OpenClaw Environment Variable Override Vulnerability in Plugin Trust Verification
Vulnerability
A vulnerability in OpenClaw versions prior to 2026.3.31 allows workspace .env files to override the OPENCLAW_BUNDLED_PLUGINS_DIR environment variable. This override compromises the trust verification of plugins. Attackers with control over the workspace configuration can inject malicious plugins by redirecting the bundled plugin trust root directory.
Impact
Exploitation of this vulnerability could lead to the injection of malicious plugins, bypassing trust verification mechanisms and potentially allowing for the execution of harmful code or actions within the application.
Reproduction
The vulnerability can be reproduced by creating a workspace .env file that includes overrides for the OPENCLAW_BUNDLED_PLUGINS_DIR variable. When OpenClaw is started, it will load the workspace .env file, applying the overridden variable. This can be done by mocking the process.cwd() to return the directory containing the .env file, and then loading the environment variables from that file during the application's startup process.
Remediation
Users can update to OpenClaw version 2026.3.31 or later, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.