If you updated to OpenClaw 2026.4.1 and your agent suddenly asks for approval before every single command โ even things it was doing automatically before โ you're not alone. This is the #1 issue on r/openclaw right now.
Here's what changed and how to fix it.
What Changed in 2026.4.1
The 2026.4.1 update introduced a new exec security model. Previously, OpenClaw would run commands based on your openclaw.json security settings. Now, the source of truth is a separate file: ~/.openclaw/exec-approvals.json.
The breaking change: If exec-approvals.json doesn't exist, 2026.4.1 defaults to blocking everything โ including commands your agent has been running automatically for months. The migration doesn't create this file automatically.
This is intentional โ it's a security improvement. But it's a breaking change that wasn't prominently flagged in the release notes, which is why thousands of users hit it unexpectedly.
The Three Ways to Fix It
Option 1: Restore Previous Behavior (Fastest)
If you want your agent to behave exactly like it did before the update โ run commands autonomously without asking โ create the approvals file with full allow:
mkdir -p ~/.openclaw
cat > ~/.openclaw/exec-approvals.json << 'EOF'
{
"version": 1,
"defaultPolicy": "allow",
"rules": []
}
EOFSecurity note: This restores pre-4.1 behavior but removes the new approval layer. Only use this if your gateway is properly secured (auth token set, not publicly exposed). If you're not sure, use Option 2 instead.
Option 2: Configure an Approval Channel (Recommended)
This is the right way to use 2026.4.1 โ your agent asks for permission via Discord or Slack, you approve/deny with a tap on your phone. It's actually a great workflow once configured.
- In your openclaw.json, add your approval channel config under
approvals - Set your Discord or Slack channel as the approval destination
- Create exec-approvals.json with
"defaultPolicy": "ask"
# exec-approvals.json for approval-channel workflow
{
"version": 1,
"defaultPolicy": "ask",
"approvalChannel": "discord",
"timeoutSeconds": 300,
"rules": [
{
"pattern": "git status|git log|ls|cat|pwd",
"policy": "allow"
},
{
"pattern": "rm -rf|sudo rm|DROP TABLE|format",
"policy": "deny"
}
]
}With this config: read-only commands run automatically, destructive patterns are always blocked, and everything else asks you via Discord with approve/deny buttons.
Option 3: Per-Command Allowlist (Most Precise)
If you know exactly which commands your agent needs to run automatically, list them explicitly:
{
"version": 1,
"defaultPolicy": "ask",
"rules": [
{ "pattern": "git (add|commit|push|pull|status|log)", "policy": "allow" },
{ "pattern": "npm (run|install|build|test)", "policy": "allow" },
{ "pattern": "ls|cat|pwd|echo|grep|find", "policy": "allow" },
{ "pattern": "curl https://", "policy": "allow" },
{ "pattern": ".*", "policy": "ask" }
]
}Also Check: The Specific Scenario Where Nothing Works at All
Some users on r/openclaw are reporting that even after creating exec-approvals.json, their agent is still stuck. This is usually one of two things:
- File permissions: Run
chmod 600 ~/.openclaw/exec-approvals.jsonโ OpenClaw won't read it if it's world-writable. - Restart required: OpenClaw doesn't hot-reload this file. Restart the service:
sudo systemctl restart openclaw(or however you run it).
If You're Still on 2026.3.31 โ Local LLM Timeout Bug
Separate issue: 2026.3.31 introduced a bug that causes local LLMs (Ollama, LM Studio) to time out after a few minutes. If you're hitting this, either:
- Update to 2026.4.1+ where it's fixed (and apply the exec-approvals.json fix above)
- Or revert to 2026.3.28:
npm install -g openclaw@2026.3.28
Verify your fix worked: Restart OpenClaw, then ask your agent to run a simple command like echo hello. If it runs without asking for approval (Option 1) or routes the approval to your channel (Option 2), you're good.
Why This Keeps Happening
OpenClaw is shipping roughly one release every 1.5 days right now, and about 40% of recent releases have included breaking config changes. The 4.1 exec change is a good example of what this looks like in practice: a well-intentioned security improvement, insufficient migration tooling, and thousands of users hitting the wall simultaneously.
If you're tired of spending afternoons debugging post-update breakage, that's exactly what ClawReady Care handles โ we track every release, evaluate breaking changes against your specific config, and apply fixes before you notice anything is wrong.