If you believe you have found a security issue in Proofrail for OpenClaw, please report it privately and do not open a public issue first.
Please include:
- A clear title
- Affected version or commit SHA
- Impact
- Reproduction steps
- A minimal proof of concept when possible
- Suggested remediation if you have one
For private disclosure, contact the maintainers through the repository security contact path or open a private security advisory on GitHub if available.
This repository is an OpenClaw plugin, not the OpenClaw core runtime.
Please report issues here when they are specific to Proofrail itself, for example:
- incorrect guardrail decisions inside the plugin
- unsafe path handling or artifact writes inside the plugin
- release artifact or packaging mistakes in this repository
If the issue is in OpenClaw core, the Gateway, or another host integration, report it to the repository where that code lives.
Please allow reasonable time for triage and remediation before public disclosure.