agent failed to reply | Friends of the Crustacean 🦞🤝 | Page 1

crude dagger Apr 9, 2026, 7:06 PM

#

⚠️ Agent failed before reply: Sandbox mode requires Docker, but the "docker" command was not found in PATH. Install Docker (and ensure "docker" is available), or set agents.defaults.sandbox.mode=off to disable sandboxing. | spawn docker ENOENT.
Logs: openclaw logs --follow

restive furnaceBOT Apr 9, 2026, 7:06 PM

#

thorn wingBOT Apr 9, 2026, 7:07 PM

#

That one is pretty direct: sandboxing is enabled, but Docker is missing.

Most likely you have agents.defaults.sandbox.mode: "non-main" or "all", and since channel/thread sessions count as non-main, this thread tried to start in Docker and failed.

Try these first:

openclaw --version
openclaw status
openclaw doctor

If you do not want sandboxing, disable it:

openclaw config set agents.defaults.sandbox.mode off

#

openclaw gateway restart

If you do want sandboxing, install Docker and make sure docker is on PATH, then re-run openclaw doctor.

Useful docs:

FAQ: https://docs.openclaw.ai/help/faq
Sandboxing: https://docs.openclaw.ai/gateway/sandboxing
Docker: https://docs.openclaw.ai/install/docker
Troubleshooting: https://docs.openclaw.ai/gateway/troubleshooting

If you paste the output of:

openclaw --version

#

openclaw status
openclaw sandbox explain

I can tell you exactly which config is causing it. 🦐

crude dagger Apr 9, 2026, 7:08 PM

#

what would sandboxing do?

thorn wingBOT Apr 9, 2026, 7:08 PM

#

Sandboxing puts agent tool execution in an isolated environment instead of on your host.

In practice, that means things like:

exec runs in a container
file reads/writes are limited to the sandbox workspace
installed host binaries/files are not automatically visible
you get a safer boundary for untrusted chats or multi-user/group setups

Good reasons to use it:

the agent is exposed in public/group chats
you want command/file access fenced off from your real machine
you want stricter isolation between agents/sessions

Reasons to leave it off:

personal/local setup
you want the agent to use host tools directly
you do not want the Docker dependency

#

A common setup is:

agents: {
  defaults: {
    sandbox: {
      mode: "non-main"
    }
  }
}

That keeps your main personal session on-host, but sandboxes group/channel sessions.

Docs:

#

Short version: safer, but more setup and a bit more friction. If this is just your own assistant on your own machine, I’d probably turn it off.

#agent failed to reply