nextlevelbuilder GoClaw Missing Authorization Vulnerability in Tools Invoke Endpoint Allows Unauthorized Cron Job Binding

Vulnerability

A vulnerability exists in nextlevelbuilder GoClaw versions through 3.13.2, specifically within the ToolsInvokeHandler.ServeHTTP function of the internal/http/tools_invoke.go file. This vulnerability arises from a missing authorization check in the Invoke Endpoint, allowing an authenticated user with operator.write privileges to bind a cron job to another user's private agent. While direct access to the foreign agent is correctly blocked, the cron binding is accepted without proper authorization, creating a stored cross-agent authorization bypass that the scheduler later trusts as the execution target.

Impact

Exploitation of this vulnerability allows for a cross-agent authorization bypass, where an operator.write user can create cron jobs that run under the context of another user's agent, potentially leading to unauthorized actions or data access.

Reproduction

The vulnerability can be reproduced by sending a POST request to the /v1/tools/invoke endpoint with an agentId parameter that references a foreign agent. The request will be processed successfully, and the cron job will be bound to the specified agent, despite the lack of authorization.

Remediation

GoClaw users should update to version 3.13.3 or later, where this vulnerability has been addressed.

Added: Jul 18, 2026, 3:25 PM
Updated: Jul 18, 2026, 3:25 PM

Vulnerability Rating

Custom Algorithm
spread
0.0
impact
0.6
exploitability
6.6
remediation
0.0
relevance
10.0
threat
6.4
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.