I’d like to give my bot access to all tools, but for some reason it can only see session tools. It can’t read, write, execute, or edit. I’ve gone through both the gateway dashboard and the terminal to add these tools to the allow list but the bot still has no access. When i click on agents in the dashboard, it also still shows a lack of access.
#Tool permissions
graceful goblet
naive idolBOT
sharp willowBOT
If the bot only sees session tools (but not read/write/edit/exec), you’re almost always in one of these states:
1) You’re on a restrictive tool profile (common: messaging / minimal)
Check your config for tools.profile (or agents.list[].tools.profile). For example, messaging intentionally only includes messaging + session tools.
Fix (full access):
{
tools: { profile: "full" } // or just delete tools.profile entirely
}
If you want to stay in allowlist mode, make sure you’re allowing the right names:
- FS:
group:fs→read,write,edit,apply_patch - Runtime:
group:runtime→exec,bash,process - Everything built-in:
group:openclaw - Literally everything:
"*"
Docs: https://docs.openclaw.ai/tools
2) You’re sandboxed (often agents.defaults.sandbox.mode: "non-main" in Discord channels)
In that case, the sandbox tool policy can still block tools even if your global allowlist looks correct.
Run this on the gateway host:
openclaw sandbox explain
# or: openclaw sandbox explain --json
If it says “blocked by sandbox tool policy”, you need to also loosen:
tools.sandbox.tools.allow/tools.sandbox.tools.deny
(or per-agent underagents.list[].tools.sandbox.tools.*)
Docs: https://docs.openclaw.ai/gateway/sandbox-vs-tool-policy-vs-elevated