#16135: fix: handle session file paths from other agents in doctor command

## Summary In multi-agent setups, the `openclaw doctor` command failed with the error "Session file path must be within sessions directory" when session entries contained absolute paths pointing to another agent's sessions directory. This fix modifies `resolvePathWithinSessionsDir()` to allow absolute paths that match the `agents/*/sessions/` pattern, enabling the doctor command to validate session files across different agents while still rejecting paths outside this structure for security. ## Changes - Modified `resolvePathWithinSessionsDir()` in `src/config/sessions/paths.ts` to detect and allow absolute paths from other agents' sessions directories - Updated test to reflect new behavior: paths from other agents are now accepted - Added new test to verify paths outside the agents structure are still rejected ## Testing - All 63 existing tests in `src/config/sessions/` pass - Added 2 new test cases: - "accepts absolute sessionFile paths from other agent's sessions dir" - verifies multi-agent paths work - "rejects absolute sessionFile paths outside agents structure" - verifies security is maintained Fixes openclaw/openclaw#16122 <!-- greptile_comment --> <h3>Greptile Summary</h3> This PR fixes a crash in `openclaw doctor` when multi-agent session entries reference absolute paths from another agent's sessions directory, and adds agent workspace cleanup documentation to `AGENTS.md`. - The core fix in `resolvePathWithinSessionsDir()` adds a fallback that accepts absolute paths matching the `*/agents/<agentId>/sessions/<filename>` pattern. While `path.resolve()` prevents `../` traversal attacks, the pattern check is too loose — it validates only the structural pattern without verifying the path shares the same root as `sessionsDir`. A path like `/var/evil/agents/x/sessions/data.jsonl` would be accepted when `sessionsDir` is `~/.openclaw/agents/main/sessions`. Tightening the check to verify a shared path prefix up to the `agents` segment would close this gap. - Test coverage is improved but should include a case for paths that structurally match but are rooted in a different directory tree. - `AGENTS.md` / `CLAUDE.md` changes are unrelated documentation additions (workspace cleanup instructions). <h3>Confidence Score: 2/5</h3> - The path validation is too permissive — it accepts any absolute path containing the `agents/*/sessions/` structure regardless of directory root. - The fix solves the immediate crash but introduces an overly broad allowlist for cross-agent paths. While `path.resolve()` prevents `../` traversal, the pattern check accepts paths from any directory tree with the right naming structure, not just the openclaw state directory. The practical risk is mitigated by `sessions.json` file permissions (0o600) and the fact that an attacker would need write access to inject malicious paths, but the validation should be tightened to verify a shared root with the configured sessions directory. - `src/config/sessions/paths.ts` — the cross-agent path validation should verify a shared directory root, not just structural pattern matching _{Last reviewed commit: a247aed} <!-- greptile_other_comments_section --> **Context used:** - Context from `dashboard` - CLAUDE.md ([source](https://app.greptile.com/review/custom-context?memory=fd949e91-5c3a-4ab5-90a1-cbe184fd6ce8)) - Context from `dashboard` - AGENTS.md ([source](https://app.greptile.com/review/custom-context?memory=0d0c8278-ef8e-4d6c-ab21-f5527e322f13)) <!-- /greptile_comment -->