#22327: fix(doctor): use gateway health status for memory search key check

Fixes #18062 ## Problem `openclaw doctor` falsely warned about a missing Gemini API key even when memory search was fully functional. The key is loaded into the **gateway process** env via sops at startup, but `noteMemorySearchHealth` ran a static check against the **CLI process** env — which never has those secrets. Additionally, the suggested fix (`openclaw auth add --provider gemini`) referenced a command that does not exist. ## Changes **`src/commands/doctor-memory-search.ts`** - Added `opts?: { gatewayHealthOk?: boolean }` parameter - When `gatewayHealthOk: true` and static key check fails, shows a softer informational note instead of an error: "The key may be loaded by the running gateway (e.g. via secrets.env). Verify: `openclaw memory status --deep`" - Replaced all instances of `openclaw auth add --provider <X>` with `openclaw configure` (the correct command) **`src/commands/doctor.ts`** - Moved `noteMemorySearchHealth` call to run **after** `checkGatewayHealth` so gateway status is known - Passes `{ gatewayHealthOk: healthOk }` to the health check **`src/commands/doctor-memory-search.test.ts`** - Updated existing call signatures to match new optional parameter - Added test: gateway healthy + no CLI key → soft note with "may be loaded by the running gateway" - Added test: gateway down + no CLI key → full warning with `openclaw configure` (not `auth add`) <!-- greptile_comment --> <h3>Greptile Summary</h3> Fixed false positive warning in `openclaw doctor` for missing memory search API keys. The key check now respects gateway health status - when the gateway is running, it shows an informational note instead of an error, since keys may be loaded by the gateway via `secrets.env`. Also corrected invalid command reference from `openclaw auth add` to `openclaw configure`. <h3>Confidence Score: 5/5</h3> - This PR is safe to merge with minimal risk - The changes are well-structured, focused, and properly tested. The logic correctly distinguishes between gateway-healthy and gateway-down scenarios. All three modified files maintain consistency, and the test coverage validates both the new soft-warning path and the existing error path. The fix addresses a real UX issue where users saw false warnings. - No files require special attention _{Last reviewed commit: cbd97fb} <!-- greptile_other_comments_section --> _{(2/5) Greptile learns from your feedback when you react with thumbs up/down!} <!-- /greptile_comment -->