If you discover a security vulnerability in MxClaw, please report it responsibly:
- DO NOT open a public GitHub Issue
- Email: security@mxclaw.ai (or use GitHub Security Advisories)
- Include:
- Description of the vulnerability
- Steps to reproduce
- Impact assessment
- Suggested fix (optional)
We will acknowledge receipt within 48 hours and provide a fix timeline within 7 days.
| Version | Supported |
|---|---|
| 0.2.x | ✅ Active |
| < 0.2 | ❌ EOL |
- HTTP API: Bearer token authentication (
gateway.apiTokenin config) - WebSocket: Device token authentication with rotation on each connection
- Webhooks: Per-platform signature verification (HMAC-SHA256, Ed25519)
- Channel allowlists: Per-channel sender filtering
- Mention gating: Only respond when @mentioned in group chats
- Tool approval modes:
always-require-approval,owner-only,yolo - File path restrictions: Tools can only access configured paths
- Config redaction: API responses never expose tokens/keys
- Token hashing: Device tokens stored as SHA-256 hashes
- Pairing codes: 8-char hex, 5-minute expiry, single-use
- Rate limiting: Per-IP HTTP + per-client WebSocket
- Docker:
--network noneisolation for bash commands - SSH: Remote execution on dedicated sandbox hosts
- File system: Workspace path enforcement
- Always set
gateway.apiTokenin production - Use allowlists on all public-facing channels
- Enable
always-require-approvalfor bash and file_write tools - Run behind a reverse proxy (nginx/Caddy) with TLS
- Use Docker sandboxing for bash tool execution
- Rotate device tokens regularly
- Monitor logs for failed auth attempts
- Voice session tokens are ephemeral (not persisted)
- Config file is not encrypted at rest
- WebSocket connections are not end-to-end encrypted (use TLS termination)