I don't use it myself, but I hear anyone still running OpenClaw versions prior to 2026.3.31 should patch ASAP. Your sandbox is currently looking more like a leaky sieve. Due to missing context validation in the heartbeat, an attacker can completely break out of the sandbox in the worst case and grab full access rights via privilege escalation. The only reliable fix is a direct version bump to the latest release.
TL;DR:
CVE-2026-41329 (don't panic, it's only a 9.9 crit) > OpenClaw users should update now, before someone involuntarily helps with your "pen-testing" 
