liuyu/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-06-06 05:51:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix #88773: [Bug]: Telegram DM exec requires approval despite allowlist + ask:off — works in webchat, not in Telegram (#89035)

Browse Source 
* fix exec ask policy source

* fix gateway test type fixtures

* docs: update exec ask parameter docs to match runtime behavior

* fix: preserve trusted per-call exec ask hardening while blocking model-supplied overrides for channel runs

* docs: align exec ask contract with runtime

* refactor(agents): simplify exec ask policy cleanup

---------

Co-authored-by: Ayaan Zaidi <hi@obviy.us>
This commit is contained in:
zhang-guiping
2026-06-03 21:03:08 +08:00
committed by GitHub
parent b3b203bf67
commit 60dcaa3cf5
5 changed files with 83 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
docs/tools/exec-approvals.md
View File

@@ -144,9 +144,15 @@ when set at the narrower session or agent scope.
### `exec.ask`
<ParamField path="ask" type='"off" | "on-miss" | "always"'>
- `off` - never prompt.
- `on-miss` - prompt only when the allowlist does not match.
- `always` - prompt on every command. `allow-always` durable trust does **not** suppress prompts when effective ask mode is `always`.
Configured ask policy for host exec. Controls the baseline approval
prompt behavior from `tools.exec.ask` and host approvals defaults. The
per-call `ask` tool parameter (see [Exec tool](/tools/exec#parameters))
can only harden that baseline, and channel-origin model calls ignore it
when the effective host ask is `off`.
- `off` - never prompt.
- `on-miss` - prompt only when the allowlist does not match.
- `always` - prompt on every command. `allow-always` durable trust does **not** suppress prompts when effective ask mode is `always`.
</ParamField>

6
docs/tools/exec.md
View File

@@ -52,7 +52,11 @@ force `security=full` only when the operator explicitly grants elevated access.
</ParamField>
<ParamField path="ask" type="'off' | 'on-miss' | 'always'">
Approval prompt behavior for `gateway` / `node` execution.
The baseline ask mode comes from `tools.exec.ask` and host approvals.
For channel-origin model calls, per-call `ask` is ignored when the
effective host ask is `off`; otherwise it can only harden to a stricter
mode. Trusted internal/API callers that construct exec tools with an
explicit `ask` value are unchanged.
</ParamField>
<ParamField path="node" type="string">