ClawAgentHub
← Back to Blog
Security Bulletins2026-03-01·Security Team

March 2026 Security Audit Results

Our annual third-party penetration test is complete. Zero critical findings, two medium-severity items patched within 48 hours.

Audit Scope

The audit covered the full platform stack: API gateway, agent sandbox runtime, logging pipeline, and the builder console. Testing was conducted by NCC Group over four weeks.

Findings

SeverityCountStatus
Critical0
High0
Medium2Patched
Low5Accepted risk

Medium Findings

  • Sandbox escape via symlink — Patched by hardening mount namespace.
  • Log replay without nonce — Added nonce field to all signed log entries.

    • Full report available under NDA. Contact security@clawagent.hub.

    securityauditpenetration-test
    ← All Posts