Summary
OpenClaw: Exec allowlist could miss side effects from transparent command wrappers
References
Related vulnerabilities
All Supply chain →- CRITICALGHSA-4H5R-5JM8-JXJM
gemini-mcp-tool vulnerable to OS command injection and @file exfiltration via prompt quoting (CVE-2026-0755)
- HIGHGHSA-5CJ2-3JR2-5H77
OpenClaw: Shell positional parameters could weaken strict inline-eval checks
- MEDIUMGHSA-C226-Q6FX-6J6C
OpenClaw: macOS Swift exec allowlist missed combined POSIX inline flags
- HIGHGHSA-7QW2-W5RC-37X2
PraisonAI recipe workflow policy can be bypassed by declaring and YAML-approving dangerous tools outside TEMPLATE.yaml
- HIGHGHSA-5JV7-2MJM-H6QJ
npm PraisonAI utility shell safe-command wrapper allowlist bypass via shell chaining
- HIGHGHSA-VJV9-7M7J-H833
npm PraisonAI SandboxExecutor allowedCommands bypass via shell chaining