# Send Safe Exec to your agent
Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.
## Fast path
- Download the package from Yavira.
- Extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the extracted folder.
## Suggested prompts
### New install

```text
I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete.
```
### Upgrade existing

```text
I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run.
```
## Machine-readable fields
```json
{
  "schemaVersion": "1.0",
  "item": {
    "slug": "safe-exec",
    "name": "Safe Exec",
    "source": "tencent",
    "type": "skill",
    "category": "其他",
    "sourceUrl": "https://clawhub.ai/OTTTTTO/safe-exec",
    "canonicalUrl": "https://clawhub.ai/OTTTTTO/safe-exec",
    "targetPlatform": "OpenClaw"
  },
  "install": {
    "downloadUrl": "/downloads/safe-exec",
    "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=safe-exec",
    "sourcePlatform": "tencent",
    "targetPlatform": "OpenClaw",
    "packageFormat": "ZIP package",
    "primaryDoc": "SKILL.md",
    "includedAssets": [
      "CHANGELOG.md",
      "CLAWDHUB_APPEAL.md",
      "CLAWDHUB_SECURITY_RESPONSE.md",
      "GITHUB_ISSUE_TEMPLATE.md",
      "README-detail.md",
      "README.md"
    ],
    "downloadMode": "redirect",
    "sourceHealth": {
      "source": "tencent",
      "slug": "safe-exec",
      "status": "healthy",
      "reason": "direct_download_ok",
      "recommendedAction": "download",
      "checkedAt": "2026-04-29T08:50:31.915Z",
      "expiresAt": "2026-05-06T08:50:31.915Z",
      "httpStatus": 200,
      "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=safe-exec",
      "contentType": "application/zip",
      "probeMethod": "head",
      "details": {
        "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=safe-exec",
        "contentDisposition": "attachment; filename=\"safe-exec-0.3.4.zip\"",
        "redirectLocation": null,
        "bodySnippet": null,
        "slug": "safe-exec"
      },
      "scope": "item",
      "summary": "Item download looks usable.",
      "detail": "Yavira can redirect you to the upstream package for this item.",
      "primaryActionLabel": "Download for OpenClaw",
      "primaryActionHref": "/downloads/safe-exec"
    },
    "validation": {
      "installChecklist": [
        "Use the Yavira download entry.",
        "Review SKILL.md after the package is downloaded.",
        "Confirm the extracted package contains the expected setup assets."
      ],
      "postInstallChecks": [
        "Confirm the extracted package includes the expected docs or setup files.",
        "Validate the skill or prompts are available in your target agent workspace.",
        "Capture any manual follow-up steps the agent could not complete."
      ]
    }
  },
  "links": {
    "detailUrl": "https://openagent3.xyz/skills/safe-exec",
    "downloadUrl": "https://openagent3.xyz/downloads/safe-exec",
    "agentUrl": "https://openagent3.xyz/skills/safe-exec/agent",
    "manifestUrl": "https://openagent3.xyz/skills/safe-exec/agent.json",
    "briefUrl": "https://openagent3.xyz/skills/safe-exec/agent.md"
  }
}
```
## Documentation

### SafeExec - Safe Command Execution

Provides secure command execution capabilities for OpenClaw Agents with automatic interception of dangerous operations and approval workflow.

### Features

🔍 Automatic danger pattern detection - Identifies risky commands before execution
🚨 Risk-based interception - Multi-level assessment (CRITICAL/HIGH/MEDIUM/LOW)
💬 In-session notifications - Real-time alerts in your current terminal/session
✅ User approval workflow - Commands wait for explicit confirmation
📊 Complete audit logging - Full traceability of all operations
🤖 Agent-friendly - Non-interactive mode support for automated workflows
🔧 Platform-agnostic - Works independently of communication tools (webchat, Feishu, Telegram, etc.)
🔐 Security-focused - No monitoring, no external notifications, no network calls

### Agent Mode

When called by OpenClaw agents in non-interactive environments:

Automatic bypass of confirmation prompts - Prevents agent hanging
Full audit logging - All executions recorded with mode label (agent_auto vs user_approved)
Safety preserved - Danger pattern detection and risk assessment remain active
Intended use case - Automated workflows with human oversight via audit logs

Environment variables:

OPENCLAW_AGENT_CALL - Set by OpenClaw when agent executes commands
SAFE_EXEC_AUTO_CONFIRM - Manual override to auto-approve LOW/MEDIUM risk commands

Security Note: Agent mode does not disable safety checks. CRITICAL and HIGH risk commands are still intercepted, logged, and can be reviewed in audit trail.

### Installation (One Command)

The easiest way to install SafeExec:

Just say in your OpenClaw chat:

Help me install SafeExec skill from ClawdHub

OpenClaw will automatically download, install, and configure SafeExec for you!

### Alternative: Manual Installation

If you prefer manual installation:

# Clone from GitHub
git clone https://github.com/OTTTTTO/safe-exec.git ~/.openclaw/skills/safe-exec

# Make scripts executable
chmod +x ~/.openclaw/skills/safe-exec/safe-exec*.sh

# Create symlinks to PATH (optional)
ln -s ~/.openclaw/skills/safe-exec/safe-exec.sh ~/.local/bin/safe-exec
ln -s ~/.openclaw/skills/safe-exec/safe-exec-*.sh ~/.local/bin/

### Enable SafeExec

After installation, simply say:

Enable SafeExec

SafeExec will start monitoring all shell commands automatically!

### How It Works

Once enabled, SafeExec automatically monitors all shell command executions. When a potentially dangerous command is detected, it intercepts the execution and requests your approval through in-session terminal notifications.

