Tools
å®è¡æ¿èª
Exec æ¿èªã¯ããµã³ãããã¯ã¹åããããšãŒãžã§ã³ããå®ãã¹ãïŒgateway ãŸã㯠nodeïŒã§ã³ãã³ããå®è¡ã§ããããã«ããããã® ã³ã³ãããªã³ã¢ã㪠/ Node ãã¹ãã®ã¬ãŒãã¬ãŒã«ã§ããå®å
šã€ã³ã¿ãŒããã¯ãšããŠãã³ãã³ãã¯ããªã·ãŒ + èš±å¯ãªã¹ã +ïŒä»»æã®ïŒãŠãŒã¶ãŒæ¿èªããã¹ãŠäžèŽããå Žåã«ã®ã¿èš±å¯ãããŸããExec æ¿èªã¯ãããŒã«ããªã·ãŒãšææ Œã²ãŒãã®äžã«éãªããŸãïŒãã ããææ Œã full ã«èšå®ãããŠããå Žåã¯æ¿èªãã¹ãããããŸãïŒã
denyãallowlistãaskãautoãfullãCodex Guardian ãããã³ã°ãACPX ããŒãã¹æš©éã®ã¢ãŒãåªå
ã®æŠèŠã«ã€ããŠã¯ãæš©éã¢ãŒããåç
§ããŠãã ããã
æå¹ãªããªã·ãŒã®ç¢ºèª
| ã³ãã³ã | 衚瀺å 容 |
|---|---|
openclaw approvals get / --gateway / --node <id|name|ip> |
èŠæ±ãããããªã·ãŒããã¹ãããªã·ãŒã®ãœãŒã¹ãæå¹ãªçµæã |
openclaw exec-policy show |
ããŒã«ã«ãã·ã³ã®ããŒãžæžã¿ãã¥ãŒã |
openclaw exec-policy set / preset |
ããŒã«ã«ã®èŠæ±ããªã·ãŒãšããŒã«ã«ãã¹ãæ¿èªãã¡ã€ã«ã 1 ã¹ãããã§åæããŸãã |
ããŒã«ã«ã¹ã³ãŒãã host=node ãèŠæ±ããå Žåãexec-policy show ã¯ããã®ã¹ã³ãŒãã«ã€ããŠãããŒã«ã«æ¿èªãã¡ã€ã«ãçå®ã®ãœãŒã¹ã§ãããã®ããã«æ±ãã®ã§ã¯ãªããå®è¡æã« Node 管çãšããŠå ±åããŸãã
ã³ã³ãããªã³ã¢ã㪠UI ãå©çšã§ããªãå Žåãéåžžãªãããã³ãããåºããªã¯ãšã¹ãã¯ãã¹ãŠ ask ãã©ãŒã«ããã¯ïŒããã©ã«ã: denyïŒã§è§£æ±ºãããŸãã
é©çšç¯å²
Exec æ¿èªã¯ãå®è¡ãã¹ãäžã§ããŒã«ã«ã«é©çšãããŸãã
- Gateway ãã¹ã â Gateway ãã·ã³äžã®
openclawããã»ã¹ã - Node ãã¹ã â Node ã©ã³ããŒïŒmacOS ã³ã³ãããªã³ã¢ããªãŸãã¯ãããã¬ã¹ Node ãã¹ãïŒã
ä¿¡é Œã¢ãã«
- Gateway ã§èªèšŒãããåŒã³åºãå ã¯ããã® Gateway ã®ä¿¡é Œæžã¿ãªãã¬ãŒã¿ãŒã§ãã
- ãã¢ãªã³ã°ããã Node ã¯ããã®ä¿¡é Œæžã¿ãªãã¬ãŒã¿ãŒæ©èœã Node ãã¹ããžæ¡åŒµããŸãã
- Exec æ¿èªã¯å¶çºçãªå®è¡ãªã¹ã¯ãäœæžããŸããããŠãŒã¶ãŒããšã®èªèšŒå¢çã§ãããã¡ã€ã«ã·ã¹ãã ã®èªã¿åãå°çšããªã·ãŒã§ããããŸããã
- æ¿èªããããšãã³ãã³ãã¯éžæããããã¹ããŸãã¯ãµã³ãããã¯ã¹ã®ãã¡ã€ã«ã·ã¹ãã æš©éã«åŸã£ãŠãã¡ã€ã«ã倿Žã§ããŸãã
- æ¿èªæžã¿ã® Node ãã¹ãå®è¡ã¯ãæ£èŠã®å®è¡ã³ã³ããã¹ãããã€ã³ãããŸããæ£èŠ cwdãæ£ç¢ºãª argvãååšããå Žåã® env ãã€ã³ãã該åœããå Žåã®åºå®ãããå®è¡å¯èœãã¡ã€ã«ãã¹ã§ãã
