#Permission question

1 messages · Page 1 of 1 (latest)

frank vigil
#

Hi Krill — quick permissions question.

I have a local helper script:

/Users/xxxx/.openclaw/workspace/sync-phone-uploads.sh

It copies files from a shared iCloud folder into the OpenClaw workspace and updates INDEX.txt.

Problem: from WhatsApp, the agent can read workspace files but cannot run the script. It reports no shell/exec capability (capabilities=none).

Goal: allow one narrow WhatsApp-triggered workflow:
“sync phone uploads”
→ run only that script
→ read/list the resulting workspace files.

Constraints:

  • keep workspaceOnly=true
  • no broad shell access
  • no WhatsApp creds/pairing/session changes
  • ideally allowlisted/auditable

What’s the recommended OpenClaw way to do this?
Exec-policy allowlist, custom skill/tool, node command/plugin, routing to another agent/session, or sandbox/worktree setup?

errant escarpBOT
#

To help others find answers, you can mark your question as solved via Right click solution message -> Apps -> ✅ Mark Solution

rough folioBOT
#

Recommended: dedicated agent + exact exec allowlist, optionally via a Mac/node host if the script lives on that Mac.

Key point: workspaceOnly=true protects file tools, not shell execution. So you need two layers:

  1. Tool policy: expose only read + exec to this agent.
  2. Exec approvals/policy: allow only the exact script path.

Use a separate agent if this WhatsApp account does anything else:

{
  tools: {
    fs: { workspaceOnly: true },
    exec: {
      host: "gateway",        // or "node" if the Mac is a paired node
      security: "allowlist",
# 
      ask: "on-miss",
      strictInlineEval: true
    }
  },
  agents: {
    list: [{
      id: "phone-sync",
      workspace: "~/.openclaw/workspace",
      tools: {
        allow: ["read", "exec"],
        deny: ["write", "edit", "apply_patch", "browser", "canvas", "cron"]
      }
    }]
  }
}
#

Then allowlist the script for that agent on the execution host:

openclaw approvals allowlist add \
  --agent phone-sync \
  --gateway \
  "/Users/xxxx/.openclaw/workspace/sync-phone-uploads.sh"

If the script runs on a Mac node instead:

openclaw approvals allowlist add \
  --agent phone-sync \
  --node <mac-node-name> \
  "/Users/xxxx/.openclaw/workspace/sync-phone-uploads.sh"