Résumé
OpenClaw: Skill-command dispatch could skip before-tool-call hooks
Références
Vulnérabilités liées
Tout Supply chain →- HIGHGHSA-V2WW-5RH7-2H5V
OpenClaw: Linux and macOS exec allowlists skipped configured argument patterns
- HIGHGHSA-6JCQ-6546-QRRW
PraisonAI SandlockSandbox falls back to unrestricted subprocess execution when Landlock is unavailable
- HIGHGHSA-5JV7-2MJM-H6QJ
npm PraisonAI utility shell safe-command wrapper allowlist bypass via shell chaining
- HIGHGHSA-H2W2-V7J6-XQM4
npm PraisonAI AgentLoop onToolCall approval runs after tool execution
- HIGHGHSA-VJV9-7M7J-H833
npm PraisonAI SandboxExecutor allowedCommands bypass via shell chaining
- CRITICALGHSA-VMMJ-PFW7-FJWP
npm PraisonAI codeMode sandbox escape via Function constructor