OpenClaw Path Traversal Vulnerability in Sandbox Skill Mirroring
Vulnerability
A path traversal vulnerability has been identified in OpenClaw versions prior to 2026.2.14. This vulnerability exists in the sandbox skill mirroring feature, which must be enabled. The issue arises because the skill frontmatter name parameter is used unsanitized when copying skills into the sandbox workspace. Attackers can exploit this by providing a crafted skill package that includes traversal sequences, such as '../', or absolute paths in the name field, allowing them to write files outside the sandbox workspace root directory.
Impact
Exploitation of this vulnerability could lead to unauthorized file writes outside the designated sandbox workspace, potentially overwriting or interfering with other files or processes.
Reproduction
To reproduce this vulnerability, first ensure that the sandbox skill mirroring feature is enabled. Then, create a skill package that includes a 'name' parameter with either traversal sequences or an absolute path. When this skill package is processed, the files will be written to a location outside the sandbox workspace root, effectively exploiting the path traversal vulnerability.
Remediation
Users can update to OpenClaw version 2026.2.14 or later, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.