Venice's API doesn't support certain OpenAI-compatible parameters that Clawdbot sends by default: - `store`: Venice returns HTTP 400 with no body when this is present - `developer` role: Not supported by Venice's API This adds VENICE_COMPAT settings (supportsStore: false, supportsDeveloperRole: false) to all Venice model definitions, both from the static catalog and dynamically discovered models. Fixes issues reported in PR #1666 where users experienced silent failures (HTTP 400, no body) when using Venice models. Co-authored-by: jonisjongithub <jonisjongithub@users.noreply.github.com> Co-authored-by: Clawdbot <bot@clawd.bot>
25 lines
718 B
Markdown
25 lines
718 B
Markdown
---
|
|
summary: "CLI reference for `clawdbot security` (audit and fix common security footguns)"
|
|
read_when:
|
|
- You want to run a quick security audit on config/state
|
|
- You want to apply safe “fix” suggestions (chmod, tighten defaults)
|
|
---
|
|
|
|
# `clawdbot security`
|
|
|
|
Security tools (audit + optional fixes).
|
|
|
|
Related:
|
|
- Security guide: [Security](/gateway/security)
|
|
|
|
## Audit
|
|
|
|
```bash
|
|
clawdbot security audit
|
|
clawdbot security audit --deep
|
|
clawdbot security audit --fix
|
|
```
|
|
|
|
The audit warns when multiple DM senders share the main session and recommends `session.dmScope="per-channel-peer"` for shared inboxes.
|
|
It also warns when small models (`<=300B`) are used without sandboxing and with web/browser tools enabled.
|