[Security]: security audit does not check if dangerous environment variables are set

### Bug type
Missing check
### Summary
The host-env-security-policy.json blocklist prevents the exec tool from
passing dangerous env vars, but `openclaw security audit` never checks
if any of these variables are actually set in the current environment.
If GLIBC_TUNABLES, NODE_OPTIONS, etc. are unexpectedly present, it could
indicate a compromised or misconfigured host. The audit should flag this.
### Expected behavior
[warn] env.dangerous_vars_set — 2 dangerous environment variables are set

### Actual behavior
No finding is emitted.
### OpenClaw version
Latest
### Operating system
All (especially Linux)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Security]: security audit does not check if dangerous environment variables are set #18

Bug type

Summary

Expected behavior

Actual behavior

OpenClaw version

Operating system

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Uh oh!

[Security]: security audit does not check if dangerous environment variables are set #18

Description

Bug type

Summary

Expected behavior

Actual behavior

OpenClaw version

Operating system

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions