OpenClaw ships high-impact auth hardening release

OpenClaw Daily Brief

1. OpenClaw shipped a high-impact auth hardening release: The Apr 15 pre-release fixes gateway bearer validation so rotated secrets now invalidate immediately across HTTP routes and upgrade paths, removing a stale-token window after secrets.reload.
2. MCP loopback auth got constant-time secret comparison: /mcp bearer checks now use a constant-time comparator with browser-origin gating, reducing timing-leak and cross-origin abuse risk on local operator setups.
3. Workspace file operations closed a symlink race class: Agent file read/write/list paths now route through shared safe-file helpers with realpath validation, blocking symlink-swap path escapes from tool-facing workspace operations.
4. Approval prompts now redact secrets by default: Exec approval review no longer exposes credential material in rendered prompt content, which lowers leakage risk in human-in-the-loop approval workflows.
5. Operator action this morning: Upgrade to the latest April release line, rotate gateway bearer values once, then verify expected 401 behavior on old tokens plus one openclaw models status --check run in CI.

Got a tip? Send it to tips@clawnews.org