前置说明：配置文件路径 ~/.openclaw/openclaw.json（JSON5格式，支持注释）；执行前务必开启Sandbox、禁用高危full权限、配置强认证；修改后执行 openclaw reload 热重载，核心变更需重启 Gateway

json{"gateway": {"listen": ":18789",// 强认证配置，严禁空密码/空Token"auth": {"type": "token","token": "你的自定义强认证Token(大小写字母+数字+特殊字符≥32位)",// 禁用匿名连接，生产必开"requireAuth": true},// 配置热重载模式，生产推荐hybrid"reloadMode": "hybrid",// 导入环境变量，避免守护进程丢环境"shellEnv": true},

json"exec": {// 执行权限三档：生产强制allowlist白名单，严禁full"security": "allowlist",// 审批模式：非白名单命令强制审批"ask": "on-miss",// 默认执行位置：sandbox隔离环境，强制走沙箱不落地宿主机"host": "sandbox",// exec白名单：仅放行基础运维命令，按需追加"allowlist": ["ls","pwd","cat","echo","ping","top","df -h","free -h"],// 高危命令黑名单，优先级高于白名单"denylist": ["rm","mv","chmod","chown","wget","curl","bash","sh","sudo","reboot","poweroff"]},// Sandbox沙箱开启配置，修复默认关闭裸奔坑"sandbox": {"enabled": true,// 沙箱镜像，用最小化安全镜像"image": "openclaw/sandbox:alpine",// 沙箱隔离模式：全量隔离，不泄露宿主机资源"mode": "all",// 沙箱生命周期：会话级隔离，用完销毁"scope": "session",// 工作区只读，禁止沙箱内写文件"workspaceAccess": "ro",// 资源限制，防止耗尽宿主机"memory": "128m","cpuQuota": 0.5,// 完全断网，禁止沙箱外联"networkMode": "none"},

json"agent": {"default": {// 工具白名单，仅开放必要能力"allow": ["exec", "file.read", "file.list", "heartbeat"],// 禁用高危工具"deny": ["file.write", "file.delete", "apply_patch"],// 独立工作区，隔离多Agent数据"workspace": "~/.openclaw/workspaces/{{agentId}}",// 禁止跨工作区访问"crossWorkspace": false}},

json"scheduler": {// 心跳巡检，默认5分钟一次"heartbeat": {"enabled": true,"interval": "5m",// 忙时跳过，避免抢占资源"skipBusy": true},// Cron定时任务，强制隔离会话，避免污染主流程"cron": {"enabled": true,// 配置时区，防止调度错乱"timezone": "Asia/Shanghai",// 独立会话执行，生产必开"isolated": true,// 失败退避重试，避免雪崩"retryPolicy": {"maxRetries": 2,"backoff": "exponential"}}},

json"node": {// 设备配对强制审批，禁止自动接入"autoApprove": false,// 设备能力白名单，仅开放必要硬件能力"allowCapabilities": ["camera", "screen", "system.info"],// 禁用高危设备能力"denyCapabilities": ["system.run", "location"]},"webhook": {"enabled": true,// Webhook强Token认证，防止非法调用"token": "Webhook专用独立强Token(≥32位)",// 仅放行隔离会话，禁止直接操作宿主机"allowIsolatedOnly": true}}