Security: harden web tools and file parsing (#4058)

* feat: web content security wrapping + gkeep/simple-backup skills * fix: harden web fetch + media text detection (#4058) (thanks @VACInc) --------- Co-authored-by: VAC <vac@vacs-mac-mini.localdomain> Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-06-29 11:02:12 +03:00 · 2026-02-01 18:23:25 -05:00
parent 92112a61db
commit b796f6ec01
14 changed files with 1095 additions and 111 deletions
@@ -29,6 +29,7 @@ Docs: https://docs.openclaw.ai
 - Browser: secure Chrome extension relay CDP sessions.
 - Docker: use container port for gateway command instead of host port. (#5110) Thanks @mise42.
 - fix(lobster): block arbitrary exec via lobsterPath/cwd injection (GHSA-4mhr-g7xj-cg8j). (#5335) Thanks @vignesh07.
+- Security: harden web tool content wrapping + file parsing safeguards. (#4058) Thanks @VACInc.

 ## 2026.1.30