## CRITICAL: NemoClaw Policy Engine Flaw Allows Runtime Bypass of All Default Security Blocks
A critical design flaw in the NemoClaw policy engine allows runtime policies to completely override and bypass all default security blocks, directly contradicting its official specification. The vulnerability stems from the `evaluatePolicy()` function checking allow rules first (line 336). This means any runtime call to `addPolicy()` with a decision of "allow" and a broad condition can neutralize every default block rule, rendering the core security model ineffective.

The attack vector is straightforward: an actor can inject a policy like `addPolicy({ decision: "allow", conditions: [{ field: "command", operator: "contains", value: "/" }] })`. This single rule acts as a universal whitelist, permitting all commands and invalidating the entire default blocklist. This directly violates the project's Product Requirements Document (COMPANIES-PRD.md), which explicitly states on line 125: "addPolicy() cannot override default blocks at runtime." The system's current behavior does not enforce this critical guarantee.

The proposed fix involves making core default policy rules immutable, ensuring `addPolicy()` can only add further restrictions and never override existing blocks. A corrected evaluation order must check default blocks *before* runtime allows. This is not a minor bug but a fundamental architectural failure that compromises the integrity of the entire policy enforcement system, allowing for complete runtime bypass.
---
- **Source**: GitHub Issues
- **Sector**: The Lab
- **Tags**: security_vulnerability, policy_engine, access_control, software_design, bypass
- **Credibility**: unverified
- **Published**: 2026-03-29 22:26:59
- **ID**: 40066
- **URL**: https://whisperx.ai/en/intel/40066