Tools
å®è¡ããŒã«
ã¯ãŒã¯ã¹ããŒã¹ã§ã·ã§ã«ã³ãã³ããå®è¡ããŸããexec ã¯å€æŽå¯èœãªã·ã§ã«ãµãŒãã§ã¹ã§ããã³ãã³ãã¯ãéžæããããã¹ããŸãã¯ãµã³ãããã¯ã¹ã®ãã¡ã€ã«ã·ã¹ãã ã§èš±å¯ãããå Žæãªãã©ãã§ãããã¡ã€ã«ã®äœæãç·šéãåé€ãã§ããŸããwriteãeditãapply_patch ãªã©ã® OpenClaw ãã¡ã€ã«ã·ã¹ãã ããŒã«ãç¡å¹ã«ããŠããexec ãèªã¿åãå°çšã«ãªãããã§ã¯ãããŸããã
process ã«ãããã©ã¢ã°ã©ãŠã³ãå®è¡ãšããã¯ã°ã©ãŠã³ãå®è¡ããµããŒãããŸããprocess ãèš±å¯ãããŠããªãå Žåãexec ã¯åæçã«å®è¡ãããyieldMs/background ãç¡èŠããŸãã
ããã¯ã°ã©ãŠã³ãã»ãã·ã§ã³ã¯ãšãŒãžã§ã³ãããšã«ã¹ã³ãŒããããŸããprocess ã¯åããšãŒãžã§ã³ãã®ã»ãã·ã§ã³ã ããåç
§ããŸãã
ãã©ã¡ãŒã¿ãŒ
commandstringrequiredå®è¡ããã·ã§ã«ã³ãã³ãã
workdirstringdefault: cwdã³ãã³ãã®äœæ¥ãã£ã¬ã¯ããªã
envobjectç¶æ¿ãããç°å¢ã®äžã«ããŒãžãããããŒ/å€ã®ç°å¢ãªãŒããŒã©ã€ãã
yieldMsnumberdefault: 10000ãã®é å»¶ïŒããªç§ïŒã®åŸãã³ãã³ããèªåçã«ããã¯ã°ã©ãŠã³ãåããŸãã
backgroundbooleandefault: falseyieldMs ãåŸ
ããã«ãã³ãã³ããå³åº§ã«ããã¯ã°ã©ãŠã³ãåããŸãã
timeoutnumberdefault: tools.exec.timeoutSecãã®åŒã³åºãã®èšå®æžã¿ exec ã¿ã€ã ã¢ãŠããäžæžãããŸããã³ãã³ãã exec ããã»ã¹ã®ã¿ã€ã ã¢ãŠããªãã§å®è¡ããå¿
èŠãããå Žåã«ã®ã¿ãtimeout: 0 ãèšå®ããŠãã ããã
ptybooleandefault: falseå©çšå¯èœãªå Žåãç䌌ã¿ãŒããã«ã§å®è¡ããŸããTTY å°çš CLIãã³ãŒãã£ã³ã°ãšãŒãžã§ã³ããã¿ãŒããã« UI ã«äœ¿çšããŸãã
host'auto' | 'sandbox' | 'gateway' | 'node'default: autoå®è¡å Žæãauto ã¯ããµã³ãããã¯ã¹ã©ã³ã¿ã€ã ãã¢ã¯ãã£ããªå Žå㯠sandbox ã«ããã以å€ã®å Žå㯠gateway ã«è§£æ±ºãããŸãã
security'deny' | 'allowlist' | 'full'éåžžã®ããŒã«åŒã³åºãã§ã¯ç¡èŠãããŸããgateway / node ã®ã»ãã¥ãªãã£ã¯
tools.exec.security ãšãã¹ãæ¿èªãã¡ã€ã«ã«ãã£ãŠå¶åŸ¡ãããŸããææ Œã¢ãŒãã§ã¯ã
ãªãã¬ãŒã¿ãŒãæç€ºçã«ææ Œã¢ã¯ã»ã¹ãèš±å¯ããå Žåã«ã®ã¿ security=full ã匷å¶ã§ããŸãã
ask'off' | 'on-miss' | 'always'ããŒã¹ã©ã€ã³ã®ç¢ºèªã¢ãŒã㯠tools.exec.ask ãšãã¹ãæ¿èªããååŸãããŸãã
ãã£ãã«ç±æ¥ã®ã¢ãã«åŒã³åºãã§ã¯ãæå¹ãªãã¹ã確èªã off ã®å ŽåãåŒã³åºãããšã® ask ã¯ç¡èŠãããŸãããã以å€ã®å Žåã¯ããã峿 Œãªã¢ãŒãã«åŒ·åããããšã ããã§ããŸããæç€ºç㪠ask å€ã§ exec ããŒã«ãæ§ç¯ããä¿¡é Œæžã¿ã®å
