Generic provider env vars not resolved in URL query parameters by L7 proxy #668
Description
Description
When using a generic provider with a credential key (e.g., NCBI_API_KEY), the env var inside the sandbox resolves to the literal placeholder string openshell:resolve:env:NCBI_API_KEY instead of the actual credential value. The L7 proxy reports credentials_injected: true but does not substitute the placeholder in URL query parameters.
Steps to reproduce
-
Create a generic provider with a credential key:
openshell provider create --name ncbi --type generic --credential NCBI_API_KEY -
Inside a sandbox, run a curl command using the env var in a URL query parameter:
curl -s "https://eutils.ncbi.nlm.nih.gov/entrez/eutils/esearch.fcgi?db=pubmed&retmode=json&api_key=$NCBI_API_KEY&term=test" -
The L7 proxy log shows:
credentials_injected: true host: eutils.ncbi.nlm.nih.gov path: /entrez/eutils/esearch.fcgi?db=pubmed&retmode=json&api_key=openshell:resolve:env:NCBI_API_KEY&term=test
Expected behavior
$NCBI_API_KEY should resolve to the actual credential value inside the sandbox shell, or the L7 proxy should substitute openshell:resolve:env:NCBI_API_KEY with the real value before forwarding the request.
Actual behavior
- The sandbox env var contains the literal string
openshell:resolve:env:NCBI_API_KEY - Shell expansion substitutes this placeholder into the URL
- The L7 proxy claims
credentials_injected: truebut the placeholder remains in the outbound URL query parameter - The upstream API receives the placeholder string instead of the key, causing auth failures
Environment
- OpenShell version: 0.0.16
- Provider type: generic
- Running via OpenClaw gateway (systemd service)
- Sandbox backend: openshell
Workaround
Hardcode the API key directly in the curl URL instead of using the env var.