Secrets visible in process arguments via ps #300
Description
Summary
start-openclaw.sh (lines 109-116) passes API keys as CLI flags to openclaw onboard:
openclaw onboard --non-interactive --accept-risk \
--auth-choice cloudflare-ai-gateway-api-key \
--cloudflare-ai-gateway-api-key $CLOUDFLARE_AI_GATEWAY_API_KEY \
...These arguments are visible to any process in the container via ps aux or /proc/<pid>/cmdline while openclaw onboard is running.
Impact
Severity: High — API keys (AI Gateway key, OpenRouter key, Anthropic key) are transiently visible in the process table. In a shared or compromised container, this enables credential theft.
Recommendation
Check if openclaw onboard supports reading credentials from environment variables or stdin instead of CLI flags. If so, switch to that approach. If not, consider filing upstream with OpenClaw to add env var support for credential ingestion.