openclaw-tools

No malicious code is present in this text fragment — it is documentation describing a privileged feature. However, the feature it describes (running exec on gateway host and an auto-approve "full" mode) is high-risk if implemented or configured incorrectly. Reviewers should ensure strict feature gating, accurate allowlist configuration (avoid accidental fallbacks), robust auditing/logging, and conservative defaults (feature off by default, require explicit per-agent allowlists) before enabling. Treat this as a security-sensitive capability, not malware.