Pull Requests by AI-Reviewer-QS

22 total
← Show all PRs
# Title Author Cluster Created
21668 fix(config): block dangerous environment variable keys from config injection AI-Reviewer-QS Environment Variable S... 2026-02-20
21667 fix(canvas): add CSP and security headers to HTML responses AI-Reviewer-QS Security Enhancements ... 2026-02-20
21666 fix(gateway): restrict auto-paired device scopes to safe defaults AI-Reviewer-QS Device Pairing and Gat... 2026-02-20
21665 fix(sandbox): add /home and /Users to bind-mount denylist AI-Reviewer-QS Sandbox Path Managemen... 2026-02-20
21664 fix(gateway): require re-pairing for legacy devices that lack scope metadata AI-Reviewer-QS Device Pairing and Gat... 2026-02-20
21663 fix(gateway): prevent self-approval of timed-out exec requests AI-Reviewer-QS Device Pairing and Gat... 2026-02-20
21662 fix(gateway): validate session key ownership against agent scope AI-Reviewer-QS OpenClaw Plugin Enhanc... 2026-02-20
21661 fix(agents): treat approval timeout as denial regardless of askFallback AI-Reviewer-QS OpenClaw Plugin Enhanc... 2026-02-20
21660 fix(plugins): require explicit allowlist for non-bundled plugins AI-Reviewer-QS Plugin Management and ... 2026-02-20
16997 fix(telegram): preserve entities during text fragment reassembly AI-Reviewer-QS Telegram Message Handl... 2026-02-15
16995 fix(telegram): record update ID before processing to prevent crash replay AI-Reviewer-QS Telegram Command Fixes 2026-02-15
16994 fix(gateway): prevent double terminal SSE event on OpenResponses error AI-Reviewer-QS Gateway Error Handling... 2026-02-15
16992 fix(gateway): escape XML entities in file.filename to prevent prompt injection AI-Reviewer-QS TwiML Security and Fixes 2026-02-15
16991 fix(config): add missing defaults to config snapshot path AI-Reviewer-QS Config Management Impr... 2026-02-15
16990 fix(media): strip auth headers on cross-origin redirect in downloadToFile AI-Reviewer-QS Slack Media Handling F... 2026-02-15
16989 fix(telegram): remove duplicate migration call during group->supergroup migra... AI-Reviewer-QS Telegram Command Fixes 2026-02-15
16987 fix(config): add skipCache to updateSessionStoreEntry and updateLastRoute to ... AI-Reviewer-QS Session Lock Improvements 2026-02-15
15618 fix(plugins): reject async plugin registration instead of silently ignoring AI-Reviewer-QS Plugin Management Enha... 2026-02-13
15615 fix(security): restrict PATH override to exact match in node-host sanitizeEnv AI-Reviewer-QS Environment Variable S... 2026-02-13
15613 fix(config): align default pipelines across loadConfig and readConfigFileSnap... AI-Reviewer-QS Config Management Impr... 2026-02-13
15611 fix(gateway): invalidate hook transform cache on config reload AI-Reviewer-QS Hook and Gateway Impro... 2026-02-13
15603 fix(gateway): correct malformed HTTP 429 response on WebSocket upgrade AI-Reviewer-QS Gateway Error Handling... 2026-02-13