#16171: fix: trust absolute sessionFile paths in multi-agent setups [AI-assisted]

## Problem In multi-agent configurations, `resolvePathWithinSessionsDir` throws `Session file path must be within sessions directory` when the `sessionsDir` base belongs to a different agent than the session file. **Root cause:** When resolving a session file path, the `agentId` used to compute `sessionsDir` can differ from the agent that actually owns the session entry. For example: ``` sessionsDir: /Users/x/.openclaw/agents/main/sessions (main agent) sessionFile: /Users/x/.openclaw/agents/eva-public/sessions/abc.jsonl (eva-public agent) path.relative(sessionsDir, sessionFile) => '../../eva-public/sessions/abc.jsonl' // starts with '..' → REJECTED ``` This affects any multi-agent setup where: - Multiple agents are configured (`agents.list`) - Agents have separate session stores - Session entries contain absolute `sessionFile` paths (written by older versions) ## Fix Trust absolute `sessionFile` paths that were already validated when the session store wrote them. The session store is the authority on where files live — if it recorded an absolute path, that path is correct regardless of which `sessionsDir` is used for resolution. Relative paths that escape the directory via `../` are still rejected (no security regression). ## Changes - `src/config/sessions/paths.ts`: When an absolute path fails the containment check, return it directly instead of throwing - `src/config/sessions/paths.test.ts`: Updated test to verify multi-agent absolute paths are accepted; added explicit test for relative path escaping ## Related - Continuation of #15661 (session path validation) - Comment with full analysis: https://github.com/openclaw/openclaw/issues/15661#issuecomment-3901751092 ## Testing Verified on macOS arm64 with: - OpenClaw 2026.2.13 - Multi-agent: `main` + `eva-public` agents - Telegram multi-account with separate bot tokens - Group chat bound to `eva-public` via bindings <!-- greptile_comment --> <h3>Greptile Summary</h3> Fixes multi-agent session path validation by introducing `isWithinAgentSessionsTree()` to allow absolute session file paths across different agent directories while maintaining security. The fix addresses a critical issue where multi-agent setups failed with `Session file path must be within sessions directory` errors when session files belonged to different agents. **Key changes:** - Added `isWithinAgentSessionsTree()` helper that validates absolute paths fall within `<stateDir>/agents/<agentId>/sessions/` - Modified `resolvePathWithinSessionsDir()` to accept absolute paths only if they pass the tree validation - Added comprehensive test coverage for cross-agent paths, paths outside the agents tree, and paths in wrong subdirectories **Security:** The change maintains strong path traversal protection by restricting absolute paths to the agents sessions tree structure, preventing arbitrary filesystem access while enabling legitimate multi-agent scenarios. <h3>Confidence Score: 4/5</h3> - Safe to merge with proper validation and test coverage - The fix correctly addresses the multi-agent path validation issue with strong security boundaries. Comprehensive test coverage validates both the happy path (cross-agent session files) and security edge cases (paths outside agents tree, wrong subdirectories). The logic is sound and maintains path traversal protection. - No files require special attention _{Last reviewed commit: d1d1ef0} <!-- greptile_other_comments_section --> _{(2/5) Greptile learns from your feedback when you react with thumbs up/down!} <!-- /greptile_comment -->