fix(e2e): mirror skill fixture to passwd-based home directory

[hunglp6d]

Summary

The add-sandbox-skill.sh helper mirrors injected skill files into $HOME/.openclaw/skills/, but inside an OpenShell SSH session $HOME resolves to /sandbox (the sandbox working directory) rather than /home/sandbox (the sandbox user's passwd entry). The OpenClaw agent's managed-skills loader resolves the skills directory via os.homedir() / getpwnam, which returns /home/sandbox, causing [tools] read failed: ENOENT on every agent turn.

This PR adds a secondary mirror into the passwd-reported home directory (queried via getent passwd) when it differs from $HOME, so the skill SKILL.md is reachable regardless of which path resolution the consumer uses.

Related Issue

Fixes #3958

Changes

• test/e2e/e2e-cloud-experimental/features/skill/add-sandbox-skill.sh: After mirroring to $HOME/.openclaw/skills/<id>/, query the passwd-based home via getent passwd and mirror there too when it differs from $HOME.

Validation

The -custom-e2e validation branch could not be pushed because the automation token lacks the workflow scope (required by GitHub to push .github/workflows/ files). Manual validation: re-run skill-agent-e2e on this branch via gh workflow run nightly-e2e.yaml --repo NVIDIA/NemoClaw --ref fix/nightly-e2e-skill-agent-home-path-f19061e -f jobs=skill-agent-e2e.

• Original failing run: 26197765497 on f19061ec9b79d019afdb274786ff0211182dc8df
• Targeted job: skill-agent-e2e (#77080825135)

Type of Change

• Code change (feature, bug fix, or refactor)

Verification

• npx prek run --all-files passes
• npm test passes
• Tests added or updated for new or changed behavior
• No secrets, API keys, or credentials committed
• Docs updated for user-facing behavior changes

AI Disclosure

• AI-assisted — tool: Claude Code (nemoclaw-diagnosis skill)

---

Signed-off-by: Hung Le hple@nvidia.com

[copy-pr-bot]

Auto-sync is disabled for draft pull requests in this repository. Workflows must be run manually.

Contributors can view more details about this message here.

[coderabbitai]

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: c1cfd055-a3a5-42aa-9a2a-23aa98f5667a

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/nightly-e2e-skill-agent-home-path-f19061e

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

E2E Advisor Recommendation

Required E2E: None
Optional E2E: skill-agent-e2e, cloud-inference-e2e

Dispatch hint: skill-agent-e2e

Workflow run

Full advisor summary

E2E Recommendation Advisor

Base: origin/main
Head: HEAD
Confidence: high

Required E2E

• None.

Optional E2E

• skill-agent-e2e (medium): Directly exercises the modified add-sandbox-skill.sh helper and verifies the real assistant flow: skill injection into a sandbox followed by an OpenClaw agent turn reading the injected SKILL.md.
• cloud-inference-e2e (medium): Provides adjacent confidence for sandbox .openclaw skill filesystem layout validation, although it does not directly exercise the changed add-sandbox-skill.sh helper.

New E2E recommendations

• None.

Dispatch hint

• Workflow: E2E / Nightly
• jobs input: skill-agent-e2e

[github-actions]

PR Review Advisor

Recommendation: blocked
Confidence: medium
Analyzed HEAD: 5c403b03a32e84874b75dec33991801bafacf544
Findings: 2 blocker(s), 1 warning(s), 1 suggestion(s)

This is an automated advisory review. A human maintainer must make the final merge decision.

Limitations: Review used the provided deterministic GitHub context and read-only repository inspection; no tests, scripts, package-manager commands, or workflows were executed.; CI and E2E recommendation were still in progress at review time, so final merge readiness cannot be established.; No resolved/unresolved review-thread state beyond the provided context was independently queried; CodeRabbit skipped review because the PR is draft.; The linked issue entry in the context returned 404, so acceptance mapping is limited to literal PR body and PR comment clauses rather than a real linked issue.

Workflow run

Full advisor summary

PR Review Advisor

Base: origin/main
Head: HEAD
Analyzed SHA: 5c403b03a32e84874b75dec33991801bafacf544
Recommendation: blocked
Confidence: medium

The one-file E2E helper change is narrowly scoped and appears directionally correct, but the PR is draft/merge-blocked with CI and E2E recommendation still in progress, so it should not merge yet.

