chore(sync): mirror docs from openclaw/openclaw@c9156cd9a8

This commit is contained in:
openclaw-docs-sync[bot] 2026-04-29 20:11:19 +00:00
parent 19130bc5c5
commit 64ccc50219
2 changed files with 6 additions and 3 deletions

View File

@ -1,5 +1,5 @@
{
"repository": "openclaw/openclaw",
"sha": "9b6670d5c924e2889e288c028588dbfab39e855d",
"syncedAt": "2026-04-29T19:32:28.119Z"
"sha": "c9156cd9a87a00b1099dd65b6b97b21a246f9114",
"syncedAt": "2026-04-29T20:09:52.073Z"
}

View File

@ -263,7 +263,10 @@ channel-runtime-boundary job separately scans core channel implementation
contracts plus the channel plugin runtime, gateway, Plugin SDK, secrets, and
audit touchpoints under the `/codeql-critical-security/channel-runtime-boundary`
category so channel security signal can scale without broadening the baseline
JS/TS category.
JS/TS category. The network-ssrf-boundary job scans core SSRF, IP parsing,
network guard, web-fetch, and Plugin SDK SSRF policy surfaces under the
`/codeql-critical-security/network-ssrf-boundary` category so network trust
boundary signal stays separate from the broader JS/TS security baseline.
The `CodeQL Android Critical Security` workflow is the scheduled Android
security shard. It builds the Android app manually for CodeQL on the smallest