Vibe Security Radar
← Back to Vulnerability Database

GHSA-wpph-cjgr-7c39

LOWCVSS 2.5
CWE-863
Published: Mar 3, 2026Verified by: gemini-3.1-flash-lite-preview
Description

OpenClaw's typed sender-key matching for toolsBySender prevents identity-collision policy bypass

How AI Introduced This

The application allowed ambiguous sender identification in `toolsBySender` configurations, where mutable fields like display names could collide with unique identifiers, allowing unauthorized users to impersonate others and gain elevated tool access.

Causality Analysis

CONFIRMED3b0c80ce245b
Vulnerability
Authorization Bypass / Identity Spoofing
Root Cause
The application allowed ambiguous sender identification in `toolsBySender` configurations, where mutable fields like display names could collide with unique identifiers, allowing unauthorized users to impersonate others and gain elevated tool access.
Pattern
Matching sender authorization keys without explicit type prefixes (e.g., using raw strings that could be interpreted as either an ID or a mutable display name)
Causal Chain
The commit introduced test cases that defined `toolsBySender` keys as raw strings, forcing the implementation to treat these strings as ambiguous identifiers. This lack of type-prefixed keys allowed the system to match mutable display names against unique IDs, leading to the authorization bypass.
Reasoning
The blamed commit introduced the test cases that established the vulnerable pattern of using raw strings (e.g., 'alice', 'admin') as keys in the `toolsBySender` configuration. By codifying this pattern in the test suite, it solidified the expectation that the system should match senders without type prefixes, which directly enabled the identity-collision vulnerability.

Verified by gemini-3.1-flash-lite-preview

AI Signal Details

AI Signals in 3b0c80c
Claude CodeCo-author trailerCo-Authored-By: Claude <noreply@anthropic.com>95%

Bug-Introducing Commits(1)

3b0c80cAI

Add per-sender group tool policies and fix precedence (#1757)

adam91holtJan 27, 2026src/agents/pi-tools-agent-config.test.tsBlame: 90%

Fix Commits(1)

5547a22openclaw/openclaw/5547a22github_advisory
References