éš/API åŒã³åºãå
ã¯å€æŽãããŸããã
nodestringhost=node ã®å Žåã® Node ID/ååã
elevatedbooleandefault: falseææ Œã¢ãŒããèŠæ±ããŸãããµã³ãããã¯ã¹ãæããŠãèšå®æžã¿ãã¹ããã¹ãžç§»åããŸããææ Œã full ã«è§£æ±ºãããå Žåã«ã®ã¿ security=full ã匷å¶ãããŸãã
泚èš:
hostã®ããã©ã«ãã¯autoã§ããã»ãã·ã§ã³ã§ãµã³ãããã¯ã¹ã©ã³ã¿ã€ã ãã¢ã¯ãã£ããªå Žåã¯ãµã³ãããã¯ã¹ããã以å€ã®å Žå㯠Gateway ã§ããhostã¯autoãsandboxãgatewayãnodeã®ã¿ãåãä»ããŸããããã¯ãã¹ãåã»ã¬ã¯ã¿ãŒã§ã¯ãããŸããããã¹ãåã®ãããªå€ã¯ãã³ãã³ãå®è¡åã«æåŠãããŸããautoã¯ããã©ã«ãã®ã«ãŒãã£ã³ã°æŠç¥ã§ãããã¯ã€ã«ãã«ãŒãã§ã¯ãããŸãããautoããåŒã³åºãããšã«host=nodeãæå®ã§ããŸããåŒã³åºãããšã®host=gatewayã¯ããµã³ãããã¯ã¹ã©ã³ã¿ã€ã ãã¢ã¯ãã£ãã§ãªãå Žåã«ã®ã¿èš±å¯ãããŸããtools.exec.modeã¯æ£èŠåãããããªã·ãŒããã§ããå€ã¯denyãallowlistãaskãautoãfullã§ããautoã¯ã決å®ç㪠allowlist/safe-bin ã®äžèŽãçŽæ¥å®è¡ããæ®ããã¹ãŠã® exec æ¿èªã±ãŒã¹ãã人éã«ç¢ºèªããåã« OpenClaw ã®ãã€ãã£ãèªåã¬ãã¥ã¢ãŒãžã«ãŒãã£ã³ã°ããŸããask/ask=alwaysã¯åŒãç¶ãæ¯å人éã«ç¢ºèªããŸãã- 远å èšå®ããªããŠãã
host=autoã¯ãã®ãŸãŸæ©èœããŸãããµã³ãããã¯ã¹ããªãå Žåã¯gatewayã«è§£æ±ºãããã©ã€ããµã³ãããã¯ã¹ãããå Žåã¯ãµã³ãããã¯ã¹å ã«çãŸããŸãã elevatedã¯ãµã³ãããã¯ã¹ãæããŠãèšå®æžã¿ãã¹ããã¹ãžç§»åããŸããããã©ã«ãã§ã¯gatewayããŸãã¯tools.exec.host=nodeïŒãŸãã¯ã»ãã·ã§ã³ã®ããã©ã«ããhost=nodeïŒã®å Žåã¯nodeã§ããããã¯ãçŸåšã®ã»ãã·ã§ã³/ãããã€ããŒã§ææ Œã¢ã¯ã»ã¹ãæå¹ãªå Žåã«ã®ã¿å©çšã§ããŸããgateway/nodeã®æ¿èªã¯ãã¹ãæ¿èªãã¡ã€ã«ã«ãã£ãŠå¶åŸ¡ãããŸããnodeã«ã¯ãã¢ãªã³ã°æžã¿ NodeïŒã³ã³ãããªã³ã¢ããªãŸãã¯ãããã¬ã¹ Node ãã¹ãïŒãå¿ èŠã§ãã- è€æ°ã® Node ãå©çšå¯èœãªå Žåã¯ã
exec.nodeãŸãã¯tools.exec.nodeãèšå®ã㊠1 ã€éžæããŸãã exec host=node㯠Node ã®å¯äžã®ã·ã§ã«å®è¡ãã¹ã§ããã¬ã¬ã·ãŒã®nodes.runã©ãããŒã¯åé€ãããŸãããtimeoutã¯ããã©ã¢ã°ã©ãŠã³ããããã¯ã°ã©ãŠã³ããyieldMsãGatewayããµã³ãããã¯ã¹ãNode ã®system.runå®è¡ã«é©çšãããŸããçç¥ããå ŽåãOpenClaw ã¯tools.exec.timeoutSecã䜿çšããŸããæç€ºçãªtimeout: 0ã¯ããã®åŒã³åºãã® exec ããã»ã¹ã¿ã€ã ã¢ãŠããç¡å¹ã«ããŸãã- Windows 以å€ã®ãã¹ãã§ã¯ãexec ã¯èšå®ãããŠããå Žå
