GHSA-MQPW-46FH-299H OpenClaw authorization bypass: operator.write can resolve exec approvals via chat.send -> /approve
Summary What this means plain language If you give a client “chat/write” access to the gateway operator.write but you do not intend to let that client approve exec requests operator.approvals, affected versions could still let that client approve/deny a pending exec approval by sending the /appro...