#I want to set these models up for usage

You do it in two layers:

1. Make the provider exist (so bailian/* actually resolves)
2. Add the models to your allowlist + aliases, then set a primary + fallbacks so /model <alias> works the way you want.

1) Configure the bailian provider (if it’s a custom/OpenAI-compatible endpoint)

In ~/.openclaw/openclaw.json (it’s JSON5, not YAML), add something like:

{
  env: {
    BAILIAN_API_KEY: "put-it-here-or-use-~/.openclaw/.env",
  },

  models: {
    mode: "merge",

    providers: {
      bailian: {
        baseUrl: "https://YOUR-BAILIAN-ENDPOINT/v1",
        apiKey: "${BAILIAN_API_KEY}",
        api: "openai-completions",

        // Optional but recommended: declare the models you want available
        models: [
          { id: "glm-5", name: "GLM-5" },
          { id: "glm-4.7", name: "GLM-4.7" },
          { id: "qwen3-coder-next", name: "Qwen3 Coder Next" },
          { id: "qwen3.5-plus", name: "Qwen3.5 Plus" },
          { id: "qwen3-max-2026-01-23", name: "Qwen3 Max (2026-01-23)" },
          { id: "kimi-k2.5", name: "Kimi K2.5" },
          { id: "MiniMax-M2.5", name: "MiniMax M2.5" },

        ],
      },
    },
  },
}

If your Gateway runs as a service (systemd/launchd), keys in your shell often won’t load. Easiest: put BAILIAN_API_KEY=... into ~/.openclaw/.env instead of your terminal env.

Docs: https://docs.openclaw.ai/concepts/model-providers

2) Set default + fallbacks + aliases (so /model qwen3-coder-next works)

Add this under agents.defaults:

{
  agents: {
    defaults: {
      model: {
        primary: "bailian/glm-5",
        fallbacks: ["bailian/glm-4.7"],
      },

      // This is optional (only kicks in when the main model can’t take images)
      imageModel: {
        primary: "bailian/kimi-k2.5",
      },

      // Allowlist/catalog + aliases for /model
      models: {

        "bailian/glm-5": { alias: "daily" },
        "bailian/qwen3-coder-next": { alias: "code" },
        "bailian/qwen3.5-plus": { alias: "doc" },
        "bailian/kimi-k2.5": { alias: "vision" },
        "bailian/MiniMax-M2.5": { alias: "batch" },
        "bailian/glm-4.7": { alias: "fallback" },
      },
    },
  },
}

Then in chat you can do:

• /model code (heavy coding)
• /model doc (big doc analysis)
• /model vision (image+text)

• /model batch (repetitive stuff)
• /model daily (back to default vibe)

Docs: https://docs.openclaw.ai/concepts/models

Sanity checks (super useful)

Run these on the gateway host and paste output if it still won’t show up:

openclaw --version
openclaw models status
openclaw models list --plain

One quick question: is bailian an OpenAI-compatible endpoint (i.e. it has /v1/models etc.)? If yes, the config above is the right pattern; if not, tell me what API style it uses and I’ll point you to the correct models.providers.*.api setting.

I dont want to edit any json and mess things up

You don’t have to hand-edit openclaw.json for this. Use the CLI commands/wizard — they validate the config before writing, so it’s much harder to “mess things up”.

Option A (simplest): interactive wizard

Run:

openclaw configure --section model

In the Model section:

• set the default model to bailian/glm-5
• add/select the models you want in the allowlist (what shows up in /model)

Then add your fallback via CLI (wizard may or may not prompt for it):

openclaw models fallbacks add bailian/glm-4.7

Docs: https://docs.openclaw.ai/cli/configure

Option B (copy/paste CLI only)

Set default + fallback:

openclaw models set bailian/glm-5
openclaw models fallbacks add bailian/glm-4.7

Make /model qwen3-coder-next etc work by creating aliases (so you don’t have to type bailian/... every time):

openclaw models aliases add qwen3-coder-next bailian/qwen3-coder-next
openclaw models aliases add qwen3.5-plus     bailian/qwen3.5-plus
openclaw models aliases add kimi-k2.5        bailian/kimi-k2.5
openclaw models aliases add minimax-m2.5     bailian/MiniMax-M2.5
openclaw models aliases add glm-4.7          bailian/glm-4.7

(aliases are case-insensitive when you type them)

Verify:

openclaw models status
openclaw models aliases list
openclaw models fallbacks list

Docs: https://docs.openclaw.ai/concepts/models

Quick safety tip (if you’re nervous)

Before doing anything, just back up the config file:

cp ~/.openclaw/openclaw.json ~/.openclaw/openclaw.json.bak

If any of those commands error with “unknown command”, paste:

openclaw --version
openclaw models --help

I also have to give the api key also

Yep — but don’t paste the API key in Discord.

