From 6d0abfa50c7109c9d59b6cbc62fb4efdf2aa2c3e Mon Sep 17 00:00:00 2001 From: Vincent Koc Date: Mon, 30 Mar 2026 06:50:11 +0900 Subject: [PATCH] docs(exec): document denied approval output isolation behavior --- docs/tools/exec-approvals.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/docs/tools/exec-approvals.md b/docs/tools/exec-approvals.md index 2af4de4cdf3..b4f1f04e004 100644 --- a/docs/tools/exec-approvals.md +++ b/docs/tools/exec-approvals.md @@ -461,6 +461,14 @@ These are posted to the agent’s session after the node reports the event. Gateway-host exec approvals emit the same lifecycle events when the command finishes (and optionally when running longer than the threshold). Approval-gated execs reuse the approval id as the `runId` in these messages for easy correlation. +## Denied approval behavior + +When an async exec approval is denied, OpenClaw prevents the agent from reusing +output from any earlier run of the same command in the session. The denial reason +is passed with explicit guidance that no command output is available, which stops +the agent from claiming there is new output or repeating the denied command with +stale results from a prior successful run. + ## Implications - **full** is powerful; prefer allowlists when possible.