SHELLã䜿çšããŸããSHELLãfishã®å Žåã¯ãfish éäºæã¹ã¯ãªãããé¿ããããPATHããbashïŒãŸãã¯shïŒãåªå ããã©ã¡ããååšããªãå Žåã¯SHELLã«ãã©ãŒã«ããã¯ããŸãã - Windows ãã¹ãã§ã¯ãexec 㯠PowerShell 7ïŒ
pwshïŒã®æ€åºïŒProgram FilesãProgramW6432ããã®åŸ PATHïŒãåªå ãã ãã®åŸ Windows PowerShell 5.1 ã«ãã©ãŒã«ããã¯ããŸãã - Windows 以å€ã® Gateway ãã¹ãã§ã¯ãbash ãš zsh ã® exec ã³ãã³ãã¯èµ·åã¹ãããã·ã§ããã䜿çšããŸããOpenClaw ã¯ãã·ã§ã«èµ·åãã¡ã€ã«ãã source å¯èœãªãšã€ãªã¢ã¹/颿°ãšå°ããªå®å
šãªç°å¢ã»ããã
$OPENCLAW_STATE_DIR/cache/shell-snapshots/ã«ãã£ããã£ããå exec ã³ãã³ãã®åã«ãã®ã¹ãããã·ã§ããã source ããŸãã ã·ãŒã¯ã¬ããããã倿°ã¯é€å€ãããŸãããµã³ãããã¯ã¹ãš Node exec ã¯ãã®ã¹ãããã·ã§ããã䜿çšããŸããããã®ã¹ãããã·ã§ãããã¹ãç¡å¹ã«ããã«ã¯ãGateway ããã»ã¹ç°å¢ã§OPENCLAW_EXEC_SHELL_SNAPSHOT=0ãèšå®ããŸãã - ãã¹ãå®è¡ïŒ
gateway/nodeïŒã¯ããã€ããªãã€ãžã£ãã¯ãæ³šå ¥ã³ãŒããé²ããããenv.PATHãšããŒããŒãªãŒããŒã©ã€ãïŒLD_*/DYLD_*ïŒãæåŠããŸãã - OpenClaw ã¯ãã·ã§ã«/ãããã¡ã€ã«ã«ãŒã«ã exec ããŒã«ã®ã³ã³ããã¹ããæ€åºã§ãããããçæãããã³ãã³ãç°å¢ïŒPTY ãšãµã³ãããã¯ã¹å®è¡ãå«ãïŒã§
OPENCLAW_SHELL=execãèšå®ããŸãã - ãã£ãã«ç±æ¥ã®å®è¡ã§ã¯ããã£ãã«ããããã® ID ãæäŸããå ŽåãOpenClaw ã¯çãéä¿¡è
/ãã£ãã ID JSON ãã€ããŒãã
OPENCLAW_CHANNEL_CONTEXTã§å ¬éããŸãã openclaw channels loginã¯å¯Ÿè©±åã®ãã£ãã«èªèšŒãããŒã§ãããããexecããã¯ãããã¯ãããŸããGateway ãã¹ãäžã®ã¿ãŒããã«ã§å®è¡ããããååšããå Žåã¯ãã£ãããããã£ãã«ãã€ãã£ãã®ãã°ã€ã³ããŒã«ã䜿çšããŠãã ããã- éèŠ: ãµã³ãããã¯ã¹åã¯ããã©ã«ãã§ãªãã§ãããµã³ãããã¯ã¹åããªãã®å Žåãæé»ã®
host=autoã¯gatewayã«è§£æ±ºãããŸããæç€ºçãªhost=sandboxã¯ãGateway ãã¹ãã§é»ã£ãŠå®è¡ãããã®ã§ã¯ãªããåŒãç¶ãã¯ããŒãºãã«å€±æããŸãããµã³ãããã¯ã¹åãæå¹ã«ããããæ¿èªä»ãã§host=gatewayã䜿çšããŠãã ããã - ã¹ã¯ãªããã®äºåãã§ãã¯ïŒäžè¬ç㪠Python/Node ã·ã§ã«æ§æãã¹çšïŒã¯ãæå¹ãª
workdirå¢çå ã®ãã¡ã€ã«ã ããæ€æ»ããŸããã¹ã¯ãªãããã¹ãworkdirã®å€ã«è§£æ±ºãããå Žåããã®ãã¡ã€ã«ã®äºåãã§ãã¯ã¯ã¹ããããããŸãã - ããŸéå§ããé·æéå®è¡ã®äœæ¥ã§ã¯ãäžåºŠã ãéå§ããæå¹ã«ãªã£ãŠããŠã³ãã³ããåºåãçºããã倱æãããšãã®èªåå®äºãŠã§ã€ã¯ã«äŸåããŠãã ããã
ãã°ãã¹ããŒã¿ã¹ãå
¥åãä»å
¥ã«ã¯
