From 9d7b90d0fa8f7e2eb9b6e1ccdd3679cfe3ec1917 Mon Sep 17 00:00:00 2001 From: jnun Date: Sun, 22 Mar 2026 18:23:41 -0500 Subject: [PATCH] fix(policy): add node binary to npm_registry policy npm is a Node.js script (/usr/local/lib/node_modules/npm/bin/npm-cli.js), so the actual binary making HTTPS CONNECT requests to the sandbox proxy is /usr/local/bin/node, not /usr/local/bin/npm. The proxy checks the calling binary against the policy's binaries list and returns 403 Forbidden when node is not listed. This causes every `npm install` inside the sandbox to fail with: npm error 403 403 Forbidden - GET https://registry.npmjs.org/ Adding /usr/local/bin/node to the npm_registry binaries list fixes it. Co-Authored-By: Claude Opus 4.6 (1M context) --- docs/reference/network-policies.md | 4 ++-- nemoclaw-blueprint/policies/openclaw-sandbox.yaml | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/reference/network-policies.md b/docs/reference/network-policies.md index bfbe74e2..512251c2 100644 --- a/docs/reference/network-policies.md +++ b/docs/reference/network-policies.md @@ -88,8 +88,8 @@ The following endpoint groups are allowed by default: * - `npm_registry` - `registry.npmjs.org:443` - - `/usr/local/bin/openclaw`, `/usr/local/bin/npm` - - GET only + - `/usr/local/bin/openclaw`, `/usr/local/bin/npm`, `/usr/local/bin/node` + - All methods, all paths * - `telegram` - `api.telegram.org:443` diff --git a/nemoclaw-blueprint/policies/openclaw-sandbox.yaml b/nemoclaw-blueprint/policies/openclaw-sandbox.yaml index 3e3d1cd9..10cd0a79 100644 --- a/nemoclaw-blueprint/policies/openclaw-sandbox.yaml +++ b/nemoclaw-blueprint/policies/openclaw-sandbox.yaml @@ -156,6 +156,7 @@ network_policies: binaries: - { path: /usr/local/bin/openclaw } - { path: /usr/local/bin/npm } + - { path: /usr/local/bin/node } # ── Messaging — pre-allowed for agent notifications ──────────── # Telegram and Discord are open by default so the agent can send