VDB
KO
HIGH 7.7

GHSA-jccr-rrw2-vc8h

OpenClaw safeBins jq `$ENV` filter bypass allows environment variable disclosure

Details

## Summary

The jq safe-bin policy blocked explicit `env` usage but still allowed jq programs that accessed environment data through `$ENV`.

## Impact

An operator-approved safe-bin jq command could disclose environment variables that the safe-bin policy was supposed to keep out of scope.

## Affected Component

`src/infra/exec-safe-bin-semantics.ts`

## Fixed Versions

- Affected: `<= 2026.3.24` - Patched: `>= 2026.3.28` - Latest stable `2026.3.28` contains the fix.

## Fix

Fixed by commit `78e2f3d66d` (`Exec: tighten jq safe-bin env checks`).

Thanks @nicky-cc of Tencent zhuque Lab ([https://github.com/Tencent/AI-Infra-Guard](https://github.com/Tencent/AI-Infra-Guard)) for reporting.

Are you affected?

Enter the version of the package you're using.

Affected packages

npm / openclaw
Introduced in: 0 Fixed in: 2026.3.28
Fix npm install openclaw@2026.3.28

References