Architecture:

Requests stored in: ~/.openclaw/safe-exec/pending/
Audit log: ~/.openclaw/safe-exec-audit.log
Rules config: ~/.openclaw/safe-exec-rules.json
No external network calls
No background monitoring processes

### Usage

Enable SafeExec:

Enable SafeExec

Turn on SafeExec

Start SafeExec

Once enabled, SafeExec runs transparently in the background. Agents can execute commands normally, and SafeExec will automatically intercept dangerous operations:

Delete all files in /tmp/test

Format the USB drive

SafeExec detects the risk level and displays an in-session prompt for approval.

### Risk Levels

CRITICAL: System-destructive commands (rm -rf /, dd, mkfs, fork bombs)
HIGH: User data deletion or significant system changes (chmod 777, curl | bash)
MEDIUM: Service operations or configuration changes (sudo, firewall modifications)
LOW: Read operations and safe file manipulations

### Approval Workflow

Agent executes a command
SafeExec analyzes the risk level
In-session notification displayed in your terminal
Approve or reject via:

Terminal: safe-exec-approve <request_id>
List pending: safe-exec-list
Reject: safe-exec-reject <request_id>


Command executes or is cancelled

Example notification:

🚨 **Dangerous Operation Detected - Command Intercepted**

**Risk Level:** CRITICAL
**Command:** \`rm -rf /tmp/test\`
**Reason:** Recursive deletion with force flag

**Request ID:** \`req_1769938492_9730\`

ℹ️  This command requires user approval to execute.

**Approval Methods:**
1. In terminal: \`safe-exec-approve req_1769938492_9730\`
2. Or: \`safe-exec-list\` to view all pending requests

**Rejection Method:**
 \`safe-exec-reject req_1769938492_9730\`

### Configuration

Environment variables for customization:

SAFE_EXEC_DISABLE - Set to '1' to globally disable safe-exec
OPENCLAW_AGENT_CALL - Automatically enabled in agent mode (non-interactive)
SAFE_EXEC_AUTO_CONFIRM - Auto-approve LOW/MEDIUM risk commands

### Examples

Enable SafeExec:

Enable SafeExec

After enabling, agents work normally:

Delete old log files from /var/log

SafeExec automatically detects this is HIGH risk (deletion) and displays an in-session approval prompt.

Safe operations pass through without interruption:

List files in /home/user/documents

This is LOW risk and executes without approval.

### Global Control

Check status:

safe-exec-list

View audit log:

cat ~/.openclaw/safe-exec-audit.log

Disable SafeExec globally:

Disable SafeExec

Or set environment variable:

export SAFE_EXEC_DISABLE=1

### Reporting Issues

Found a bug? Have a feature request?

Please report issues at:
🔗 https://github.com/OTTTTTO/safe-exec/issues

We welcome community feedback, bug reports, and feature suggestions!

When reporting issues, please include:

SafeExec version (run: grep "VERSION" ~/.openclaw/skills/safe-exec/safe-exec.sh)
OpenClaw version
Steps to reproduce
Expected vs actual behavior
Relevant logs from ~/.openclaw/safe-exec-audit.log

### Audit Log

All command executions are logged with:

Timestamp
Command executed
Risk level
Execution mode (user_approved / agent_auto)
Approval status
Execution result
Request ID for traceability

Log location: ~/.openclaw/safe-exec-audit.log

### Security & Privacy

What SafeExec does:

✅ Intercepts shell commands before execution
✅ Detects dangerous patterns using regex matching
✅ Requests user approval for risky commands
✅ Logs all executions to local audit file
✅ Works entirely locally on your machine

What SafeExec does NOT do:

❌ No monitoring of chat sessions or conversation history
❌ No reading of OpenClaw session data
❌ No external network requests (except git clone during installation)
❌ No sending data to external services
❌ No background monitoring processes or cron jobs
❌ No integration with external notification services (Feishu, webhooks, etc.)

### Integration

SafeExec integrates seamlessly with OpenClaw agents. Once enabled, it works transparently without requiring changes to agent behavior or command structure. The approval workflow is entirely local and independent of any external communication platform.

### Platform Independence

SafeExec operates at the session level, working with any communication channel your OpenClaw instance supports (webchat, Feishu, Telegram, Discord, etc.). The approval workflow happens through your terminal, ensuring you maintain control regardless of how you're interacting with your agent.

### Support & Community

GitHub Repository: https://github.com/OTTTTTO/safe-exec
Issue Tracker: https://github.com/OTTTTTO/safe-exec/issues
Documentation: README.md
ClawdHub: https://www.clawhub.ai/skills/safe-exec

### License

MIT License - See LICENSE for details.
## Trust
- Source: tencent
- Verification: Indexed source record
- Publisher: OTTTTTO
- Version: 0.3.4
## Source health
- Status: healthy
- Item download looks usable.
- Yavira can redirect you to the upstream package for this item.
- Health scope: item
- Reason: direct_download_ok
- Checked at: 2026-04-29T08:50:31.915Z
- Expires at: 2026-05-06T08:50:31.915Z
- Recommended action: Download for OpenClaw
## Links
- [Detail page](https://openagent3.xyz/skills/safe-exec)
- [Send to Agent page](https://openagent3.xyz/skills/safe-exec/agent)
- [JSON manifest](https://openagent3.xyz/skills/safe-exec/agent.json)
- [Markdown brief](https://openagent3.xyz/skills/safe-exec/agent.md)
- [Download page](https://openagent3.xyz/downloads/safe-exec)