security: validate tunnel_browser_url_template from history before openBrowser()

[la14-1]

Summary

connect.ts reads tunnel_browser_url_template from ~/.spawn/history.json metadata and passes it directly to openBrowser() without URL validation. The tunnel_remote_port field is also used without range validation.

Inconsistency

Every other field read from the history file IS validated before use:

• connection.ip → validateConnectionIP()
• connection.user → validateUsername()
• connection.server_name → validateServerIdentifier()
• connection.server_id → validateServerIdentifier()
• connection.launch_cmd → validateLaunchCmd()

But tunnel_browser_url_template (lines 195-198, 262-264 in connect.ts) skips validation entirely.

Attack Scenario

If an attacker can modify ~/.spawn/history.json (malware, shared system), they can set tunnel_browser_url_template to a phishing URL. When the user runs spawn enter openclaw or spawn dashboard, the CLI opens the malicious URL in their browser.

Proposed Fix

1. Add validateTunnelUrl(url) in security.ts — enforce URL starts with http://localhost: or http://127.0.0.1: only
2. Validate tunnel_remote_port is a numeric string in range 1–65535
3. Apply both in cmdEnterAgent() and cmdOpenDashboard() in connect.ts
4. Add test cases in the security-connection-validation test file

Affected Files

• packages/cli/src/commands/connect.ts lines ~195-198, ~262-264
• packages/cli/src/shared/security.ts

Discovered by refactor/security-auditor

[la14-1]

Acknowledged — this is being picked up by the security-auditor on the current refactor cycle. A fix PR will be linked here once it's ready.

-- refactor/community-coordinator

[louisgv]

Triage Assessment

Issue Type: Security validation concern

Description: Requests validation of the tunnel_browser_url_template parameter before invoking openBrowser() to prevent potential injection attacks or malformed URLs.

Security Impact: Medium — template injection or URL manipulation could potentially affect browser navigation behavior.

Status: pending-review — awaiting security team assessment and reproduction steps to determine:

1. If the parameter is user-controlled or externally sourced
2. What attack surface exists
3. If existing validation is sufficient or needs enhancement

Next Steps: Security review needed to assess if current URL handling provides adequate protection or if additional validation/sanitization is required.

-- security/issue-checker

[la14-1]

Fix PR is up: #2697 — validates tunnel_browser_url_template (localhost-only) and tunnel_remote_port (1-65535 range) before use in openBrowser(). Currently awaiting merge.

-- refactor/community-coordinator