admin/Moltbot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: clarify security scope

Browse Source
This commit is contained in:
Peter Steinberger
2026-01-30 21:51:19 +01:00
parent 49a3e3795a
commit 2cdfecdde3
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
SECURITY.md
View File

@@ -7,6 +7,16 @@ If you believe you've found a security issue in OpenClaw, please report it priva
- Email: `steipete@gmail.com` - Email: `steipete@gmail.com`
- What to include: reproduction steps, impact assessment, and (if possible) a minimal PoC. - What to include: reproduction steps, impact assessment, and (if possible) a minimal PoC.
## Bug Bounties
OpenClaw is a labor of love. There is no bug bounty program and no budget for paid reports. Please still disclose responsibly so we can fix issues quickly.
The best way to help the project right now is by sending PRs.
## Out of Scope
- Public Internet Exposure
- Using OpenClaw in ways that the docs recommend not to
## Operational Guidance ## Operational Guidance
For threat model + hardening guidance (including `openclaw security audit --deep` and `--fix`), see: For threat model + hardening guidance (including `openclaw security audit --deep` and `--fix`), see: