nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,883 Commits 807 Branches 84 Tags 5.9 GiB
Commit Graph

308 Commits

Author SHA1 Message Date
Gustavo Madeira Santana a13ff55bd9
Security: Prevent gateway credential exfiltration via URL override (#9179) 
* Gateway: require explicit auth for url overrides

* Gateway: scope credential blocking to non-local URLs only

Address review feedback: the previous fix blocked credential fallback for
ALL URL overrides, which was overly strict and could break workflows that
use --url to switch between loopback/tailnet without passing credentials.

Now credential fallback is only blocked for non-local URLs (public IPs,
external hostnames). Local addresses (127.0.0.1, localhost, private IPs
like 192.168.x.x, 10.x.x.x, tailnet 100.x.x.x) still get credential
fallback as before.

This maintains the security fix (preventing credential exfiltration to
attacker-controlled URLs) while preserving backward compatibility for
legitimate local URL overrides.

* Security: require explicit credentials for gateway url overrides (#8113) (thanks @victormier)

* Gateway: reuse explicit auth helper for url overrides (#8113) (thanks @victormier)

* Tests: format gateway chat test (#8113) (thanks @victormier)

* Tests: require explicit auth for gateway url overrides (#8113) (thanks @victormier)

---------

Co-authored-by: Victor Mier <victormier@gmail.com>
 2026-02-04 18:59:44 -05:00
Peter Steinberger d3ba57b7d7 feat: add configurable web_fetch maxChars cap 2026-02-03 18:03:53 -08:00
Peter Steinberger d1ecb46076 fix: harden exec allowlist parsing 2026-02-02 16:53:15 -08:00
Tyler Yust 64849e81f5
feat(config): default thinking for sessions_spawn subagents (#7372) 
* feat(config): add subagent default thinking

* fix: accept config subagents.thinking + stabilize test mocks (#7372) (thanks @tyler6204)

* fix: use findLast instead of clearAllMocks in test (#7372)

* fix: correct test assertions for tool result structure (#7372)

* fix: remove unnecessary type assertion after rebase
 2026-02-02 12:14:17 -08:00
Mariano Belinky 4ab814fd50 Revert "iOS: wire node services and tests" 
This reverts commit 7b0a0f3dac.
 2026-02-02 17:36:49 +00:00
Mariano Belinky b7aac92ac4 Gateway: add PTT chat + nodes CLI 2026-02-02 16:42:18 +00:00
Peter Steinberger 385e66cbd5 Docs: expand ClawHub overview 2026-02-02 02:26:11 -08:00
Peter Steinberger be9a2fb134 docs: clarify docker power-user setup 2026-02-02 02:07:08 -08:00
Peter Steinberger a87a07ec8a fix: harden host exec env validation (#4896) (thanks @HassanFleyah) 2026-02-01 15:37:19 -08:00
Dan Ballance 28a05f9940
Docs: Fix typo in docs/tools/skills.md (#3050) 2026-02-01 10:05:46 -05:00
Peter Steinberger a1e89afcc1 fix: secure chrome extension relay cdp 2026-02-01 02:25:14 -08:00
Seb Slight abcaa8c7a9
Docs: add nav titles across docs (#5689) 2026-01-31 15:04:03 -06:00
cpojer 8cab78abbc
chore: Run `pnpm format:fix`. 2026-01-31 21:13:13 +09:00
Peter Steinberger 192a6ee870 chore: remove legacy clawdhub files 2026-01-30 21:03:12 +01:00
Peter Steinberger fd00d5688a chore: update openclaw naming 2026-01-30 21:03:11 +01:00
Peter Steinberger 9a7160786a refactor: rename to openclaw 2026-01-30 03:16:21 +01:00
Peter Steinberger aced5dde8d docs: switch skill metadata key to moltbot 2026-01-28 01:32:53 +01:00
Peter Steinberger 1883541f05 docs: update plugin skill gating key 2026-01-28 01:32:10 +01:00
Peter Steinberger 6d16a658e5 refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
Peter Steinberger 78f0bc3ec0 fix(browser): gate evaluate behind config flag 2026-01-27 05:00:39 +00:00
Peter Steinberger 771f23d36b fix(exec): prevent PATH injection in docker sandbox 2026-01-27 04:00:22 +00:00
Peter Steinberger e7fdccce39 refactor: route browser control via gateway/node 2026-01-27 03:24:54 +00:00
Peter Steinberger 0f8f0fb9d7 docs: clarify command authorization for exec directives 2026-01-26 22:18:41 +00:00
Peter Steinberger 820ab8765a docs: clarify exec defaults 2026-01-26 21:37:56 +00:00
Shakker bc8c31eeed
Merge branch 'main' into feat/tools-alsoAllow 2026-01-26 20:39:09 +00:00
Peter Steinberger 97248a2885 feat: surface security audit + docs 2026-01-26 19:58:59 +00:00
Shakker 34b3494246
Merge branch 'main' into feat/tools-alsoAllow 2026-01-26 19:15:39 +00:00
Peter Steinberger 000d5508aa docs(auth): remove external CLI OAuth reuse 2026-01-26 19:05:00 +00:00
Vignesh Natarajan 3497be2963 docs: recommend tools.alsoAllow for optional plugin tools 2026-01-26 10:05:31 -08:00
Senol Dogan 7253bf398d
feat: audit fixes and documentation improvements (#1762) 
* feat: audit fixes and documentation improvements

