Cherry-pick: Security hardening (1/2) (50 commits) #1867
Description
Cherry-pick from upstream — Security hardening (batch 1/2)
Source: openclaw/openclaw main branch
Scan session: 2026-03-24 (rescan after cursor reset)
Commits: 50 (45 clean, 5 partial)
Commits
| # | Hash | Subject | Author | Files | Tier |
|---|---|---|---|---|---|
| 1 | 0f637b5e30 |
refactor: share acp conversation text normalization | Peter Steinberger | 2 | PARTIAL |
| 2 | 742c005ac8 |
fix(acp): preserve hidden thought chunks from gateway chat | Vincent Koc | 2 | PARTIAL |
| 3 | 88d39b1542 |
refactor: simplify remaining runtime singletons | Peter Steinberger | 5 | PARTIAL |
| 4 | b26edfe1ff |
test: trim plugin-heavy unit test imports | Peter Steinberger | 12 | PARTIAL |
| 5 | c7137270d1 |
Security: split audit runtime surfaces | Vincent Koc | 5 | PARTIAL |
| 6 | 03b405659b |
test: merge audit auth precedence cases | Peter Steinberger | 1 | PICK |
| 7 | 093e51f2b3 |
Security: lazy-load channel audit provider helpers | Vincent Koc | 2 | PICK |
| 8 | 0c070ccd53 |
test: merge zalouser audit group cases | Peter Steinberger | 1 | PICK |
| 9 | 1038990bdd |
test: merge discord audit allowlist cases | Peter Steinberger | 1 | PICK |
| 10 | 1301462a1b |
refactor: share acp persistent binding fixtures | Peter Steinberger | 1 | PICK |
| 11 | 141d73ddf4 |
test: merge audit dangerous flag cases | Peter Steinberger | 1 | PICK |
| 12 | 167a6ebed9 |
test: merge gateway http audit cases | Peter Steinberger | 1 | PICK |
| 13 | 17143ed878 |
test: merge audit exposure heuristic cases | Peter Steinberger | 1 | PICK |
| 14 | 17c954c46e |
fix(acp): preserve final assistant message snapshot before end_turn (openclaw#44597) | scoootscooob | 3 | PICK |
| 15 | 23a3211c29 |
test: merge audit discord allowlist cases | Peter Steinberger | 1 | PICK |
| 16 | 23d700b090 |
test: merge audit hooks ingress cases | Peter Steinberger | 1 | PICK |
| 17 | 270ba54c47 |
Status: lazy-load channel security and summaries | Vincent Koc | 1 | PICK |
| 18 | 2cfccf59c7 |
test: merge audit browser container cases | Peter Steinberger | 1 | PICK |
| 19 | 2ef7b13962 |
test: merge channel command audit cases | Peter Steinberger | 1 | PICK |
| 20 | 32fdd21c80 |
fix(acp): preserve hidden thought replay on session load | Vincent Koc | 2 | PICK |
| 21 | 355051f401 |
test: merge audit gateway auth presence cases | Peter Steinberger | 1 | PICK |
| 22 | 3aa76a8ce7 |
test: merge feishu audit doc cases | Peter Steinberger | 1 | PICK |
| 23 | 4fd17021f2 |
test: merge hooks audit risk cases | Peter Steinberger | 1 | PICK |
| 24 | 53a34c39f6 |
Fix windows ACL os mock typing | Tak Hoffman | 1 | PICK |
| 25 | 588c8be6ff |
test: merge audit extension and workspace cases | Peter Steinberger | 1 | PICK |
| 26 | 58c26ad706 |
test: merge audit code safety cases | Peter Steinberger | 1 | PICK |
| 27 | 5f0f69b2c7 |
test: merge browser control audit cases | Peter Steinberger | 1 | PICK |
| 28 | 5f42389d8d |
Security: lazy-load audit config snapshot IO | Vincent Koc | 1 | PICK |
| 29 | 5fd482d6b0 |
test: align acp session mode list | Peter Steinberger | 1 | PICK |
| 30 | 610d836151 |
test: merge audit gateway auth guardrail cases | Peter Steinberger | 1 | PICK |
| 31 | 63997aec23 |
test: merge audit trust exposure cases | Peter Steinberger | 1 | PICK |
| 32 | 6646ca61cc |
test: merge audit channel command hygiene cases | Peter Steinberger | 1 | PICK |
| 33 | 74b9ad010a |
test: preserve node os exports in windows acl mock | Tak Hoffman | 1 | PICK |
| 34 | 7866655176 |
test: merge audit allowCommands cases | Peter Steinberger | 1 | PICK |
| 35 | 7c76acafd6 |
fix(acp): scope cancellation and event routing by runId (openclaw#41331) | Pejman Pour-Moezzi | 3 | PICK |
| 36 | 7e1bc4677f |
test: merge control ui audit cases | Peter Steinberger | 1 | PICK |
| 37 | 7efa79121a |
test: merge install metadata audit cases | Peter Steinberger | 1 | PICK |
| 38 | 85c5ec8065 |
test: share audit exposure severity helper | Peter Steinberger | 1 | PICK |
| 39 | 8ab2d886eb |
test: merge audit windows acl cases | Peter Steinberger | 1 | PICK |
| 40 | 8cfcce0849 |
test: merge audit resolved inspection cases | Peter Steinberger | 1 | PICK |
| 41 | 904db27019 |
fix(security): audit unrestricted hook agent routing | Peter Steinberger | 3 | PICK |
| 42 | 97c481120f |
test: merge audit extension allowlist severity cases | Peter Steinberger | 1 | PICK |
| 43 | 994b42a5a5 |
test: parallelize safe audit case tables | Peter Steinberger | 1 | PICK |
| 44 | 9b6790e3a6 |
refactor: share acp binding resolution helper | Peter Steinberger | 1 | PICK |
| 45 | 9b7aafa141 |
test: merge audit sandbox docker config cases | Peter Steinberger | 1 | PICK |
| 46 | 9e087f66be |
test: merge audit browser sandbox cases | Peter Steinberger | 1 | PICK |
| 47 | a2119efe1c |
Security: lazy-load deep skill audit helpers | Vincent Koc | 1 | PICK |
| 48 | a24325f40c |
test: merge audit deny command cases | Peter Steinberger | 1 | PICK |
| 49 | a97b9014a2 |
External content: sanitize wrapped metadata (openclaw#46816) | Vincent Koc | 3 | PICK |
| 50 | b7afc7bf40 |
fix: harden external content marker sanitization | Peter Steinberger | 3 | PICK |
Execution
Pick up with: /pick-from-openclaw execute issue #N
Recommended strategy: staging branch
Note: 5 PARTIAL commits — some files may need discarding (files not on fork).