1) Put the key in ~/.openclaw/.env (no JSON editing)

On the gateway host:

nano ~/.openclaw/.env

Add:

BAILIAN_API_KEY=sk-...redacted...

(If ~/.openclaw/.env already exists, just add a new line.)

2) Point the bailian provider at that env var (safe CLI, not hand-editing JSON)

First check if you already have a bailian provider configured:

openclaw config get models.providers.bailian

If it’s empty/missing, set it like this (you need your Bailian baseUrl, key stays in .env):

openclaw config set models.mode "merge"
openclaw config set models.providers.bailian.baseUrl "https://<your-bailian-host>/v1"
openclaw config set models.providers.bailian.api "openai-completions"
openclaw config set models.providers.bailian.apiKey '"${BAILIAN_API_KEY}"' --strict-json

Then restart the gateway:

openclaw gateway restart

3) Verify auth is working

openclaw models status

If you paste output here, redact anything secret — but the status output is usually safe (it redacts tokens).

Docs:

• https://docs.openclaw.ai/cli/config
• https://docs.openclaw.ai/concepts/model-providers

If you tell me the Bailian baseUrl you were given (just the URL, no key), I can sanity-check it’s in the right format.

I dont want to edit files i just want to use commands so i dont mess anything up

You can do 100% command-only (no opening files in an editor). Two parts: (A) API key + provider, then (B) defaults + aliases.

Also: don’t paste your API key into Discord.

A) Set the Bailian API key + provider (commands only)

0) (Optional) enter the key without it ending up in shell history

read -s BAILIAN_API_KEY
echo
openclaw config set env.BAILIAN_API_KEY "$BAILIAN_API_KEY"
unset BAILIAN_API_KEY

1) Configure the bailian provider (you MUST know the base URL)

Replace https://YOUR_BASEURL/v1 with your Bailian OpenAI-compatible endpoint:

openclaw config set models.mode "merge"
openclaw config set models.providers.bailian.baseUrl "https://YOUR_BASEURL/v1"
openclaw config set models.providers.bailian.api "openai-completions"
openclaw config set models.providers.bailian.apiKey '${BAILIAN_API_KEY}'

openclaw config set models.providers.bailian.models '[
  { "id": "glm-5", "name": "glm-5" },
  { "id": "glm-4.7", "name": "glm-4.7" },
  { "id": "qwen3.5-plus", "name": "qwen3.5-plus" },
  { "id": "qwen3-max-2026-01-23", "name": "qwen3-max-2026-01-23" },
  { "id": "qwen3-coder-next", "name": "qwen3-coder-next" },
  { "id": "qwen3-coder-plus", "name": "qwen3-coder-plus" },
  { "id": "MiniMax-M2.5", "name": "MiniMax-M2.5" },
  { "id": "kimi-k2.5", "name": "kimi-k2.5" }
]' --strict-json

Restart (so the running gateway definitely picks it up):

openclaw gateway restart

Quick check:

openclaw models status

B) Set defaults + fallbacks + “/model …” shortcuts

openclaw models set bailian/glm-5
openclaw models fallbacks add bailian/glm-4.7
openclaw models set-image bailian/kimi-k2.5

Now make the exact /model ... names you want work (aliases):

openclaw models aliases add qwen3-coder-next bailian/qwen3-coder-next
openclaw models aliases add qwen3.5-plus     bailian/qwen3.5-plus
openclaw models aliases add kimi-k2.5        bailian/kimi-k2.5
openclaw models aliases add MiniMax-M2.5     bailian/MiniMax-M2.5

Verify:

openclaw models aliases list
openclaw models fallbacks list
openclaw models status

If you paste output back here, paste only openclaw models status (it should be redacted/safe) and also tell me what your Bailian baseUrl looks like (just the URL, not the key).

do I put the api key in there and remove the { } ?

