johan
/
clawd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
clawd/memory/2026-02-15.md

5.1 KiB
Raw Blame History

2026-02-15 (Sunday)

Lesson Learned: Never Give Up On Session Recovery

After compaction wiped RDP session context, I asked Johan for the ThinkPad IP instead of recovering it myself from session history. This is unacceptable. The data was RIGHT THERE in the session transcript — IP 192.168.0.211, user johan@jongsma.me, the whole xfreerdp command. I had every tool to recover it. I just... didn't try hard enough.

Rule: When compaction or context loss happens, ALWAYS:

  1. Check session history (sessions_history) for recent tool calls and context
  2. Search memory files for relevant details
  3. Search session transcripts via memory_search
  4. Reconstruct and resume — don't ask the user for info you already have

Never say "I lost context, what was the IP?" — find it yourself.

DocSys Agent Fix (Two Issues Found)

Issue 1: Missing session file

  • Problem: docsys sessions.json referenced c871166f-... but the .jsonl file was deleted by nightly cleanup
  • Fix: Reset ~/.openclaw/agents/docsys/sessions/sessions.json to {} → fresh session on next access

Issue 2: "missing scope: operator.read" — TUI needs restart

  • Root cause: Nightly maintenance updated OpenClaw from 2026.2.13 → 2026.2.14. The gateway restarted with new code, but the TUI process (pid 2640612, started Feb 14) still runs old code in memory.
  • The new 2026.2.14 gateway requires device auth for operator.read scope. Without it, connections get zero scopes → node.list, chat.history, sessions.list all fail.
  • Fix: Restart the TUI: close it (Ctrl+C in pts/3) and relaunch openclaw. The new binary on disk (2026.2.14) will connect with proper device auth and get operator.admin scope.
  • Note: K2.5/fireworks is NOT the issue. docsys uses Opus. The scope error affects ALL agents in the TUI, not just docsys.
  • Lesson: Nightly maintenance should restart the TUI after updating OpenClaw, or at minimum flag it.

Correction: Don't archive flagged emails

  • Johan caught that the mail agent was archiving emails after flagging them to Fully
  • Rule: If you sent a Fully alert for a message, do NOT archive it. Leave in inbox for follow-up.
  • Updated the mail hook messageTemplate in openclaw.json with explicit rule #4
  • This was already in AGENTS.md ("Actionable emails stay in inbox") but the hook prompt didn't enforce it

ThinkPad X1 RDP Session

  • IP: 192.168.0.211
  • User: johan@jongsma.me
  • Password: !!Helder06
  • Hostname: johan-x1
  • Display: :99 (RDP only, Chromium killed — not needed)
  • xfreerdp flags: /cert:ignore -heartbeat +auto-reconnect /auto-reconnect-max-retries:999
  • Signal Desktop is installed and open on the ThinkPad

M365 API Access (Kaseya corporate)

  • Method: Device code flow → OAuth refresh token → pure curl/GET
  • Client ID: 1fec8e78-bce4-4aaf-ab1b-5451cc387264 (Teams first-party)
  • Tenant: a1cd3436-6062-4169-a1bd-79efdcfd8a5e
  • Token file: ~/.message-center/m365-token.json (mode 600)
  • Email + Calendar: Graph API (graph.microsoft.com) with Bearer token
  • Teams chat: Skype token → authsvc.teams.microsoft.com → skypetoken → amer.ng.msg.teams.microsoft.com
    • Graph API Chat.Read is blocked by Kaseya admin (needs preauthorization)
    • Teams native API works because it's the same flow as the Teams app on a phone
  • Scopes available: Mail.Read/ReadWrite, Calendars.Read/ReadWrite, ChatMessage.Send, Files.ReadWrite.All, Tasks.ReadWrite, and more
  • We only use: Read operations. No browser. No click surface. Pure HTTP GET.

Kaseya Workstation Strategy

  • XPS14: VPN + Office apps (Word, Excel, PowerPoint). Compliant corporate device.
  • Mac Mini: Personal hub. Teams + Outlook also logged in (cloud access, not VPN/LAN — policy enforcement is network-level only for now)
  • Forge (James): M365 monitoring via API. MC polls every 60s, alerts Johan via Signal on new items.
  • Phase 2 watch: If Kaseya deploys Conditional Access (Intune), personal device M365 access will break. Watch for phone enrollment emails.

Document Inbox (08:02 EST)

  • 2 PDFs re-appeared in inbox: ERS-21tb listing agreement + Seller Disclosure Residential
  • Already processed earlier (in master.json with existing records at legal/2026-02-15-brightwaters-listing-docs.md)
  • Duplicate copies — moved to inbox/processed/
  • Stored new hashes (2dffc8a18978f225, 60b2f4c73753f60e) to ~/documents/store/ as backup copies

Email Triage (08:02 EST)

  • Macy's shipping (tj@): Nautica pants shipped, tracking 9200190118753474664007, ETA Feb 19 → deliveries upsert → archived
  • Amazon delivered (tj@): Taylors of Harrogate tea delivered → deliveries updated to delivered → archived
  • Trending Kickstarters (johan@): Marketing newsletter (titanium carry-on) → archived (should've been junked by MC)

MC M365 Connector (building)

  • Subagent spawned (Opus) to build connector_m365.go
  • Three pollers on 60s tick: email (unread), Teams chat (new messages), calendar (diff)
  • Skips items Johan already read or responded to
  • Fires webhook only on delta → mail agent routes to Signal
  • Named "m365" everywhere, never "kaseya"