processã䜿çšããŠãã ãããsleep ã«ãŒããtimeout ã«ãŒããå埩ããŒãªã³ã°ã§ã¹ã±ãžã¥ãŒãªã³ã°ãæš¡å£ããªãã§ãã ããã - åŸã§çºçãã¹ãäœæ¥ãã¹ã±ãžã¥ãŒã«äžã®äœæ¥ã«ã¯ã
execã® sleep/delay ãã¿ãŒã³ã§ã¯ãªã cron ã䜿çšããŠãã ããã
èšå®
tools.exec.notifyOnExitïŒããã©ã«ã: trueïŒ: true ã®å Žåãããã¯ã°ã©ãŠã³ãåããã exec ã»ãã·ã§ã³ã¯çµäºæã«ã·ã¹ãã ã€ãã³ãããã¥ãŒã«å ¥ããHeartbeat ãèŠæ±ããŸããtools.exec.approvalRunningNoticeMsïŒããã©ã«ã: 10000ïŒ: æ¿èªã²ãŒãä»ã exec ãããããé·ãå®è¡ãããå Žåãåäžã®ãå®è¡äžãéç¥ãçºè¡ããŸãïŒ0 ã§ç¡å¹ïŒãtools.exec.timeoutSecïŒããã©ã«ã: 1800ïŒ: ã³ãã³ãããšã®ããã©ã«ã exec ã¿ã€ã ã¢ãŠãç§æ°ãåŒã³åºãããšã®timeoutããããäžæžãããŸããåŒã³åºãããšã®timeout: 0㯠exec ããã»ã¹ã¿ã€ã ã¢ãŠããç¡å¹ã«ããŸããtools.exec.hostïŒããã©ã«ã:auto; ãµã³ãããã¯ã¹ã©ã³ã¿ã€ã ãã¢ã¯ãã£ããªå Žåã¯sandboxããã以å€ã®å Žåã¯gatewayã«è§£æ±ºïŒtools.exec.securityïŒããã©ã«ã: ãµã³ãããã¯ã¹ã§ã¯denyãæªèšå®ã®å Žå㯠Gateway + Node ã§fullïŒtools.exec.askïŒããã©ã«ã:offïŒ- Gateway + Node ã§ã¯æ¿èªãªãã®ãã¹ã exec ãããã©ã«ãã§ããæ¿èª/allowlist åäœãå¿
èŠãªå Žåã¯ã
tools.exec.*ãšãã¹ãæ¿èªãã¡ã€ã«ã®äž¡æ¹ãå³ããããŠãã ãããExec æ¿èªãåç §ããŠãã ããã - YOLO ã¯
host=autoã§ã¯ãªãããã¹ãããªã·ãŒã®ããã©ã«ãïŒsecurity=fullãask=offïŒã«ç±æ¥ããŸããGateway ãŸã㯠Node ãžã®ã«ãŒãã£ã³ã°ã匷å¶ãããå Žåã¯ãtools.exec.hostãèšå®ããã/exec host=...ã䜿çšããŠãã ããã security=fullãã€ask=offã¢ãŒãã§ã¯ããã¹ã exec ã¯èšå®æžã¿ããªã·ãŒã«çŽæ¥åŸããŸãã远å ã®ãã¥ãŒãªã¹ãã£ãã¯ãªã³ãã³ãé£èªåããªãã£ã«ã¿ãŒãã¹ã¯ãªããäºåãã§ãã¯æåŠã¬ã€ã€ãŒã¯ãããŸãããtools.exec.nodeïŒããã©ã«ã: æªèšå®ïŒtools.exec.strictInlineEvalïŒããã©ã«ã: falseïŒ: true ã®å Žåãpython -cãnode -eãruby -eãperl -eãphp -rãlua -eãosascript -eãªã©ã®ã€ã³ã©ã€ã³ã€ã³ã¿ãŒããªã¿ãŒ eval 圢åŒã«ã¯ãã¬ãã¥ã¢ãŒãŸãã¯æç€ºçãªæ¿èªãå¿ èŠã§ããmode=autoã§ã¯ãéåžžã® exec æ¿èªãã¹ã«ããããã€ãã£ãèªåã¬ãã¥ã¢ãŒãæããã«äœãªã¹ã¯ãªäžåéãã®ã³ãã³ããèš±å¯ããå ŽåããããŸããçŽæ¥ã® Node ãã¹ãsystem.runåŒã³åºãã¯ã人éã®æ¿èªã«ãŒãã«ã³ãã³ããæž¡ããªããããåŒãç¶ãæç€ºçãªæ¿èªãå¿ èŠã§ããã¬ãã¥ã¢ãŒã確èªãæ±ããå