OpenClaw loaded the current working directory .env before trusted state-dir configuration, allowing untrusted workspace state to inject host environment values.
Impact
A repository or workspace containing a malicious .env file could override runtime configuration and security-sensitive environment settings when OpenClaw started there.
Affected Component
src/infra/dotenv.ts, src/cli/dotenv.ts
Fixed Versions
Affected: <= 2026.3.24
Patched: >= 2026.3.28
Latest stable 2026.3.28 contains the fix.
Fix
Fixed by commit 6a79324802 (Filter untrusted CWD .env entries before OpenClaw startup).