Summary

Feature request: Add a shell parameter to the exec tool that supports "powershell" (or "pwsh" for PowerShell Core). When specified, the command should be executed as a script file rather than an inline command string, completely bypassing shell escaping issues.

This is the comprehensive fix for the exec escaping problems on Windows (see related: exec escaping bug).

Problem

On Windows, AI agents frequently need to run PowerShell commands. The current exec tool passes the command as an inline string, which goes through multiple layers of escaping (agent → gateway → shell). PowerShell syntax heavily uses $, {}, (), pipes, and format operators — all of which conflict with shell escaping.

The result: most non-trivial PowerShell commands fail on first attempt. Agents waste tokens retrying, then fall back to writing a .ps1 file and executing it separately (2-3 extra tool calls per operation).

Proposed Solution

{
  "tool": "exec",
  "command": "Get-Process node | ForEach-Object { Write-Host \"$($_.Id): $($_.WorkingSet64/1MB) MB\" }",
  "shell": "powershell"
}

When shell: "powershell":

1. Gateway writes command verbatim to a temp .ps1 file
2. Executes: powershell -ExecutionPolicy Bypass -NoProfile -File <temp>.ps1
3. Captures stdout/stderr
4. Deletes temp file
5. Returns output as normal

Supported values

Benefits

• Zero escaping issues — script is never parsed as a command-line argument
• First-attempt success — agents don't waste tokens on retry loops
• Cross-platform consistency — same tool, different shells
• Power user friendly — complex multi-line scripts work naturally

Alternative: scriptFile mode

Instead of (or in addition to) a shell param, support passing a file path:

{
  "tool": "exec",
  "scriptFile": "C:\\Users\\ukr\\clawd\\scripts\\check-health.ps1",
  "shell": "powershell"
}

Environment

• OpenClaw 2026.1.30, Windows 10
• PowerShell 5.1 (built-in) and PowerShell 7+ (optional)
• Affects all Windows deployments with AI agents