Žåããªã¯ãšã¹ãã¯äººéã«éãããŸããallow-alwaysã¯åŒãç¶ãç¡å®³ãªã€ã³ã¿ãŒããªã¿ãŒ/ã¹ã¯ãªããåŒã³åºããæ°žç¶åã§ããŸãããã€ã³ã©ã€ã³ eval 圢åŒãæ°žç¶çãªèš±å¯ã«ãŒã«ã«ãªãããšã¯ãããŸãããtools.exec.commandHighlightingïŒããã©ã«ã: falseïŒ: true ã®å Žåãæ¿èªããã³ããã¯ã³ãã³ãããã¹ãå ã®ããŒãµãŒç±æ¥ã®ã³ãã³ãç¯å²ã匷調衚瀺ã§ããŸããexec æ¿èªããªã·ãŒã倿Žããã«ã³ãã³ãããã¹ã匷調衚瀺ãæå¹ã«ããã«ã¯ãã°ããŒãã«ãŸãã¯ãšãŒãžã§ã³ãããšã«trueãèšå®ããŸããtools.exec.pathPrepend: exec å®è¡æã«PATHã®åã«è¿œå ãããã£ã¬ã¯ããªã®ãªã¹ãïŒGateway + ãµã³ãããã¯ã¹ã®ã¿ïŒãtools.exec.safeBins: æç€ºç㪠allowlist ãšã³ããªãªãã§å®è¡ã§ãã stdin å°çšã®å®å šãªãã€ããªãåäœã®è©³çްã«ã€ããŠã¯ãå®å šãª binãåç §ããŠãã ãããtools.exec.safeBinTrustedDirs:safeBinsãã¹ãã§ãã¯ã§ä¿¡é Œããã远å ã®æç€ºçãã£ã¬ã¯ããªãPATHãšã³ããªã¯èªåçã«ä¿¡é ŒãããŸãããçµã¿èŸŒã¿ã®ããã©ã«ãã¯/binãš/usr/binã§ããtools.exec.safeBinProfiles: safe bin ããšã®ä»»æã®ã«ã¹ã¿ã argv ããªã·ãŒïŒminPositionalãmaxPositionalãallowedValueFlagsãdeniedFlagsïŒã
äŸ:
{ tools: { exec: { pathPrepend: ["~/bin", "/opt/oss/bin"], }, },}PATH ã®åŠç
host=gateway: ãã°ã€ã³ã·ã§ã«ã®PATHã exec ç°å¢ã«ããŒãžããŸãããã¹ãå®è¡ã§ã¯env.PATHãªãŒããŒã©ã€ãã¯æåŠãããŸããããŒã¢ã³èªäœã¯åŒãç¶ãæå°éã®PATHã§å®è¡ãããŸã:- macOS:
/opt/homebrew/bin,/usr/local/bin,/usr/bin,/bin - Linux:
/usr/local/bin,/usr/bin,/bin- èµ·åäžã«ãŠãŒã¶ãŒã®ã·ã§ã«èšå®ïŒ
~/.zshenvã/etc/zshenvãªã©ïŒãåªå ãã¹ãäžæžãããã®ãé²ããããtools.exec.pathPrependãšã³ããªã¯ãå®è¡çŽåã®ã·ã§ã«ã³ãã³ãå ã§æçµçãªPATHã«å®å šã«å é 远å ãããŸãã
- èµ·åäžã«ãŠãŒã¶ãŒã®ã·ã§ã«èšå®ïŒ
- macOS:
host=sandbox: ã³ã³ãããŒå ã§sh -lcïŒãã°ã€ã³ã·ã§ã«ïŒãå®è¡ããããã/etc/profileãPATHããªã»ããããå ŽåããããŸãã OpenClaw ã¯ãå éšç°å¢å€æ°ïŒã·ã§ã«è£éãªãïŒãä»ããŠãããã¡ã€ã« source åŸã«env.PATHãå é 远å ããŸããtools.exec.pathPrependãããã§é©çšãããŸããhost=node: æž¡ããããããã¯ãããŠããªã env ãªãŒããŒã©ã€ãã ãã Node ã«éä¿¡ãããŸããenv.PATHãªãŒããŒã©ã€ãã¯ãã¹ãå®è¡ã§æåŠãããNode ãã¹ãã§ã¯ç¡èŠãããŸããNode ã§è¿œå ã® PATH ãšã³ããªãå¿ èŠãªå Žåã¯ã Node ãã¹ããµãŒãã¹ç°å¢ïŒsystemd/launchdïŒãèšå®ããããæšæºã®å Žæã«ããŒã«ãã€ã³ã¹ããŒã«ããŠãã ããã
