#18743: Cron Tool Hardening: Normalize Gateway Params and Enforce Valid Schema Mapping

## Summary This PR hardens the `cron` tool path so model-generated tool calls consistently map to gateway-valid `cron.*` params, and preserves caller session context for reminder scheduling. ## What Changed - Replaced the previous permissive `job/patch` tool schema with provider-safe structured schemas for schedule/payload/delivery fields in `cron` tool. - Added robust sanitization/normalization before `cron.add` and `cron.update` calls: - strips mixed-kind schedule/payload fields - trims/normalizes enums and scalar values - drops invalid/irrelevant fields for target kind - enforces main-session delivery constraints (`webhook` only) - Kept flat-param recovery for non-frontier models and explicitly covered these paths in tests. - Added/expanded e2e and unit coverage validating emitted gateway params against protocol validators. - Added hard validation for schedule/delete semantics: `deleteAfterRun=true` is accepted only for one-shot `schedule.kind="at"` jobs; recurring schedules now fail fast with a clear correction message (prevents accidental minute-loop reminders from malformed tool output). - Expanded cron tool instructions with explicit usage rules for one-shot vs recurring scheduling and strict field hygiene (no placeholder empty fields / no mixed schedule-kind fields). - Fixed reminder routing for non-main sessions by rewriting applicable `systemEvent` reminder creates to session-scoped `isolated` + `agentTurn` delivery when appropriate. ## Linked Issues / Related Reports This PR directly addresses cron tool-call/schema/session-routing failures reported in: - https://github.com/openclaw/openclaw/issues/3569 - https://github.com/openclaw/openclaw/issues/9283 - https://github.com/openclaw/openclaw/issues/11310 - https://github.com/openclaw/openclaw/issues/12301 Additional similar reports covered by the same normalization/schema hardening: - https://github.com/openclaw/openclaw/issues/1940 - https://github.com/openclaw/openclaw/issues/3262 - https://github.com/openclaw/openclaw/issues/7037 - https://github.com/openclaw/openclaw/issues/7182 - https://github.com/openclaw/openclaw/issues/8989 - https://github.com/openclaw/openclaw/issues/11573 - https://github.com/openclaw/openclaw/issues/252 ## Important Context on #10776 - Prior PR https://github.com/openclaw/openclaw/pull/10776 (`fix: cron scheduler reliability, store hardening, and UX improvements`) did **not** resolve the cron tool parameter/schema failures listed above. - These failures remained reproducible after #10776, so marking those issue threads as fully fixed by #10776 was premature. - This PR provides the missing cron tool/schema/normalization fixes for those reports. ## Validation - `pnpm exec vitest --config vitest.e2e.config.ts src/agents/tools/cron-tool.e2e.test.ts` - `pnpm exec vitest src/agents/tools/cron-tool.flat-params.test.ts` - `pnpm exec vitest src/cron/service.jobs.test.ts` ## Notes - This PR is intentionally scoped to cron schema/normalization/service hardening. <!-- greptile_comment --> <h3>Greptile Summary</h3> This PR hardens the cron tool by adding structured input schemas, robust sanitization functions, and improved session routing for reminders. The changes replace the previous permissive schema approach with explicit structured schemas for schedule, payload, and delivery fields, then sanitize/normalize these inputs before sending to the gateway. Key improvements: - Structured TypeBox schemas (`CronScheduleInputSchema`, `CronPayloadInputSchema`, `CronDeliveryInputSchema`) replace the previous `additionalProperties: true` approach - Comprehensive sanitization functions strip mixed-kind fields, normalize enums, and enforce kind-specific constraints before gateway calls - Non-main session reminders are automatically rewritten from `systemEvent` to `agentTurn` with session-scoped delivery - Flat-param recovery logic preserved for non-frontier models (addresses issues with Grok and similar models) - Extensive e2e test coverage validates gateway protocol compliance using actual protocol validators The implementation is thorough and well-tested, with proper handling of edge cases like mixed schedule types, cross-field normalization, and session routing logic. <h3>Confidence Score: 4/5</h3> - Safe to merge with minor verification recommended for complex normalization edge cases - The PR demonstrates strong engineering with comprehensive test coverage, proper input validation, and backward compatibility preservation. The sanitization logic is complex but well-structured. Score reflects high confidence with one area warranting attention: the multi-layered normalization (normalizeCronJobCreate → sanitizeCronAddJobForGateway) could potentially have edge cases where the two layers interact unexpectedly, though extensive tests suggest this is unlikely. - No files require special attention - all changes have corresponding test coverage _{Last reviewed commit: 8089cc6} <!-- greptile_other_comments_section --> _{(3/5) Reply to the agent's comments like "Can you suggest a fix for this @greptileai?" or ask follow-up questions!} <!-- /greptile_comment -->