Command Injection
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Command Injection via the keychain credential refresh path. An attacker can execute arbitrary OS commands by supplying crafted OAuth tokens that are incorporated into shell command...