fix: tighten small-model audit guardrails

2026-06-06 11:40:58 +08:00 · 2026-01-20 23:45:50 +00:00
parent 4fad74738a
commit 51dfd6efdb
6 changed files with 229 additions and 0 deletions
--- a/docs/cli/security.md
+++ b/docs/cli/security.md
@@ -21,3 +21,4 @@ clawdbot security audit --fix
 ```

 The audit warns when multiple DM senders share the main session and recommends `session.dmScope="per-channel-peer"` for shared inboxes.
+It also warns when small models (<=300B) are used without sandboxing and with web/browser tools enabled.