Policy: add policy file comparison command

[giodl73-repo]

Summary

Adds openclaw policy compare so an operator policy file can be checked against an organization-authored baseline policy file. This is policy-file conformance only: it compares policy syntax to policy syntax and does not inspect OpenClaw runtime state, evidence, credentials, or secrets.

The command is intended for lifecycle review such as "does this workspace policy remain at least as strict as the approved baseline?"

Usage

openclaw policy compare --baseline official.policy.jsonc
openclaw policy compare --baseline official.policy.jsonc --policy policy.jsonc --json

Example clean JSON output:

{
  "ok": true,
  "baselinePath": "official.policy.jsonc",
  "policyPath": "policy.jsonc",
  "rulesChecked": 3,
  "findings": []
}

Contract

policy compare uses the same policy rule metadata that governs scoped overlays:

Rule kind	Conformance behavior
Allowlists	Checked policy must be equal or narrower.
Denylists	Checked policy must be equal or broader.
Required booleans	Checked policy must keep the required value.
Ordered strings	Checked policy can only move toward the more restrictive end of the configured order.
Exact lists	Checked policy must match.

The checked policy can use stricter values or add extra policy rules. A top-level checked rule can satisfy a scoped baseline rule when it is equally or more restrictive, because top-level policy applies broadly. Scope names do not need to match; scoped comparison is keyed by selector value such as agentIds or channelIds and by the policy field being checked.

New check IDs:

Check ID	Meaning
policy/policy-conformance-invalid	A baseline or checked policy file has invalid comparison syntax.
policy/policy-conformance-missing	A checked policy file is missing a rule required by the baseline policy file.
policy/policy-conformance-weaker	A checked policy file has a weaker value than the baseline policy file.

Exit codes:

Command	0	1	2
policy compare	The policy file is at least as strict as the baseline.	The policy file is invalid, missing, or weaker than baseline rules.	Argument or runtime failure.

Validation

• CLI coverage for clean compare, missing/weaker rules, invalid files, malformed baseline syntax, scoped selector comparison, stricter top-level satisfaction of scoped baseline rules, and weaker scoped overrides.
• Policy docs updated with compare syntax, strictness behavior, check IDs, JSON output, and exit-code behavior.

[clawsweeper]

Codex review: needs maintainer review before merge. Reviewed May 29, 2026, 2:10 AM ET / 06:10 UTC.

Summary
Adds openclaw policy compare with metadata-backed policy-file strictness comparison, focused Policy plugin tests, and CLI/plugin documentation.

PR surface: Source +890, Tests +576, Docs +42. Total +1508 across 6 files.

Reproducibility: not applicable. this is a feature PR, not a bug report. The contributor supplied live policyCompareCommand output and focused test coverage for the new behavior.

Review metrics: 1 noteworthy metric.

• CLI Surface: 1 command added, 3 options. The new operator-visible command and flags become a documented workflow contract that maintainers should review before merge.

Merge readiness
Overall: 🦞 diamond lobster
Proof: 🦞 diamond lobster
Patch quality: 🦞 diamond lobster
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Risk before merge

• [P1] A false clean result from policy compare could give operators incorrect assurance that a workspace policy satisfies an organization baseline, so the strictness metadata and scoped comparison semantics need policy/security owner review before merge.

Maintainer options:

1. Confirm The Policy Contract (recommended)
   A policy/security owner should review the strictness metadata, scoped-rule matching, and false-clean failure modes before accepting the new operator assurance command.
2. Require Contract Hardening First
   If owner review wants unsupported-key or other fail-closed semantics in the same landing path, require the narrow policy validation patch and regression tests before merge.
3. Pause The Policy Compare Surface
   If maintainers are not ready to own a baseline-comparison command as operator assurance, keep the PR open or close it until the policy contract is decided.

Next step before merge

• [P2] The PR is protected by the maintainer label and the remaining action is policy/security owner review of the comparison contract, not an automated repair.

Security
Cleared: No dependency, lockfile, secret-handling, or supply-chain regression was found; the security-sensitive concern is contract correctness and is tracked as merge risk.

Review details

Best possible solution:

Land only after a policy/security owner accepts the strictness and scoped-matching semantics and exact-head required checks finish green, keeping the command plugin-local and documented.

Do we have a high-confidence way to reproduce the issue?

Not applicable: this is a feature PR, not a bug report. The contributor supplied live policyCompareCommand output and focused test coverage for the new behavior.

Is this the best way to solve the issue?

Yes, the plugin-local command plus shared Policy metadata is a maintainable implementation shape. The remaining question is owner acceptance of the exact conformance contract, not a narrow code defect.

