refactor: rename to openclaw

docs/refactor/exec-host.md

@@ -25,11 +25,11 @@ read_when:
 - **Config keys:** `exec.host` + `exec.security` (per-agent override allowed).
 - **Elevation:** keep `/elevated` as an alias for gateway full access.
 - **Ask default:** `on-miss`.
-- **Approvals store:** `~/.clawdbot/exec-approvals.json` (JSON, no legacy migration).
+- **Approvals store:** `~/.openclaw/exec-approvals.json` (JSON, no legacy migration).
 - **Runner:** headless system service; UI app hosts a Unix socket for approvals.
 - **Node identity:** use existing `nodeId`.
 - **Socket auth:** Unix socket + token (cross-platform); split later if needed.
-- **Node host state:** `~/.clawdbot/node.json` (node id + pairing token).
+- **Node host state:** `~/.openclaw/node.json` (node id + pairing token).
 - **macOS exec host:** run `system.run` inside the macOS app; node host service forwards requests over local IPC.
 - **No XPC helper:** stick to Unix socket + token + peer checks.
 
@@ -87,7 +87,7 @@ Ask is **independent** of allowlist; allowlist can be used with `always` or `on-
 - `/elevated off` = restore previous exec settings for the agent session.
 
 ## Approvals store (JSON)
-Path: `~/.clawdbot/exec-approvals.json`
+Path: `~/.openclaw/exec-approvals.json`
 
 Purpose:
 - Local policy + allowlists for the **execution host** (gateway or node runner).
@@ -99,7 +99,7 @@ Proposed schema (v1):
 {
   "version": 1,
   "socket": {
-    "path": "~/.clawdbot/exec-approvals.sock",
+    "path": "~/.openclaw/exec-approvals.sock",
     "token": "base64-opaque-token"
   },
   "defaults": {
@@ -141,7 +141,7 @@ Notes:
 
 ## UI integration (macOS app)
 ### IPC
-- Unix socket at `~/.clawdbot/exec-approvals.sock` (0600).
+- Unix socket at `~/.openclaw/exec-approvals.sock` (0600).
 - Token stored in `exec-approvals.json` (0600).
 - Peer checks: same-UID only.
 - Challenge/response: nonce + HMAC(token, request-hash) to prevent replay.