Command Injection
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Command Injection in the tools.exec.safeBins process when a binary without an explicit safe-bin profile is added in allowlist mode. An attacker can execute arbitrary code by supplying...