Browser Security Enhancements

This cluster focuses on improving security and stability in the browser component of the OpenClaw framework.

15 PRs

fix browser Representative: #22910

#	Title	Author	Created	GitHub
8124	fix(browser): add path validation for file upload and download	yubrew	2026-02-03	View
8517	Browser: sandbox download/trace paths	coygeek	2026-02-04	View
8567	fix: Sandbox browser runs Chromium as root with --no-sandbox	coygeek	2026-02-04	View
8718	fix: sanitize download filenames to prevent path traversal (CWE-22)	DevZenPro	2026-02-04	View
9317	[Swarm] [Bug]: Connection error on Intel MacBook Pro persi	swarmagents	2026-02-05	View
9319	[Swarm] [Mattermost] WebSocket disconnects with "client si	swarmagents	2026-02-05	View
9323	[Swarm] Discord Message Queue Gets Stuck - DiscordMessageL	swarmagents	2026-02-05	View
9326	[Swarm] Technical Report: Recursive Deadlocks and Latency	swarmagents	2026-02-05	View
17943	fix: use 0o644 for inbound media files to allow sandbox read access	zerone0x	2026-02-16	View
17944	fix(security): fail-closed for local media paths without sandboxRoot	Operative-001	2026-02-16	View
20390	fix(daemon): fall back to /tmp for launchd logs on removable volumes	lemoz	2026-02-18	View
22910	fix(browser): resolve symlinks in upload path validation rep	erdinccurebal	2026-02-21	View
23308	fix(browser): accept upload paths that traverse symlinked tmp dirs	SidQin-cyber	2026-02-22	View
23620	fix(memory): follow symlinks in memory indexer, reader, and watcher	Diaspar4u	2026-02-22	View
23673	docs(imessage): update cliPath to Homebrew path for Apple Silicon	camerony	2026-02-22	View