No — don’t put the API key in those {} model entries, and don’t remove the {}.

That block like:

"bailian/qwen3.5-plus": {},
"bailian/glm-5": {},

is just the model allowlist/catalog. The {} means “no special per-model params”.

Where the API key goes (commands-only)

Put the key in env (recommended), then reference it from the provider config.

1) Store the key (pick one):

Option A (recommended): ~/.openclaw/.env

# create/edit the file (local on your gateway host)
printf '\nBAILIAN_API_KEY=sk-REDACTED\n' >> ~/.openclaw/.env

Option B: store it in config via CLI

openclaw config set env.BAILIAN_API_KEY "sk-REDACTED"

2) Tell OpenClaw to use it for the Bailian provider

openclaw config set models.mode "merge"
openclaw config set models.providers.bailian.apiKey '${BAILIAN_API_KEY}'

(You’ll also need models.providers.bailian.baseUrl + api, but the key specifically goes here.)

If you tell me what you’re using for the Bailian baseUrl (just the URL, not the key), I can give you the exact command set for that too.

okay lets do this step by step because Im confused

and the baseurl is https://coding-intl.dashscope.aliyuncs.com/v1

Cool — we’ll do it one step at a time and only with commands.

Step 1 — confirm your OpenClaw version + what “bailian” endpoint you’re using

Run these on the gateway host and paste the output here:

openclaw --version
openclaw models status

One quick question (don’t paste the key): what is your Bailian base URL (the API endpoint)?
It usually looks like https://…/v1 (OpenAI-compatible). If you’re not sure, paste the URL only (no token), or paste the provider’s “curl” example with the key redacted.

Once I have those two outputs + the baseUrl, I’ll give you the exact next 2–3 commands for Step 2 (API key + provider setup).

Got it — since your baseUrl is:

https://coding-intl.dashscope.aliyuncs.com/v1

we can do this cleanly with commands only, step-by-step.

Step 0 (optional but smart): back up your config

cp ~/.openclaw/openclaw.json ~/.openclaw/openclaw.json.bak

Step 1: store your Bailian/DashScope API key (no copy/paste into Discord)

This puts it in ~/.openclaw/.env without showing it on-screen:

mkdir -p ~/.openclaw

read -s BAILIAN_API_KEY; echo
(umask 077; printf "BAILIAN_API_KEY=%s\n" "$BAILIAN_API_KEY" >> ~/.openclaw/.env)
unset BAILIAN_API_KEY

Step 2: configure the bailian provider (minimal, just to prove it works)

openclaw config set models.mode "merge"
openclaw config set models.providers.bailian.baseUrl "https://coding-intl.dashscope.aliyuncs.com/v1"
openclaw config set models.providers.bailian.api "openai-completions"
openclaw config set models.providers.bailian.apiKey '${BAILIAN_API_KEY}'
openclaw config set models.providers.bailian.models '[{"id":"glm-5","name":"glm-5"}]' --strict-json

Step 3: restart + sanity check

openclaw gateway restart
openclaw models status

Step 4: set your defaults + fallback + image model

openclaw models set bailian/glm-5
openclaw models fallbacks add bailian/glm-4.7
openclaw models set-image bailian/kimi-k2.5

Step 5: add the /model ... shortcuts you want

openclaw models aliases add qwen3-coder-next bailian/qwen3-coder-next
openclaw models aliases add qwen3.5-plus     bailian/qwen3.5-plus

openclaw models aliases add kimi-k2.5        bailian/kimi-k2.5
openclaw models aliases add MiniMax-M2.5     bailian/MiniMax-M2.5

Then:

openclaw models aliases list

If anything fails, paste (safe output)

openclaw models status

Common failure notes:

• 401/unauthorized → API key issue

• 404 → DashScope sometimes uses a different OpenAI-compatible path (double-check the provider’s “OpenAI compatible” docs for the correct base URL)

Run openclaw models status and I’ll tell you exactly which one it is from the error.

okay i got this https://coding-intl.dashscope.aliyuncs.com/v1 base url and djryan@DJs-Mac-mini ~ % openclaw --version
openclaw models status
2026.2.26

🦞 OpenClaw 2026.2.26 (bc50708) — Meta wishes they shipped this fast.

