vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-05 15:40:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(security): fail closed on dangerous skill installs

Browse Source
This commit is contained in:
Peter Steinberger
2026-03-31 23:27:10 +09:00
parent 98c0c38186
commit 0d7f1e2c84
21 changed files with 362 additions and 129 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
docs/automation/hooks.md
View File

@@ -525,6 +525,11 @@ If the gateway is unavailable or does not support plugin approvals, the tool cal
Runs after the built-in install security scan and before installation continues. OpenClaw fires this hook for interactive skill installs as well as plugin bundle, package, and single-file installs.
Default behavior differs by target type:
- Plugin installs fail closed on built-in scan `critical` findings and scan errors unless the operator explicitly uses `openclaw plugins install --dangerously-force-unsafe-install`.
- Skill installs still surface built-in scan findings and scan errors as warnings and continue by default.
Return fields:
- **`findings`**: Additional scan findings to surface as warnings