Part 24 (Task Brain Control Plane) references several CLI surfaces and config tokens that don't appear to exist in OpenClaw 2026.4.15 stable (or 2026.4.19-beta.2 beta). Confirmed by:
npm view openclaw dist-tags → latest: 2026.4.15, beta: 2026.4.19-beta.2openclaw plugins list --json on 4.15 returns 99 plugins, none named flows or task-braingrep -rE "\"read-only\.|\"execution\.shell|\"control-plane\." /path/to/openclaw/dist --include='*.js' returns zero matches on both 4.15 and 4.19-beta.2 compiled bundlesopenclaw flows list fails with command 'flows' not found (CLI suggests logs)openclaw doctor after adding "flows" to plugins.allow → warns plugin not found: flows (stale config entry ignored; remove it from plugins config)
What the guide says
Part 24 describes:
- CLI:
openclaw flows list, openclaw flows show <id>, openclaw flows cancel <id>
- Config:
approvals: { "read-only.*": "allow", "execution.shell": "ask", "control-plane.*": "ask", "control-plane.skills": "deny", ... }
- Categories:
read-only.filesystem, read-only.network, execution.shell, execution.code, write.filesystem, write.network, control-plane.secrets, control-plane.tasks, control-plane.skills
What OpenClaw 2026.4.15 actually ships
- CLI:
openclaw tasks list / show / cancel / flow (note: tasks flow is a subcommand for TaskFlow state)
- CLI:
openclaw exec-policy show / preset <yolo|cautious|deny-all> / set
- CLI:
ocplatform security audit [--deep]
- Config:
tools.exec.security (full/allowlist/none), tools.exec.ask (always/on-miss/off), tools.fs.workspaceOnly (bool), tools.profile (messaging/etc.)
- No
approvals config block with semantic string tokens
The official openclawai.io blog post for v2026.3.31-beta.1 (link) does reference openclaw flows list|show|cancel, so this was likely the original CLI surface — my guess is the command was renamed to openclaw tasks sometime in the 4.x line.
Suggested updates
- Clarify whether Part 24's semantic category config block is aspirational/proposed or was rolled back from a beta.
- Update
openclaw flows references to openclaw tasks (if the rename theory is correct).
- Map the SCORECARD.md items under "Pillar 4 — Security & Control Plane" to config keys that exist in the tested version (e.g. items 2/3/4 could reference
tools.exec.security, tools.profile, tools.fs.workspaceOnly).
- If Part 24's design is still the target endpoint and not yet shipped, a small "Status: proposed / pending upstream" banner on Part 24 would help operators calibrate expectations.
Happy to contribute a PR with the mapping if that would be helpful.
Tested against: OpenClaw 2026.4.15 (041266a), installed via npm install -g openclaw.
Part 24 (Task Brain Control Plane) references several CLI surfaces and config tokens that don't appear to exist in OpenClaw 2026.4.15 stable (or 2026.4.19-beta.2 beta). Confirmed by:
npm view openclaw dist-tags→latest: 2026.4.15,beta: 2026.4.19-beta.2openclaw plugins list --jsonon 4.15 returns 99 plugins, none namedflowsortask-braingrep -rE "\"read-only\.|\"execution\.shell|\"control-plane\." /path/to/openclaw/dist --include='*.js'returns zero matches on both 4.15 and 4.19-beta.2 compiled bundlesopenclaw flows listfails withcommand 'flows' not found(CLI suggestslogs)openclaw doctorafter adding"flows"toplugins.allow→ warnsplugin not found: flows (stale config entry ignored; remove it from plugins config)What the guide says
Part 24 describes:
openclaw flows list,openclaw flows show <id>,openclaw flows cancel <id>approvals: { "read-only.*": "allow", "execution.shell": "ask", "control-plane.*": "ask", "control-plane.skills": "deny", ... }read-only.filesystem,read-only.network,execution.shell,execution.code,write.filesystem,write.network,control-plane.secrets,control-plane.tasks,control-plane.skillsWhat OpenClaw 2026.4.15 actually ships
openclaw tasks list / show / cancel / flow(note:tasks flowis a subcommand for TaskFlow state)openclaw exec-policy show / preset <yolo|cautious|deny-all> / setocplatform security audit [--deep]tools.exec.security(full/allowlist/none),tools.exec.ask(always/on-miss/off),tools.fs.workspaceOnly(bool),tools.profile(messaging/etc.)approvalsconfig block with semantic string tokensThe official openclawai.io blog post for v2026.3.31-beta.1 (link) does reference
openclaw flows list|show|cancel, so this was likely the original CLI surface — my guess is the command was renamed toopenclaw taskssometime in the 4.x line.Suggested updates
openclaw flowsreferences toopenclaw tasks(if the rename theory is correct).tools.exec.security,tools.profile,tools.fs.workspaceOnly).Happy to contribute a PR with the mapping if that would be helpful.
Tested against: OpenClaw 2026.4.15 (041266a), installed via
npm install -g openclaw.