# Vulnerability Summary ## Overview This vulnerability involves the redirection of Python Package Index (PyPI) requests via environment variables (`fix(host-env)`). An attacker can override scoped environment variables to redirect package retrieval requests to a malicious index server, thereby injecting malicious packages. ## Impact Scope - All users of the OpenClaw platform - Operations involving the following environment variables: - `PIP_INDEX_URL` - `PIP_PYPI_URL` - `PIP_EXTRA_INDEX_URL` - `UV_INDEX` - `UV_INDEX_URL` - `UV_EXTRA_INDEX_URL` - `UV_DEFAULT_INDEX` - `UV_EXTRA_INDEX_URL` ## Remediation 1. **Update Security Policies**: Add restrictions for Python package index-related environment variables in `src/infra/host-env-security-policy.json` and `src/infra/host-env-security-policy.generated.swc`. 2. **Code Changes**: - Add the following environment variables to `src/infra/host-env-security-policy.json`: ```json "PIP_INDEX_URL", "PIP_PYPI_URL", "PIP_EXTRA_INDEX_URL", "UV_INDEX", "UV_INDEX_URL", "UV_EXTRA_INDEX_URL", "UV_DEFAULT_INDEX", "UV_EXTRA_INDEX_URL" ``` - Add the same restrictions to `src/infra/host-env-security-policy.generated.swc`. 3. **Test Cases**: - Add test cases in `src/infra/host-env-security.test.ts` to ensure these environment variables are correctly restricted. - The test cases include: ```typescript expect(env.PIP_INDEX_URL).toBeUndefined(); expect(env.PIP_PYPI_URL).toBeUndefined(); expect(env.PIP_EXTRA_INDEX_URL).toBeUndefined(); expect(env.UV_INDEX).toBeUndefined(); expect(env.UV_INDEX_URL).toBeUndefined(); expect(env.UV_EXTRA_INDEX_URL).toBeUndefined(); expect(env.UV_DEFAULT_INDEX).toBeUndefined(); expect(env.UV_EXTRA_INDEX_URL).toBeUndefined(); ``` Through these measures, it is possible to effectively prevent malicious users from redirecting package retrieval requests via environment variables, ensuring the security and integrity of software packages.