openclaw-mission-control

Author	SHA1	Message	Date
Abhimanyu Saharan	46bc9a02c6	fix(security): Keep short agent token prefixes in logs Restore the existing short token-prefix logging behavior for agent auth failures while keeping the optional bearer-path rate-limit fix. Update tests and docs so the replacement branch reflects the intended logging policy. Co-Authored-By: Claude <noreply@anthropic.com>	2026-03-07 23:43:32 +05:30
Abhimanyu Saharan	fb8a932923	fix(security): Close review follow-up gaps Rate-limit the optional agent bearer path after user auth resolution so mixed user/agent routes no longer leave an unthrottled PBKDF2 path. Stop logging token prefixes on agent auth failures and require a locally supplied token for backend/.env.test instead of committing one. Update tests and docs to cover agent bearer fallback, configurable webhook signature headers, and the operator-facing security settings added by the hardening work. Co-Authored-By: Claude <noreply@anthropic.com>	2026-03-07 23:40:50 +05:30
Hugh Brown	494bf4649e	docs: update api.md and authentication.md for Redis rate-limit backend and token logging Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-07 23:35:10 +05:30
Hugh Brown	149fde90c4	docs: document security hardening changes from security review Add documentation for all user/operator-facing changes introduced by the security review branch: rate limits, security headers, webhook HMAC verification, payload size limits, gateway token redaction, non-root containers, agent token logging, and prompt injection mitigation. Updated: docs/reference/api.md, docs/reference/authentication.md, docs/reference/configuration.md, docs/deployment/README.md, docs/operations/README.md, docs/openclaw_gateway_ws.md, backend/README.md. Created: docs/reference/security.md (consolidated security reference). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-07 23:35:10 +05:30
Abhimanyu Saharan	1fdacec7c1	docs: add initial docs/ information architecture + stubs	2026-03-03 05:04:42 +05:30

5 Commits