OpenClaw is a personal AI assistant. Prior to version 2026.2.14, a mismatch between rawCommand and command[] in the node host system.run handler could cause allowlist/approval evaluation to be performed on one command while executing a different argv. This only impacts deployments that use the node host / companion node execution path (system.run on a node), enable allowlist-based exec policy (security=allowlist) with approval prompting driven by allowlist misses (for example ask=on-miss), allow an attacker to invoke system.run. Default/non-node configurations are not affected. Version 2026.2.14 enforces rawCommand/command[] consistency (gateway fail-fast + node host validation).