applySkillConfigEnvOverrides previously copied skills.entries.*.env values into the host process.env without applying the host env safety policy.

In affected versions, dangerous process-level variables such as NODE OPTIONS could be injected when unset, which can influence runtime/child-process behavior.

An attacker must be able to modify OpenClaw local state/config (for example ~/.openclaw/openclaw.json) to set skills.entries.<skill>.env or related skill config values.

Fixed in 2026.2.21 by sanitizing skill env overrides and blocking dangerous host env keys (including NODE OPTIONS) before applying overrides, with regression tests covering blocked dangerous keys.

Found using MCPwner