AGENTS.md: found and applied where relevant.

Codex review notes: model gpt-5.5, reasoning high; reviewed against f212176e9164.

Label changes

Label justifications:

• P2: This is a normal-priority Policy plugin feature with a security-sensitive review requirement but no confirmed runtime regression.
• merge-risk: 🚨 security-boundary: Merging this PR adds a policy conformance command whose false clean results could weaken operators' security-posture decisions.
• rating: 🦞 diamond lobster: Overall readiness is 🦞 diamond lobster; proof is 🦞 diamond lobster and patch quality is 🦞 diamond lobster.
• status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (live_output): Contributor comments include after-change live output for weaker and strict real policy-file comparisons, and the current head keeps the same compare surface under review.
• proof: sufficient: Contributor real behavior proof is sufficient. Contributor comments include after-change live output for weaker and strict real policy-file comparisons, and the current head keeps the same compare surface under review.

Evidence reviewed

PR surface:

Source +890, Tests +576, Docs +42. Total +1508 across 6 files.

View PR surface stats

Area	Files	Added	Removed	Net
Source	3	897	7	+890
Tests	1	577	1	+576
Docs	2	48	6	+42
Config	0	0	0	0
Generated	0	0	0	0
Other	0	0	0	0
Total	6	1522	14	+1508

What I checked:

• Repository policy read: Read the full root AGENTS.md plus scoped docs/AGENTS.md and extensions/AGENTS.md; the review applied protected-label handling, plugin-boundary guidance, and security-sensitive policy-contract review guidance. (AGENTS.md:1, f212176e9164)
• Scoped docs policy read: docs/AGENTS.md requires Mintlify-safe docs links/content and consistent plugin terminology for docs changes. Public docs: docs/AGENTS.md. (docs/AGENTS.md:1, f212176e9164)
• Scoped plugin policy read: extensions/AGENTS.md confirms bundled plugin code should stay inside the plugin boundary and use plugin SDK/public seams; this PR keeps the command in the Policy plugin. (extensions/AGENTS.md:1, f212176e9164)
• gitcrawl unavailable, live fallback used: gitcrawl was not installed in this environment, so live GitHub API reads and the current checkout were used for PR state, comments, files, and checks.
• Current main does not already implement the command: A current-main search found no policy compare, policyCompareCommand, or buildPolicyConformanceReport; only existing tool-policy conformance imports matched the broader policy-conformance substring. (f212176e9164)
• Live PR state: The PR is open, not draft, mergeable with unstable checks, has head 2023e8c, and still carries the protected maintainer label plus proof: sufficient and merge-risk: 🚨 security-boundary. (2023e8cba189)

Likely related people:

• giodl73-repo: Current-main history shows Gio Della-Libera authored the recently merged Policy ingress conformance work that added adjacent strictness metadata and docs this PR builds on. (role: recent area contributor; confidence: high; commits: 5fb83af3e389; files: extensions/policy/src/doctor/register.ts, extensions/policy/src/doctor/register.test.ts, docs/cli/policy.md)
• steipete: Blame on the base Policy CLI and metadata area in this checkout points to Peter Steinberger's current-main commits, making him a useful routing candidate for the existing Policy plugin surface. (role: adjacent area contributor; confidence: medium; commits: adabff1bf067, f212176e9164; files: extensions/policy/src/cli.ts, extensions/policy/src/doctor/register.ts)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

[clawsweeper]

ClawSweeper PR egg

✨ Hatched: 🥚 common Mossy Proofling

Hatch command

Comment @clawsweeper hatch when this PR is hatchable.

Hatchability rules:

• Merged PRs are hatchable.
• Open PRs are hatchable when they are status: 👀 ready for maintainer look, status: 🚀 automerge armed, or labeled clawsweeper:automerge.
• Closed unmerged PRs are hatchable only when one of those hatchable labels is still present in the durable record.

Rarity: 🥚 common.
Trait: polishes edge cases.
Image traits: location proof lagoon; accessory lint brush; palette amber, ink, and glacier blue; mood curious; pose pointing at a small proof artifact; shell frosted glass shell; lighting gentle morning glow; background small review tokens.
Share on X: post this hatch
Copy: My PR egg hatched a 🥚 common Mossy Proofling in ClawSweeper.

What is this egg doing here?

