local-approvalsLocal approval system for managing agent permissions. Use CLI to approve/deny requests, view history, and manage auto-approved categories.
Install via ClawdBot CLI:
clawdbot install shaiss/local-approvalsA local approval system that manages agent permissions with auto-approve lists and approval history tracking.
# List pending requests
python C:\Users\Shai\.openclaw\skills\local-approvals\cli.py list
# Approve a request
python C:\Users\Shai\.openclaw\skills\local-approvals\cli.py approve abc123
# Deny a request
python C:\Users\Shai\.openclaw\skills\local-approvals\cli.py deny abc123
# Show approval history
python C:\Users\Shai\.openclaw\skills\local-approvals\cli.py history
# Reset an agent's categories
python C:\Users\Shai\.openclaw\skills\local-approvals\cli.py reset assistantApprove a pending request by ID.
python cli.py approve <request_id> [--learn] [--reviewer <name>]Options:
--learn: Add the category to the agent's auto-approve list--reviewer: Who is approving (default: "user")Example:
python cli.py approve abc123 --learnDeny a pending request by ID.
python cli.py deny <request_id> [--reviewer <name>]Options:
--reviewer: Who is denying (default: "user")Example:
python cli.py deny abc123List all pending requests, optionally filtered by agent.
python cli.py list [--agent <agent_id>]Options:
--agent: Filter requests by agent IDExample:
python cli.py list --agent assistantShow approval history from state.json.
python cli.py history [--limit <number>]Options:
--limit: Maximum number of entries to show (default: 20)Example:
python cli.py history --limit 50Reset an agent's auto-approved categories list.
python cli.py reset <agent_id>Example:
python cli.py reset assistantShow auto-approved categories for one or all agents.
python cli.py categories [--agent <agent_id>]Options:
--agent: Show categories for specific agentExample:
python cli.py categories --agent plannerThe skill maintains two JSON files in the state directory:
Location: ~/.openclaw/skills/local-approvals/
The core.py module provides the underlying functionality:
check_auto_approve(agent, category) - Check if a category is auto-approvedsubmit_request(agent, category, operation, reasoning) - Submit a pending requestlearn_category(agent, category) - Add category to auto-approve listget_request(request_id) - Retrieve a request by IDupdate_request(request_id, decision, reviewer) - Update request with decisionlist_pending(agent) - List pending requestsget_agent_approvals(agent) - Get agent's auto-approved categories--learn for trusted categories that you want to auto-approvehistory to understand approval patternsreset to clear an agent's auto-approve list if you suspect issues# 1. Check what's pending
python cli.py list
# 2. Review the request details (output shows agent, category, operation, reasoning)
# ID: abc123
# Agent: assistant
# Category: file_write
# Operation: Create config file
# Reasoning: Setting up new environment
# 3. Approve and auto-learn this category for future
python cli.py approve abc123 --learn
# 4. Verify it was approved
python cli.py list # Should show no pending requests
# 5. Check history
python cli.py history
# 6. View auto-approved categories
python cli.py categories# View all auto-approved categories
python cli.py categories
# View categories for a specific agent
python cli.py categories --agent assistant
# Reset an agent's categories (clear all auto-approvals)
python cli.py reset assistantThe CLI is designed to be used both interactively and programmatically. Exit codes:
0: Success1: Error (request not found, agent not found, etc.)cli.py - Command-line interface (this file)core.py - Core approval functionsschemas/ - JSON schema definitionsschemas/state.json - State schema templateschemas/pending.json - Pending requests schema templateGenerated Mar 1, 2026
A financial institution uses this skill to manually approve AI agent requests for sensitive operations like fund transfers or report generation before execution. It ensures regulatory compliance by logging all approvals and denials in state.json for audit trails.
In a hospital setting, AI agents handling patient records must get approval for accessing or modifying data. This skill allows administrators to review requests based on category, such as medical history updates, and auto-approve trusted categories after initial vetting.
A tech company employs this skill to manage AI-driven infrastructure changes, like server deployments or configuration updates. Engineers approve requests via CLI, using the --learn option to auto-approve safe categories after validation, reducing manual oversight over time.
An e-commerce platform uses the skill to approve AI agent actions for order cancellations or refunds. Managers review pending requests to prevent errors, with history tracking helping identify patterns and optimize auto-approval lists for routine tasks.
An online learning platform integrates this skill to approve AI-generated content or user submissions. Moderators use the CLI to list and review requests, denying inappropriate categories and resetting auto-approvals if issues arise, ensuring safe educational environments.
Offer this skill as part of a subscription-based AI management platform, charging monthly fees for features like advanced analytics on approval history and priority support. Revenue scales with the number of agents or approval volume managed.
Sell perpetual licenses to large organizations for on-premises deployment, with customization options for integration into existing security systems. Revenue comes from one-time license fees plus annual maintenance and update charges.
Provide consulting services to help businesses implement and customize the skill, including training, workflow design, and integration with other tools. Revenue is generated through project-based fees and ongoing support contracts.
š¬ Integration Tip
Integrate this skill by calling core functions like submit_request from other AI agents, and use the CLI for manual oversight; ensure state files are backed up regularly to prevent data loss.
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
Perform a comprehensive read-only security audit of Clawdbot's own configuration. This is a knowledge-based skill that teaches Clawdbot to identify hardening opportunities across the system. Use when user asks to "run security check", "audit clawdbot", "check security hardening", or "what vulnerabilities does my Clawdbot have". This skill uses Clawdbot's internal capabilities and file system access to inspect configuration, detect misconfigurations, and recommend remediations. It is designed to be extensible - new checks can be added by updating this skill's knowledge.
Use when reviewing code for security vulnerabilities, implementing authentication flows, auditing OWASP Top 10, configuring CORS/CSP headers, handling secrets, input validation, SQL injection prevention, XSS protection, or any security-related code review.
Security check for ClawHub skills powered by Koi. Query the Clawdex API before installing any skill to verify it's safe.
Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.