openclaw/docs/security/CONTRIBUTING-THREAT-MODEL.md

# Contributing to the OpenClaw Threat Model

Thanks for helping make OpenClaw more secure. This threat model is a living document and we welcome contributions from anyone - you don't need to be a security expert.

## Ways to Contribute

### Add a Threat

Spotted an attack vector or risk we haven't covered? Open an issue on [openclaw/trust](https://github.com/openclaw/trust/issues) and describe it in your own words. You don't need to know any frameworks or fill in every field - just describe the scenario.

**Helpful to include (but not required):**

- The attack scenario and how it could be exploited
- Which parts of OpenClaw are affected (CLI, gateway, channels, ClawHub, MCP servers, etc.)
- How severe you think it is (low / medium / high / critical)
- Any links to related research, CVEs, or real-world examples

We'll handle the ATLAS mapping, threat IDs, and risk assessment during review. If you want to include those details, great - but it's not expected.

> **This is for adding to the threat model, not reporting live vulnerabilities.** If you've found an exploitable vulnerability, see our [Trust page](https://trust.openclaw.ai) for responsible disclosure instructions.

### Suggest a Mitigation

Have an idea for how to address an existing threat? Open an issue or PR referencing the threat. Useful mitigations are specific and actionable - for example, "per-sender rate limiting of 10 messages/minute at the gateway" is better than "implement rate limiting."

### Propose an Attack Chain

Attack chains show how multiple threats combine into a realistic attack scenario. If you see a dangerous combination, describe the steps and how an attacker would chain them together. A short narrative of how the attack unfolds in practice is more valuable than a formal template.

### Fix or Improve Existing Content

Typos, clarifications, outdated info, better examples - PRs welcome, no issue needed.

## What We Use

### MITRE ATLAS

This threat model is built on [MITRE ATLAS](https://atlas.mitre.org/) (Adversarial Threat Landscape for AI Systems), a framework designed specifically for AI/ML threats like prompt injection, tool misuse, and agent exploitation. You don't need to know ATLAS to contribute - we map submissions to the framework during review.

### Threat IDs

Each threat gets an ID like `T-EXEC-003`. The categories are:

| Code    | Category                                   |
| ------- | ------------------------------------------ |
| RECON   | Reconnaissance - information gathering     |
| ACCESS  | Initial access - gaining entry             |
| EXEC    | Execution - running malicious actions      |
| PERSIST | Persistence - maintaining access           |
| EVADE   | Defense evasion - avoiding detection       |
| DISC    | Discovery - learning about the environment |
| EXFIL   | Exfiltration - stealing data               |
| IMPACT  | Impact - damage or disruption              |

IDs are assigned by maintainers during review. You don't need to pick one.

### Risk Levels

| Level        | Meaning                                                           |
| ------------ | ----------------------------------------------------------------- |
| **Critical** | Full system compromise, or high likelihood + critical impact      |
| **High**     | Significant damage likely, or medium likelihood + critical impact |
| **Medium**   | Moderate risk, or low likelihood + high impact                    |
| **Low**      | Unlikely and limited impact                                       |

If you're unsure about the risk level, just describe the impact and we'll assess it.

## Review Process

1. **Triage** - We review new submissions within 48 hours
2. **Assessment** - We verify feasibility, assign ATLAS mapping and threat ID, validate risk level
3. **Documentation** - We ensure everything is formatted and complete
4. **Merge** - Added to the threat model and visualization

## Resources

- [ATLAS Website](https://atlas.mitre.org/)
- [ATLAS Techniques](https://atlas.mitre.org/techniques/)
- [ATLAS Case Studies](https://atlas.mitre.org/studies/)
- [OpenClaw Threat Model](/security/THREAT-MODEL-ATLAS)

## Contact

- **Security vulnerabilities:** See our [Trust page](https://trust.openclaw.ai) for reporting instructions
- **Threat model questions:** Open an issue on [openclaw/trust](https://github.com/openclaw/trust/issues)
- **General chat:** Discord #security channel

## Recognition

Contributors to the threat model are recognized in the threat model acknowledgments, release notes, and the OpenClaw security hall of fame for significant contributions.
docs: add security & trust documentation Add threat model (MITRE ATLAS), contribution guide, and security directory README. Update SECURITY.md with trust page reporting instructions and Jamieson O'Reilly as Security & Trust. Co-Authored-By: theonejvo <theonejvo@users.noreply.github.com> 2026-02-08 21:38:42 +11:00			`# Contributing to the OpenClaw Threat Model`

