Problem
Running netclaw init and choosing Personal audience results in immediate warnings from netclaw doctor the moment you finish setup:
- Security Policy: "Personal posture with HostAllowed shell — full host access is enabled"
- Tool Audience Profiles: "Personal profile allows all tools and unrestricted filesystem access" and MCP approval defaults warnings
These fire even though the user explicitly chose Personal through the init wizard. There's no distinction between an intentional Personal configuration and an ambiguous / fallback default that landed there.
Expected behavior
When DeploymentPosture is explicitly set to Personal and the Personal tool profile is explicitly configured (not falling back to defaults), doctor should pass these checks cleanly. The warnings are advisory noise when the user has already made an informed choice.
Doctor should still warn when:
DeploymentPosture is missing and a fallback resolved to Personal- The Personal profile is using implicit defaults rather than explicit values
- Non-personal profiles (Public, Team) have
ToolsMode: All or unrestricted filesystem access
Proposed fix
SecurityPolicyDoctorCheck.cs: Only emit the "Personal + HostAllowed" warning when the posture is implicit (not explicitly set in config). If config.DeploymentPosture is explicitly Personal, suppress it — the user chose this.
ToolAudienceProfilesDoctorCheck.cs: Only warn about unrestricted Personal profile when the values are coming from fallback defaults. If the Personal profile has been explicitly written to config (e.g., by netclaw init), treat it as intentional and skip the unrestricted warning.
For MCP servers without approval defaults on Personal, consider downgrading from warning to info-level, or only warn when there are other audiences configured (implying a multi-audience setup where gating matters more).
Impact
- Fixes the onboarding experience — users who choose Personal shouldn't get yelled at immediately after setup
- Preserves doctor's defensive posture for ambiguous / misconfigured setups
- No config schema changes needed — purely a doctor logic fix
Problem
Running
netclaw initand choosing Personal audience results in immediate warnings fromnetclaw doctorthe moment you finish setup:These fire even though the user explicitly chose Personal through the init wizard. There's no distinction between an intentional Personal configuration and an ambiguous / fallback default that landed there.
Expected behavior
When
DeploymentPostureis explicitly set toPersonaland the Personal tool profile is explicitly configured (not falling back to defaults), doctor should pass these checks cleanly. The warnings are advisory noise when the user has already made an informed choice.Doctor should still warn when:
DeploymentPostureis missing and a fallback resolved to PersonalToolsMode: Allor unrestricted filesystem accessProposed fix
SecurityPolicyDoctorCheck.cs: Only emit the "Personal + HostAllowed" warning when the posture is implicit (not explicitly set in config). Ifconfig.DeploymentPostureis explicitlyPersonal, suppress it — the user chose this.ToolAudienceProfilesDoctorCheck.cs: Only warn about unrestricted Personal profile when the values are coming from fallback defaults. If the Personal profile has been explicitly written to config (e.g., bynetclaw init), treat it as intentional and skip the unrestricted warning.For MCP servers without approval defaults on Personal, consider downgrading from warning to info-level, or only warn when there are other audiences configured (implying a multi-audience setup where gating matters more).
Impact