- Refactored model selection to drop legacy fallback and add warning
- Improved heartbeat content validation
- Added Skill Creation guide
- Updated CONTRIBUTING.md with roadmap

* style: fix formatting in model-selection.ts

* style: fix formatting and improve model selection logic with tests
 2026-01-25 12:54:48 +00:00
Seb Slight d4f60bf16a
TTS: gate auto audio on inbound voice notes (#1667) 
Co-authored-by: Sebastian <sebslight@gmail.com>
 2026-01-25 04:35:20 +00:00
Peter Steinberger 9afde64e26 fix: validate web_search freshness (#1688) (thanks @JonUleis) 2026-01-25 04:23:25 +00:00
Peter Steinberger 629ce4454d docs: add tips + clawd-to-clawd faq 2026-01-25 04:04:18 +00:00
Peter Steinberger 6e23e81678 docs: clarify lobster DSL rationale 2026-01-25 01:13:55 +00:00
Peter Steinberger 8e159ab0b7
fix: follow up config.patch restarts/docs/tests (#1653) 
* fix: land config.patch restarts/docs/tests (#1624) (thanks @Glucksberg)

* docs: update changelog entry for config.patch follow-up (#1653) (thanks @Glucksberg)
 2026-01-24 23:33:13 +00:00
iHildy b76cd6695d feat: add beta googlechat channel 2026-01-24 23:30:45 +00:00
Peter Steinberger a4f6b3528a
fix: cover elevated ask approvals (#1636) 2026-01-24 21:12:46 +00:00
Lucas Czekaj 483fba41b9
feat(discord): add exec approval forwarding to DMs (#1621) 
* feat(discord): add exec approval forwarding to DMs

Add support for forwarding exec approval requests to Discord DMs,
allowing users to approve/deny command execution via interactive buttons.

Features:
- New DiscordExecApprovalHandler that connects to gateway and listens
  for exec.approval.requested/resolved events
- Sends DMs with embeds showing command details and 3 buttons:
  Allow once, Always allow, Deny
- Configurable via channels.discord.execApprovals with:
  - enabled: boolean
  - approvers: Discord user IDs to notify
  - agentFilter: only forward for specific agents
  - sessionFilter: only forward for matching session patterns
- Updates message embed when approval is resolved or expires

Also fixes exec completion routing: when async exec completes after
approval, the heartbeat now uses a specialized prompt to ensure the
model relays the result to the user instead of responding HEARTBEAT_OK.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* feat: generic exec approvals forwarding (#1621) (thanks @czekaj)