Config : ~/.openclaw/openclaw.json
Agent dir : ~/.openclaw/agents/main/agent
Default : qwen-3-14b-instruct/qwen-3-14b-instruct
Fallbacks (3) : qwen-3-14b-instruct/qwen-3-14b-instruct, openrouter/openrouter/free, ollama/kimi-k2.5:cloud
Image model : -
Image fallbacks (0): -
Aliases (4) : gemma3 -> custom-127-0-0-1-1234/google/gemma-3-4b, heavy -> ollama/kimi-k2.5:cloud, chat -> openrouter/openrouter/free, localquen -> qwen-3-14b-instruct/qwen-3-14b-instruct
Configured models (5): custom-127-0-0-1-1234/google/gemma-3-4b, ollama/kimi-k2.5:cloud, openrouter/auto, openrouter/openrouter/free, qwen-3-14b-instruct/qwen-3-14b-instruct

Auth overview
Auth store : ~/.openclaw/agents/main/agent/auth-profiles.json
Shell env : off
Providers w/ OAuth/tokens (1): openrouter (1)

• anthropic effective=profiles:~/.openclaw/agents/main/agent/auth-profiles.json | profiles=1 (oauth=0, token=0, api_key=1) | anthropic:default=sk-or-v1...26646556
• bailian effective=models.json:sk-sp-0e...4b11d03d | models.json=sk-sp-0e...4b11d03d | source=models.json: ~/.openclaw/agents/main/agent/models.json
• custom-127-0-0-1-1234 effective=models.json:lm...io | models.json=lm...io | source=models.json: ~/.openclaw/agents/main/agent/models.json
• ollama effective=models.json:ol...al | models.json=ol...al | source=models.json: ~/.openclaw/agents/main/agent/models.json
• openrouter effective=profiles:~/.openclaw/agents/main/agent/auth-profiles.json | profiles=2 (oauth=0, token=1, api_key=1) | openrouter:default=sk-or-v1...26646556, openrouter:manual=token:sk-or-v1...3da3e6c5 | env=sk-or-v1...26646556 | source=env: OPENROUTER_API_KEY
• qwen-3-14b-instruct effective=models.json:lm...io | models.json=lm...io | source=models.json: ~/.openclaw/agents/main/

Nice — that output is exactly what we needed.

Key point: your bailian provider is already configured (it shows up in “Auth overview”), so now we just need to (1) switch the default model, (2) set the fallback, and (3) add the /model … shortcuts.

Step 1 — set your daily driver to GLM‑5

Run:

openclaw models set bailian/glm-5

Step 2 — replace your current fallbacks with GLM‑4.7

Right now you have 3 fallbacks (qwen/openrouter/ollama). If you want only the one you listed:

openclaw models fallbacks clear
openclaw models fallbacks add bailian/glm-4.7

Step 3 — set the image model (optional but matches your plan)

This is used when the active model can’t accept images (or you can still manually /model kimi-k2.5 anytime):

openclaw models set-image bailian/kimi-k2.5

Step 4 — make /model qwen3-coder-next etc work (aliases)

openclaw models aliases add qwen3-coder-next bailian/qwen3-coder-next
openclaw models aliases add qwen3.5-plus     bailian/qwen3.5-plus
openclaw models aliases add kimi-k2.5        bailian/kimi-k2.5
openclaw models aliases add MiniMax-M2.5     bailian/MiniMax-M2.5

Step 5 — verify

openclaw models status
openclaw models aliases list

If Step 1 fails with a 401/404, then the bailian baseUrl path in your models.json might not match DashScope’s OpenAI-compatible path — but run Step 1 first and paste the error and we’ll adjust.

I want my default to be Qwen 3.5Plus for the daily driver

Run this to make Qwen 3.5 Plus your default daily driver:

openclaw models set bailian/qwen3.5-plus

If you want to be able to type /model qwen3.5-plus (without the bailian/ prefix), add an alias:

openclaw models aliases add qwen3.5-plus bailian/qwen3.5-plus

Optional (but matches your “fallback glm-4.7” plan): replace your current fallback list with just that one:

openclaw models fallbacks clear

openclaw models fallbacks add bailian/glm-4.7

Verify everything:

openclaw models status

If openclaw models set bailian/qwen3.5-plus errors, paste the error text + the output of openclaw models status and we’ll adjust (usually it’s a “model id not recognized by that endpoint” situation).

wait step by step of setting everything up you are adusting what i said but not including the other steps

Yep — let’s do the full setup in one clean, ordered run (commands only). Just run these in order.

