Skip to Content
FeaturesCode Execution

Code Execution

OpenClaw can execute code snippets in sandboxed environments, helping you test ideas, debug issues, and automate tasks.

How It Works

When you ask OpenClaw to run code:

  1. Code is extracted from your message or generated based on your request
  2. Executed in an isolated sandbox environment
  3. Output is captured and returned to you
  4. Sandbox is cleaned up (no persistent state)

Supported Languages

LanguageAvailabilityNotes
PythonAll deploymentsFull standard library
JavaScriptAll deploymentsNode.js runtime
Shell/BashVPS, LocalSystem commands
TypeScriptAll deploymentsCompiled to JS

Usage Examples

Quick Calculations

You: Calculate 15% tip on $87.50
OpenClaw: Running calculation... $13.13

Data Processing

You: Parse this JSON and extract all email addresses
{...json data...}
OpenClaw: Found 5 email addresses: [...]

Code Testing

You: Test this regex pattern against these examples:
Pattern: /^[a-z]+@[a-z]+\.[a-z]{2,}$/
Examples: [email protected], invalid@, [email protected]

OpenClaw: Results:
- [email protected]: MATCH
- invalid@: NO MATCH
- [email protected]: MATCH

Script Generation

You: Write a script to rename all .jpg files in a folder to lowercase
OpenClaw: Here's a Python script that will do that:
[code]
Would you like me to run it?

Safety & Sandboxing

Code execution is sandboxed but still requires trust. Only enable it if you understand the risks.

Cloudflare Workers

  • Runs in V8 isolates
  • No filesystem access
  • No network access (by default)
  • Strict memory and CPU limits

VPS Deployment

  • Runs in Docker containers
  • Limited filesystem access
  • Network access configurable
  • Resource limits configurable

Local Deployment

  • Runs in subprocess with limited permissions
  • Filesystem access to designated directories only
  • Full network access (be careful)

Enabling Code Execution

Code execution is disabled by default. To enable:

Cloudflare Workers

# wrangler.toml
[vars]
ENABLE_CODE_EXECUTION = "true"

VPS / Local

# .env
ENABLE_CODE_EXECUTION=true
CODE_EXECUTION_TIMEOUT=30000
CODE_EXECUTION_MEMORY_LIMIT=256MB

Security Considerations

  1. Review before running: Always review generated code before execution
  2. Limit permissions: Use minimal permissions for the execution environment
  3. Monitor usage: Watch for unusual activity
  4. Disable if unused: If you don’t need code execution, keep it disabled

Limitations

  • No persistent state between executions
  • No GUI/display output
  • Network access may be restricted
  • Some system calls are blocked
  • Maximum execution time (configurable)
File ManagementMemory & Context