OpenClaw's shell startup env injection bypasses system.run allowlist intent (RCE class)
Summary system.run environment sanitization allowed shell-startup env overrides HOME, ZDOTDIR that can execute attacker-controlled startup files before allowlist-evaluated command bodies. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.2.22 Technical Details In affected...