• Eggs appear after the PR passes real-behavior proof. It is here for vibes, not verdicts: it does not change labels, ratings, merge decisions, or automation.
• The shell reacts to review momentum: open follow-up work warms it up, re-review makes it wobble, and a clean final review lets it hatch.
• Hatchability usually comes from sufficient real-behavior proof, no blocking P0/P1/P2 findings, no security attention needed, and clean correctness. A merged PR is already final, so merge makes the egg hatchable independently.
• The hatch is seeded from this repository and PR number, so the same PR keeps the same creature; the reviewed head SHA can only change safe visual details.
• Rarity is just collectible sparkle: 🥚 common, 🌱 uncommon, 💎 rare, ✨ glimmer, and 🌈 legendary.

[giodl73-repo]

Updated this branch on top of the rebased ingress policy branch (14c9bd4689f) and kept the compare metadata aligned with the shared sandbox descriptor table plus ingress channel metadata.

I did not find any Galin review or inline comments on this PR via the GitHub review/comment APIs.

Fresh validation after the rebase:

• OPENCLAW_VITEST_FS_MODULE_CACHE_PATH=/tmp/openclaw-policy-conformance-rebase OPENCLAW_VITEST_MAX_WORKERS=1 node scripts/run-vitest.mjs extensions/policy/src/cli.test.ts extensions/policy/src/doctor/register.test.ts -- --reporter=dot --testTimeout=30000 -> 2 files, 270 tests passed
• pnpm tsgo:extensions
• pnpm exec oxfmt --check --threads=1 docs/cli/policy.md docs/plugins/reference/policy.md extensions/policy/src/cli.test.ts extensions/policy/src/cli.ts extensions/policy/src/doctor/register.ts extensions/policy/src/policy-conformance.ts && git diff --check
• node scripts/run-bundled-extension-oxlint.mjs
• pnpm docs:check-mdx docs/cli/policy.md docs/plugins/reference/policy.md

@clawsweeper re-review

[clawsweeper]

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

Re-review progress:

• State: Complete
• Detail: The targeted re-review finished, the durable review comment was updated, and the synced verdict was routed.
• Run: https://github.com/openclaw/clawsweeper/actions/runs/26531473034
• Updated: 2026-05-27T18:51:49.359Z

[giodl73-repo]

Updated #86768 on top of the rebased ingress PR and marked it ready for review.

Current signed head: a9158bba3a9.

Fix made during rebase validation:

• Updated the model-provider compare normalization regression to match the current OpenClaw provider-id contract. normalizeProviderId now normalizes casing only; it no longer aliases bedrock / aws-bedrock to amazon-bedrock, so policy compare should not invent that alias layer.

Fresh validation:

• OPENCLAW_VITEST_FS_MODULE_CACHE_PATH=/tmp/openclaw-86768-compare-rebase-fix2 OPENCLAW_VITEST_MAX_WORKERS=1 node scripts/run-vitest.mjs extensions/policy/src/cli.test.ts extensions/policy/src/doctor/register.test.ts -- --reporter=dot --testTimeout=30000 -> 2 files, 273 tests passed
• pnpm tsgo:extensions
• node scripts/run-bundled-extension-oxlint.mjs -> 0 warnings, 0 errors
• pnpm exec oxfmt --check --threads=1 CHANGELOG.md docs/cli/policy.md docs/plugins/reference/policy.md extensions/policy/src/cli.test.ts extensions/policy/src/cli.ts extensions/policy/src/doctor/register.ts extensions/policy/src/policy-conformance.ts && git diff --check
• pnpm docs:check-mdx docs/cli/policy.md docs/plugins/reference/policy.md

Real behavior proof was run with real baseline/candidate policy files through policyCompareCommand({ json: true }):

• weaker candidate: exitCode: 1, ok: false, rulesChecked: 6, with expected weaker/missing findings
• strict candidate: exitCode: 0, ok: true, rulesChecked: 6, with no findings

@clawsweeper re-review

[clawsweeper]

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

Re-review progress:

• State: Complete
• Detail: The targeted re-review finished, the durable review comment was updated, and the synced verdict was routed.
• Run: https://github.com/openclaw/clawsweeper/actions/runs/26542566381
• Updated: 2026-05-27T22:39:07.522Z

[giodl73-repo]

Refreshed #86768 after #85744 landed.

Current signed head: 294b6f26d6d826e4cbbb5bb4cfea37260f538edb.

