safe-execlisted
Install: claude install-skill Deep-pahoehoe114/openclaw-claude-code-integration
# SafeExec - Safe Command Execution
Provides secure command execution capabilities for OpenClaw Agents with automatic interception of dangerous operations and approval workflow.
## Features
- 🔍 **Automatic danger pattern detection** - Identifies risky commands before execution
- 🚨 **Risk-based interception** - Multi-level assessment (CRITICAL/HIGH/MEDIUM/LOW)
- 💬 **In-session notifications** - Real-time alerts in your current terminal/session
- ✅ **User approval workflow** - Commands wait for explicit confirmation
- 📊 **Complete audit logging** - Full traceability of all operations
- 🤖 **Agent-friendly** - Non-interactive mode support for automated workflows
- 🔧 **Platform-agnostic** - Works independently of communication tools (webchat, Feishu, Telegram, etc.)
- 🔐 **Security-focused** - No monitoring, no external notifications, no network calls
## Agent Mode
When called by OpenClaw agents in non-interactive environments:
- **Automatic bypass of confirmation prompts** - Prevents agent hanging
- **Full audit logging** - All executions recorded with mode label (agent_auto vs user_approved)
- **Safety preserved** - Danger pattern detection and risk assessment remain active
- **Intended use case** - Automated workflows with human oversight via audit logs
**Environment variables:**
- `OPENCLAW_AGENT_CALL` - Set by OpenClaw when agent executes commands
- `SAFE_EXEC_AUTO_CONFIRM` - Manual override to auto-approve LOW/MEDIUM risk commands
**Security Note:** Agent mode