- ã·ã§ã«ã¹ã¯ãªããããã³ã€ã³ã¿ãŒããªã¿ãŒ/ã©ã³ã¿ã€ã ãã¡ã€ã«ã®çŽæ¥åŒã³åºãã«ã€ããŠãOpenClaw ã¯å ·äœçãªããŒã«ã«ãã¡ã€ã«ãªãã©ã³ãã 1 ã€ãã€ã³ãããããšããŸãããã®ãã€ã³ãããããã¡ã€ã«ãæ¿èªåŸãå®è¡åã«å€æŽãããå Žåãå®è¡ã¯å€åããå 容ãå®è¡ãã代ããã«æåŠãããŸãã
- ãã¡ã€ã«ãã€ã³ãã¯æå³çã«ãã¹ããšãã©ãŒãã§ããããã¹ãŠã®ã€ã³ã¿ãŒããªã¿ãŒ/ã©ã³ã¿ã€ã ããŒããŒãã¹ã®å®å šãªã»ãã³ãã£ãã¯ã¢ãã«ã§ã¯ãããŸãããæ¿èªã¢ãŒãããã€ã³ã察象ã®å ·äœçãªããŒã«ã«ãã¡ã€ã«ãã¡ããã© 1 ã€ç¹å®ã§ããªãå Žåãå®å šãªã«ãã¬ããžãè£ ãã®ã§ã¯ãªããæ¿èªã«è£ä»ããããå®è¡ã®çºè¡ãæåŠããŸãã
macOS ã®åé¢
- Node ãã¹ããµãŒãã¹ã¯
system.runã local IPC çµç±ã§ macOS ã¢ããªãžè»¢éããŸãã - macOS ã¢ããªã¯æ¿èªãé©çšããUI ã³ã³ããã¹ãã§ã³ãã³ããå®è¡ããŸãã
èšå®ãšã¹ãã¬ãŒãž
æ¿èªã¯å®è¡ãã¹ãäžã®ããŒã«ã« JSON ãã¡ã€ã«ã«ä¿åãããŸããOPENCLAW_STATE_DIR ãèšå®ãããŠããå Žåããã¡ã€ã«ã¯ãã®ç¶æ
ãã£ã¬ã¯ããªã«åŸããŸããããã§ãªãå Žåã¯ãããã©ã«ãã® OpenClaw ç¶æ
ãã£ã¬ã¯ããªã䜿çšããŸãã
$OPENCLAW_STATE_DIR/exec-approvals.json# otherwise~/.openclaw/exec-approvals.jsonããã©ã«ãã®æ¿èªãœã±ããã¯åãã«ãŒãã«åŸããŸãã
$OPENCLAW_STATE_DIR/exec-approvals.sockããŸãã¯å€æ°ãæªèšå®ã®å Žåã¯
~/.openclaw/exec-approvals.sock ã§ãã
ã¹ããŒãäŸ:
{ "version": 1, "socket": { "path": "~/.openclaw/exec-approvals.sock", "token": "base64url-token" }, "defaults": { "security": "deny", "ask": "on-miss", "askFallback": "deny", "autoAllowSkills": false }, "agents": { "main": { "security": "allowlist", "ask": "on-miss", "askFallback": "deny", "autoAllowSkills": true, "allowlist": [ { "id": "B0C8C0B3-2C2D-4F8A-9A3C-5A4B3C2D1E0F", "pattern": "~/Projects/**/bin/rg", "source": "allow-always", "commandText": "rg -n TODO", "lastUsedAt": 1737150000000, "lastUsedCommand": "rg -n TODO", "lastResolvedPath": "/Users/user/Projects/.../bin/rg" } ] } }}ããªã·ãŒãã
tools.exec.mode
tools.exec.mode ã¯ããã¹ã exec åãã®æšå¥šãããæ£èŠåæžã¿ããªã·ãŒãµãŒãã§ã¹ã§ããå€ã¯æ¬¡ã®ãšããã§ãã
