Command Injection
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Command Injection via the update-clawtributors.ts script. An attacker can execute arbitrary system commands by introducing a malicious commit author email that is processed and interpolat...