diff --git a/docs/gateway/protocol.md b/docs/gateway/protocol.md
index 94e51944f78..7703c1485f6 100644
--- a/docs/gateway/protocol.md
+++ b/docs/gateway/protocol.md
@@ -169,6 +169,10 @@ Common scopes:
 - `operator.approvals`
 - `operator.pairing`
 
+Plugin-registered gateway RPC methods may request their own operator scope, but
+reserved core admin prefixes (`config.*`, `exec.approvals.*`, `wizard.*`,
+`update.*`) always resolve to `operator.admin`.
+
 Method scope is only the first gate. Some slash commands reached through
 `chat.send` apply stricter command-level checks on top. For example, persistent
 `/config set` and `/config unset` writes require `operator.admin`.
diff --git a/docs/plugins/architecture.md b/docs/plugins/architecture.md
index 667e3062a6f..4fabfa0012b 100644
--- a/docs/plugins/architecture.md
+++ b/docs/plugins/architecture.md
@@ -1240,6 +1240,11 @@ If your full entry still owns any required startup capability, do not enable
 this flag. Keep the plugin on the default behavior and let OpenClaw load the
 full entry during startup.
 
+When those startup surfaces include gateway RPC methods, keep them on a
+plugin-specific prefix. Core admin namespaces (`config.*`,
+`exec.approvals.*`, `wizard.*`, `update.*`) remain reserved and always resolve
+to `operator.admin`, even if a plugin requests a narrower scope.
+
 Example:
 
 ```json
diff --git a/docs/plugins/building-plugins.md b/docs/plugins/building-plugins.md
index 963fe43dac6..49fc35321a0 100644
--- a/docs/plugins/building-plugins.md
+++ b/docs/plugins/building-plugins.md
@@ -158,6 +158,11 @@ A single plugin can register any number of capabilities via the `api` object:
 
 For the full registration API, see [SDK Overview](/plugins/sdk-overview#registration-api).
 
+If your plugin registers custom gateway RPC methods, keep them on a
+plugin-specific prefix. Core admin namespaces (`config.*`,
+`exec.approvals.*`, `wizard.*`, `update.*`) stay reserved and always resolve to
+`operator.admin`, even if a plugin asks for a narrower scope.
+
 Hook guard semantics to keep in mind:
 
 - `before_tool_call`: `{ block: true }` is terminal and stops lower-priority handlers.
diff --git a/docs/plugins/sdk-channel-plugins.md b/docs/plugins/sdk-channel-plugins.md
index e09e17faf80..da7544776ab 100644
--- a/docs/plugins/sdk-channel-plugins.md
+++ b/docs/plugins/sdk-channel-plugins.md
@@ -280,6 +280,10 @@ Auth-only channels can usually stop at the default path: core handles approvals
     can show them in root help without activating the full channel runtime,
     while normal full loads still pick up the same descriptors for real command
     registration. Keep `registerFull(...)` for runtime-only work.
+    If `registerFull(...)` registers gateway RPC methods, use a
+    plugin-specific prefix. Core admin namespaces (`config.*`,
+    `exec.approvals.*`, `wizard.*`, `update.*`) stay reserved and always
+    resolve to `operator.admin`.
     `defineChannelPluginEntry` handles the registration-mode split automatically. See
     [Entry Points](/plugins/sdk-entrypoints#definechannelpluginentry) for all
     options.
diff --git a/docs/plugins/sdk-entrypoints.md b/docs/plugins/sdk-entrypoints.md
index 6331287a792..5fd423d935f 100644
--- a/docs/plugins/sdk-entrypoints.md
+++ b/docs/plugins/sdk-entrypoints.md
@@ -111,6 +111,10 @@ export default defineChannelPluginEntry({
   when you want the command to stay lazy-loaded without disappearing from the
   root CLI parse tree. For channel plugins, prefer registering those descriptors
   from `registerCliMetadata(...)` and keep `registerFull(...)` focused on runtime-only work.
+- If `registerFull(...)` also registers gateway RPC methods, keep them on a
+  plugin-specific prefix. Reserved core admin namespaces (`config.*`,
+  `exec.approvals.*`, `wizard.*`, `update.*`) are always coerced to
+  `operator.admin`.
 
 ## `defineSetupPluginEntry`
 
diff --git a/docs/plugins/sdk-setup.md b/docs/plugins/sdk-setup.md
index bd00c4e13d5..9b4dff75a1e 100644
--- a/docs/plugins/sdk-setup.md
+++ b/docs/plugins/sdk-setup.md
@@ -106,6 +106,11 @@ gateway starts listening.
   the default behavior.
 </Warning>
 
+If your setup/full entry registers gateway RPC methods, keep them on a
+plugin-specific prefix. Reserved core admin namespaces (`config.*`,
+`exec.approvals.*`, `wizard.*`, `update.*`) stay core-owned and always resolve
+to `operator.admin`.
+
 ## Plugin manifest
 
 Every native plugin must ship an `openclaw.plugin.json` in the package root.
@@ -199,6 +204,9 @@ background services) during setup flows.
 - Any HTTP routes required before gateway listen
 - Any gateway methods needed during startup
 
+Those startup gateway methods should still avoid reserved core admin
+namespaces such as `config.*` or `update.*`.
+
 **What `setupEntry` should NOT include:**
 
 - CLI registrations