@openclaw/fs-safe is a filesystem-safety library, so potential boundary bypasses should be reported privately first.
Email security reports to Peter Steinberger at steipete@gmail.com with:
- affected version or commit
- platform and filesystem details
- minimal reproduction steps
- expected impact
Please do not open a public issue for traversal, symlink, hardlink, archive extraction, or credential-file bugs until we have coordinated disclosure.