PT-2026-41222 · Npm · Openclaw

Published

2026-05-04

·

Updated

2026-05-04

CVSS v4.0

5.3

Medium

VectorAV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Summary

ACP child sessions inherit subagent security envelope constraints.

Affected Packages / Versions

  • Package: openclaw (npm)
  • Affected versions: <= 2026.4.21
  • Fixed version: 2026.4.22

Impact

A restricted subagent spawning an ACP child session could fail to carry forward subagent-only constraints such as depth, child-count limits, control scope, or target-agent restrictions.

Fix

ACP spawn now resolves and persists child subagent envelope fields, enforces maximum depth and active-child caps, and applies the inherited control scope to child ACP sessions.

Fix Commit(s)

  • 31160dc069b7cc5d833b39c53736a41ad3befda2

Verification

  • The fix commit is contained in the public v2026.4.22 tag.
  • openclaw@2026.4.22 is published on npm and the compiled package contains the fix.
  • Focused regression coverage for this path passed before publication.
OpenClaw thanks @zsxsoft, @qclawer, and @KeenSecurityLab for reporting.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-277

Related Identifiers

GHSA-Q3JJ-46PQ-826R

Affected Products

Openclaw