deny- ãã¹ã exec ããããã¯ããŸããallowlist- 確èªãªãã§ãèš±å¯ãªã¹ãç»é²æžã¿ã³ãã³ãã®ã¿ãå®è¡ããŸããask- èš±å¯ãªã¹ãããªã·ãŒã䜿çšãããã¹æã«ç¢ºèªããŸããauto- èš±å¯ãªã¹ãããªã·ãŒã䜿çšããæ±ºå®çãªäžèŽã¯çŽæ¥å®è¡ããæ¿èªãã¹ã¯äººéã®æ¿èªã«ãŒããžãã©ãŒã«ããã¯ããåã« OpenClaw ã®ãã€ãã£ãèªåã¬ãã¥ãŒæ åœãžéä¿¡ããŸããfull- æ¿èªããã³ãããªãã§ãã¹ã exec ãå®è¡ããŸãã
ã¬ã¬ã·ãŒã® tools.exec.security / tools.exec.ask ã¯åŒãç¶ããµããŒããããããçãã»ãã·ã§ã³ãŸãã¯ãšãŒãžã§ã³ãã¹ã³ãŒãã§èšå®ãããå Žåã¯ä»ã§ãåªå
ãããŸãã
exec.security
security"deny" | "allowlist" | "full"deny- ãã¹ãŠã®ãã¹ã exec ãªã¯ãšã¹ãããããã¯ããŸããallowlist- èš±å¯ãªã¹ãç»é²æžã¿ã³ãã³ãã®ã¿ãèš±å¯ããŸããfull- ãã¹ãŠãèš±å¯ããŸãïŒææ ŒãšåçïŒã
exec.ask
ask"off" | "on-miss" | "always"ãã¹ã exec ã«èšå®ããã ask ããªã·ãŒã§ããtools.exec.ask ãšãã¹ãæ¿èªããã©ã«ãããã®ããŒã¹ã©ã€ã³æ¿èªããã³ããåäœãå¶åŸ¡ããŸããåŒã³åºãããšã® ask ããŒã«ãã©ã¡ãŒã¿ãŒïŒExec ããŒã«ãåç
§ïŒã¯ããã®ããŒã¹ã©ã€ã³ã峿 Œåããããšããã§ããããã£ãã«ç±æ¥ã®ã¢ãã«åŒã³åºãã¯ãæå¹ãªãã¹ã ask ã off ã®å Žåãããç¡èŠããŸãã
off- ããã³ããã衚瀺ããŸãããon-miss- èš±å¯ãªã¹ãã«äžèŽããªãå Žåã®ã¿ããã³ããã衚瀺ããŸããalways- ãã¹ãŠã®ã³ãã³ãã§ããã³ããã衚瀺ããŸããæå¹ãª ask ã¢ãŒããalwaysã®å Žåãallow-alwaysã®æ°žç¶çãªä¿¡é Œã¯ããã³ãããæå¶ããŸããã
askFallback
askFallback"deny" | "allowlist" | "full"ããã³ãããå¿
èŠã ã UI ã«å°éã§ããªãå Žåã®è§£æ±ºæ¹æ³ã§ãããã®ãã£ãŒã«ããçç¥ãããå ŽåãOpenClaw ã¯ããã©ã«ãã§ deny ã«ãªããŸãã
deny- ãããã¯ããŸããallowlist- èš±å¯ãªã¹ãã«äžèŽããå Žåã®ã¿èš±å¯ããŸããfull- èš±å¯ããŸãã
tools.exec.strictInlineEval
strictInlineEvalbooleantrue ã®å ŽåãOpenClaw ã¯ãã€ã³ã¿ãŒããªã¿ãŒãã€ããªèªäœãèš±å¯ãªã¹ãã«ç»é²ãããŠããŠããã€ã³ã©ã€ã³ã³ãŒãè©äŸ¡åœ¢åŒãæ¿èªå°çšãšããŠæ±ããŸããå®å®ãã 1 ã€ã®ãã¡ã€ã«ãªãã©ã³ãã«ãããã«å¯Ÿå¿ããªãã€ã³ã¿ãŒããªã¿ãŒããŒããŒã«å¯Ÿããå€å±€é²åŸ¡ã§ãã
峿 Œã¢ãŒãã§æ€åºãããäŸ:
python -cnode -e,node --eval,node -pruby -eperl -e,perl -Ephp -rlua -eosascript -e
峿 Œã¢ãŒãã§ã¯ããããã®ã³ãã³ãã«ã¯åŒãç¶ãæç€ºçãªæ¿èªãå¿
