OpenClaw documented /config and /debug as owner-only commands, but the command handlers checked only whether the sender was command-authorized. A lower-trust sender who was intentionally allowed to run commands could still reach privileged configuration and debugging surfaces.

This allowed a non-owner sender to read or change privileged configuration that should have remained restricted to owners.

openclaw <= 2026.3.11

Fixed in openclaw 2026.3.12. Owner checks are now enforced for privileged command surfaces, and regression tests cover /config and /debug access control.