Thanks to visit codestin.com
Credit goes to github.com

Skip to content

fix(exec): derive agentId from sessionKey for allowlist lookup #1417

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
steipete merged 2 commits into from
Jan 22, 2026
Merged

fix(exec): derive agentId from sessionKey for allowlist lookup #1417

steipete merged 2 commits into from
Jan 22, 2026

Conversation

@czekaj
Copy link
Contributor

@czekaj czekaj commented Jan 22, 2026

Summary

  • Fix exec allowlist not matching entries in agents.main when triggered via chat/Discord
  • When createExecTool was called without explicit agentId (e.g., from bash-command.ts), the allowlist lookup used "default" instead of deriving the agent from sessionKey
  • User's allowlist entries in agents.main were never matched, causing repeated approval prompts

Root Cause

In bash-command.ts:333, createExecTool was called with sessionKey but NOT agentId:

const execTool = createExecTool({
  scopeKey: CHAT_BASH_SCOPE_KEY,
  sessionKey: params.sessionKey,  // ← sessionKey passed
  // agentId NOT passed!
});

In bash-tools.exec.ts, the allowlist lookup used defaults?.agentId:

const approvals = resolveExecApprovals(defaults?.agentId, ...);

With agentId undefined, resolveExecApprovalsFromFile fell back to:

const agentKey = params.agentId ?? "default";

This looked up agents.default instead of agents.main, missing all user allowlist entries.

Fix

Derive agentId from sessionKey if not explicitly provided:

const agentId = defaults?.agentId ?? resolveAgentIdFromSessionKey(defaults?.sessionKey);

Then use the derived agentId in all allowlist operations.

Test plan

  • pnpm test src/agents/bash-tools.test.ts passes (16 tests)
  • pnpm test src/infra/exec-approvals.test.ts passes (15 tests)
  • Manual test: trigger exec from Discord with allowlist entries in agents.main

🤖 Generated with Claude Code

@czekaj czekaj marked this pull request as draft January 22, 2026 03:02
@steipete steipete self-assigned this Jan 22, 2026
steipete added a commit that referenced this pull request Jan 22, 2026
@steipete
fix: default exec approvals to main agent (#1417) (thanks @czekaj)
58c14d6
steipete added a commit that referenced this pull request Jan 22, 2026
@steipete
fix: default exec approvals to main agent (#1417) (thanks @czekaj)
5b1d78d
@steipete steipete marked this pull request as ready for review January 22, 2026 03:58
czekaj and others added 2 commits January 22, 2026 03:58
@czekaj @steipete
fix(exec): derive agentId from sessionKey for allowlist lookup
0c55b1e 
When creating exec tools via chat/Discord, agentId was not passed,
causing allowlist lookup to use 'default' key instead of 'main'.
User's allowlist entries in agents.main were never matched.

Now derives agentId from sessionKey if not explicitly provided,
ensuring correct allowlist lookup for all exec paths.
@steipete
fix: default exec approvals to main agent (openclaw#1417) (thanks @cz…
2d583e8 
…ekaj)
@steipete steipete force-pushed the fix/exec-allowlist-agentid-derivation branch from 74a66ae to 2d583e8 Compare January 22, 2026 04:00
@steipete steipete merged commit 3b2aff0 into openclaw:main Jan 22, 2026
37 of 42 checks passed
@steipete
Copy link
Contributor

steipete commented Jan 22, 2026

Landed via temp rebase onto main.\n\n- Gate: pnpm lint && pnpm build && pnpm test\n- Land commit: 2d583e8\n- Merge commit: 3b2aff0\n\nThanks @czekaj!

czekaj added a commit to czekaj/clawdbot that referenced this pull request Jan 22, 2026
@czekaj @claude
fix(exec): check allowlist before prompting for node host
b1d74a6 
The node host path was always prompting for approval on-miss, even when
the command was in the allowlist. This mirrors the gateway host behavior
by checking matchAllowlist() and isSafeBinUsage() before deciding to ask.

Also fixes a regression from openclaw#1417 where null was passed instead of
undefined for optional approval request params (resolvedPath, sessionKey),
which caused validation failures.

Co-Authored-By: Claude Opus 4.5 <[email protected]>
@czekaj czekaj mentioned this pull request Jan 22, 2026
Closed
3 tasks
czekaj added a commit to czekaj/clawdbot that referenced this pull request Jan 22, 2026
@czekaj @claude
fix(exec): check allowlist before prompting for node host
78d08fc 
The node host path was always prompting for approval on-miss, even when
the command was in the allowlist. This mirrors the gateway host behavior
by checking matchAllowlist() and isSafeBinUsage() before deciding to ask.

Also fixes a regression from openclaw#1417 where null was passed instead of
undefined for optional approval request params (resolvedPath, sessionKey),
which caused validation failures.

Co-Authored-By: Claude Opus 4.5 <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@steipete steipete

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@czekaj @steipete