待翻译：Safer Than YOLO: Auto Mode for Exec Approvals

AI 服务暂时不可用，以下为来源正文，待恢复后补全翻译。

YOLO mode made host commands fast by skipping approval prompts. That is useful for trusted local automation and externally sandboxed runs, but it is too blunt as the only good answer for everyday use. We are not changing the default today. auto is an opt-in path we are testing in public. If it proves useful, we will consider making it the safer default for more users, but the principle stays the same: OpenClaw should protect people without taking away operator choice. Auto is the mode that fits Enterprise environments best: policy runs first, low-risk misses can be reviewed by a model, and anything uncertain still routes to a human. Safe, repeatable commands can run without nagging you. Commands that miss policy go to a reviewer first. If the reviewer is not confident, OpenClaw asks you. OpenAI already ships this pattern as Guardian inside Codex. Through the Codex harness, OpenAI-backed OpenClaw sessions can use Codex-native reviewed approvals. Now we are bringing the same shape to OpenClaw host exec as an opt-in mode for everyone. Why This Exists Codex already made this shift in its own permission presets. Its Guardian-reviewed flow lets common workspace work proceed while still requiring review for escapes such as network access or writes outside the workspace. OpenClaw is bringing the same shape to host exec. tools.exec.mode: "auto" keeps the agent moving without turning every command into a permanent yes. Ask Humanfirst Allowlist misses stop and wait for an operator. Good for strict setups, noisy for busy agents.