fix(doctor): warn that approvals.exec.enabled only disables forwarding

Co-authored-by: nomadonwheels196 <nomadonwheels196@users.noreply.github.com>

src/commands/doctor-security.test.ts

@@ -104,4 +104,19 @@ describe("noteSecurityWarnings gateway exposure", () => {
     const message = lastMessage();
     expect(message).toContain('config set session.dmScope "per-channel-peer"');
   });
+
+  it("clarifies approvals.exec forwarding-only behavior", async () => {
+    const cfg = {
+      approvals: {
+        exec: {
+          enabled: false,
+        },
+      },
+    } as OpenClawConfig;
+    await noteSecurityWarnings(cfg);
+    const message = lastMessage();
+    expect(message).toContain("disables approval forwarding only");
+    expect(message).toContain("exec-approvals.json");
+    expect(message).toContain("openclaw approvals get --gateway");
+  });
 });

src/commands/doctor-security.ts

@@ -12,6 +12,14 @@ export async function noteSecurityWarnings(cfg: OpenClawConfig) {
   const warnings: string[] = [];
   const auditHint = `- Run: ${formatCliCommand("openclaw security audit --deep")}`;
 
+  if (cfg.approvals?.exec?.enabled === false) {
+    warnings.push(
+      "- Note: approvals.exec.enabled=false disables approval forwarding only.",
+      "  Host exec gating still comes from ~/.openclaw/exec-approvals.json.",
+      `  Check local policy with: ${formatCliCommand("openclaw approvals get --gateway")}`,
+    );
+  }
+
   // ===========================================
   // GATEWAY NETWORK EXPOSURE CHECK
   // ===========================================