Gate proof nudges to 5am Central

[Takhoffman]

Summary

• add both UTC schedule candidates for 5:00 AM America/Chicago across daylight saving time
• gate scheduled proof-nudge execution to local hour 05 before checkout/token/setup work runs
• update the proof-nudge docs and workflow guard test for the timezone-aware schedule

Real behavior proof

Local timezone proof for the two UTC schedule candidates:

2026-07-01T10:00:00Z -> 05:00 CDT
2026-07-01T11:00:00Z -> 06:00 CDT
2026-12-01T10:00:00Z -> 04:00 CST
2026-12-01T11:00:00Z -> 05:00 CST

The workflow guard checks TZ=America/Chicago date +%H and only continues when the local hour is 05, so the extra scheduled UTC event becomes a no-op in the opposite season.

Validation

• node --test --test-name-pattern "proof nudge workflow" test/clawsweeper.test.ts
• pnpm run format:check
• node -e timezone mapping proof above

[Takhoffman]

@clawsweeper re-review

[clawsweeper]

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

Re-review progress:

• State: Complete
• Detail: The targeted re-review finished, the durable review comment was updated, and the synced verdict was routed.
• Run: https://github.com/openclaw/clawsweeper/actions/runs/26830009737
• Updated: 2026-06-02T15:32:12.275Z

[clawsweeper]

Codex review: needs maintainer review before merge. Reviewed June 2, 2026, 11:31 AM ET / 15:31 UTC.

Summary
The branch adds both 10:00 and 11:00 UTC proof-nudge schedules, gates scheduled workflow steps on 05:00 America/Chicago, and updates the docs plus workflow guard test.

Reproducibility: not applicable. This PR is a workflow scheduling cleanup, not a bug report with a failing current-main reproduction path. The relevant checks are source review, static workflow assertions, and the PR body's timezone mapping output.

Review metrics: 2 noteworthy metrics.

• Changed surface: 3 files affected. The patch is limited to one workflow, one docs page, and one workflow guard test.
• Workflow timing guard: 1 cron added, 1 guard step added, 7 existing steps gated. The review-relevant behavior is concentrated in scheduled automation that normal unit tests only inspect statically.

Merge readiness
Overall: 🐚 platinum hermit
Proof: 🐚 platinum hermit
Patch quality: 🐚 platinum hermit
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• none.

Risk before merge

• [P1] Scheduled workflow behavior is not fully exercised by normal PR checks; after merge, maintainers should confirm the enabled scheduled dry-run produces one real 5 AM Central run and one seasonal no-op candidate.

Maintainer options:

1. Merge with scheduled dry-run monitoring (recommended)
   Accept the small automation timing risk and verify the first enabled scheduled dry-run shows the Central-time guard doing the intended run-or-skip behavior.
2. Pause for live workflow evidence
   If maintainers want stronger proof, wait for a GitHub Actions run that shows the guard output before merging.

Next step before merge

• No automated repair is needed; this is a clean PR with no discrete blocking defect from this review.

Security
Cleared: No concrete security or supply-chain concern found; the PR adds no third-party actions, dependency changes, or broader token permissions.

Review details

Best possible solution:

Merge once required checks pass and maintainers accept the scheduled dry-run rollout, keeping manual dispatch behavior and existing repository-variable gates intact.

Do we have a high-confidence way to reproduce the issue?

Not applicable: this PR is a workflow scheduling cleanup, not a bug report with a failing current-main reproduction path. The relevant checks are source review, static workflow assertions, and the PR body's timezone mapping output.

Is this the best way to solve the issue?

Yes: adding both UTC cron candidates and guarding the scheduled path with an America/Chicago local-hour check is a narrow way to preserve 5:00 AM Central behavior across DST while leaving manual dispatch and repo-variable gates intact.

AGENTS.md: found and applied where relevant.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 71e4da1fa1a5.

Label changes

Label changes:

• add P3: This is a low-risk scheduling refinement for an opt-in maintenance workflow.
• add merge-risk: 🚨 automation: The diff changes GitHub Actions schedule behavior and step gating, which can only be fully proven after the scheduled workflow runs.
• add proof: sufficient: Contributor real behavior proof is sufficient. The PR body includes copied live timezone-mapping output for both UTC schedule candidates and explains how the guard turns the off-season candidate into a no-op.
• add rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🐚 platinum hermit and patch quality is 🐚 platinum hermit.
• add status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (live_output): The PR body includes copied live timezone-mapping output for both UTC schedule candidates and explains how the guard turns the off-season candidate into a no-op.

Label justifications:

• P3: This is a low-risk scheduling refinement for an opt-in maintenance workflow.
• merge-risk: 🚨 automation: The diff changes GitHub Actions schedule behavior and step gating, which can only be fully proven after the scheduled workflow runs.
• rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🐚 platinum hermit and patch quality is 🐚 platinum hermit.
• status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (live_output): The PR body includes copied live timezone-mapping output for both UTC schedule candidates and explains how the guard turns the off-season candidate into a no-op.
• proof: sufficient: Contributor real behavior proof is sufficient. The PR body includes copied live timezone-mapping output for both UTC schedule candidates and explains how the guard turns the off-season candidate into a no-op.

Evidence reviewed

What I checked:

• Repository policy read: AGENTS.md was read in full; its automation-safety guidance is relevant because this PR changes a scheduled workflow. (AGENTS.md:1, 71e4da1fa1a5)
• Current main schedule baseline: Current main has one scheduled proof-nudge cron at 0 10 UTC and the job remains behind the CLAWSWEEPER_PROOF_NUDGES_SCHEDULED repository variable. (.github/workflows/proof-nudges.yml:33, 71e4da1fa1a5)
• PR workflow change: The PR diff adds the 0 11 UTC schedule, a Central-time guard step, and per-step conditions before checkout, token creation, setup, and proof-nudge execution. (.github/workflows/proof-nudges.yml:53, fba50da703d9)
• Docs and test coverage: The diff updates proof-nudge docs to describe both UTC schedules and adds assertions for the second cron, America/Chicago timezone, local-hour check, and should_run gate. (test/clawsweeper.test.ts:16085, fba50da703d9)
• Feature history: Git blame shows the proof-nudge workflow was introduced in 9b08258, with the current 0 10 UTC schedule added in 71e4da1. (.github/workflows/proof-nudges.yml:33, 71e4da1fa1a5)
• PR proof and discussion: The PR body includes copied timezone mapping output for July and December UTC candidates plus validation commands; PR comments only contain the re-review request and bot status comments, with no maintainer objections or review findings. (fba50da703d9)

Likely related people:

• brokemac79: Git blame and git log show commit 9b08258 introduced the proof-nudges workflow, docs, and test guard. (role: introduced proof-nudge workflow; confidence: high; commits: 9b08258b9c64; files: .github/workflows/proof-nudges.yml, docs/proof-nudges.md, test/clawsweeper.test.ts)
• Takhoffman: Current-main commits 71e4da1 and b76b104 changed the proof-nudge schedule and PR token permissions, so this handle has recent area context beyond authoring this PR. (role: recent area contributor; confidence: high; commits: 71e4da1fa1a5, b76b104a4cf8; files: .github/workflows/proof-nudges.yml, docs/proof-nudges.md, test/clawsweeper.test.ts)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.