Researchers say an AI-powered code scanner traced untrusted data across layers of OpenClaw, exposing exploitable weaknesses including SSRF, authentication bypass, and path traversal.