docs: add exec approval troubleshooting

docs/help/troubleshooting.md

@@ -266,6 +266,51 @@ flowchart TD
 
   </Accordion>
 
+  <Accordion title="Exec suddenly asks for approval">
+    ```bash
+    openclaw config get tools.exec.host
+    openclaw config get tools.exec.security
+    openclaw config get tools.exec.ask
+    openclaw gateway restart
+    ```
+
+    What changed:
+
+    - If `tools.exec.host` is unset, the default is `auto`.
+    - `host=auto` resolves to `sandbox` when a sandbox runtime is active, `gateway` otherwise.
+    - On `gateway` and `node`, unset `tools.exec.security` defaults to `allowlist`.
+    - Unset `tools.exec.ask` defaults to `on-miss`.
+    - Result: ordinary host commands can now pause with `Approval required` instead of running immediately.
+
+    Restore the old gateway no-approval behavior:
+
+    ```bash
+    openclaw config set tools.exec.host gateway
+    openclaw config set tools.exec.security full
+    openclaw config set tools.exec.ask off
+    openclaw gateway restart
+    ```
+
+    Safer alternatives:
+
+    - Set only `tools.exec.host=gateway` if you just want stable host routing and still want approvals.
+    - Keep `security=allowlist` with `ask=on-miss` if you want host exec but still want review on allowlist misses.
+    - Enable sandbox mode if you want `host=auto` to resolve back to `sandbox`.
+
+    Common log signatures:
+
+    - `Approval required.` → command is waiting on `/approve ...`.
+    - `SYSTEM_RUN_DENIED: approval required` → node-host exec approval is pending.
+    - `exec host=sandbox requires a sandbox runtime for this session` → implicit/explicit sandbox selection but sandbox mode is off.
+
+    Deep pages:
+
+    - [/tools/exec](/tools/exec)
+    - [/tools/exec-approvals](/tools/exec-approvals)
+    - [/gateway/security#runtime-expectation-drift](/gateway/security#runtime-expectation-drift)
+
+  </Accordion>
+
   <Accordion title="Browser tool fails">
     ```bash
     openclaw status