Centralize date/time formatting utilities (#11831) 2026-02-08 04:53:31 -08:00			`Thanks for helping make OpenClaw more secure. This threat model is a living document and we welcome contributions from anyone - you don't need to be a security expert.`
docs: add security & trust documentation Add threat model (MITRE ATLAS), contribution guide, and security directory README. Update SECURITY.md with trust page reporting instructions and Jamieson O'Reilly as Security & Trust. Co-Authored-By: theonejvo <theonejvo@users.noreply.github.com> 2026-02-08 21:38:42 +11:00
			`## Ways to Contribute`

			`### Add a Threat`

Centralize date/time formatting utilities (#11831) 2026-02-08 04:53:31 -08:00			`Spotted an attack vector or risk we haven't covered? Open an issue on [openclaw/trust](https://github.com/openclaw/trust/issues) and describe it in your own words. You don't need to know any frameworks or fill in every field - just describe the scenario.`
docs: add security & trust documentation Add threat model (MITRE ATLAS), contribution guide, and security directory README. Update SECURITY.md with trust page reporting instructions and Jamieson O'Reilly as Security & Trust. Co-Authored-By: theonejvo <theonejvo@users.noreply.github.com> 2026-02-08 21:38:42 +11:00
			`Helpful to include (but not required):`

			`- The attack scenario and how it could be exploited`
			`- Which parts of OpenClaw are affected (CLI, gateway, channels, ClawHub, MCP servers, etc.)`
			`- How severe you think it is (low / medium / high / critical)`
			`- Any links to related research, CVEs, or real-world examples`

Centralize date/time formatting utilities (#11831) 2026-02-08 04:53:31 -08:00			`We'll handle the ATLAS mapping, threat IDs, and risk assessment during review. If you want to include those details, great - but it's not expected.`
docs: add security & trust documentation Add threat model (MITRE ATLAS), contribution guide, and security directory README. Update SECURITY.md with trust page reporting instructions and Jamieson O'Reilly as Security & Trust. Co-Authored-By: theonejvo <theonejvo@users.noreply.github.com> 2026-02-08 21:38:42 +11:00
			`> This is for adding to the threat model, not reporting live vulnerabilities. If you've found an exploitable vulnerability, see our [Trust page](https://trust.openclaw.ai) for responsible disclosure instructions.`

			`### Suggest a Mitigation`

Centralize date/time formatting utilities (#11831) 2026-02-08 04:53:31 -08:00			`Have an idea for how to address an existing threat? Open an issue or PR referencing the threat. Useful mitigations are specific and actionable - for example, "per-sender rate limiting of 10 messages/minute at the gateway" is better than "implement rate limiting."`
docs: add security & trust documentation Add threat model (MITRE ATLAS), contribution guide, and security directory README. Update SECURITY.md with trust page reporting instructions and Jamieson O'Reilly as Security & Trust. Co-Authored-By: theonejvo <theonejvo@users.noreply.github.com> 2026-02-08 21:38:42 +11:00
			`### Propose an Attack Chain`

			`Attack chains show how multiple threats combine into a realistic attack scenario. If you see a dangerous combination, describe the steps and how an attacker would chain them together. A short narrative of how the attack unfolds in practice is more valuable than a formal template.`

			`### Fix or Improve Existing Content`

Centralize date/time formatting utilities (#11831) 2026-02-08 04:53:31 -08:00			`Typos, clarifications, outdated info, better examples - PRs welcome, no issue needed.`
docs: add security & trust documentation Add threat model (MITRE ATLAS), contribution guide, and security directory README. Update SECURITY.md with trust page reporting instructions and Jamieson O'Reilly as Security & Trust. Co-Authored-By: theonejvo <theonejvo@users.noreply.github.com> 2026-02-08 21:38:42 +11:00
			`## What We Use`

			`### MITRE ATLAS`

Centralize date/time formatting utilities (#11831) 2026-02-08 04:53:31 -08:00			`This threat model is built on [MITRE ATLAS](https://atlas.mitre.org/) (Adversarial Threat Landscape for AI Systems), a framework designed specifically for AI/ML threats like prompt injection, tool misuse, and agent exploitation. You don't need to know ATLAS to contribute - we map submissions to the framework during review.`
docs: add security & trust documentation Add threat model (MITRE ATLAS), contribution guide, and security directory README. Update SECURITY.md with trust page reporting instructions and Jamieson O'Reilly as Security & Trust. Co-Authored-By: theonejvo <theonejvo@users.noreply.github.com> 2026-02-08 21:38:42 +11:00
			`### Threat IDs`

