docs: clarify reserved gateway method namespaces

docs/gateway/protocol.md

@@ -169,6 +169,10 @@ Common scopes:
 - `operator.approvals`
 - `operator.pairing`
 
+Plugin-registered gateway RPC methods may request their own operator scope, but
+reserved core admin prefixes (`config.*`, `exec.approvals.*`, `wizard.*`,
+`update.*`) always resolve to `operator.admin`.
+
 Method scope is only the first gate. Some slash commands reached through
 `chat.send` apply stricter command-level checks on top. For example, persistent
 `/config set` and `/config unset` writes require `operator.admin`.

docs/plugins/architecture.md

@@ -1240,6 +1240,11 @@ If your full entry still owns any required startup capability, do not enable
 this flag. Keep the plugin on the default behavior and let OpenClaw load the
 full entry during startup.
 
+When those startup surfaces include gateway RPC methods, keep them on a
+plugin-specific prefix. Core admin namespaces (`config.*`,
+`exec.approvals.*`, `wizard.*`, `update.*`) remain reserved and always resolve
+to `operator.admin`, even if a plugin requests a narrower scope.
+
 Example:
 
 ```json

docs/plugins/building-plugins.md

@@ -158,6 +158,11 @@ A single plugin can register any number of capabilities via the `api` object:
 
 For the full registration API, see [SDK Overview](/plugins/sdk-overview#registration-api).
 
+If your plugin registers custom gateway RPC methods, keep them on a
+plugin-specific prefix. Core admin namespaces (`config.*`,
+`exec.approvals.*`, `wizard.*`, `update.*`) stay reserved and always resolve to
+`operator.admin`, even if a plugin asks for a narrower scope.
+
 Hook guard semantics to keep in mind:
 
 - `before_tool_call`: `{ block: true }` is terminal and stops lower-priority handlers.

docs/plugins/sdk-channel-plugins.md

@@ -280,6 +280,10 @@ Auth-only channels can usually stop at the default path: core handles approvals
     can show them in root help without activating the full channel runtime,
     while normal full loads still pick up the same descriptors for real command
     registration. Keep `registerFull(...)` for runtime-only work.
+    If `registerFull(...)` registers gateway RPC methods, use a
+    plugin-specific prefix. Core admin namespaces (`config.*`,
+    `exec.approvals.*`, `wizard.*`, `update.*`) stay reserved and always
+    resolve to `operator.admin`.
     `defineChannelPluginEntry` handles the registration-mode split automatically. See
     [Entry Points](/plugins/sdk-entrypoints#definechannelpluginentry) for all
     options.

docs/plugins/sdk-entrypoints.md

@@ -111,6 +111,10 @@ export default defineChannelPluginEntry({
   when you want the command to stay lazy-loaded without disappearing from the
   root CLI parse tree. For channel plugins, prefer registering those descriptors
   from `registerCliMetadata(...)` and keep `registerFull(...)` focused on runtime-only work.
+- If `registerFull(...)` also registers gateway RPC methods, keep them on a
+  plugin-specific prefix. Reserved core admin namespaces (`config.*`,
+  `exec.approvals.*`, `wizard.*`, `update.*`) are always coerced to
+  `operator.admin`.
 
 ## `defineSetupPluginEntry`
 

docs/plugins/sdk-setup.md

@@ -106,6 +106,11 @@ gateway starts listening.
   the default behavior.
 </Warning>
 
+If your setup/full entry registers gateway RPC methods, keep them on a
+plugin-specific prefix. Reserved core admin namespaces (`config.*`,
+`exec.approvals.*`, `wizard.*`, `update.*`) stay core-owned and always resolve
+to `operator.admin`.
+
 ## Plugin manifest
 
 Every native plugin must ship an `openclaw.plugin.json` in the package root.
@@ -199,6 +204,9 @@ background services) during setup flows.
 - Any HTTP routes required before gateway listen
 - Any gateway methods needed during startup
 
+Those startup gateway methods should still avoid reserved core admin
+namespaces such as `config.*` or `update.*`.
+
 **What `setupEntry` should NOT include:**
 
 - CLI registrations