[codex] Redact agent awareness relay diagnostics

[juliusmarminge]

Issue

Agent-awareness diagnostics exposed the complete configured relay URL, including any embedded credentials, path, query, and fragment. Publish failures also rendered the complete Effect cause into log attributes, which could serialize nested response bodies, defects, and other sensitive details.

Root cause

The relay service passed configuration and Cause.pretty output directly to the logger instead of projecting them into bounded structural diagnostics.

Fix

• Project relay URLs through the shared URL diagnostic helper and log only configuration state, input length, protocol, and hostname.
• Summarize publish causes by reason counts and typed failure tags without serializing failure values or defects.
• Keep catchCause at this boundary because the background publisher intentionally handles typed failures, defects, and interruptions together; the change does not construct or replace any cause.

This PR is stacked on #3403, which introduces the shared URL diagnostic helper.

Validation

• vp test apps/server/src/relay/AgentAwarenessRelay.test.ts (13 tests)
• vp check
• vp run typecheck

Focused regression tests use sentinel credentials, path, query, fragment, nested failure detail, and defect detail to verify none reach the projected log attributes.

---

Note

Low Risk
Logging-only change in the relay publisher; behavior and error handling boundaries are unchanged aside from what gets written to logs.

Overview
Agent-awareness relay logging no longer emits full relay URLs or serialized Effect causes.

Relay URL logging now goes through relayUrlLogAttributes, which uses shared getUrlDiagnostics so logs only record whether a URL is configured, input length, protocol, and hostname—credentials, path, query, and fragment are omitted from startup and reconciliation info logs.

Publish failure logging replaces Cause.pretty(cause) with relayPublishCauseLogAttributes, which records reason/failure/defect/interruption counts and deduplicated _tag values from typed failures, without embedding nested error bodies or defect messages.

Regression tests assert sentinel secrets and private failure/defect strings never appear in the projected attribute payloads.

^{Reviewed by Cursor Bugbot for commit dd68a77. Bugbot is set up for automated code reviews on this repo. Configure here.}

Note

Redact relay URL and cause details in AgentAwarenessRelay logs

• Adds relayUrlLogAttributes to replace raw relay URL strings in logs with safe attributes: configured flag, input length, protocol, and hostname.
• Adds relayPublishCauseLogAttributes to replace Cause.pretty strings with structured summaries: reason counts by type and aggregated failure tags.
• Both utilities are used in AgentAwarenessRelay.make for startup, enablement, and publishThread error logging.
• Behavioral Change: warning logs for publish failures no longer include full pretty-printed cause details or raw URLs.

^{Macroscope summarized dd68a77.}

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 5d0a7c8d-90b3-4adb-ba19-d7ae3d0250c4

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch codex/server-residual-error-audit

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[macroscopeapp]

Approvability

Verdict: Approved

Security improvement that redacts sensitive data (URL credentials, error details) from log attributes. Changes are well-tested, self-contained to logging behavior, and don't affect core business logic.

^{You can customize Macroscope's approvability policy. Learn more.}