[codex] Extract filesystem safety primitives (#77918)

* refactor: extract filesystem safety primitives

* refactor: use fs-safe for file access helpers

* refactor: reuse fs-safe for media reads

* refactor: use fs-safe for image reads

* refactor: reuse fs-safe in qqbot media opener

* refactor: reuse fs-safe for local media checks

* refactor: consume cleaner fs-safe api

* refactor: align fs-safe json option names

* fix: preserve fs-safe migration contracts

* refactor: use fs-safe primitive subpaths

* refactor: use grouped fs-safe subpaths

* refactor: align fs-safe api usage

* refactor: adapt private state store api

* chore: refresh proof gate

* refactor: follow fs-safe json api split

* refactor: follow reduced fs-safe surface

* build: default fs-safe python helper off

* fix: preserve fs-safe plugin sdk aliases

* refactor: consolidate fs-safe usage

* refactor: unify fs-safe store usage

* refactor: trim fs-safe temp workspace usage

* refactor: hide low-level fs-safe primitives

* build: use published fs-safe package

* fix: preserve outbound recovery durability after rebase

* chore: refresh pr checks

src/node-host/config.ts

@@ -2,7 +2,7 @@ import crypto from "node:crypto";
 import fs from "node:fs/promises";
 import path from "node:path";
 import { resolveStateDir } from "../config/paths.js";
-import { writeJsonAtomic } from "../infra/json-files.js";
+import { writeJson } from "../infra/json-files.js";
 
 export type NodeHostGatewayConfig = {
   host?: string;
@@ -55,7 +55,7 @@ export async function loadNodeHostConfig(): Promise<NodeHostConfig | null> {
 
 export async function saveNodeHostConfig(config: NodeHostConfig): Promise<void> {
   const filePath = resolveNodeHostConfigPath();
-  await writeJsonAtomic(filePath, config, { mode: 0o600 });
+  await writeJson(filePath, config, { mode: 0o600 });
 }
 
 export async function ensureNodeHostConfig(): Promise<NodeHostConfig> {

src/node-host/invoke-system-run-plan.ts

@@ -13,7 +13,7 @@ import {
   unwrapKnownDispatchWrapperInvocation,
   unwrapKnownShellMultiplexerInvocation,
 } from "../infra/exec-wrapper-resolution.js";
-import { sameFileIdentity } from "../infra/file-identity.js";
+import { sameFileIdentity } from "../infra/fs-safe-advanced.js";
 import {
   POSIX_INLINE_COMMAND_FLAGS,
   resolveInlineCommandMatch,

src/node-host/invoke-system-run.test.ts

@@ -802,11 +802,11 @@ describe("handleSystemRunInvoke mac app exec host routing", () => {
           label: "parent symlink",
           setup: () => {
             const tmp = createFixtureDir("openclaw-approval-cwd-parent-link-");
-            const safeRoot = path.join(tmp, "safe-root");
-            const safeSub = path.join(safeRoot, "sub");
+            const safeSymlinkRoot = path.join(tmp, "safe-root");
+            const safeSymlinkSub = path.join(safeSymlinkRoot, "sub");
             const linkRoot = path.join(tmp, "approved-link");
-            fs.mkdirSync(safeSub, { recursive: true });
-            fs.symlinkSync(safeRoot, linkRoot, "dir");
+            fs.mkdirSync(safeSymlinkSub, { recursive: true });
+            fs.symlinkSync(safeSymlinkRoot, linkRoot, "dir");
             return {
               cwd: path.join(linkRoot, "sub"),
               message: "no symlink path components",