Gate status

• CI: pending — Head SHA 5c403b0 has pending/in-progress contexts including E2E recommendation, wsl-e2e, PR review advisor, CodeQL, checks, and ShellCheck SARIF; deterministic context reports 7 pending contexts.
• Mergeability: fail — GitHub reports isDraft=true, reviewDecision=REVIEW_REQUIRED, mergeStateStatus=BLOCKED, mergeable_state=blocked for PR fix(e2e): mirror skill fixture to passwd-based home directory #3956.
• Review threads: unknown — No review thread state was available in the deterministic gate summary; GraphQL reviewThreads nodes were empty, and CodeRabbit skipped review because the PR is draft.
• Risky code tested: pass — Path heuristics reported no risky runtime code areas; changed file is limited to test/e2e/e2e-cloud-experimental/features/skill/add-sandbox-skill.sh.

🔴 Blockers

• Required status checks are not complete for the head SHA: Several checks for 5c403b0 are still in progress or pending, including E2E recommendation, wsl-e2e, CodeQL, checks, and ShellCheck SARIF. Latest-SHA CI completion is a hard gate.
  • Recommendation: Wait for all required checks for the exact head SHA to complete successfully before considering merge readiness.
  • Evidence: statusCheckRollup shows IN_PROGRESS for E2E recommendation, wsl-e2e, PR review advisor, CodeQL (javascript-typescript), CodeQL (python), checks, and ShellCheck SARIF.
• PR is draft and merge-blocked: GitHub reports the PR as draft with mergeStateStatus=BLOCKED and reviewDecision=REVIEW_REQUIRED. This prevents merge regardless of the code-level assessment.
  • Recommendation: Keep the PR blocked until it is no longer draft, review requirements are satisfied, and GitHub reports an unblocked merge state.
  • Evidence: PR metadata: isDraft=true, mergeStateStatus=BLOCKED, mergeable_state=blocked, reviewDecision=REVIEW_REQUIRED.

🟡 Warnings

• Relevant E2E validation is not yet evidenced for this head SHA: The change targets an E2E cloud experimental skill helper used to mirror sandbox skill fixtures into the home path used by the agent. The PR body names skill-agent-e2e as the targeted validation, but no passing skill-agent-e2e result for the current head SHA was present in the provided status rollup, and the E2E recommendation check is still in progress.
  • Recommendation: Confirm that the E2E Advisor completes and that any recommended skill-agent/cloud E2E job passes for head SHA 5c403b0.
  • Evidence: PR body cites targeted job skill-agent-e2e (#77080825135); GraphQL status rollup only shows E2E recommendation as IN_PROGRESS and does not show a completed passing skill-agent-e2e for this head SHA.

🔵 Suggestions

• Passwd-home mirror is not explicitly reported or asserted (test/e2e/e2e-cloud-experimental/features/skill/add-sandbox-skill.sh:143): The new branch mirrors to the passwd-reported home when it differs from $HOME, and set -e will catch mkdir/cp failures. However, because getent failures are tolerated and no ALT/ PASSWD path marker is emitted or checked, the helper can still report success without proving that the intended passwd-home mirror path was discovered and populated.
  • Recommendation: Consider echoing a PASSWD_HOME_QUERY_PATH or similar marker when the alternate mirror is used, and assert it in the caller or in the relevant E2E job to make the regression easier to diagnose.
  • Evidence: Lines 143-147 compute passwd_home with || true and copy to alt_skill_dir, while the caller only greps for QUERY_PATH= and HOME_QUERY_PATH=.

Acceptance coverage

• met — test/e2e/e2e-cloud-experimental/features/skill/add-sandbox-skill.sh: After mirroring to $HOME/.openclaw/skills/<id>/, query the passwd-based home via getent passwd and mirror there too when it differs from $HOME.: Diff adds passwd_home="$(getent passwd "$(id -un)" 2>/dev/null | cut -d: -f6 || true)", compares it with home_root, then creates ${passwd_home}/.openclaw/skills/${skill_id} and copies SKILL.md there.
• partial — This PR adds a secondary mirror into the passwd-reported home directory (queried via getent passwd) when it differs from $HOME, so the skill SKILL.md is reachable regardless of which path resolution the consumer uses.: The secondary mirror is implemented. Reachability through the actual OpenClaw managed-skills consumer is not yet evidenced for this head SHA because E2E recommendation is in progress and skill-agent-e2e is not shown as passing.
• unknown — Manual validation: re-run skill-agent-e2e on this branch via gh workflow run nightly-e2e.yaml --repo NVIDIA/NemoClaw --ref fix/nightly-e2e-skill-agent-home-path-f19061e -f jobs=skill-agent-e2e.: No completed passing skill-agent-e2e status for head SHA 5c403b0 was present in the provided status rollup.
• partial — Tests added or updated for new or changed behavior: The changed file is an E2E helper under test/e2e and updates the behavior used by the E2E flow, but no separate assertion of the passwd-home mirror or passing targeted E2E result is available yet.
• met — No secrets, API keys, or credentials committed: The diff adds shell logic and comments only; no literal tokens, API keys, passwords, PEM material, or credential files are introduced.
• met — Auto-sync is disabled for draft pull requests in this repository. Workflows must be run manually.: The PR is draft and the copy-pr-bot comment states auto-sync is disabled for draft pull requests; current workflow statuses show checks running manually/independently rather than auto-sync evidence.
• met — Draft detected.: PR metadata reports isDraft=true and CodeRabbit comment says review was skipped because a draft was detected.
• missing — Fixes #NNN — will be updated after the tracking issue is filed: No real linked issue was provided. The deterministic linkedIssues entry appears to be an Actions job/run identifier and returned GitHub REST 404, so there are no linked issue acceptance clauses to verify.