èŠã§ãããallow-always ã¯ãããã«å¯ŸããŠæ°ããèš±å¯ãªã¹ããšã³ããªãèªåçã«æ°žç¶åããŸããã
tools.exec.commandHighlighting
commandHighlightingbooleandefault: falseExec æ¿èªããã³ããã§ã®è¡šç€ºã®ã¿ãå¶åŸ¡ããŸããæå¹ã«ãããšãOpenClaw ã¯ããŒãµãŒç±æ¥ã®ã³ãã³ãç¯å²ãæ·»ä»ããWeb æ¿èªããã³ããã§ã³ãã³ãããŒã¯ã³ããã€ã©ã€ãã§ããããã«ããŸããã³ãã³ãããã¹ãã®ãã€ã©ã€ããæå¹ã«ããã«ã¯ true ã«èšå®ããŸãã
ãã®èšå®ã¯ãsecurityãaskãèš±å¯ãªã¹ãç
§åã峿 Œã€ã³ã©ã€ã³è©äŸ¡åäœãæ¿èªè»¢éãã³ãã³ãå®è¡ã倿ŽããŸãããã°ããŒãã«ã«ã¯ tools.exec.commandHighlighting é
äžã§ããšãŒãžã§ã³ãããšã«ã¯ agents.list[].tools.exec.commandHighlighting é
äžã§èšå®ã§ããŸãã
YOLO ã¢ãŒãïŒæ¿èªãªãïŒ
æ¿èªããã³ãããªãã§ãã¹ã exec ãå®è¡ãããå Žåã¯ãäž¡æ¹ã®ããªã·ãŒã¬ã€ã€ãŒãéãå¿
èŠããããŸããOpenClaw èšå®ã®èŠæ± exec ããªã·ãŒïŒtools.exec.*ïŒãšãå®è¡ãã¹ãæ¿èªãã¡ã€ã«å
ã®ãã¹ãããŒã«ã«æ¿èªããªã·ãŒã§ãã
OpenClaw ã¯çç¥ããã askFallback ãããã©ã«ãã§ deny ã«ããŸããUI ãªãã®æ¿èªããã³ãããèš±å¯ãžãã©ãŒã«ããã¯ãããå¿
èŠãããå Žåã¯ããã¹ãã® askFallback ãæç€ºçã« full ã«èšå®ããŠãã ããã
| ã¬ã€ã€ãŒ | YOLO èšå® |
|---|---|
tools.exec.security |
gateway/node ã§ full |
tools.exec.ask |
off |
ãã¹ã askFallback |
full |
ç¬èªã®éå¯Ÿè©±åæš©éã¢ãŒããå
¬éãã CLI ããŒã¹ã®ãããã€ããŒã¯ããã®ããªã·ãŒã«åŸããŸããClaude CLI ã¯ãOpenClaw ã®æå¹ãª exec ããªã·ãŒã YOLO ã®å Žåã« --permission-mode bypassPermissions ã远å ããŸããOpenClaw 管çã® Claude ã©ã€ãã»ãã·ã§ã³ã§ã¯ãClaude ã®ãã€ãã£ãæš©éã¢ãŒãããã OpenClaw ã®æå¹ãª exec ããªã·ãŒãåªå
ãããŸããYOLO ã¯ã©ã€ãèµ·åã --permission-mode bypassPermissions ã«æ£èŠåããå¶éçãªæå¹ exec ããªã·ãŒã¯ãæªå 工㮠Claude ããã¯ãšã³ãåŒæ°ãå¥ã®ã¢ãŒããæå®ããŠããŠããã©ã€ãèµ·åã --permission-mode default ã«æ£èŠåããŸãã
ããä¿å®çãªã»ããã¢ããã«ãããå Žåã¯ãOpenClaw exec ããªã·ãŒã allowlist / on-miss ãŸã㯠deny ã«æ»ããŠå³æ ŒåããŠãã ããã
æ°žç¶ç㪠Gateway ãã¹ãã®ãããã³ãããåºããªããã»ããã¢ãã
èŠæ±ãããèšå®ããªã·ãŒãèšå®ãã
