vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-31 20:01:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs(exec): document denied approval output isolation behavior

Browse Source
This commit is contained in:
Vincent Koc
2026-03-30 06:50:11 +09:00
parent 3ec000b995
commit 6d0abfa50c
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docs/tools/exec-approvals.md
View File

@@ -461,6 +461,14 @@ These are posted to the agents session after the node reports the event.
Gateway-host exec approvals emit the same lifecycle events when the command finishes (and optionally when running longer than the threshold).
Approval-gated execs reuse the approval id as the `runId` in these messages for easy correlation.
## Denied approval behavior
When an async exec approval is denied, OpenClaw prevents the agent from reusing
output from any earlier run of the same command in the session. The denial reason
is passed with explicit guidance that no command output is available, which stops
the agent from claiming there is new output or repeating the denied command with
stale results from a prior successful run.
## Implications
- **full** is powerful; prefer allowlists when possible.