@@ -255,12 +255,27 @@ loop. The router:
255255- never merges autofix PRs or draft PRs;
256256- merges automerge PRs only when ClawSweeper passed the exact current head,
257257 checks are green, GitHub says mergeable, no human-review label is present,
258- the PR is not draft, and both merge gates are open.
258+ the PR is not draft, required user-facing OpenClaw changelog entries are
259+ present, and both merge gates are open.
259260
260261If ClawSweeper passes while merge gates are closed, it labels
261262` clawsweeper:merge-ready ` and comments instead of merging. ` @clawsweeper stop `
262263adds ` clawsweeper:human-review ` .
263264
265+ When Peter asks Codex to create a PR and enable ClawSweeper automerge, do not
266+ leave his local OpenClaw checkout on the PR branch. After the PR is created,
267+ pushed, and the ` @clawsweeper automerge ` request is posted or otherwise
268+ confirmed, return the local checkout to ` main ` and fast-forward it when the
269+ working tree is clean:
270+
271+ ``` bash
272+ git switch main
273+ git pull --ff-only
274+ ```
275+
276+ If unrelated local edits or an in-progress rebase prevent switching, report the
277+ blocker instead of stashing, deleting, or overwriting work.
278+
264279Repair caps:
265280
266281``` bash
@@ -270,13 +285,17 @@ CLAWSWEEPER_MAX_REPAIRS_PER_HEAD=1
270285
271286## Security Boundary
272287
273- Do not stage security-sensitive work for ClawSweeper Repair. Route vulnerability
274- reports, CVE/GHSA/advisory work, leaked secrets/tokens/keys, plaintext secret
275- storage, SSRF, XSS, CSRF, RCE, auth bypass, privilege escalation, and sensitive
276- data exposure to central OpenClaw security handling.
277-
278- For adopted automerge jobs, trust deterministic ClawSweeper security markers,
279- labels, and job frontmatter; do not infer security handling from vague prose.
288+ Do not stage unapproved security-sensitive work for ClawSweeper Repair. Route
289+ vulnerability reports, CVE/GHSA/advisory work, leaked secrets/tokens/keys,
290+ plaintext secret storage, SSRF, XSS, CSRF, RCE, auth bypass, privilege
291+ escalation, and sensitive data exposure to central OpenClaw security handling.
292+
293+ For PRs explicitly opted into ` clawsweeper:autofix ` or
294+ ` clawsweeper:automerge ` , security-sensitive review findings may dispatch
295+ bounded repair, but merge remains blocked until a later exact-head review is
296+ clean and the normal merge gates pass. Trust deterministic ClawSweeper security
297+ markers, labels, and job frontmatter; do not infer security handling from vague
298+ prose.
280299
281300## Monitoring
282301
0 commit comments