HIGH
GHSA-jr6x-2q95-fh2g
OpenClaw's authorization mismatch allowed write-scope agent runs to reach owner-only tools
Details
### Summary An authorization mismatch allowed authenticated callers with `operator.write` access to invoke owner-only tool surfaces (`gateway`, `cron`) through `agent` runs in scoped-token deployments.
### Impact On affected deployments, write-scoped callers could perform control-plane actions beyond intended write scope.
### Fix Owner-only gating is now enforced consistently for owner-only tool surfaces during agent execution, and tool scope classification was tightened to remove the privilege mismatch.
### Affected and Patched Versions - Affected: `<= 2026.2.26` - Patched: `2026.3.1`
Are you affected?
Enter the version of the package you're using.