Tag
A vulnerability in OpenClaw's `system.run` safe-bin feature on POSIX nodes could allow a lower-privilege operator flow to read local files not intended by policy, as shell expansion can alter the interpretation of an approved command, causing a seemingly safe argument to expand into additional shell words and become a file operand, potentially exposing OpenClaw configuration data or other node-local information.