Initial commit with translated description

2026-03-29 13:14:42 +08:00
commit 0c8a4c3a37
15 changed files with 2951 additions and 0 deletions
--- a/scripts/safe-exec-approve.sh
+++ b/scripts/safe-exec-approve.sh
@@ -0,0 +1,73 @@
+#!/bin/bash
+# safe-exec-approve - 批准待执行的命令
+
+REQUEST_ID="$1"
+SAFE_EXEC_DIR="$HOME/.openclaw/safe-exec"
+PENDING_DIR="$SAFE_EXEC_DIR/pending"
+
+if [[ -z "$REQUEST_ID" ]]; then
+    echo "用法: safe-exec-approve <request_id>"
+    echo ""
+    echo "查看待处理的请求:"
+    echo "  ls ~/.openclaw/safe-exec/pending/"
+    exit 1
+fi
+
+REQUEST_FILE="$PENDING_DIR/$REQUEST_ID.json"
+
+if [[ ! -f "$REQUEST_FILE" ]]; then
+    echo "❌ 请求 $REQUEST_ID 不存在"
+    exit 1
+fi
+
+# 读取请求信息
+COMMAND=$(jq -r '.command' "$REQUEST_FILE")
+RISK=$(jq -r '.risk' "$REQUEST_FILE")
+
+# 检测运行环境
+IS_INTERACTIVE=false
+if [[ -t 0 ]]; then
+    # 检查 stdin 是否是终端
+    IS_INTERACTIVE=true
+fi
+
+# 检查是否由 OpenClaw Agent 调用
+if [[ -n "$OPENCLAW_AGENT_CALL" ]] || [[ -n "$SAFE_EXEC_AUTO_CONFIRM" ]]; then
+    IS_INTERACTIVE=false
+fi
+
+echo "⚠️  即将执行以下命令："
+echo ""
+echo "风险等级: ${RISK^^}"
+echo "命令: $COMMAND"
+echo ""
+
+# 请求确认（仅在交互式环境）
+if [[ "$IS_INTERACTIVE" == "true" ]]; then
+    read -p "确认执行？(yes/no): " confirm
+    if [[ "$confirm" != "yes" ]]; then
+        echo "❌ 已取消"
+        exit 0
+    fi
+    echo "✅ 已确认"
+else
+    echo "🤖 非交互式环境 - 自动跳过确认"
+fi
+
+# 标记为已批准并执行
+jq '.status = "approved"' "$REQUEST_FILE" > "$REQUEST_FILE.tmp" && mv "$REQUEST_FILE.tmp" "$REQUEST_FILE"
+
+echo "✅ 执行中..."
+eval "$COMMAND"
+exit_code=$?
+
+# 清理已处理的请求
+rm "$REQUEST_FILE"
+
+if [[ $exit_code -eq 0 ]]; then
+    echo "✅ 命令执行成功"
+else
+    echo "⚠️  命令执行失败（退出码: $exit_code）"
+fi
+
+exit $exit_code