Skip to content

fix(doctor): suppress warnings for explicit Personal posture and tool profile#950

Merged
Aaronontheweb merged 1 commit intonetclaw-dev:devfrom
Aaronontheweb:fix/doctor-personal-ux
May 10, 2026
Merged

fix(doctor): suppress warnings for explicit Personal posture and tool profile#950
Aaronontheweb merged 1 commit intonetclaw-dev:devfrom
Aaronontheweb:fix/doctor-personal-ux

Conversation

@Aaronontheweb
Copy link
Copy Markdown
Collaborator

@Aaronontheweb Aaronontheweb commented May 10, 2026

Problem

Running netclaw init and choosing Personal audience results in immediate warnings from netclaw doctor the moment you finish setup:

  • Security Policy: "Personal posture with HostAllowed shell — full host access is enabled"
  • Tool Audience Profiles: "Personal profile allows all tools and unrestricted filesystem access" and MCP approval defaults warnings

These fire even though the user explicitly chose Personal through the init wizard. There's no distinction between an intentional Personal configuration and an ambiguous / fallback default that landed there.

Expected behavior

When DeploymentPosture is explicitly set to Personal and the Personal tool profile is explicitly configured (not falling back to defaults), doctor should pass these checks cleanly. The warnings are advisory noise when the user has already made an informed choice.

Doctor should still warn when:

  • DeploymentPosture is missing and a fallback resolved to Personal
  • The Personal profile is using implicit defaults rather than explicit values
  • Non-personal profiles (Public, Team) have ToolsMode: All or unrestricted filesystem access

Proposed fix

SecurityPolicyDoctorCheck.cs: Only emit the "Personal + HostAllowed" warning when the posture is implicit (not explicitly set in config). If config.DeploymentPosture is explicitly Personal, suppress it — the user chose this.

ToolAudienceProfilesDoctorCheck.cs: Only warn about unrestricted Personal profile when the values are coming from fallback defaults. If the Personal profile has been explicitly written to config (e.g., by netclaw init), treat it as intentional and skip the unrestricted warning.

For MCP servers without approval defaults on Personal, consider downgrading from warning to info-level, or only warn when there are other audiences configured (implying a multi-audience setup where gating matters more).

Impact

  • Fixes the onboarding experience — users who choose Personal shouldn't get yelled at immediately after setup
  • Preserves doctor's defensive posture for ambiguous / misconfigured setups
  • No config schema changes needed — purely a doctor logic fix

@Aaronontheweb
fix(doctor): suppress warnings for explicit Personal posture and tool…
bfdaaf7 
… profile

When the user explicitly chooses Personal posture via `netclaw init`,
doctor should not warn about Personal + HostAllowed shell or an
unrestricted Personal tool profile — these are intentional choices.

Only warn when the values are implicit (resolved from fallback defaults),
preserving doctor's defensive posture for ambiguous configs.

Fixes netclaw-dev#949

Changes:
- SecurityPolicyDoctorCheck: only warn about Personal + HostAllowed
  when DeploymentPosture is not explicitly set
- ToolAudienceProfilesDoctorCheck: only warn about unrestricted Personal
  profile when it's using fallback defaults (not explicitly written)
- Updated tests to reflect new behavior
@Aaronontheweb Aaronontheweb merged commit 82b6a90 into netclaw-dev:dev May 10, 2026
6 checks passed
@Aaronontheweb Aaronontheweb deleted the fix/doctor-personal-ux branch May 10, 2026 02:58
Aaronontheweb added a commit to Aaronontheweb/netclaw that referenced this pull request May 11, 2026
@Aaronontheweb
Merge branch 'dev' into openspec/approval-policy-v2
aa71604 
Brings in two upstream fixes:
- netclaw-dev#948 systemd unit PATH fix + SystemdUnitPathDoctorCheck
- netclaw-dev#950 doctor warning suppression for explicit Personal posture

Conflict resolution: netclaw-operations SKILL.md version bumped to 2.1.0
(combining the 2.0.0 path-extraction-era content already on this branch
with dev's 1.28.0 systemd table-row addition). The skill content itself
will be rewritten in task 11.4 of the trust-zones change when the
implementation completes; this merge just preserves both sets of
operational guidance for the interim.

Build: green. Full test suite passes (Cli 640, Daemon 504, Actors 1522,
plus all others). Slopwatch clean. Headers present.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Aaronontheweb