OpenClaw \u6709\u4e09\u4e2a\u76f8\u5173\uff08\u4f46\u4e0d\u540c\uff09\u7684\u63a7\u5236\uff1a<\/p>\n
agents.defaults.sandbox.*<\/code> \/ agents.list[].sandbox.*<\/code>\uff09\u51b3\u5b9a\u5de5\u5177\u5728\u54ea\u91cc\u8fd0\u884c<\/strong>\uff08Docker vs \u4e3b\u673a\uff09\u3002<\/li>\n- \u5de5\u5177\u7b56\u7565<\/strong>\uff08
tools.*<\/code>\u3001tools.sandbox.tools.*<\/code>\u3001agents.list[].tools.*<\/code>\uff09\u51b3\u5b9a\u54ea\u4e9b\u5de5\u5177\u53ef\u7528\/\u5141\u8bb8<\/strong>\u3002<\/li>\n- \u63d0\u6743<\/strong>\uff08
tools.elevated.*<\/code>\u3001agents.list[].tools.elevated.*<\/code>\uff09\u662f\u4e00\u4e2a\u4ec5\u9650 exec \u7684\u9003\u9038\u901a\u9053<\/strong>\uff0c\u5141\u8bb8\u5728\u6c99\u7bb1\u9694\u79bb\u65f6\u5728\u4e3b\u673a\u4e0a\u8fd0\u884c\u3002<\/li>\n<\/ol>\n\u5feb\u901f\u8c03\u8bd5<\/h2>\n
\u4f7f\u7528\u68c0\u67e5\u5668\u67e5\u770b OpenClaw \u5b9e\u9645<\/em>\u5728\u505a\u4ec0\u4e48\uff1a<\/p>\n“`bash theme={“theme”:{“light”:”min-light”,”dark”:”min-dark”}}
\nopenclaw sandbox explain
\nopenclaw sandbox explain –session agent:main:main
\nopenclaw sandbox explain –agent work
\nopenclaw sandbox explain –json<\/p>\n
\n\u5b83\u4f1a\u6253\u5370\uff1a\n\n* \u751f\u6548\u7684\u6c99\u7bb1\u6a21\u5f0f\/\u8303\u56f4\/\u5de5\u4f5c\u533a\u8bbf\u95ee\n* \u4f1a\u8bdd\u5f53\u524d\u662f\u5426\u88ab\u6c99\u7bb1\u9694\u79bb\uff08\u4e3b vs \u975e\u4e3b\uff09\n* \u751f\u6548\u7684\u6c99\u7bb1\u5de5\u5177\u5141\u8bb8\/\u62d2\u7edd\uff08\u4ee5\u53ca\u5b83\u6765\u81ea\u667a\u80fd\u4f53\/\u5168\u5c40\/\u9ed8\u8ba4\u54ea\u91cc\uff09\n* \u63d0\u6743\u9650\u5236\u548c\u4fee\u590d\u952e\u8def\u5f84\n\n## \u6c99\u7bb1\uff1a\u5de5\u5177\u5728\u54ea\u91cc\u8fd0\u884c\n\n\u6c99\u7bb1\u9694\u79bb\u7531 `agents.defaults.sandbox.mode` \u63a7\u5236\uff1a\n\n* `"off"`\uff1a\u6240\u6709\u5185\u5bb9\u5728\u4e3b\u673a\u4e0a\u8fd0\u884c\u3002\n* `"non-main"`\uff1a\u4ec5\u975e\u4e3b\u4f1a\u8bdd\u88ab\u6c99\u7bb1\u9694\u79bb\uff08\u7fa4\u7ec4\/\u6e20\u9053\u7684\u5e38\u89c1"\u610f\u5916"\uff09\u3002\n* `"all"`\uff1a\u6240\u6709\u5185\u5bb9\u90fd\u88ab\u6c99\u7bb1\u9694\u79bb\u3002\n\n\u53c2\u89c1[\u6c99\u7bb1\u9694\u79bb](\/gateway\/sandboxing)\u4e86\u89e3\u5b8c\u6574\u77e9\u9635\uff08\u8303\u56f4\u3001\u5de5\u4f5c\u533a\u6302\u8f7d\u3001\u955c\u50cf\uff09\u3002\n\n### \u7ed1\u5b9a\u6302\u8f7d\uff08\u5b89\u5168\u5feb\u901f\u68c0\u67e5\uff09\n\n* `docker.binds` *\u7a7f\u900f*\u6c99\u7bb1\u6587\u4ef6\u7cfb\u7edf\uff1a\u4f60\u6302\u8f7d\u7684\u4efb\u4f55\u5185\u5bb9\u5728\u5bb9\u5668\u5185\u4ee5\u4f60\u8bbe\u7f6e\u7684\u6a21\u5f0f\uff08`:ro` \u6216 `:rw`\uff09\u53ef\u89c1\u3002\n* \u5982\u679c\u7701\u7565\u6a21\u5f0f\uff0c\u9ed8\u8ba4\u4e3a\u8bfb\u5199\uff1b\u5bf9\u4e8e\u6e90\u4ee3\u7801\/\u5bc6\u94a5\u4f18\u5148\u4f7f\u7528 `:ro`\u3002\n* `scope: "shared"` \u5ffd\u7565\u6bcf\u4e2a\u667a\u80fd\u4f53\u7684\u7ed1\u5b9a\uff08\u4ec5\u5168\u5c40\u7ed1\u5b9a\u9002\u7528\uff09\u3002\n* \u7ed1\u5b9a `\/var\/run\/docker.sock` \u5b9e\u9645\u4e0a\u5c06\u4e3b\u673a\u63a7\u5236\u6743\u4ea4\u7ed9\u6c99\u7bb1\uff1b\u53ea\u6709\u5728\u6709\u610f\u4e3a\u4e4b\u65f6\u624d\u8fd9\u6837\u505a\u3002\n* \u5de5\u4f5c\u533a\u8bbf\u95ee\uff08`workspaceAccess: "ro"`\/`"rw"`\uff09\u72ec\u7acb\u4e8e\u7ed1\u5b9a\u6a21\u5f0f\u3002\n\n## \u5de5\u5177\u7b56\u7565\uff1a\u54ea\u4e9b\u5de5\u5177\u5b58\u5728\/\u53ef\u8c03\u7528\n\n\u4e24\u4e2a\u5c42\u6b21\u5f88\u91cd\u8981\uff1a\n\n* **\u5de5\u5177\u914d\u7f6e\u6587\u4ef6**\uff1a`tools.profile` \u548c `agents.list[].tools.profile`\uff08\u57fa\u7840\u5141\u8bb8\u5217\u8868\uff09\n* **\u63d0\u4f9b\u5546\u5de5\u5177\u914d\u7f6e\u6587\u4ef6**\uff1a`tools.byProvider[provider].profile` \u548c `agents.list[].tools.byProvider[provider].profile`\n* **\u5168\u5c40\/\u6bcf\u4e2a\u667a\u80fd\u4f53\u5de5\u5177\u7b56\u7565**\uff1a`tools.allow`\/`tools.deny` \u548c `agents.list[].tools.allow`\/`agents.list[].tools.deny`\n* **\u63d0\u4f9b\u5546\u5de5\u5177\u7b56\u7565**\uff1a`tools.byProvider[provider].allow\/deny` \u548c `agents.list[].tools.byProvider[provider].allow\/deny`\n* **\u6c99\u7bb1\u5de5\u5177\u7b56\u7565**\uff08\u4ec5\u5728\u6c99\u7bb1\u9694\u79bb\u65f6\u9002\u7528\uff09\uff1a`tools.sandbox.tools.allow`\/`tools.sandbox.tools.deny` \u548c `agents.list[].tools.sandbox.tools.*`\n\n\u7ecf\u9a8c\u6cd5\u5219\uff1a\n\n* `deny` \u59cb\u7ec8\u4f18\u5148\u3002\n* \u5982\u679c `allow` \u975e\u7a7a\uff0c\u5176\u4ed6\u6240\u6709\u5185\u5bb9\u90fd\u88ab\u89c6\u4e3a\u963b\u6b62\u3002\n* \u5de5\u5177\u7b56\u7565\u662f\u786c\u6027\u505c\u6b62\uff1a`\/exec` \u65e0\u6cd5\u8986\u76d6\u88ab\u62d2\u7edd\u7684 `exec` \u5de5\u5177\u3002\n* `\/exec` \u4ec5\u4e3a\u6388\u6743\u53d1\u9001\u8005\u66f4\u6539\u4f1a\u8bdd\u9ed8\u8ba4\u503c\uff1b\u5b83\u4e0d\u6388\u4e88\u5de5\u5177\u8bbf\u95ee\u6743\u9650\u3002\n \u63d0\u4f9b\u5546\u5de5\u5177\u952e\u63a5\u53d7 `provider`\uff08\u4f8b\u5982 `google-antigravity`\uff09\u6216 `provider\/model`\uff08\u4f8b\u5982 `openai\/gpt-5.2`\uff09\u3002\n\n### \u5de5\u5177\u7ec4\uff08\u7b80\u5199\uff09\n\n\u5de5\u5177\u7b56\u7565\uff08\u5168\u5c40\u3001\u667a\u80fd\u4f53\u3001\u6c99\u7bb1\uff09\u652f\u6301 `group:*` \u6761\u76ee\uff0c\u5b83\u4eec\u4f1a\u5c55\u5f00\u4e3a\u591a\u4e2a\u5de5\u5177\uff1a\n\n```json5 theme={"theme":{"light":"min-light","dark":"min-dark"}}\n{\n tools: {\n sandbox: {\n tools: {\n allow: ["group:runtime", "group:fs", "group:sessions", "group:memory"],\n },\n },\n },\n}\n<\/code><\/pre>\n\u53ef\u7528\u7684\u7ec4\uff1a<\/p>\n