ãšãŒãžã§ã³ãããšã® Node ãã€ã³ãã£ã³ã°ïŒèšå®å ã®ãšãŒãžã§ã³ããªã¹ãã€ã³ããã¯ã¹ã䜿çšïŒ:
openclaw config get agents.listopenclaw config set 'agents.list[0].tools.exec.node' "node-id-or-name"Control UI: Nodes ã¿ãã«ã¯ãåãèšå®çšã®å°ããªãExec node bindingãããã«ããããŸãã
ã»ãã·ã§ã³ãªãŒããŒã©ã€ãïŒ/execïŒ
/exec ã䜿çšããŠãhostãsecurityãaskãnode ã®ã»ãã·ã§ã³ããšã®ããã©ã«ããèšå®ããŸãã
çŸåšã®å€ã衚瀺ããã«ã¯ãåŒæ°ãªãã§ /exec ãéä¿¡ããŸãã
äŸ:
/exec host=auto security=allowlist ask=on-miss node=mac-1èªå¯ã¢ãã«
/exec 㯠æ¿èªæžã¿éä¿¡è
ïŒãã£ã³ãã«ã®èš±å¯ãªã¹ã/ãã¢ãªã³ã°ã«å ã㊠commands.useAccessGroupsïŒã«å¯ŸããŠã®ã¿é©çšãããŸãã
ãã㯠ã»ãã·ã§ã³ç¶æ
ã®ã¿ ãæŽæ°ããconfig ã«ã¯æžã蟌ã¿ãŸãããæ¿èªæžã¿ã®å€éšãã£ã³ãã«éä¿¡è
ã¯ã
ãããã®ã»ãã·ã§ã³æ¢å®å€ãèšå®ã§ããŸããå
éš Gateway/webchat ã¯ã©ã€ã¢ã³ããããããæ°žç¶åããã«ã¯ operator.admin ãå¿
èŠã§ãã
exec ãå®å
šã«ç¡å¹åããã«ã¯ãtool policyïŒtools.deny: ["exec"] ãŸãã¯ãšãŒãžã§ã³ãåäœïŒã§æåŠããŸããHost approvals ã¯ã
security=full ãš ask=off ãæç€ºçã«èšå®ããªãéãåŒãç¶ãé©çšãããŸãã
exec æ¿èªïŒã³ã³ãããªã³ã¢ã㪠/ ããŒããã¹ãïŒ
ãµã³ãããã¯ã¹åããããšãŒãžã§ã³ãã§ã¯ãGateway ãŸãã¯ããŒããã¹ãäžã§ exec ãå®è¡ãããåã«ããªã¯ãšã¹ãããšã®æ¿èªãå¿
é ã«ã§ããŸãã
ããªã·ãŒãèš±å¯ãªã¹ããUI ãããŒã«ã€ããŠã¯ãexec æ¿èªãåç
§ããŠãã ããã
æ¿èªãå¿
èŠãªå Žåãexec tool ã¯
status: "approval-pending" ãšæ¿èª ID ãè¿ããŠããã«çµäºããŸããæ¿èªããããšïŒãŸãã¯æåŠ / ã¿ã€ã ã¢ãŠãããããšïŒã
Gateway ã¯æ¿èªæžã¿ã®å®è¡ã«ã€ããŠã®ã¿ã³ãã³ãé²è¡ç¶æ³ãšå®äºã®ã·ã¹ãã ã€ãã³ã
ïŒExec running / Exec finishedïŒãçºè¡ããŸããæåŠãŸãã¯ã¿ã€ã ã¢ãŠããããæ¿èªã¯çµç«¯ç¶æ
ã§ããã
æåŠã®ã·ã¹ãã ã€ãã³ãã§ãšãŒãžã§ã³ãã»ãã·ã§ã³ãèµ·åããŸããã
ãã€ãã£ãã®æ¿èªã«ãŒã/ãã¿ã³ããããã£ã³ãã«ã§ã¯ããšãŒãžã§ã³ãã¯ãŸããã®
ãã€ãã£ã UI ã«äŸåããtool ã®çµæããã£ããæ¿èªãå©çšã§ããªãããŸãã¯æåæ¿èªã
å¯äžã®çµè·¯ã ãšæç€ºããŠããå Žåã«ã®ã¿ãæåã® /approve ã³ãã³ããå«ããã¹ãã§ãã
èš±å¯ãªã¹ã + å®å šãªãã€ããª
æåã®èš±å¯ãªã¹ãé©çšã§ã¯ã解決æžã¿ãã€ããªãã¹ã® glob ãšçŽ ã®ã³ãã³ãåã®
glob ãç
