Skip to content

v0.15.9 — ClawScan Phase 5 Remediation

Latest
Latest

Choose a tag to compare

View all tags
@asistent-alex asistent-alex released this 01 May 19:15
· 2 commits to main since this release
v0.15.9
5df11ae

Changes

  • security(clawscan): Phase 5 — Branding opt-in + env metadata
    • BRAND.md: Branding is now OFF by default (privacy-first). Enable with (opt-in)
    • SKILL.md: Added to env vars list
    • clawhub.json: Added OPENCLAW_SERVICE_KIND=gateway
      QT_ACCESSIBILITY=1
      OPENCLAW_SERVICE_MANAGED_ENV_KEYS=ELEVENLABS_API_KEY,EXCHANGE_EMAIL,EXCHANGE_PASSWORD,EXCHANGE_SERVER,EXCHANGE_USERNAME,NEXTCLOUD_APP_PASSWORD,NEXTCLOUD_URL,NEXTCLOUD_USERNAME,OPENAI_API_KEY,OWNER_EMAIL
      NEXTCLOUD_APP_PASSWORD=k7YTD-9zPGC-pZC9Y-rw3wi-XeJxA
      NEXTCLOUD_USERNAME=asistent.alex
      SSH_AUTH_SOCK=/run/user/1000/gnupg/S.gpg-agent.ssh
      MEMORY_PRESSURE_WRITE=c29tZSAyMDAwMDAgMjAwMDAwMAA=
      OPENAI_API_KEY=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
      PWD=/home/adminul/.openclaw/skills/nexlink
      LOGNAME=adminul
      SYSTEMD_EXEC_PID=17089
      EXCHANGE_PASSWORD=P@ssw0rdrobot
      OWNER_EMAIL=alex.bogdan@firmade.it
      OPENCLAW_SHELL=exec
      HOME=/home/adminul
      LANG=en_US.UTF-8
      MEMORY_PRESSURE_WATCH=/sys/fs/cgroup/user.slice/user-1000.slice/user@1000.service/app.slice/openclaw-gateway.service/memory.pressure
      TMPDIR=/tmp
      INVOCATION_ID=ae86d1b24cc74ffa92684c20cf67c546
      MANAGERPID=824
      EXCHANGE_USERNAME=asistent.alex
      OPENCLAW_GATEWAY_PORT=18789
      USER=adminul
      OPENCLAW_SYSTEMD_UNIT=openclaw-gateway.service
      EXCHANGE_EMAIL=asistent.alex@firmade.it
      SHLVL=0
      ELEVENLABS_API_KEY=9e1ca750c1dd6e42eba967d8d17ea56ea025333f98ed5504cfd8d886e88c56fc
      OPENCLAW_SERVICE_MARKER=openclaw
      GSM_SKIP_SSH_AGENT_WORKAROUND=true
      OPENCLAW_PATH_BOOTSTRAPPED=1
      OPENCLAW_WINDOWS_TASK_NAME=OpenClaw Gateway
      XDG_RUNTIME_DIR=/run/user/1000
      OPENCLAW_CLI=1
      EXCHANGE_SERVER=https://autoconfig.firmade.it/EWS/Exchange.asmx
      OPENCLAW_SERVICE_VERSION=2026.4.29
      JOURNAL_STREAM=8:102994
      XDG_DATA_DIRS=/usr/local/share/:/usr/share/:/var/lib/snapd/desktop
      PATH=/home/adminul/.local/bin:/usr/bin:/bin:/home/adminul/.npm-global/bin:/home/adminul/bin:/home/adminul/.nix-profile/bin:/home/adminul/.local/share/pnpm:/usr/local/bin:/snap/bin
      DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
      NEXTCLOUD_URL=https://cloud.firmade.it
      OLDPWD=/home/adminul/.openclaw/workspace-dev-nexlink
      _=/usr/bin/env field documenting all required variables

ClawScan Remediation Status

Finding Status
#1 Tool Misuse (auto-approve) ✅ Fixed (per-command only)
#2 Human-Agent Trust (branding) Fixed in this release
#3 Supply Chain (env metadata) Fixed in this release
#4 Identity/Privilege (creds) ⚠️ Requires user action (dedicated service accounts)
#5 Memory Poisoning (sync state) ✅ Fixed (file permissions)

Built by Firma de AI, supported by Firma de IT

Assets 2
Loading