Security review

• pass — Category 1: Secrets and Credentials: No hardcoded secrets, credentials, tokens, connection strings, PEM/key files, or secret-bearing fixtures are added. The changed shell logic handles filesystem paths only.
• pass — Category 2: Input Validation and Data Sanitization: The pre-existing SKILL_ID allowlist restricts skill path components to [A-Za-z0-9._-], and the new passwd-home path is system-derived and quoted in mkdir/cp operations. No new untrusted deserialization, eval, path traversal via SKILL_ID, SQL/XSS, or SSRF surface is introduced by the diff.
• pass — Category 3: Authentication and Authorization: No new endpoints, authentication flows, authorization decisions, token validation, or privilege checks are introduced. The script continues to operate through the existing OpenShell SSH path for E2E setup.
• pass — Category 4: Dependencies and Third-Party Libraries: No dependencies, package manifests, installers, registries, or third-party libraries are added or modified.
• pass — Category 5: Error Handling and Logging: The new mirror operations run under set -e in the remote script, so mkdir/cp failures should fail the helper. The diff does not add logging of secrets or sensitive values; it only adds comments and path-copy logic.
• pass — Category 6: Cryptography and Data Protection: Not applicable — no cryptographic operations, key handling, encryption, hashing, or transport changes are introduced.
• pass — Category 7: Configuration and Security Headers: Not applicable — no HTTP endpoints, CORS/CSP settings, Dockerfiles, container users, network policy, or runtime security configuration are changed.
• warning — Category 8: Security Testing: The code is test-helper-only and does not directly affect production runtime, but the relevant E2E validation for the managed-skills home-path behavior is not yet shown as passing for the head SHA. The new alternate passwd-home branch is also not explicitly reported or asserted by the helper output.
• warning — Category 9: Holistic Security Posture: The scoped test-helper change does not appear to degrade sandbox, SSRF, credential, blueprint, installer, or workflow trusted-code boundaries. However, holistic readiness is limited by draft/blocked merge state, pending CI, and absent targeted E2E evidence for the behavior this PR is meant to fix.

Test / E2E status

• Test depth: unit_sufficient — Trusted context classifies this as limited to tests/E2E helper code that cannot affect runtime behavior directly. For merge readiness, however, the relevant E2E/cloud skill-agent validation should still pass because the helper exists to support that E2E behavior.
• E2E Advisor: missing
• Required E2E jobs: E2E recommendation, skill-agent-e2e
• Missing for analyzed SHA: E2E recommendation, skill-agent-e2e

✅ What looks good

• The patch is narrowly scoped to one E2E helper file and does not touch production sandbox lifecycle, SSRF, credential, installer, workflow, or policy code.
• SKILL_ID remains allowlisted before being used in remote file paths, reducing path traversal risk for the new mirror destination.
• The added remote copy operations quote path variables and run under set -e, so ordinary mkdir/cp failures should fail the helper rather than silently passing.
• The implementation addresses the documented drift between $HOME=/sandbox and passwd/os.homedir resolving to /home/sandbox.

Review completeness

• Review used the provided deterministic GitHub context and read-only repository inspection; no tests, scripts, package-manager commands, or workflows were executed.
• CI and E2E recommendation were still in progress at review time, so final merge readiness cannot be established.
• No resolved/unresolved review-thread state beyond the provided context was independently queried; CodeRabbit skipped review because the PR is draft.
• The linked issue entry in the context returned 404, so acceptance mapping is limited to literal PR body and PR comment clauses rather than a real linked issue.
• Human maintainer review required: yes

[wscurran]

✨
Related open issues:

• #3958 nightly-e2e: skill-agent-e2e fails — ENOENT on /home/sandbox/.openclaw/skills due to HOME mismatch