issues Search Results · language:Dune language:Python language:JavaScript language:JavaScript language:JavaScript is:public
Filter by
40.9M results
Summary
The NemoClaw v0.0.65 filesystem policy defaults to include_workdir: true (sandbox workdir/home is writable), but
SafeClaw ignores the flag and blocks any path not in an explicit read_write prefix ...
bug
henrikaavik
Run: https://github.com/MP2EZ/campnw/actions/runs/27868395779
The Playwright HTML report + trace are attached as the run s artifact.
e2e-failure
github-actions[bot]
Summary
SafeClaw s NemoClaw protocol handling is built on a fictional enum (grpc/full/https), while the real v0.0.65 schema uses
protocol: [rest, websocket] and a separate access: [full] field for the ...
bug
security
Summary
Content returned by web_fetch/browser snapshot re-enters the agent context as trusted, but SafeClaw only
injection-scores inbound channel messages — fetched external content bypasses the injection ...
enhancement
security
Summary
MCP and dynamically-exposed plugin tools have arbitrary plugin-defined names that miss SafeClaw s fixed TOOL_MAPPINGS
allowlist, so a whole category of external-write/DB/deploy tools is uniformly ...
enhancement
security
Parent
#3057
Maintainer Decision Source
Implements the decision recorded in #3070 (2026-06-19): reject fairness terminology; proceed as distributional
disruption metrics only.
Goal / Problem
Define ...
benchmark
evidence:proposal
priority: medium
research
resource:local
state:ready
type:analysis
ll7
Summary
OpenClaw cron/scheduled turns are an autonomous outbound surface (cron → message tool, web_search, webhook delivery).
SafeClaw has no concept of trigger origin, so an unattended cron turn performs ...
enhancement
security
Summary
OpenClaw 2026.6.x added sandbox hardening dimensions — seccomp posture, host-environment inheritance (credential leak),
bind-source validation, outbound egress — that SafeClaw s sandbox ontology ...
enhancement
security
tyep types of interupptions
self-interupts, droping session by choice
externals -- dead phone batter, rate limit, lack of money, human interuptions, etc
attogram
Summary
OpenClaw added code-mode exec (JS/TS) and sandbox_exec/sandbox_process shell routing. SafeClaw s classifier only
recognizes POSIX-shell exec/bash/shell with shell-regex patterns, so arbitrary ...
enhancement
security
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.