Require approval before flow_run, bump to 0.9.4

pallaoro · pallaoro · commit 01f253906e85 · 2026-04-07T14:32:53.000+02:00
Register a before_tool_call hook that returns requireApproval for
flow_run invocations. Flows can have side effects (HTTP, exec, agent
delegation) so explicit user consent is required before each run.
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@clawnify/clawflow",
-  "version": "0.9.3",
+  "version": "0.9.4",
   "description": "The n8n for agents. A declarative, AI-native workflow format that agents can read, write, and run.",
   "type": "module",
   "main": "./dist/index.js",
diff --git a/src/plugin/index.ts b/src/plugin/index.ts
@@ -21,6 +21,14 @@ import type { FlowDefinition, FlowNode, PluginConfig, BranchNode, ConditionNode,
 
 interface PluginApi {
   registerTool: (def: object, opts?: { optional?: boolean }) => void;
+  registerHook?: (
+    name: string,
+    handler: (event: { tool?: string; params?: unknown; [k: string]: unknown }) =>
+      | { requireApproval?: boolean; prompt?: string; block?: boolean }
+      | void
+      | Promise<{ requireApproval?: boolean; prompt?: string; block?: boolean } | void>,
+    opts?: { priority?: number },
+  ) => void;
   config?: {
     plugins?: { entries?: Record<string, { config?: PluginConfig }> };
     gateway?: { port?: number; host?: string };
@@ -66,6 +74,27 @@ function register(api: PluginApi) {
     });
   }
 
+  // ---- Approval gate for flow_run -----------------------------------------------
+  // Pause and prompt the user before any flow_run invocation. Flows can have
+  // side effects (HTTP, exec, agent delegation) so we require explicit consent.
+  if (api.registerHook) {
+    api.registerHook("before_tool_call", (event) => {
+      if (event.tool !== "flow_run") return;
+      const p = (event.params ?? {}) as { file?: string; flow?: { flow?: string }; version?: number; draft?: boolean };
+      const target = p.file ?? p.flow?.flow ?? "inline flow";
+      const variant =
+        p.version != null ? ` v${p.version}` : p.draft ? " (draft)" : "";
+      return {
+        requireApproval: true,
+        prompt: `Run clawflow "${target}"${variant}?`,
+      };
+    });
+  } else {
+    api.logger?.warn(
+      "clawflow: registerHook unavailable — flow_run will run without approval gate. Update OpenClaw to enable.",
+    );
+  }
+
   // ---- Shared helpers ------------------------------------------------------------
 
   /** Resolve a file param to an absolute path using workspace conventions. */

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "@clawnify/clawflow",`
`3`		`- "version": "0.9.3",`
	`3`	`+ "version": "0.9.4",`
`4`	`4`	`"description": "The n8n for agents. A declarative, AI-native workflow format that agents can read, write, and run.",`
`5`	`5`	`"type": "module",`
`6`	`6`	`"main": "./dist/index.js",`