ClawLens runs locally on a developer's machine and inspects agent tool calls. If you discover a vulnerability — particularly anything that could leak audit data, bypass risk scoring, or affect the OpenClaw gateway — please report it privately:

• Open a GitHub Security Advisory (preferred), or
• Email neelabhkumar@outlook.com with the subject [ClawLens Security].

Please do not open a public issue for security reports.

We aim to acknowledge within 7 days and ship a fix within 30 days for high-severity issues.