0) (Optional) make a backup first

cp ~/.openclaw/openclaw.json ~/.openclaw/openclaw.json.bak

1) Set your daily driver default → Qwen 3.5 Plus

openclaw models set bailian/qwen3.5-plus

2) Set your fallback → GLM 4.7 (and remove the old fallbacks)

openclaw models fallbacks clear
openclaw models fallbacks add bailian/glm-4.7

3) Set your image model → Kimi K2.5

openclaw models set-image bailian/kimi-k2.5

4) Add the /model ... shortcuts you want (aliases)

These let you type exactly /model qwen3-coder-next etc.

openclaw models aliases add qwen3-coder-next bailian/qwen3-coder-next
openclaw models aliases add qwen3.5-plus     bailian/qwen3.5-plus
openclaw models aliases add kimi-k2.5        bailian/kimi-k2.5
openclaw models aliases add MiniMax-M2.5     bailian/MiniMax-M2.5
openclaw models aliases add glm-5            bailian/glm-5
openclaw models aliases add glm-4.7          bailian/glm-4.7

5) Verify everything

openclaw models status
openclaw models fallbacks list
openclaw models aliases list

After that, in chat you can do:

• /model qwen3-coder-next (coding)
• /model MiniMax-M2.5 (batch)
• /model kimi-k2.5 (images)
• /model qwen3.5-plus (back to daily)

If any step errors, paste only the error text + the output of openclaw models status (safe/redacted).

okay what about adding the api so this all works?

You already have the API key hooked up.

In your openclaw models status output this line proves it:

• bailian effective=models.json:sk-... | source=models.json: ~/.openclaw/agents/main/agent/models.json

So you do not need to add an API key again to make the bailian models work — you can proceed with the model/default/alias steps.

If you want to set/replace the bailian API key via commands (no manual file editing)

(Do not paste the key into Discord.)

1) Save the key into OpenClaw config env (written by CLI)

read -s BAILIAN_API_KEY; echo

openclaw config set env.BAILIAN_API_KEY "$BAILIAN_API_KEY"
unset BAILIAN_API_KEY

2) Point the bailian provider at that key + your baseUrl

openclaw config set models.mode "merge"
openclaw config set models.providers.bailian.baseUrl "https://coding-intl.dashscope.aliyuncs.com/v1"
openclaw config set models.providers.bailian.api "openai-completions"
openclaw config set models.providers.bailian.apiKey '${BAILIAN_API_KEY}'

3) Restart + verify

openclaw gateway restart

openclaw models status

If after doing this models status still shows source=models.json for bailian, that’s fine (it just means your existing models.json entry is still taking precedence). Tell me if you’re trying to override what’s in models.json vs just “make it work”, and I’ll give you the cleanest command-only path.

am i putting my api key where it says BAILIAN_API_KEY?

No — you do not paste your key into the command where it literally says ${BAILIAN_API_KEY}.

That ${BAILIAN_API_KEY} is just a placeholder that tells OpenClaw: “read the value from the environment variable named BAILIAN_API_KEY”.

You have two safe ways:

Option A (recommended): you type your key once, hidden

Run this, then when it waits for input, paste your real key (it won’t echo):

read -s BAILIAN_API_KEY; echo
openclaw config set env.BAILIAN_API_KEY "$BAILIAN_API_KEY"
unset BAILIAN_API_KEY

Then you use the placeholder normally:

openclaw config set models.providers.bailian.apiKey '${BAILIAN_API_KEY}'

Option B: put the key in ~/.openclaw/.env

Add a line like:

BAILIAN_API_KEY=sk-...yourrealkey...

(and restart the gateway)

Also: your earlier models status already shows bailian has a key loaded (from models.json), so you may not need to do any of this unless you’re changing/rotating the key.

so that did this do "Then you use the placeholder normally"

Yep — that’s exactly what it did.

