#Preflight error Python

Openclaw will not execute Python. I never had any problems before its telling me openclaw is blocking it. Its been a full day and still blocked

"preflight" error started appearing in the session logs. The memory notes this:

"security escalation triggered by high volume of Python executions in short timeframe"

I found the runtime is on 2026.4.9, with 2026.4.14 available, so I'm checking whether this is a known fixed issue versus a persistent security state.

That quoted line looks more like a memory summary than the raw runtime error. I can’t find that exact string in the docs/source.

The Python blockers I can verify are these:

• python -c / python3 -c can be blocked by tools.exec.strictInlineEval
• shell-wrapped or complex Python invocations can fail closed with exec preflight: complex interpreter invocation detected

So if it has been blocked for a full day, I would not assume it is a temporary cooldown. I’d treat it as a persistent exec/preflight policy issue.

Please paste these 4 things:

1. openclaw --version
2. openclaw logs --follow , then trigger one blocked Python run
3. openclaw doctor
4. the exact Python command OpenClaw is trying to run

Quick checks right now:

• If it’s using python -c or python3 -c, try a real script file instead, like python3 script.py
• If it’s wrapped in bash -lc "python ..." or chained with &&, ||, or pipes, that can also trip preflight
• Do not put python3 in tools.exec.safeBins

Also, if you’re not on the latest version, update first. There have been a bunch of exec/preflight changes recently, and older builds can send you chasing ghosts.

Docs:

• https://docs.openclaw.ai/tools/exec
• https://docs.openclaw.ai/tools/exec-approvals
• https://docs.openclaw.ai/help/troubleshooting

If you paste the exact blocked log line, I can usually tell pretty fast whether this is strictInlineEval, interpreter preflight fail-closed behavior, or something else.

Version: OpenClaw 2026.4.14 (323493f)

Summary:
Python file execution works when called directly. The block triggers on specific patterns.

What Works:

python3 /path/to/script.py ✅ Direct execution
python3 -c "print('hello')" ✅ Inline eval

What Fails:

echo "code" > file.py && python3 file.py ❌ Staged execution (create + run)
cd /path && python3 script.py ❌ Command chaining (&&, ||, |)

Error Received:

exec preflight: complex interpreter invocation detected;
refusing to run without script preflight validation.
Use a direct python <file>.py or node <file>.js command.

Evidence:

• python3 ~/Ai/ComfyUI/main.py --help ✅ Ran successfully (returned usage)
• python3 /home/oem/.openclaw/workspace/visual_learning_v2.py ✅ Ran (hit runtime error, not preflight)
• echo > /tmp/test.py && python3 /tmp/test.py ❌ Blocked immediately

ComfyUI Specific:
ComfyUI process starts but exits with missing dependencies (alembic, custom comfy_aimdo module) — this is NOT a preflight block, it's a runtime dependency issue.

Configuration Check:

• No exec.strictInlineEval found in config
• No exec.safeBins configuration found
• tools.exec config path doesn't exist

Question for Support:
Is "complex interpreter invocation" triggered by:

1. File creation followed by execution in same command?
2. Any command chaining operator (&&, ||, |)?
3. Both?

User Impact:
Cannot use common patterns like:

• cd ~/project && python3 main.py
• Staged script creation for dynamic workflows

Request:
Documentation or config flag to allow verified direct python script.py calls without chaining restrictions.

Nice, that narrows it down a lot. I’m checking the exact preflight rules now so I can answer whether it’s && specifically, staged create-and-run, or both, and whether there’s actually a knob for it.

Yep, I checked the source. The answer is both, but more specifically:

OpenClaw blocks when it sees:

1. a Python/Node interpreter invocation,
2. complex shell syntax like &&, ||, |, ;, newlines, $(), backticks, or process substitution, and
3. a script hint in the same interpreter segment or pipeline.

So:

• echo "code" > file.py && python3 file.py fails, yes
• cd /path && python3 script.py fails, yes
• but it is not “any && anywhere”, because something like node --version && ls *.py is explicitly allowed

So the real trigger is not just chaining by itself. It is chaining plus an interpreter run that looks like script execution OpenClaw can’t safely preflight as one pinned file.

A few important bits:

• python3 script.py is allowed
• python3 -c "..." is allowed in your config because strictInlineEval is not enabled
• I do not see a documented config flag to disable this specific complex interpreter invocation fail-closed check

Best current workaround patterns:

• use workdir instead of cd ... && python3 script.py
• create the file in one step, then run python3 file.py in a second step
• avoid shell wrappers/chaining around interpreter execution if you want preflight to pass

So for agent/tool flows, prefer:

• write → create file.py
• exec with workdir=/path and command python3 file.py

Relevant doc for the conservative interpreter rule:

• https://docs.openclaw.ai/tools/exec-approvals