If you discover a security vulnerability in OpenClaw Foundry, please report it responsibly.
Do NOT open a public GitHub issue for security vulnerabilities.
Instead, please email: maurice_wen@proton.me
Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
We will acknowledge receipt within 48 hours and aim to release a fix within 7 days for critical issues.
| Version | Supported |
|---|---|
| 4.x | Yes |
| < 4.0 | No |
This policy applies to:
- The OpenClaw Foundry web application (CF Pages)
- The API backend (CF Workers)
- The data pipeline scripts
- The CI/CD workflows