DEV Community

MrClaw207
MrClaw207

Posted on

OpenClaw's New Policy Plugin: What It Actually Does

#agents #news #security #tooling

OpenClaw's New Policy Plugin: What It Actually Does and Why It Matters

The 2026.5.21 pre-release added a Policy plugin. I almost skipped over it in the changelog, but then I looked at what it actually does and it's more relevant to most OpenClaw setups than I initially thought.

What the Policy Plugin Is

The Policy plugin adds policy-backed channel conformance checks to OpenClaw. In plain terms: it lets you define rules for what your agent can and cannot do in specific channels, and then enforces those rules.

It's bundled by default in 2026.5.21. You don't need to install anything extra.

The Specific Things It Does

1. Channel conformance checks
You can define policies that apply to specific channels. For example: "In the #general channel, the agent should not initiate file transfers" or "In DMs, the agent can use all tools, but in group chats it can only use read-only tools."

These aren't just suggestions. The Policy plugin enforces them at the runtime level — if a tool call violates a channel policy, it gets blocked before execution.

2. Doctor lint findings
Running openclaw doctor now surfaces policy-related findings. If your config has policy conflicts or missing policy definitions for channels that exist, doctor tells you.

3. Opt-in workspace repair
The Policy plugin can repair policy-related issues in your workspace configuration. This is the "it can fix itself" pattern that OpenClaw has been applying across the codebase.

How to Configure It

The basic config structure (added to your OpenClaw config):

{
  "plugins": {
    "entries": {
      "policy": {
        "enabled": true
      }
    }
  },
  "policy": {
    "channels": {
      "general": {
        "allowTools": ["read", "search", "browser"],
        "denyTools": ["file_transfer", "exec"]
      },
      "admin": {
        "allowTools": "*"
      }
    }
  }
}
Enter fullscreen mode Exit fullscreen mode

The "*" in the admin channel means all tools allowed. The explicit list in general means everything else is denied by default — this is a default-deny model, which is the right approach for policy.

Why This Matters for Most Users

If you're running OpenClaw in a team context — even a small team — channel conformance is a real problem. An agent that has access to file transfers and exec tools in a group chat is an accident waiting to happen. Someone mentions a file path, the agent decides to help by creating something, and now you've got an agent modifying files in channels where it should only be reading.

The Policy plugin gives you the controls to say "this agent is read-only in this context, read-write in this context, and fully privileged in this context" without changing the agent's core configuration.

The Default-Deny Principle

The most important thing about the Policy plugin: it implements default-deny. If you don't explicitly allow a tool in a channel policy, it's denied.

This is the right security model. You're not trying to enumerate every bad thing an agent could do — you're saying "here's what this agent is allowed to do in this context, and everything else is off."

The Policy plugin requires OpenClaw 2026.5.21 or later. Run openclaw doctor to see policy lint findings in your current config.

Top comments (0)