OpenClaw Install / Docs / Gateway / Skills
EN
Get Started
Home

Switch language

简体中文 English
Start Install GuideQuick StartDocs Overview
Docs ChannelsModels & APIGateway OpsTools & Skills
More ArticlesResourcesHelp Center
Get Started
Documentation navigation Tools & Skills

Current Section

On This Page

Tools & Skills 3 sections

Approval Guardrails

Exec Approvals

Exec approvals are the safety interlock between sandboxed agent behavior and real host execution. Commands only reach the Gateway or node host when tool policy, allowlists and optional user approval all permit it.

Exec Security Plugin

Policy Dimensions

security

deny / allowlist / full

Controls whether host execution is blocked completely, restricted to a whitelist or fully allowed.

ask

off / on-miss / always

Defines whether human approval is prompted and when the prompt appears.

fallback

askFallback

If the UI is unavailable, deny, allowlist or full decides the default approval result.

Storage and Commands

Approvals file

~/.openclaw/exec-approvals.json

CLI management entry point

openclaw approvals

Chat-side approval commands

/approve <id> allow-once
/approve <id> allow-always
/approve <id> deny

What Actually Matters

The allowlist is per-agent config, not a single globally shared table.

safeBins is a curated set of low-risk binaries that only read standard input and can pass in allowlist mode without explicit path entries.

If the companion UI cannot prompt and the policy requires it, askFallback decides the outcome.