openclaw

Author	SHA1	Message	Date
Peter Steinberger	da0ba1b73a	fix(security): harden channel auth path checks and exec approval routing	2026-02-26 12:46:05 +01:00
Peter Steinberger	03e689fc89	fix(security): bind system.run approvals to argv identity	2026-02-26 03:41:31 +01:00
Peter Steinberger	6f0dd61795	fix(exec): restore two-phase approval registration flow	2026-02-24 03:16:36 +00:00
Peter Steinberger	4a3f8438e5	fix(gateway): bind node exec approvals to nodeId	2026-02-24 03:05:58 +00:00
Vincent Koc	0e28e50b45	fix(security): detect obfuscated commands that bypass allowlist filters (#24287 ) * security(exec): add obfuscated command detector * test(exec): cover obfuscation detector patterns * security(exec): enforce obfuscation approval on gateway host * security(exec): enforce obfuscation approval on node host * test(exec): prevent obfuscation timeout bypass * chore(changelog): credit obfuscation security fix	2026-02-23 02:50:06 -05:00
Peter Steinberger	8af19ddc5b	refactor: extract shared dedupe helpers for runtime paths	2026-02-23 05:43:43 +00:00
Peter Steinberger	2581b67cdb	refactor: share exec approval request helper	2026-02-19 14:27:37 +00:00
Peter Steinberger	fec48a5006	refactor(exec): split host flows and harden safe-bin trust	2026-02-19 14:22:01 +01:00