11 replies

Vault Access & Image Tool Path Restrictions

✅Solved

Problem

The

image

image

tool rejects paths that go through workspace symlinks, even when the symlink points to a vault directory intended for project storage.

Use Case

Vault-first pattern:
- Projects stored in:

~/Documents/<vault_location>/vault/projects/

~/Documents/<vault_location>/vault/projects/

- Workspace symlink:

~/.openclaw/workspace/<vault_location> -> ~/Documents/<vault_location>

~/.openclaw/workspace/<vault_location> -> ~/Documents/<vault_location>

- Goal: Keep project files organized in vault, access via symlink from workspace

What We Tried

Attempt 1: Relative path through symlink

image: <vault_location>/vault/projects/arch-viz-hollow-street/assets/source/image.jpg
Result: "Local media path is not under an allowed directory"

image: <vault_location>/vault/projects/arch-viz-hollow-street/assets/source/image.jpg
Result: "Local media path is not under an allowed directory"

Attempt 2: Full symlink path

image: /Users/rob/.openclaw/workspace/<vault_location>/vault/projects/.../image.jpg
Result: Same error

image: /Users/rob/.openclaw/workspace/<vault_location>/vault/projects/.../image.jpg
Result: Same error

Workaround (current):
Copy files to workspace root before using

image

image

tool, then move results back to vault. Works but inconvenient for iterative workflows.

Question

Is there a way to configure the
image
image
tool to:
1. Trust symlinks within the workspace directory?
2. Or: Allow additional paths via config (e.g.,

security.allowedPaths

security.allowedPaths

)?

Or is this a hardcoded security boundary by design?

Context

Other tools (

read

read

write

write

exec

exec

) work fine with the symlink. It's specifically the

image

image

tool (vision/analysis) that rejects them, likely due to stricter path validation.

Proposed Solutions (if this is worth changing)

Option A: Resolve symlinks relative to workspace and allow them if they stay within the workspace tree

Option B: Add

security.allowedImagePaths

security.allowedImagePaths

config option for users who want to explicitly trust additional directories

Option C: Document that image tool requires files in workspace root, and vault-first workflows should use temporary copies

Solution

Docs: https://docs.openclaw.ai/cli/agents (see

agents add

agents add

examples)

After that, you can either:
- route a channel to that agent with

openclaw agents bind ...

openclaw agents bind ...

(best for “this whole thread goes to vault agent”), or
- just use the vault agent when you’re doing that project work (depends on how you’re interacting: Control UI vs CLI vs chat bindings).

One heads-up: the agent’s bootstrap/memory files will live in that workspace too (so you’ll see

AGENTS.md

AGENTS.md

, memory files, etc. in the vault root unless you’ve disabled bootstrap). For a lot of “vault-first” setups that’s actually a feature.

If you tell me what channel you’re mainly using for the project work (Discord vs Telegram vs local UI), I can suggest the least-annoying binding approach.

Jump to solution

FotC�

Friends of the Crustacean 🦞🤝•3d ago•

11 replies

aboveUAV

Vault Access & Image Tool Path Restrictions

✅Solved

Problem

The

image

image

tool rejects paths that go through workspace symlinks, even when the symlink points to a vault directory intended for project storage.

Use Case

Vault-first pattern:
- Projects stored in:

~/Documents/<vault_location>/vault/projects/

~/Documents/<vault_location>/vault/projects/

- Workspace symlink:

~/.openclaw/workspace/<vault_location> -> ~/Documents/<vault_location>

~/.openclaw/workspace/<vault_location> -> ~/Documents/<vault_location>

- Goal: Keep project files organized in vault, access via symlink from workspace

What We Tried

Attempt 1: Relative path through symlink

image: <vault_location>/vault/projects/arch-viz-hollow-street/assets/source/image.jpg
Result: "Local media path is not under an allowed directory"

image: <vault_location>/vault/projects/arch-viz-hollow-street/assets/source/image.jpg
Result: "Local media path is not under an allowed directory"

Attempt 2: Full symlink path

image: /Users/rob/.openclaw/workspace/<vault_location>/vault/projects/.../image.jpg
Result: Same error

image: /Users/rob/.openclaw/workspace/<vault_location>/vault/projects/.../image.jpg
Result: Same error

Workaround (current):
Copy files to workspace root before using

image

image

tool, then move results back to vault. Works but inconvenient for iterative workflows.

Question

Is there a way to configure the
image
image
tool to:
1. Trust symlinks within the workspace directory?
2. Or: Allow additional paths via config (e.g.,

security.allowedPaths

security.allowedPaths

)?

Or is this a hardcoded security boundary by design?

Context

Other tools (

read

read

write

write

exec

exec

) work fine with the symlink. It's specifically the

image

image

tool (vision/analysis) that rejects them, likely due to stricter path validation.

Proposed Solutions (if this is worth changing)

Option A: Resolve symlinks relative to workspace and allow them if they stay within the workspace tree

Option B: Add

security.allowedImagePaths

security.allowedImagePaths

Solution

Docs: https://docs.openclaw.ai/cli/agents (see

agents add

agents add

examples)

After that, you can either:
- route a channel to that agent with

openclaw agents bind ...

openclaw agents bind ...

AGENTS.md

AGENTS.md

Jump to solution

Vault Access & Image Tool Path Restrictions

Problem

Use Case

What We Tried

Question

Context

Proposed Solutions (if this is worth changing)

Vault Access & Image Tool Path Restrictions

Problem

Use Case

What We Tried

Question

Context

Proposed Solutions (if this is worth changing)

Similar Threads

Similar Threads

Similar Threads