---------

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-01-24 20:56:40 +00:00
Peter Steinberger ab000398be fix: resolve session ids in session tools 2026-01-24 11:09:11 +00:00
Peter Steinberger c8c58c0537 fix: avoid Discord /tts conflict 2026-01-24 09:58:06 +00:00
Peter Steinberger cfdd5a8c2e docs: consolidate faq under help 2026-01-24 09:49:38 +00:00
Peter Steinberger 6765fd15eb feat: default TTS model overrides on (#1559) (thanks @Glucksberg) 
Co-authored-by: Glucksberg <80581902+Glucksberg@users.noreply.github.com>
 2026-01-24 09:42:32 +00:00
Peter Steinberger d9a467fe3b feat: move TTS into core (#1559) (thanks @Glucksberg) 2026-01-24 08:00:44 +00:00
Peter Steinberger 15620b1092 fix: guard tool allowlists with warnings 2026-01-24 07:38:42 +00:00
Peter Steinberger 5662a9cdfc fix: honor tools.exec ask/security in approvals 2026-01-24 04:53:44 +00:00
Peter Steinberger c3cb26f7ca feat: add node browser proxy routing 2026-01-24 04:21:47 +00:00
Peter Steinberger 309fcc5321 fix: publish llm-task docs and harden tool 2026-01-24 01:44:51 +00:00
Peter Steinberger 00fd57b8f5 fix: honor wildcard tool allowlists 2026-01-24 01:30:44 +00:00
Peter Steinberger cad7ed1cb8 fix(exec-approvals): stabilize allowlist ids (#1521) 2026-01-23 19:00:45 +00:00
Peter Steinberger dc07f1e021 fix: keep core tools when allowlist is plugin-only 2026-01-23 09:02:17 +00:00
Peter Steinberger ea79b26b79 feat: extend lobster tool run args 2026-01-23 03:09:59 +00:00
Peter Steinberger ecfddb7807 docs: fix lobster links 2026-01-23 02:51:33 +00:00
Peter Steinberger bc4d8ce398 docs: link Lobster and OpenProse 2026-01-23 01:29:17 +00:00
Peter Steinberger 51a9053387 feat: add OpenProse plugin skills 2026-01-23 00:49:40 +00:00
Peter Steinberger e872f5335b fix: allow chained exec allowlists 
Co-authored-by: Lucas Czekaj <1464539+czekaj@users.noreply.github.com>
 2026-01-23 00:11:58 +00:00
Peter Steinberger 96f1846c2c docs: align node transport with gateway ws 2026-01-22 23:10:09 +00:00
Vignesh Natarajan d8ad865cf5 docs: update lobster repo url 2026-01-21 22:55:49 -08:00
Peter Steinberger a2981c5a2c feat: add elevated ask/full modes 2026-01-22 05:41:11 +00:00
Peter Steinberger 9450873c1b fix: align exec approvals default agent 2026-01-22 04:05:54 +00:00
Peter Steinberger 0f7f7bb95f fix: msteams attachments + plugin prompt hints 
Co-authored-by: Christof <10854026+Evizero@users.noreply.github.com>
 2026-01-22 03:37:29 +00:00
Peter Steinberger 57f3d209de docs: expand lobster guides 2026-01-22 03:25:13 +00:00
Peter Steinberger f4b3f33c8e
Merge pull request #1152 from vignesh07/feat/lobster-plugin 
feat: Add optional lobster plugin tool (typed workflows, approvals/resume)
 2026-01-22 02:34:05 +00:00
Peter Steinberger 7e1a17e5e6 fix: unify exec approval ids 2026-01-22 00:59:29 +00:00
Peter Steinberger 3b18efdd25 feat: tighten exec allowlist gating 2026-01-21 21:45:50 +00:00
Peter Steinberger c129f0bbaa docs: align gateway service naming 2026-01-21 17:45:26 +00:00
Peter Steinberger 39e24c9937 docs: update node CLI references 2026-01-21 16:48:42 +00:00
Peter Steinberger 555b2578a8 feat: add /allowlist command 2026-01-21 05:34:53 +00:00
Peter Steinberger 28c49db494 fix: default exec security to allowlist 2026-01-21 03:40:27 +00:00
Peter Steinberger a0cd295c0f fix: add browser snapshot default mode (#1336) 
Co-authored-by: Seb Slight <sbarrios93@gmail.com>
 2026-01-21 03:03:10 +00:00
Peter Steinberger 5bd55037e4 fix: harden web fetch SSRF and redirects 
Co-authored-by: Eli <fogboots@users.noreply.github.com>
 2026-01-21 02:54:14 +00:00
Peter Steinberger 76bae8da40 feat: add download installs for skills 2026-01-21 00:14:36 +00:00
Peter Steinberger 02ca148583 fix: preserve subagent thread routing (#1241) 
Thanks @gnarco.