Branch cleanup:

• rebuilt on current origin/main
• removed the old stacked sandbox/ingress commits that are now already on main
• replayed only the policy-compare commits:
  • feat(policy): add policy file comparison
  • test(policy): align provider compare normalization
• PR is now mergeable from GitHub's view; CI is rerunning on the refreshed head

Fresh validation on the rebuilt head:

• OPENCLAW_VITEST_FS_MODULE_CACHE_PATH=/tmp/openclaw-86768-refresh OPENCLAW_VITEST_MAX_WORKERS=1 node scripts/run-vitest.mjs extensions/policy/src/cli.test.ts extensions/policy/src/doctor/register.test.ts -- --reporter=dot --testTimeout=30000 -> 2 files, 273 tests passed
• pnpm exec oxfmt --check --threads=1 docs/cli/policy.md docs/plugins/reference/policy.md extensions/policy/src/cli.test.ts extensions/policy/src/cli.ts extensions/policy/src/doctor/register.ts extensions/policy/src/policy-conformance.ts && git diff --check -> passed
• node scripts/run-bundled-extension-oxlint.mjs -> 0 warnings, 0 errors
• pnpm docs:check-mdx docs/cli/policy.md docs/plugins/reference/policy.md -> passed

Known local validation note: pnpm tsgo:extensions currently fails on unrelated current-main code, src/gateway/session-utils.fs.ts, with TS6133: 'maxMessages' is declared but its value is never read. This PR does not touch that file.

@clawsweeper re-review

[clawsweeper]

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

Re-review progress:

• State: Failed
• Detail: The targeted re-review did not finish cleanly. Check the workflow run for details.
• Run: https://github.com/openclaw/clawsweeper/actions/runs/26620294636
• Updated: 2026-05-29T05:41:24.120Z

[giodl73-repo]

Fresh proof on current PR head after the GitHub-side main update:

Current head: daa4520fa4cfd42dbbc161e870b8bcda2e0a1e6f

The PR diff remains scoped to the policy compare files only:

• docs/cli/policy.md
• docs/plugins/reference/policy.md
• extensions/policy/src/cli.test.ts
• extensions/policy/src/cli.ts
• extensions/policy/src/doctor/register.ts
• extensions/policy/src/policy-conformance.ts

Fresh validation on this exact head:

• OPENCLAW_VITEST_FS_MODULE_CACHE_PATH=/tmp/openclaw-86768-daa4520 OPENCLAW_VITEST_MAX_WORKERS=1 node scripts/run-vitest.mjs extensions/policy/src/cli.test.ts extensions/policy/src/doctor/register.test.ts -- --reporter=dot --testTimeout=30000 -> 2 files, 273 tests passed

The earlier format/oxlint/docs checks passed on the rebuilt compare-only branch before GitHub merged latest main into it. The GitHub-side update did not change the PR diff.

@clawsweeper re-review

[clawsweeper]

🦞👀
ClawSweeper picked this up.

Command router queued. I will update this comment with the next step.

Re-review progress:

• State: Superseded
• Detail: A newer re-review for this item started before this run finished, so GitHub cancelled this older run. Check the latest ClawSweeper run for the current result.
• Run: https://github.com/openclaw/clawsweeper/actions/runs/26619656507
• Updated: 2026-05-29T05:23:49.117Z

[clawsweeper]

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

Re-review progress:

• State: Failed
• Detail: The targeted re-review did not finish cleanly. Check the workflow run for details.
• Run: https://github.com/openclaw/clawsweeper/actions/runs/26620550754
• Updated: 2026-05-29T05:48:56.220Z

[giodl73-repo]

Author/maintainer follow-up for ClawSweeper on current head 438f6255d2770f464db4fe864a3cd915ec6ec358:

I reviewed the policy conformance strictness metadata and docs for the current PR shape.

The intended contract is:

• allowlists: candidate must be equal or narrower
• denylists: candidate must be equal or broader
• required booleans: candidate must preserve the required value
• ordered strings: candidate may only move toward the more restrictive end of the configured order
• exact lists: candidate must match

I also checked that policy compare remains policy-file syntax conformance only. It does not inspect runtime state, credentials, or secret values, and it does not add runtime enforcement or new config/plugin public surface.

Maintainer autoreview using the maintainers repo review-pr skill found no actionable findings. Fresh wrapper validation on this exact head passed:

OPENCLAW_VITEST_FS_MODULE_CACHE_PATH=/tmp/openclaw-86768-review-438f6255 OPENCLAW_VITEST_MAX_WORKERS=1 scripts/pr review-tests 86768 extensions/policy/src/cli.test.ts extensions/policy/src/doctor/register.test.ts

Result: pnpm test passed and both requested policy test targets were observed in output.

@clawsweeper re-review

[clawsweeper]

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

Re-review progress:

• State: Superseded
• Detail: A newer re-review for this item started before this run finished, so GitHub cancelled this older run. Check the latest ClawSweeper run for the current result.
• Run: https://github.com/openclaw/clawsweeper/actions/runs/26620612964
• Updated: 2026-05-29T05:53:00.268Z