§åããŸããçŽ ã®åå㯠PATH çµç±ã§åŒã³åºãããã³ãã³ãã«ã®ã¿äžèŽãããããã³ãã³ãã rg ã®å Žåã
rg 㯠/opt/homebrew/bin/rg ã«äžèŽã§ããŸããã./rg ã /tmp/rg ã«ã¯äžèŽããŸããã
security=allowlist ã®å Žåãshell ã³ãã³ãã¯ããã¹ãŠã®ãã€ãã©ã€ã³
ã»ã°ã¡ã³ããèš±å¯ãªã¹ãã«å«ãŸããŠãããå®å
šãªãã€ããªã§ããå Žåã«ã®ã¿èªåèš±å¯ãããŸãããã§ãŒã³ïŒ;ã&&ã||ïŒãšãªãã€ã¬ã¯ãã¯ã
ãã¹ãŠã®ãããã¬ãã«ã»ã°ã¡ã³ããèš±å¯ãªã¹ãïŒå®å
šãªãã€ããªãå«ãïŒãæºãããªãéããallowlist ã¢ãŒãã§ã¯æåŠãããŸãã
ãªãã€ã¬ã¯ãã¯åŒãç¶ããµããŒããããŠããŸããã
æ°žç¶ç㪠allow-always ä¿¡é Œã¯ãã®ã«ãŒã«ããã€ãã¹ããŸããããã§ãŒã³ãããã³ãã³ãã§ã¯ãäŸç¶ãšããŠãã¹ãŠã®
ãããã¬ãã«ã»ã°ã¡ã³ããäžèŽããå¿
èŠããããŸãã
autoAllowSkills 㯠exec æ¿èªã«ãããå¥ã®å©äŸ¿æ§ãã¹ã§ããããã¯
æåãã¹èš±å¯ãªã¹ããšã³ããªãšåãã§ã¯ãããŸãããå³å¯ã§æç€ºçãªä¿¡é Œã«ã¯ãautoAllowSkills ãç¡å¹ã®ãŸãŸã«ããŠãã ããã
2 ã€ã®å¶åŸ¡ã¯å¥ã ã®çšéã«äœ¿ããŸãã
tools.exec.safeBins: å°ã㪠stdin å°çšã¹ããªãŒã ãã£ã«ã¿ãŒãtools.exec.safeBinTrustedDirs: å®å šãªãã€ããªå®è¡å¯èœãã¹ã®ããã®ãæç€ºçãªè¿œå ã®ä¿¡é Œæžã¿ãã£ã¬ã¯ããªãtools.exec.safeBinProfiles: ã«ã¹ã¿ã å®å šãã€ããªã®ããã®æç€ºç㪠argv ããªã·ãŒã- èš±å¯ãªã¹ã: å®è¡å¯èœãã¹ã«å¯Ÿããæç€ºçãªä¿¡é Œã
safeBins ãæ±çšã®èš±å¯ãªã¹ããšããŠæ±ããªãã§ãã ããããŸããã€ã³ã¿ãŒããªã¿ãŒ/ã©ã³ã¿ã€ã ã®ãã€ããªïŒäŸ: python3ãnodeãrubyãbashïŒã远å ããªãã§ãã ãããããããå¿
èŠãªå Žåã¯ãæç€ºçãªèš±å¯ãªã¹ããšã³ããªã䜿çšããæ¿èªããã³ãããæå¹ã®ãŸãŸã«ããŠãã ããã
openclaw security audit ã¯ãã€ã³ã¿ãŒããªã¿ãŒ/ã©ã³ã¿ã€ã ã® safeBins ãšã³ããªã«æç€ºçãªãããã¡ã€ã«ããªãå Žåã«èŠåããopenclaw doctor --fix ã¯äžè¶³ããŠããã«ã¹ã¿ã safeBinProfiles ãšã³ããªãã¹ãã£ãã©ãŒã«ãã§ããŸãã
openclaw security audit ãš openclaw doctor ã¯ãjq ã®ãããªåºãæ¯ãèããæã€ãã€ããªã safeBins ã«æç€ºçã«æ»ããå Žåã«ãèŠåããŸãã
ã€ã³ã¿ãŒããªã¿ãŒãæç€ºçã«èš±å¯ãªã¹ãã«å
¥ããå Žåã¯ãã€ã³ã©ã€ã³ã®ã³ãŒãè©äŸ¡åœ¢åŒãåŒãç¶ãã¬ãã¥ã¢ãŒãŸãã¯æç€ºçãªæ¿èªãå¿
èŠãšããããã«ãtools.exec.strictInlineEval ãæå¹ã«ããŠãã ããã
å®å šãªããªã·ãŒã®è©³çްãšäŸã«ã€ããŠã¯ãexec æ¿èªãšå®å šãªãã€ããªãšèš±å¯ãªã¹ãã®æ¯èŒãåç §ããŠãã ããã
äŸ
ãã©ã¢ã°ã©ãŠã³ã:
