#17179: fix: validateAnthropicTurns handles consecutive system messages for MiniMax subagents

Fixes #17124 ## Problem When using MiniMax models (e.g. `MiniMax-M2.5`) as a subagent via `sessions_spawn`, the prompt constructed by OpenClaw contains consecutive messages with the same role (e.g., two `system` messages in a row). This violates the MiniMax API constraint requiring strict role alternation (user → assistant → user → ...), resulting in a `400 Bad Request` error. ## Root Cause `validateAnthropicTurns` only merged consecutive `user` messages. It didn't handle consecutive `system` messages which are common in subagent contexts where: 1. Main agent's system prompt is injected 2. Subagent system prompt (`buildSubagentSystemPrompt`) is added This results in two consecutive system messages. ## Solution Extended `validateAnthropicTurns` to merge consecutive messages of ALL roles: - `user` → merge using existing `mergeConsecutiveUserTurns` - `system` → merge into single system message with combined content - `assistant` → merge into single assistant message This ensures the message array always has alternating roles, fixing the MiniMax 400 error for subagent contexts. ## Impact - MiniMax subagents now work correctly - Fixes the 400 error: "consecutive same-role messages" - Consistent with how Gemini turns are validated <!-- greptile_comment --> <h3>Greptile Summary</h3> This is a multi-faceted PR that bundles together several unrelated fixes and improvements despite the title focusing on `validateAnthropicTurns` and MiniMax subagents. Changes include: - **Turn validation**: Extended `validateAnthropicTurns` to merge consecutive system and assistant messages (not just user messages), fixing MiniMax API 400 errors for subagent contexts. - **Telegram improvements**: Added DM audio transcription support, `requireMention` gating for file-size error messages, and numeric sender ID in metadata. - **Session persistence**: `responseUsage` is now carried across session resets, similar to other behavior overrides. - **Session store hardening**: Invalid entries (empty `sessionFile`, absolute paths) are filtered out during load. - **Gateway fixes**: Default `operator.read` scope for Control UI/webchat token-only auth, diagnostic event broadcasting to WebSocket clients, `cron:`-prefixed heartbeat reasons, and graceful `.catch()` for health probes. - **Media path resolution**: `workspaceDir` fallback for sandbox media normalization, and stricter `MEDIA:` token parsing (only at line start). - **Shell helpers**: Extra compose file support for `clawdock`. Key issue found: - **`src/telegram/bot-message-context.ts`**: The new code at line 401 references `preflightTranscript` before its `let` declaration at line 415, which will cause a `ReferenceError` at runtime due to JavaScript's temporal dead zone semantics. This will crash on DM voice messages. <h3>Confidence Score: 2/5</h3> - This PR contains a runtime crash bug in the Telegram DM voice message path that must be fixed before merge. - Score of 2 reflects a confirmed runtime ReferenceError in `bot-message-context.ts` where `preflightTranscript` is accessed before its `let` declaration (temporal dead zone). This will crash the Telegram handler for DM voice messages. The turns.ts changes and other fixes look reasonable, but the TDZ bug is a blocking issue. - Pay close attention to `src/telegram/bot-message-context.ts` — the `preflightTranscript` usage at line 401 must be moved after its declaration at line 415. _{Last reviewed commit: bd184e5} <!-- greptile_other_comments_section --> <!-- /greptile_comment -->