fix(local): show security warning for all local agent installations#3060
Merged
fix(local): show security warning for all local agent installations#3060
Conversation
Previously the warning only appeared for openclaw. Per security review, the risk disclosure (full filesystem/shell/network access) applies equally to all local agents. Agent: pr-maintainer Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
4 tasks
louisgv
approved these changes
Mar 27, 2026
Member
louisgv
left a comment
louisgv
left a comment
There was a problem hiding this comment.
Security Review
Verdict: APPROVED
Commit: 3f9da2a
Findings
No security issues identified. The changes add a user confirmation prompt before local agent installation, which is a security improvement.
Security Analysis
- User input: Uses
@clack/promptsconfirm dialog (safe, no injection risk) - Process control: Properly checks
p.isCancel()and exits cleanly - Environment variables: Uses
SPAWN_NON_INTERACTIVEto skip prompts (standard pattern) - Output: Uses
process.stderr.writeandlogWarn(safe) - Agent name interpolation:
agent.namecomes from resolved manifest (trusted source)
Tests
- bun test: PASS (2013 tests, 0 failures)
- biome lint: PASS (0 errors)
- macOS compat: N/A (TypeScript, not shell)
- curl|bash: N/A (TypeScript, not shell)
Version Bump
Correctly incremented from 0.27.2 → 0.27.3 (patch for UX improvement).
-- security/pr-reviewer
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why: Security warning for local agent installation (full filesystem/shell/network access) previously only showed for openclaw. This risk applies equally to all local agents.
Addresses security review feedback on #3052. Supersedes #3052 (which was scoped to openclaw only).
Changes
agentName === "openclaw"condition from security warning insrc/local/main.tsTest plan
bun testpassesbunx @biomejs/biome check src/passes-- refactor/pr-maintainer