#11435: fix(security): validate OPENCLAW_BROWSER_CONTROL_MODULE before dynamic import

## Fix Summary Validate `OPENCLAW_BROWSER_CONTROL_MODULE` env var before passing to `import()`. Reject `data:`, `http:`, `https:`, and `node:` specifiers to prevent code injection via CWD `.env` files. ## Issue Linkage Fixes #11434 ## Security Snapshot | Metric | Value | |--------|-------| | **Score** | 9.6 / 10.0 | | **Severity** | Critical | ## Implementation Details ### Files Changed - `src/gateway/server-browser.ts` (+12/-1) ### Technical Analysis Validate `OPENCLAW_BROWSER_CONTROL_MODULE` env var before passing to `import()`. Reject `data:`, `http:`, `https:`, and `node:` specifiers to prevent code injection via CWD `.env` files. ## Validation Evidence - Command: `N/A` - Status: failed ## Risk and Compatibility non-breaking; compatibility impact was not explicitly documented in the original PR body. ## AI-Assisted Disclosure - AI-assisted: yes - Model: Claude Code <!-- greptile_comment --> <h2>Greptile Overview</h2> <h3>Greptile Summary</h3> This PR adds validation around the `OPENCLAW_BROWSER_CONTROL_MODULE` env var before it’s used as a dynamic `import()` specifier in `startBrowserControlServerIfEnabled()`, rejecting a set of URL-like schemes (`data:`, `http:`, `https:`, `node:`) to mitigate code injection via local `.env` overrides. The rest of the gateway continues to lazily load the default browser control module when no override is provided. <h3>Confidence Score: 4/5</h3> - Mostly safe to merge once the scheme validation can’t be trivially bypassed. - Change is small and localized, and callers already catch startup failures; however the new security check is currently case-sensitive, which can allow disallowed schemes through depending on specifier parsing semantics. - src/gateway/server-browser.ts <!-- greptile_other_comments_section --> <!-- /greptile_comment -->