\ngroup:runtime<\/code>\uff1aexec<\/code>\u3001bash<\/code>\u3001process<\/code><\/li>\ngroup:fs<\/code>\uff1aread<\/code>\u3001write<\/code>\u3001edit<\/code>\u3001apply_patch<\/code><\/li>\ngroup:sessions<\/code>\uff1asessions_list<\/code>\u3001sessions_history<\/code>\u3001sessions_send<\/code>\u3001sessions_spawn<\/code>\u3001session_status<\/code><\/li>\ngroup:memory<\/code>\uff1amemory_search<\/code>\u3001memory_get<\/code><\/li>\ngroup:ui<\/code>\uff1abrowser<\/code>\u3001canvas<\/code><\/li>\ngroup:automation<\/code>\uff1acron<\/code>\u3001gateway<\/code><\/li>\ngroup:messaging<\/code>\uff1amessage<\/code><\/li>\ngroup:nodes<\/code>\uff1anodes<\/code><\/li>\ngroup:openclaw<\/code>\uff1a\u6240\u6709\u5185\u7f6e OpenClaw \u5de5\u5177\uff08\u4e0d\u5305\u62ec\u63d0\u4f9b\u5546\u63d2\u4ef6\uff09<\/li>\n<\/ul>\n\u63d0\u6743\uff1a\u4ec5\u9650 exec \u7684”\u5728\u4e3b\u673a\u4e0a\u8fd0\u884c”<\/h2>\n
\u63d0\u6743\u4e0d\u4f1a<\/strong>\u6388\u4e88\u989d\u5916\u5de5\u5177\uff1b\u5b83\u4ec5\u5f71\u54cd exec<\/code>\u3002<\/p>\n\n- \u5982\u679c\u4f60\u88ab\u6c99\u7bb1\u9694\u79bb\uff0c
\/elevated on<\/code>\uff08\u6216\u5e26 elevated: true<\/code> \u7684 exec<\/code>\uff09\u5728\u4e3b\u673a\u4e0a\u8fd0\u884c\uff08\u5ba1\u6279\u53ef\u80fd\u4ecd\u7136\u9002\u7528\uff09\u3002<\/li>\n- \u4f7f\u7528
\/elevated full<\/code> \u8df3\u8fc7\u8be5\u4f1a\u8bdd\u7684 exec \u5ba1\u6279\u3002<\/li>\n- \u5982\u679c\u4f60\u5df2\u7ecf\u76f4\u63a5\u8fd0\u884c\uff0c\u63d0\u6743\u5b9e\u9645\u4e0a\u662f\u7a7a\u64cd\u4f5c\uff08\u4ecd\u7136\u53d7\u9650\uff09\u3002<\/li>\n
- \u63d0\u6743\u4e0d\u662f<\/strong> skill \u8303\u56f4\u7684\uff0c\u4e0d\u4f1a<\/strong>\u8986\u76d6\u5de5\u5177\u5141\u8bb8\/\u62d2\u7edd\u3002<\/li>\n
\/exec<\/code> \u4e0e\u63d0\u6743\u662f\u5206\u5f00\u7684\u3002\u5b83\u4ec5\u4e3a\u6388\u6743\u53d1\u9001\u8005\u8c03\u6574\u6bcf\u4e2a\u4f1a\u8bdd\u7684 exec \u9ed8\u8ba4\u503c\u3002<\/li>\n<\/ul>\n\u9650\u5236\uff1a<\/p>\n
\n- \u542f\u7528\uff1a
tools.elevated.enabled<\/code>\uff08\u4ee5\u53ca\u53ef\u9009\u7684 agents.list[].tools.elevated.enabled<\/code>\uff09<\/li>\n- \u53d1\u9001\u8005\u5141\u8bb8\u5217\u8868\uff1a
tools.elevated.allowFrom.<provider><\/code>\uff08\u4ee5\u53ca\u53ef\u9009\u7684 agents.list[].tools.elevated.allowFrom.<provider><\/code>\uff09<\/li>\n<\/ul>\n