migration needed? No
• If yes, exact upgrade steps: N/A

Failure Recovery (if this breaks)

• How to disable/revert this change quickly: Revert the edits in src/infra/heartbeat-runner.ts and src/infra/heartbeat-runner.respects-ackmaxchars-heartbeat-acks.test.ts.
• Files/config to restore: Those two files.
• Known bad symptoms reviewers should watch for: HEARTBEAT_OK still appearing in user DMs when showOk=false or heartbeats failing to send when showOk=true.

Risks and Mitigations

• Risk: Regex-based prefix stripping could remove unexpected leading text if responsePrefix overlaps real content.
  • Mitigation: Strip only a single configured prefix at the start and keep ackMaxChars guard; regression test added for Telegram showOk=false.
• Risk: Tests not executed in this environment.
  • Mitigation: Run pnpm test src/infra/heartbeat-runner.respects-ackmaxchars-heartbeat-acks.test.ts once pnpm is available.

Greptile Summary

Strips responsePrefix from heartbeat replies before detecting HEARTBEAT_OK token, preventing prefixed acknowledgments from leaking to Telegram DMs when showOk=false.

• Modifies normalizeHeartbeatReply in src/infra/heartbeat-runner.ts:354 to remove responsePrefix using case-insensitive regex before passing text to stripHeartbeatToken
• Adds regression test verifying Telegram suppression with prefixed HEARTBEAT_OK reply
• Exports HeartbeatDeps type for test harness use
• Preserves existing behavior: re-applies prefix to non-suppressed messages on line 378-380

Confidence Score: 4/5

• This PR is safe to merge with low risk
• The fix is narrowly scoped to heartbeat normalization logic, adds proper regression test coverage, and follows existing patterns. The regex-based prefix stripping is properly escaped and handles edge cases (trim, case-insensitive). The change preserves backward compatibility by only affecting the token detection path, not the final output formatting. Score is 4 (not 5) because tests weren't run in the author's environment.
• No files require special attention

_{Last reviewed commit: 38089f0}

_{(3/5) Reply to the agent's comments like "Can you suggest a fix for this @greptileai?" or ask follow-up questions!}