openclaw config set tools.exec.host gatewayopenclaw config set tools.exec.security fullopenclaw config set tools.exec.ask offopenclaw gateway restartãã¹ãæ¿èªãã¡ã€ã«ãåããã
openclaw approvals set --stdin <<'EOF'{ version: 1, defaults: { security: "full", ask: "off", askFallback: "full" }}EOFããŒã«ã«ã·ã§ãŒãã«ãã
openclaw exec-policy preset yoloãã®ããŒã«ã«ã·ã§ãŒãã«ããã¯æ¬¡ã®äž¡æ¹ãæŽæ°ããŸãã
- ããŒã«ã«ã®
tools.exec.host/security/askã askFallback: "full"ãå«ãããŒã«ã«æ¿èªãã¡ã€ã«ã®ããã©ã«ãã
ããã¯æå³çã«ããŒã«ã«å°çšã§ããGateway ãã¹ããŸã㯠Node ãã¹ãã®æ¿èªããªã¢ãŒãã§å€æŽããã«ã¯ãopenclaw approvals set --gateway ãŸã㯠openclaw approvals set --node <id|name|ip> ã䜿çšããŠãã ããã
Node ãã¹ã
Node ãã¹ãã®å Žåã¯ã代ããã«ãã® Node ã«åãæ¿èªãã¡ã€ã«ãé©çšããŸãã
openclaw approvals set --node <id|name|ip> --stdin <<'EOF'{ version: 1, defaults: { security: "full", ask: "off", askFallback: "full" }}EOFã»ãã·ã§ã³å°çšã·ã§ãŒãã«ãã
/exec security=full ask=offã¯çŸåšã®ã»ãã·ã§ã³ã ãã倿ŽããŸãã/elevated fullã¯ãèŠæ±ãããããªã·ãŒãšãã¹ãæ¿èªãã¡ã€ã«ã®äž¡æ¹ãsecurity: "full"ãšask: "off"ã«è§£æ±ºãããå Žåã«ã®ã¿ exec æ¿èªãã¹ãããããã ç·æ¥æçšã·ã§ãŒãã«ããã§ããask: "always"ãªã©ããã峿 Œãªãã¹ããã¡ã€ã«ã§ã¯ã ããã§ãããã³ããã衚瀺ãããŸãã
ãã¹ãæ¿èªãã¡ã€ã«ãèšå®ãã峿 ŒãªãŸãŸã®å Žåããã峿 Œãªãã¹ã ããªã·ãŒãåŒãç¶ãåªå ãããŸãã
èš±å¯ãªã¹ãïŒãšãŒãžã§ã³ãåäœïŒ
èš±å¯ãªã¹ãã¯ãšãŒãžã§ã³ãåäœã§ããè€æ°ã®ãšãŒãžã§ã³ããååšããå Žåã¯ãmacOS ã¢ããªã§ ç·šé察象ã®ãšãŒãžã§ã³ããåãæ¿ããŸãããã¿ãŒã³ã¯ glob ãããã§ãã
ãã¿ãŒã³ã«ã¯ã解決æžã¿ãã€ããªãã¹ã® globããŸãã¯è£žã®ã³ãã³ãå glob ãæå®ã§ããŸãã
裞ã®åå㯠PATH çµç±ã§åŒã³åºãããã³ãã³ãã«ã®ã¿äžèŽãããããã³ãã³ãã rg ã®å Žåã
rg 㯠/opt/homebrew/bin/rg ã«äžèŽã§ããŸããã./rg ã
/tmp/rg ã«ã¯äžèŽããŸãããç¹å®ã®ãã€ããª
å Žæã ããä¿¡é Œãããå Žåã¯ããã¹ glob ã䜿çšããŠãã ããã
åŸæ¥ã® agents.default ãšã³ããªã¯ãèªã¿èŸŒã¿æã« agents.main ãžç§»è¡ãããŸãã
echo ok && pwd ã®ãããªã·ã§ã«ãã§ãŒã³ã§ããæäžäœã®åã»ã°ã¡ã³ãã
èš±å¯ãªã¹ãã«ãŒã«ãæºããå¿
èŠããããŸãã
äŸ:
