Problem

OpenClaw uses Node.js os.homedir() to resolve paths like ~/.openclaw/ and ~/.clawdbot/agents/. However, os.homedir() reads from the system user database (passwd/Directory Service), ignoring the $HOME environment variable.

This breaks user isolation when running OpenClaw as a dedicated service user via LaunchDaemon with a custom HOME env var.

Steps to Reproduce

1. Create a headless macOS service user kira with NFSHomeDirectory /Users/kira
2. Set HOME=/Users/kira in LaunchDaemon EnvironmentVariables
3. Set OPENCLAW_CONFIG=/Users/kira/.openclaw/openclaw.json
4. OpenClaw starts, reads config correctly via OPENCLAW_CONFIG
5. But internal paths (e.g., skills/agents lookup via ~/.clawdbot/agents/) still resolve to the original user's home via os.homedir()

Expected Behavior

OpenClaw should respect $HOME (or a new OPENCLAW_HOME env var) for all internal path resolution, enabling full filesystem isolation for service accounts.

Actual Behavior

os.homedir() returns the NFSHomeDirectory from Directory Service, which is technically correct — but means skills/agents paths resolve to the wrong home directory. Workaround requires granting the service user read access to the original user's home, partially breaking isolation.

Suggested Fix

Replace os.homedir() with process.env.HOME || os.homedir() (or introduce OPENCLAW_HOME env var) for all internal path resolution.

Environment

• macOS 14.6 (arm64)
• OpenClaw v2026.2.6-3
• Node.js v22.22.0
• Dedicated service user via LaunchDaemon