Exec allowlist returns 'unsupported platform' on Windows after upgrading to v2026.2.23 #25376
Description
Title
Exec allowlist returns "unsupported platform" on Windows after upgrading to v2026.2.23
Body
Summary
After upgrading from v2026.2.22-2 to v2026.2.23, exec commands that were previously working with allowlist mode now fail with:
exec denied: allowlist execution plan unavailable (unsupported platform)
The allowlist entries are correct and unchanged — the same entries worked fine in v2026.2.22-2. The error originates from exec-approvals-analysis.ts which returns { ok: false, reason: "unsupported platform" }.
Environment
- OS: Windows 11 (Windows_NT 10.0.26200 x64)
- Node: v22.16.0
- OpenClaw: v2026.2.23 (b817600)
- Shell: powershell
- Previous version (working): v2026.2.22-2
Steps to reproduce
- Have a working exec-approvals allowlist on Windows with absolute path entries (e.g.
C:\Program Files\GitHub CLI\gh.exe,C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe) - Upgrade to v2026.2.23:
npm install -g [email protected] - Restart the gateway
- Agent tries to run any allowlisted command (e.g.
gh search issues ...,openclaw hooks list,powershell -File script.ps1) - Result:
exec denied: allowlist execution plan unavailable (unsupported platform)
Expected behavior
Commands matching allowlist entries should be resolved and executed (or prompted for approval if ask: on-miss), just like in v2026.2.22-2.
Actual behavior
All commands that go through the allowlist resolution pipeline fail immediately with unsupported platform. No approval prompt is shown — the command is denied outright.
Commands that DO work:
- Commands in
safeBins(e.g.echo,Get-ChildItem,Select-String) — these bypass allowlist resolution - Commands when
elevated: fullis active — this skips approvals entirely
Commands that FAIL:
powershell -Command "..."powershell -File "..."gh search issues ...openclaw hooks listopenclaw hooks enable ...- Any command that requires allowlist path resolution
Relevant config
{
"tools": {
"exec": {
"security": "allowlist",
"ask": "on-miss"
}
}
}Allowlist entries (all with full absolute paths, verified via openclaw approvals get):
C:\Program Files\GitHub CLI\gh.exe
C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe
C:\Users\<user>\AppData\Roaming\npm\openclaw.cmd
C:\Program Files\nodejs\node.exe
C:\WINDOWS\system32\curl.exe
... (20 entries total, all absolute paths)
Logs
From gateway log (\tmp\openclaw\openclaw-2026-02-24.log):
11:20:36 info exec {"subsystem":"exec"} elevated command openclaw hooks enable command-logger
11:20:36 error [tools] exec failed: exec denied: allowlist execution plan unavailable (unsupported platform)
11:20:36 error [tools] exec failed: exec denied: allowlist execution plan unavailable (unsupported platform)
Analysis
The error string unsupported platform comes from src/infra/exec-approvals-analysis.ts. It appears that the execution plan builder (which resolves command text into binary path + arguments for allowlist matching) does not fully support Windows shell wrapping in v2026.2.23.
In v2026.2.22-2, the same allowlist entries and same commands worked correctly — the path resolver could match powershell ... to the allowlisted C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe.
Workaround
Setting elevated: full (via /exec security=full or Telegram elevated mode) bypasses the allowlist entirely and allows all commands to run. This is not ideal for security but unblocks usage on Windows.
Impact
High — on Windows, allowlist mode is effectively broken in v2026.2.23. All agent exec commands that aren't in safeBins are denied, making the agent unable to perform most tasks without elevated full access.