OpenClaw: Windows-compatible env override keys could bypass system.run approval binding
System-run approval binding used different environment-key normalization than host execution, so Windows-compatible override keys like `ProgramFiles(x86)` could be absent from the approval binding while still being applied at execution time.
src/infra/system-run-approval-binding.ts
This file builds and matches the env portion of `systemRunBinding`. The fix changes env-key normalization here from a portable env normalizer to host-override normalization and adds a fail-closed mismatch path for missing env bindings.
src/infra/host-env-security.ts
This file contains the host-execution env-key normalization routine that the fix reuses for approval binding, which is central to the normalization mismatch described in the advisory.