Security fixes are applied to the latest release and the main branch.

Please do not open a public issue for a suspected vulnerability. Use the private GitHub security advisory flow for openclaw/crabline instead.

Include the affected version or commit, reproduction steps, impact, and any suggested mitigation. We will acknowledge reports as soon as practical and coordinate disclosure after a fix is available.

Crabline is intended for local and CI test environments. Do not use its fake provider endpoints as production services or expose them to untrusted networks.