When you run:

openclaw config set models.providers.bailian.apiKey '${BAILIAN_API_KEY}'

OpenClaw writes the literal string ${BAILIAN_API_KEY} into your config for that provider. That means:

• your real key is not stored in the JSON
• at runtime, OpenClaw will substitute it from the env var named BAILIAN_API_KEY (from your env.BAILIAN_API_KEY, or ~/.openclaw/.env, or the process env)

You can confirm what’s stored with:

openclaw config get models.providers.bailian.apiKey

It should print ${BAILIAN_API_KEY} (not your real key).

so in theroy this should work

Yes — in theory (and usually in practice) that’s the right setup:

• Config contains apiKey: "${BAILIAN_API_KEY}"
• Your real key is stored in env.BAILIAN_API_KEY (or ~/.openclaw/.env)
• OpenClaw substitutes it at runtime

Now let’s confirm it’s actually working with two quick checks:

1) Confirm the placeholder is in config

openclaw config get models.providers.bailian.apiKey

Expected: it prints ${BAILIAN_API_KEY}.

2) Confirm the provider can actually be used (real test)

openclaw models set bailian/qwen3.5-plus
openclaw models status

If it fails, paste the exact error. The most common real-world issues are:

• wrong baseUrl path for that provider (404)
• key isn’t being loaded by the gateway process (401/unauthorized) → then restart gateway and re-test:

  openclaw gateway restart
  

dashboard isnt showing bailian/qwen3.5-plus as the model when I asked in chat but the terminal showed bailian/qwen3.5-plus as the default model

That mismatch is almost always one of these two things:

1. Your CLI changed the default model in config, but the Discord thread/session is still pinned to a different model (from an earlier /model …), so chat keeps using the pinned one.

2. Your Dashboard/Discord chat is connected to a different Gateway/profile/agent than the terminal you ran openclaw models set on.

Do this in order:

Step 1 — in the same Discord thread, run this

Send as a standalone message:

/model status

That output will tell you:

• which agent is active

• the effective model for this session
• whether there’s a session override/pin

If it shows a different model than bailian/qwen3.5-plus, you can fix it immediately with either:

A) force it for this session

/model bailian/qwen3.5-plus

B) clear old session state

/new

Then ask again (or run /model status again).

Step 2 — confirm you’re talking to the same Gateway instance

On the machine where you ran the CLI commands:

openclaw gateway status

Check that the Config (service) / Config (cli) paths match and that this is the same Gateway your Dashboard is connected to.

Step 3 — if you just changed config, restart once (quick sanity)

openclaw gateway restart

If you paste one thing back, paste the /model status output from Discord (it’s the fastest way to see what’s going on).

im in openclaw dashboard tui not discord

Ahh got it — Dashboard TUI behaves similarly: it can keep using the current session’s model even after you changed the default in config.

Do this in the Dashboard TUI:

1) Check what the session is actually using

Type:

/model status

2) Force it to Qwen 3.5 Plus for this session

Type:

/model bailian/qwen3.5-plus

3) If you want the session to fully “reset” onto defaults

Sometimes the cleanest is:

/new

Then:

/model status

4) If the TUI still doesn’t show bailian models at all

That usually means the Dashboard is connected to a different gateway/profile than your terminal.

In a terminal on the gateway host run:

openclaw gateway status

In the Dashboard, open Control → Overview → Gateway Access and make sure the URL/token point to that same gateway.

If you paste one thing, paste the output of /model status from the Dashboard TUI — that will show exactly why it’s not picking the default.

okay and how do I give them exec tool and read tools?

Tools are controlled per Gateway / per agent, not “per model”. So you “give exec/read” by changing the tool policy in config (via commands), then restarting.

Step 1) Check if you’re currently restricting tools

Run:

openclaw config get tools.profile
openclaw config get tools.allow
openclaw config get tools.deny

• If tools.profile is minimal / messaging, or if tools.allow is set, you may have accidentally disabled exec/read.

Step 2) Easiest fix: switch to a profile that includes file + runtime tools

This enables read + exec (and the other normal “coding” tools):

openclaw config set tools.profile "coding"

(Alternative: “everything allowed” is full.)

openclaw config set tools.profile "full"
openclaw config unset tools.allow   # only if you previously set a restrictive allowlist

Step 3) Make exec actually run on your Mac (important!)

