Openclaw Googlechat 2026.5.19.Tgz

AdvisoryAudited by Static analysis on May 20, 2026.

Overview

Detected: suspicious.exposed_secret_literal

Findings (1)

critical

suspicious.exposed_secret_literal

Location: dist/channel.runtime-DFdC1y3n.js:574
Finding: File appears to expose a hardcoded API secret or token.
Evidence: bearer: [REDACTED]