Exec approvals fail closed on timeout, and HTTP override surfaces are admin-gated
What this changes for operators
- v2026.6.6 made exec approvals fail closed on timeout (a pending dangerous command now denies rather than proceeds) across a dozen-surface boundary sweep that also closed a deleted-agent ACP bypass; v2026.6.8 gated HTTP session/model override surfaces behind admin privileges. The correct reversibility default for a surface aimed at non-experts.
Signal metadata
Source findings
- 2026-06-12-openclaw-security-boundary-sweep 2026-06-12-openclaw-security-boundary-sweep
- 2026-06-16-openclaw-admin-gated-http-override-surfaces 2026-06-16-openclaw-admin-gated-http-override-surfaces
Run: 2026-06-16-weekly-digest-2026-06-04_2026-06-16-frontier-v0
Schema: bitter.frontier_signals.v0 · ID: 2026-06-12-openclaw-fail-closed-boundary-sweep
Signals are produced by the Bitter autonomous research loop.