rg~/Projects/**/bin/peekaboo~/.local/bin/*/opt/homebrew/bin/rg
argPattern ã«ããåŒæ°ã®å¶é
èš±å¯ãªã¹ããšã³ããªãããã€ããªãšç¹å®ã®åŒæ°åœ¢ç¶ã«äžèŽããããå Žåã¯ã
argPattern ã远å ããŸããOpenClaw ã¯ãå®è¡å¯èœãã¡ã€ã«ããŒã¯ã³
ïŒargv[0]ïŒãé€ãããè§£ææžã¿ã³ãã³ãåŒæ°ã«å¯ŸããŠæ£èŠè¡šçŸãè©äŸ¡ããŸãã
ææžãã®ãšã³ããªã§ã¯ãåŒæ°ã¯åäžã¹ããŒã¹ã§çµåããããããå®å
šäžèŽãå¿
èŠãªå Žåã¯
ãã¿ãŒã³ãã¢ã³ã«ãŒããŠãã ããã
{ "version": 1, "agents": { "main": { "allowlist": [ { "pattern": "python3", "argPattern": "^safe\\.py$" } ] } }}ãã®ãšã³ããªã¯ python3 safe.py ãèš±å¯ããŸããpython3 other.py ã¯èš±å¯ãªã¹ãã«
äžèŽããŸãããåããã€ããªã«å¯Ÿãããã¹ã®ã¿ã®ãšã³ããªãååšããå ŽåãäžèŽããªã
åŒæ°ã¯ãã®ãã¹ã®ã¿ã®ãšã³ããªãžãã©ãŒã«ããã¯ã§ããŸããç®çãããã®ãã€ããªãå®£èšæžã¿ã®åŒæ°ã«
å¶éããããšã§ããå Žåã¯ããã¹ã®ã¿ã®ãšã³ããªãçç¥ããŠãã ããã
æ¿èªãããŒã«ãã£ãŠä¿åããããšã³ããªã§ã¯ãæ£ç¢ºãª argv ãããã³ã°ã®ããã«å
éšã»ãã¬ãŒã¿ãŒåœ¢åŒã
䜿çšããããšããããŸãããšã³ã³ãŒããããå€ãæã§ç·šéããã®ã§ã¯ãªããUI ãŸãã¯æ¿èªãããŒã§
ãããã®ãšã³ããªãåçæããããšãæšå¥šããŸããOpenClaw ãã³ãã³ãã»ã°ã¡ã³ãã® argv ã
è§£æã§ããªãå ŽåãargPattern ãæã€ãšã³ããªã¯äžèŽããŸããã
åèš±å¯ãªã¹ããšã³ããªã¯æ¬¡ããµããŒãããŸãã
| ãã£ãŒã«ã | æå³ |
|---|---|
pattern |
解決æžã¿ãã€ããªãã¹ glob ãŸãã¯è£žã®ã³ãã³ãå glob |
argPattern |
ä»»æã® argv æ£èŠè¡šçŸãçç¥ããããšã³ããªã¯ãã¹ã®ã¿ |
id |
UI ã®åäžæ§ã«äœ¿çšãããå®å®ãã UUID |
source |
allow-always ãªã©ã®ãšã³ããªãœãŒã¹ |
commandText |
æ¿èªãããŒããšã³ããªãäœæãããšãã«ååŸãããã³ãã³ãããã¹ã |
lastUsedAt |
æçµäœ¿çšã¿ã€ã ã¹ã¿ã³ã |
lastUsedCommand |
æåŸã«äžèŽããã³ãã³ã |
lastResolvedPath |
æåŸã«è§£æ±ºããããã€ããªãã¹ |
Skill CLI ã®èªåèš±å¯
Skill CLI ã®èªåèš±å¯ãæå¹ãªå Žåãæ¢ç¥ã® Skills ã«ãã£ãŠåç
§ãããå®è¡å¯èœãã¡ã€ã«ã¯ã
ããŒãïŒmacOS ããŒããŸãã¯ãããã¬ã¹ããŒããã¹ãïŒäžã§èš±å¯ãªã¹ãæžã¿ãšããŠæ±ãããŸãã
ãã㯠Gateway RPC çµç±ã§ skills.bins ã䜿çšããSkill ã® bin ãªã¹ããååŸããŸãã
峿 Œãªæåèš±å¯ãªã¹ãã䜿ãããå Žåã¯ããããç¡å¹ã«ããŠãã ããã
å®å šãª bin ãšæ¿èªè»¢é
å®å šãª binïŒstdin ã®ã¿ã®é«éãã¹ïŒãã€ã³ã¿ãŒããªã¿ãŒã®ãã€ã³ãã£ã³ã°è©³çްã ããã³æ¿èªããã³ããã Slack/Discord/Telegram ã«è»¢éããæ¹æ³ïŒãŸãã¯ãã€ãã£ãæ¿èªã¯ã©ã€ã¢ã³ããšããŠå®è¡ããæ¹æ³ïŒã«ã€ããŠã¯ã Exec æ¿èª - 詳现ãåç §ããŠãã ããã
Control UI ã§ã®ç·šé
Control UI â Nodes â Exec approvals ã«ãŒãã䜿çšããŠãããã©ã«ãã ãšãŒãžã§ã³ãåäœã®ãªãŒããŒã©ã€ããèš±å¯ãªã¹ããç·šéããŸããã¹ã³ãŒãïŒDefaults ãŸãã¯ãšãŒãžã§ã³ãïŒãéžã³ã ããªã·ãŒã調æŽããèš±å¯ãªã¹ããã¿ãŒã³ã远å ãŸãã¯åé€ããŠãã Save ããŸããUI 㯠ãã¿ãŒã³ããšã«æçµäœ¿çšã¡ã¿ããŒã¿ã衚瀺ããããããªã¹ããæŽçããŠä¿ãŠãŸãã
ã¿ãŒã²ããã»ã¬ã¯ã¿ãŒã¯ GatewayïŒããŒã«ã«æ¿èªïŒãŸã㯠Node ãéžæããŸãã
ããŒã㯠system.execApprovals.get/setïŒmacOS ã¢ããªãŸãã¯
ãããã¬ã¹ããŒããã¹ãïŒãåºåããå¿
èŠããããŸããããŒãããŸã exec æ¿èªãåºåããŠããªãå Žåã¯ã
ãã®ããŒã«ã«æ¿èªãã¡ã€ã«ãçŽæ¥ç·šéããŠãã ããã
CLI: openclaw approvals 㯠Gateway ãŸãã¯ããŒãã®ç·šéããµããŒãããŸã -
Approvals CLIãåç
§ããŠãã ããã
æ¿èªãããŒ
ããã³ãããå¿
èŠãªå Žåãgateway ã¯
exec.approval.requested ããªãã¬ãŒã¿ãŒã¯ã©ã€ã¢ã³ããžãããŒããã£ã¹ãããŸããControl UI ãš macOS
ã¢ããªã¯ exec.approval.resolve ã§ããã解決ãããã®åŸ gateway ã¯æ¿èªæžã¿ãªã¯ãšã¹ãã
ããŒããã¹ããžè»¢éããŸãã
host=node ã®å Žåãæ¿èªãªã¯ãšã¹ãã«ã¯æ£èŠã® systemRunPlan
ãã€ããŒããå«ãŸããŸããgateway ã¯ãæ¿èªæžã¿ system.run
ãªã¯ãšã¹ãã転éãããšãã«ããã®ãã©ã³ãæš©åšãã
command/cwd/session ã³ã³ããã¹ããšããŠäœ¿çšããŸãã
ããã¯éåææ¿èªã¬ã€ãã³ã·ã«ãšã£ãŠéèŠã§ãã
- ããŒã exec ãã¹ã¯ãæåã« 1 ã€ã®æ£èŠãã©ã³ãæºåããŸãã
- æ¿èªã¬ã³ãŒãã¯ããã®ãã©ã³ãšãã®ãã€ã³ãã£ã³ã°ã¡ã¿ããŒã¿ãä¿åããŸãã
- æ¿èªããããšãæçµçã«è»¢éããã
system.runåŒã³åºãã¯ãåŸããã®åŒã³åºãå ã®ç·šéãä¿¡é Œãã代ããã«ãä¿åããããã©ã³ãåå©çšããŸãã - æ¿èªãªã¯ãšã¹ãäœæåŸã«åŒã³åºãå
ã
commandãrawCommandãcwdãagentIdããŸãã¯sessionKeyã倿Žããå Žåãgateway ã¯è»¢éãããå®è¡ãæ¿èªäžäžèŽãšããŠæåŠããŸãã
ã·ã¹ãã ã€ãã³ã
Exec ã©ã€ããµã€ã¯ã«ã¯ã·ã¹ãã ã¡ãã»ãŒãžãšããŠè¡šç€ºãããŸãã
Exec runningïŒã³ãã³ããå®è¡äžéç¥ã®ãããå€ãè¶ ããå Žåã®ã¿ïŒãExec finishedã
