Mission Control

OpenClaw Agent Operations

Governance

Permissions

Subject	Resource	Actions	Effect	Approval
CRM Ops Agent	tool:crm.read	READ	ALLOW	No
CRM Ops Agent	memory:Revenue Notes	READ, WRITE	ALLOW	Required
Governance Sentinel	tool:billing.delete	EXECUTE	DENY	Blocked

Approval Policies

Sensitive memory writes
memory / sensitive / approver Nicholas
External message sends
external_write / approver Nicholas

Memory Sources

notesRevenue Notes

sensitive / active / Revenue Memory

databaseGovernance Decisions

restricted / active / Policy Memory

Memory Scopes

agentRevenue Memory

CRM Ops Agent / READ_WRITE / 90 days

workflowPolicy Memory

Approval workflows / READ / Exportable

Sensitive Actions

External messages and writes / sensitiveFile edits or generated artifacts / sensitiveProduction deploy/promote/rollback / restrictedPayment and billing operations / restrictedExports of customer or client data / sensitivePermission or policy changes / restrictedSensitive or restricted memory writes / sensitiveDelete/remove/destructive tool calls / restricted

Audit Log

permission.approval_requiredCRM Ops Agent / memory:Revenue Notes / 2026-06-03 17:45Memory writes require review by default.
permission.deniedGovernance Sentinel / tool:billing.delete / 2026-06-03 17:32Billing destructive actions are disabled.
permission.allowedMarketplace Curator / tool:browser.open / 2026-06-03 16:58Permission grant allows action.