openclaw

mirror of https://github.com/openclaw/openclaw.git synced 2026-05-05 19:30:23 +00:00

Author	SHA1	Message	Date
aether-ai-agent	749e28dec7	fix(security): block dangerous tools from HTTP gateway and fix ACP auto-approval (OC-02) Two critical RCE vectors patched: Vector 1 - Gateway HTTP /tools/invoke: - Add DEFAULT_GATEWAY_HTTP_TOOL_DENY blocking sessions_spawn, sessions_send, gateway, whatsapp_login from HTTP invocation - Apply deny filter after existing policy cascade, before tool lookup - Add gateway.tools.{allow,deny} config override in GatewayConfig Vector 2 - ACP client auto-approval: - Replace blind allow_once selection with danger-aware permission handler - Dangerous tools (exec, sessions_spawn, etc.) require interactive confirmation - Safe tools retain auto-approve behavior (backward compatible) - Empty options array now denied (was hardcoded "allow") - 30s timeout auto-denies to prevent hung sessions CWE-78 \| CVSS:3.1 9.8 Critical	2026-02-13 14:30:06 +01:00
cpojer	f06dd8df06	chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.	2026-02-01 10:03:47 +09:00
cpojer	5ceff756e1	chore: Enable "curly" rule to avoid single-statement if confusion/errors.	2026-01-31 16:19:20 +09:00
Peter Steinberger	9a7160786a	refactor: rename to openclaw	2026-01-30 03:16:21 +01:00
Peter Steinberger	6d16a658e5	refactor: rename clawdbot to moltbot with legacy compat	2026-01-27 12:21:02 +00:00
Peter Steinberger	b739a3897f	fix: stabilize acp streams and tests	2026-01-18 08:54:00 +00:00
Peter Steinberger	9241e21114	fix: address acp client typing	2026-01-18 08:51:57 +00:00
Peter Steinberger	65bed815a8	fix: resolve ci failures	2026-01-18 08:45:29 +00:00
Peter Steinberger	9809b47d45	feat(acp): add interactive client harness	2026-01-18 08:27:37 +00:00
Peter Steinberger	de3b68740a	feat(acp): add experimental ACP support Co-authored-by: Jonathan Taylor <visionik@pobox.com>	2026-01-18 08:03:36 +00:00

1 2 3 4

160 Commits