			Each threat gets an ID like `T-EXEC-003`. The categories are:

Centralize date/time formatting utilities (#11831) 2026-02-08 04:53:31 -08:00			`\| Code \| Category \|`
			`\| ------- \| ------------------------------------------ \|`
			`\| RECON \| Reconnaissance - information gathering \|`
			`\| ACCESS \| Initial access - gaining entry \|`
			`\| EXEC \| Execution - running malicious actions \|`
			`\| PERSIST \| Persistence - maintaining access \|`
			`\| EVADE \| Defense evasion - avoiding detection \|`
			`\| DISC \| Discovery - learning about the environment \|`
			`\| EXFIL \| Exfiltration - stealing data \|`
			`\| IMPACT \| Impact - damage or disruption \|`
docs: add security & trust documentation Add threat model (MITRE ATLAS), contribution guide, and security directory README. Update SECURITY.md with trust page reporting instructions and Jamieson O'Reilly as Security & Trust. Co-Authored-By: theonejvo <theonejvo@users.noreply.github.com> 2026-02-08 21:38:42 +11:00
			`IDs are assigned by maintainers during review. You don't need to pick one.`

			`### Risk Levels`

Centralize date/time formatting utilities (#11831) 2026-02-08 04:53:31 -08:00			`\| Level \| Meaning \|`
			`\| ------------ \| ----------------------------------------------------------------- \|`
			`\| Critical \| Full system compromise, or high likelihood + critical impact \|`
			`\| High \| Significant damage likely, or medium likelihood + critical impact \|`
			`\| Medium \| Moderate risk, or low likelihood + high impact \|`
			`\| Low \| Unlikely and limited impact \|`
docs: add security & trust documentation Add threat model (MITRE ATLAS), contribution guide, and security directory README. Update SECURITY.md with trust page reporting instructions and Jamieson O'Reilly as Security & Trust. Co-Authored-By: theonejvo <theonejvo@users.noreply.github.com> 2026-02-08 21:38:42 +11:00
			`If you're unsure about the risk level, just describe the impact and we'll assess it.`

			`## Review Process`

Centralize date/time formatting utilities (#11831) 2026-02-08 04:53:31 -08:00			`1. Triage - We review new submissions within 48 hours`
			`2. Assessment - We verify feasibility, assign ATLAS mapping and threat ID, validate risk level`
			`3. Documentation - We ensure everything is formatted and complete`
			`4. Merge - Added to the threat model and visualization`
docs: add security & trust documentation Add threat model (MITRE ATLAS), contribution guide, and security directory README. Update SECURITY.md with trust page reporting instructions and Jamieson O'Reilly as Security & Trust. Co-Authored-By: theonejvo <theonejvo@users.noreply.github.com> 2026-02-08 21:38:42 +11:00
			`## Resources`

			`- [ATLAS Website](https://atlas.mitre.org/)`
			`- [ATLAS Techniques](https://atlas.mitre.org/techniques/)`
			`- [ATLAS Case Studies](https://atlas.mitre.org/studies/)`
docs: fix Mintlify-incompatible links in security docs (#27698) Merged via squash. Prepared head SHA: 6078cd94ba38b49d17e9680073337885c5f9e781 Co-authored-by: clawdoo <65667097+clawdoo@users.noreply.github.com> Co-authored-by: grp06 <1573959+grp06@users.noreply.github.com> Reviewed-by: @grp06 2026-03-04 06:51:28 +08:00			`- [OpenClaw Threat Model](/security/THREAT-MODEL-ATLAS)`
docs: add security & trust documentation Add threat model (MITRE ATLAS), contribution guide, and security directory README. Update SECURITY.md with trust page reporting instructions and Jamieson O'Reilly as Security & Trust. Co-Authored-By: theonejvo <theonejvo@users.noreply.github.com> 2026-02-08 21:38:42 +11:00
			`## Contact`

			`- Security vulnerabilities: See our [Trust page](https://trust.openclaw.ai) for reporting instructions`
			`- Threat model questions: Open an issue on [openclaw/trust](https://github.com/openclaw/trust/issues)`
			`- General chat: Discord #security channel`

			`## Recognition`

			`Contributors to the threat model are recognized in the threat model acknowledgments, release notes, and the OpenClaw security hall of fame for significant contributions.`