{ "tool": "exec", "command": "ls -la" }ããã¯ã°ã©ãŠã³ã + ããŒãªã³ã°:
{"tool":"exec","command":"npm run build","yieldMs":1000}{"tool":"process","action":"poll","sessionId":"<id>"}ããŒãªã³ã°ã¯ãªã³ããã³ãã®ã¹ããŒã¿ã¹ç¢ºèªçšã§ãããåŸ æ©ã«ãŒãçšã§ã¯ãããŸãããèªåå®äºã«ããèµ·åã æå¹ãªå Žåãã³ãã³ãã¯åºåãçºè¡ãããšãããŸãã¯å€±æãããšãã«ã»ãã·ã§ã³ãèµ·åã§ããŸãã
ããŒéä¿¡ïŒtmux 圢åŒïŒ:
{"tool":"process","action":"send-keys","sessionId":"<id>","keys":["Enter"]}{"tool":"process","action":"send-keys","sessionId":"<id>","keys":["C-c"]}{"tool":"process","action":"send-keys","sessionId":"<id>","keys":["Up","Up","Enter"]}éä¿¡ïŒCR ã®ã¿ãéä¿¡ïŒ:
{ "tool": "process", "action": "submit", "sessionId": "<id>" }貌ãä»ãïŒæ¢å®ã§ãã©ã±ããä»ãïŒ:
{ "tool": "process", "action": "paste", "sessionId": "<id>", "text": "line1\nline2\n" }apply_patch
apply_patch ã¯ãæ§é åãããè€æ°ãã¡ã€ã«ç·šéã®ããã® exec ã®ãµãtoolã§ãã
OpenAI ããã³ OpenAI Codex ã¢ãã«ã§ã¯æ¢å®ã§æå¹ã§ããconfig ã¯ã
ç¡å¹åãããå ŽåããŸãã¯ç¹å®ã®ã¢ãã«ã«å¶éãããå Žåã«ã®ã¿äœ¿çšããŠãã ããã
{ tools: { exec: { applyPatch: { workspaceOnly: true, allowModels: ["gpt-5.5"] }, }, },}泚èš:
- OpenAI/OpenAI Codex ã¢ãã«ã§ã®ã¿å©çšã§ããŸãã
- Tool policy ã¯åŒãç¶ãé©çšãããŸãã
allow: ["write"]ã¯æé»çã«apply_patchãèš±å¯ããŸãã deny: ["write"]ã¯apply_patchãæåŠããŸãããapply_patchãæç€ºçã«æåŠããããpatch æžã蟌ã¿ããããã¯ãã¹ãå Žåã¯deny: ["group:fs"]ã䜿çšããŠãã ããã- config ã¯
tools.exec.applyPatchã®äžã«ãããŸãã tools.exec.applyPatch.enabledã®æ¢å®å€ã¯trueã§ããOpenAI ã¢ãã«ã§ãã® tool ãç¡å¹åããã«ã¯falseã«èšå®ããŸããtools.exec.applyPatch.workspaceOnlyã®æ¢å®å€ã¯trueïŒworkspace å éå®ïŒã§ããapply_patchã« workspace ãã£ã¬ã¯ããªå€ãžã®æžã蟌ã¿/åé€ãæå³çã«èš±å¯ãããå Žåã«ã®ã¿ãfalseã«èšå®ããŠãã ããã
é¢é£
- exec æ¿èª â shell ã³ãã³ãã®æ¿èªã²ãŒã
- ãµã³ãããã¯ã¹å â ãµã³ãããã¯ã¹åãããç°å¢ã§ã³ãã³ããå®è¡ãã
- ããã¯ã°ã©ãŠã³ãããã»ã¹ â é·æéå®è¡ããã exec ãš process tool
- ã»ãã¥ãªã㣠â tool policy ãšææ Œã¢ã¯ã»ã¹