ãããã¯ãããŒããã€ãã³ããå ±åããåŸã«ãšãŒãžã§ã³ãã®ã»ãã·ã§ã³ãžæçš¿ãããŸãã
æåŠããã exec æ¿èªã¯ããã¹ãã³ãã³ãèªäœã«ãšã£ãŠçµç«¯ã§ããã³ãã³ãã¯
å®è¡ãããŸãããçºä¿¡å
ã»ãã·ã§ã³ãããã¡ã€ã³ãšãŒãžã§ã³ãã®éåææ¿èªã§ã¯ã
OpenClaw ã¯æåŠãå
éšãã©ããŒã¢ãããšããŠãã®ã»ãã·ã§ã³ãžæçš¿ãã
ãšãŒãžã§ã³ããéåæã³ãã³ãã®åŸ
æ©ãæ¢ããçµææ¬ èœã®ä¿®åŸ©ãé¿ããããããã«ããŸãã
ã»ãã·ã§ã³ãååšããªãããŸãã¯ã»ãã·ã§ã³ãåéã§ããªãå Žåã§ããOpenClaw ã¯
ç°¡æœãªæåŠããªãã¬ãŒã¿ãŒãŸãã¯çŽæ¥ãã£ããã«ãŒããžå ±åã§ããŸãããµããšãŒãžã§ã³ãã»ãã·ã§ã³ã®
æåŠã¯ããµããšãŒãžã§ã³ããžæçš¿ãããŸããã
Gateway ãã¹ãã® exec æ¿èªã¯ãã³ãã³ãå®äºæïŒããã³ä»»æã§ããããå€ããé·ãå®è¡äžã®å ŽåïŒã«
åãã©ã€ããµã€ã¯ã«ã€ãã³ããçºè¡ããŸãã
æ¿èªã§å¶åŸ¡ããã exec ã¯ã容æã«é¢é£ä»ããããããããããã®
ã¡ãã»ãŒãžå
ã§æ¿èª ID ã runId ãšããŠåå©çšããŸãã
æåŠãããæ¿èªã®åäœ
éåæ exec æ¿èªãæåŠãããå ŽåãOpenClaw ã¯ãã¹ãã³ãã³ãã çµç«¯ã〠fail-closed ãšããŠæ±ããŸããã¡ã€ã³ãšãŒãžã§ã³ãã»ãã·ã§ã³ã§ã¯ãæåŠã¯ å éšã»ãã·ã§ã³ãã©ããŒã¢ãããšããŠé ä¿¡ãããéåæã³ãã³ããå®è¡ãããªãã£ãããšããšãŒãžã§ã³ãã«äŒããŸãã ããã«ãããå€ãã³ãã³ãåºåãé²åºããã«ãã©ã³ã¹ã¯ãªããã®é£ç¶æ§ãä¿ã¡ãŸããã»ãã·ã§ã³é ä¿¡ã å©çšã§ããªãå ŽåãOpenClaw ã¯å®å šãªã«ãŒããååšãããšãã«ãç°¡æœãªãªãã¬ãŒã¿ãŒãŸãã¯ çŽæ¥ãã£ããã§ã®æåŠãžãã©ãŒã«ããã¯ããŸãã
圱é¿
fullã¯åŒ·åã§ããå¯èœãªå Žåã¯èš±å¯ãªã¹ããæšå¥šããŸããaskã¯ãè¿ éãªæ¿èªãå¯èœã«ããªããããŠãŒã¶ãŒã倿ã«ãŒãå ã«ä¿ã¡ãŸãã- ãšãŒãžã§ã³ãåäœã®èš±å¯ãªã¹ãã¯ããããšãŒãžã§ã³ãã®æ¿èªãä»ãžæŒããããšãé²ããŸãã
- æ¿èªã¯ãèªå¯æžã¿éä¿¡è
ããã®ãã¹ã exec ãªã¯ãšã¹ãã«ã®ã¿é©çšãããŸããæªèªå¯ã®éä¿¡è
ã¯
/execãçºè¡ã§ããŸããã /exec security=fullã¯èªå¯æžã¿ãªãã¬ãŒã¿ãŒåãã®ã»ãã·ã§ã³ã¬ãã«ã®å©äŸ¿æ©èœã§ãããèšèšäžãæ¿èªãã¹ãããããŸãããã¹ã exec ã匷å¶çã«ãããã¯ããã«ã¯ãæ¿èª security ãdenyã«èšå®ããããããŒã«ããªã·ãŒã§execããŒã«ãæåŠããŠãã ããã
é¢é£
å®å šãª binãã€ã³ã¿ãŒããªã¿ãŒãã€ã³ãã£ã³ã°ããã£ãããžã®æ¿èªè»¢éã
ã·ã§ã«ã³ãã³ãå®è¡ããŒã«ã
æ¿èªãã¹ãããããç·æ¥æçšãã¹ã
ãµã³ãããã¯ã¹ã¢ãŒããšã¯ãŒã¯ã¹ããŒã¹ã¢ã¯ã»ã¹ã
ã»ãã¥ãªãã£ã¢ãã«ãšåŒ·åã
åå¶åŸ¡ããã€äœ¿ãã¹ããã
Skill ã«ããèªåèš±å¯ã®åäœã