Phase 3 / Ep 14: Coding Permissions in Action — Make the Agent Your Coding Assistant
🎯 Learning Objective: Configure coding permissions and have the Agent complete a real programming task.
1. Enabling the Coding Profile
openclaw config set tools.profile coding
openclaw gateway restart
2. Capabilities Unlocked by Coding Permissions
Once enabled, the Agent can:
- 🔧 Execute arbitrary Shell commands (
npm install,python script.py) - 📁 Create, edit, and delete files
- 🔀 Perform Git operations (clone, branch, commit, push)
- 🧪 Run test suites
- 📦 Install dependencies
3. Hands-on: A Complete Programming Task by the Agent
Send via Telegram or CLI:
"Please help me clone the openclaw/example-skill repository under ~/projects/, create a feat/weather branch, add a description for weather queries in SKILL.md, and then run npm test."
The Agent's execution flow:
sequenceDiagram
participant User as 🧑 You
participant Agent as 🤖 Code Agent
participant Shell as 💻 Shell
participant Git as 🔀 Git
User->>Agent: "clone repo + create branch + modify file + test"
Agent->>Shell: git clone openclaw/example-skill
Shell->>Agent: ✅ Clone completed
Agent->>Git: git checkout -b feat/weather
Git->>Agent: ✅ Branch created
Agent->>Shell: Edit SKILL.md (add weather description)
Shell->>Agent: ✅ File saved
Agent->>Shell: npm test
Shell->>Agent: ✅ 3 tests passed
Agent->>User: "✅ All done! The repository has been cloned, the feat/weather branch created, SKILL.md updated, and all tests passed."4. Security Boundaries
Even with coding permissions, the following commands will still be rejected:
rm -rf /(Dangerous recursive deletion)sudocommands (Privilege escalation is not allowed)- Modifying system configuration files
- Accessing the
~/.openclaw/directory itself
5. Audit Logs
Every Shell command will be recorded in the session logs:
# View which commands the Agent executed
openclaw sessions show <id> --filter tools
Coming up next: Ep 15, full permissions — the most powerful and the most dangerous. When to use them? How to use them safely?