OpenClaw Security Baseline Exposes Supply-Chain & Runtime Risks in 500k+ Codebase

A critical security proposal for the OpenClaw project has surfaced, revealing four distinct hardening gaps in its 500,000+ line codebase. The project, which handles browser automation, command execution, and WebSocket control planes, currently lacks fundamental protections that could expose it to supply-chain and runtime attacks. The proposal, filed in accordance with internal security protocols, bundles four complementary fixes to close these baseline vulnerabilities.

The identified risks are specific and operational. First, the Control UI loads SVG assets directly from an external CDN, creating a remote dependency risk. Second, the gateway responses lack baseline HTTP security headers like Content Security Policy (CSP), X-Frame-Options (XFO), and X-Content-Type-Options. Third, existing security tooling configurations for actionlint and zizmor are present but not actively enforced in the Continuous Integration (CI) pipeline. Finally, the CI process has no integrated dependency vulnerability scanning, such as CodeQL or dependency-review, leaving a blind spot for malicious packages.

While the project is noted for its strong foundational security practices—including `detect-secrets`, internal audits, and a loopback-by-default architecture—these gaps represent a clear escalation path for attackers. The absence of these baseline controls in a system with high-privilege operations increases the attack surface. Implementing the proposed changes would systematically reduce risks associated with asset hijacking, header-based exploits, misconfigured workflows, and compromised dependencies.