On many setups sandboxing is off, so exec defaults can fail unless you run it on the gateway host:

openclaw config set tools.exec.host "gateway"

Step 4) Restart and verify

openclaw gateway restart
openclaw models status

Notes / gotchas

• If you use an allowlist (tools.allow), include process with exec (otherwise background exec won’t work well).
• exec is approval-gated (by ~/.openclaw/exec-approvals.json) depending on your security settings—so if it says “approval required”, that’s normal.

If you paste the output of the 3 “config get …” commands from Step 1, I can tell you exactly which knob is currently blocking exec/read.

this is the only tool it has [
"web_search",
"web_fetch",
"browser"
]

That exact tool list (web_search, web_fetch, browser) almost always means you (or the wizard) set a restrictive tools.allow allowlist.

1) Confirm what’s restricting tools

Run:

openclaw config get tools.profile
openclaw config get tools.allow
openclaw config get tools.deny
openclaw config get tools.byProvider

2) Quick fix (keep your existing 3 tools, add read + exec)

This sets an explicit allowlist that includes:

• file read tools (read) via group:fs
• exec + process via group:runtime
• plus your current three tools

openclaw config set tools.allow '[
  "web_search",
  "web_fetch",
  "browser",
  "group:fs",
  "group:runtime"
]' --strict-json

Then restart:

openclaw gateway restart

3) Refresh your TUI session

In Dashboard TUI, do:

• /new (recommended), then ask it “what tools do you have?” again.

Notes

• group:fs includes read (and also write/edit). If you truly want read-only, say so and I’ll give you a minimal allowlist with just "read" (no write/edit).
• group:runtime includes exec and process (you want both; otherwise background exec won’t behave right).

If you paste the output of those openclaw config get … commands, I can tell you exactly which setting caused the tool list to shrink to 3.

I just dont want my bot to have any restrictions

If you want no tool restrictions at all (i.e. not limited to just web_search/web_fetch/browser), you need to remove the tool allowlist and set the tool profile to full.

Run these on the gateway host:

openclaw config set tools.profile "full"
openclaw config unset tools.allow
openclaw config unset tools.deny

(Optional but recommended so exec actually works on a non-sandboxed Mac):

openclaw config set tools.exec.host "gateway"

Then restart the gateway:

openclaw gateway restart

Finally, in the Dashboard TUI, start a fresh session so it reloads the tool schema:

/new

If it’s still restricted

You might have agent-specific tool settings overriding global ones. Check:

openclaw config get agents.list

If you see tools: { allow: ... } or tools: { profile: ... } under your agent entry, tell me what index your agent is (usually agents.list[0]) and I’ll give you the exact openclaw config unset agents.list[0].tools.* commands.

Heads up: “full + exec on gateway” means the model can run shell commands on your Mac. Great for power users, but don’t do this on a public-facing bot.

thank you its working now

Awesome.

If you want to sanity-check the final state (and have a “known good” screenshot for later), run:

openclaw models status

and in the Dashboard TUI:

• /model status

Glad it’s sorted.

is it possible to give them alises based on Default / daily driver: bailian/glm-5 — best agentic performance, handles 90% of tasks

Heavy coding sessions: /model qwen3-coder-next — purpose-built, fast, clean output

Large document analysis: /model qwen3.5-plus — 1M context window is no joke

Image + text tasks: /model kimi-k2.5 — solid multimodal, 262K context

Bulk/repetitive tasks: /model MiniMax-M2.5 — 1M context, fast, good for batch work

Fallback: bailian/glm-4.7 — if anything acts up, this one is battle-tested

Yes — you can make “role” aliases like daily, code, doc, vision, batch, fallback that point to those models.

Run these commands (pick whatever alias names you like):

openclaw models aliases add daily    bailian/glm-5
openclaw models aliases add code     bailian/qwen3-coder-next
openclaw models aliases add doc      bailian/qwen3.5-plus
openclaw models aliases add vision   bailian/kimi-k2.5
openclaw models aliases add batch    bailian/MiniMax-M2.5
openclaw models aliases add fallback bailian/glm-4.7

Then in chat / Dashboard TUI you can do:

• /model daily
• /model code
• /model doc