github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-18 19:07:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(acp): harden permission auto-approval policy

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-24 01:03:12 +00:00
parent ddf93d9845
commit 12cc754332
5 changed files with 179 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
docs/cli/acp.md
View File

@@ -49,6 +49,13 @@ openclaw acp client --server-args --url wss://gateway-host:18789 --token-file ~/
openclaw acp client --server "node" --server-args openclaw.mjs acp --url ws://127.0.0.1:19001
```
Permission model (client debug mode):
- Auto-approval is allowlist-based and only applies to trusted core tool IDs.
- `read` auto-approval is scoped to the current working directory (`--cwd` when set).
- Unknown/non-core tool names, out-of-scope reads, and dangerous tools always require explicit prompt approval.
- Server-provided `toolCall.kind` is treated as untrusted metadata (not an authorization source).
## How to use this
Use ACP when an IDE (or other client) speaks Agent Client Protocol and you want