Co-authored-by: gnarco <gnarco@users.noreply.github.com>
 2026-01-20 17:22:07 +00:00
Peter Steinberger 76698ed296 fix: allow custom skill config bag 
Co-authored-by: VACInc <3279061+VACInc@users.noreply.github.com>
 2026-01-20 15:57:08 +00:00
Peter Steinberger 04ee9e7765 docs: clarify sandbox env + recreate guidance 2026-01-20 15:00:25 +00:00
Peter Steinberger 15e5bb3459 feat: improve /new model hints and reset confirmation 2026-01-20 14:35:20 +00:00
Peter Steinberger e45228ac37 fix: merge login shell PATH for gateway exec 2026-01-20 14:04:13 +00:00
Peter Steinberger 6e17c463ae fix: add /skill fallback for native limits 
Co-authored-by: thewilloftheshadow <thewilloftheshadow@users.noreply.github.com>
 2026-01-20 13:20:29 +00:00
Peter Steinberger 06c17a333e docs: update protocol + security notes 2026-01-20 13:04:20 +00:00
Peter Steinberger c9e3c14f9c fix: finalize exec fish fallback (#1297) (thanks @ysqander) 2026-01-20 11:25:49 +00:00
Peter Steinberger 1c02de1309 chore: raise default agent concurrency 2026-01-20 10:08:26 +00:00
Peter Steinberger c17c7b4e24
Merge pull request #1235 from dougvk/feat/tool-dispatch-skill-commands 
Plugin API: tool-dispatched skill commands + tool_result_persist hook
 2026-01-20 08:52:05 +00:00
Peter Steinberger 3e546e691d fix: infer perplexity baseUrl from api key 2026-01-20 07:27:32 +00:00
Doug von Kohorn 9f280454ba feat: tool-dispatch skill commands 2026-01-19 13:11:25 +01:00
Peter Steinberger 79d8267413 feat: auto-recreate sandbox containers on config change 2026-01-19 01:35:27 +00:00
Peter Steinberger 953472bf25 feat: add exec pathPrepend config 2026-01-19 00:35:43 +00:00
Peter Steinberger d802844bd6 fix: gate gateway restarts and discord abort reconnects 2026-01-19 00:15:45 +00:00
Peter Steinberger 3ce1ee84ac Usage: add cost summaries to /usage + mac menu 2026-01-19 00:05:06 +00:00
Peter Steinberger 404c373153 feat: add agent targeting + reply overrides 2026-01-18 22:50:51 +00:00
Vignesh Natarajan 032c780a79 Add lobster.md documentation 2026-01-18 11:07:47 -08:00
Peter Steinberger d06d440086 docs: clarify macOS node service IPC plan 2026-01-18 16:24:43 +00:00
Peter Steinberger 3686bde783 feat: add exec approvals tooling and service status 2026-01-18 15:23:41 +00:00
Peter Steinberger 4de3c3a028 feat: add exec approvals editor in control ui and mac app 2026-01-18 08:54:38 +00:00
Peter Steinberger 68d79e56c2 feat: add node binding controls in control ui 2026-01-18 08:26:32 +00:00
Peter Steinberger ad4f4388f4 docs: explain per-agent exec node binding 2026-01-18 08:15:15 +00:00
Peter Steinberger ae0b4c4990 feat: add exec host routing + node daemon 2026-01-18 07:46:00 +00:00
Peter Steinberger 8f7f7ee7dc feat: add /exec session overrides 2026-01-18 06:12:54 +00:00
Peter Steinberger 2dabce59ce feat(slash-commands): usage footer modes 2026-01-18 05:35:35 +00:00
Peter Steinberger b105745299 feat: expand subagent status visibility 2026-01-18 04:46:04 +00:00
Peter Steinberger efdb33c975 feat: add exec host approvals flow 2026-01-18 04:27:41 +00:00
Vignesh Natarajan b2650ba672 Move lobster integration to optional plugin tool 2026-01-17 20:18:54 -08:00