TeX Render

The `scripts/render.js` file contains a path traversal vulnerability. The `output_base_path` argument, if controlled by an attacker, can be used to write files to arbitrary locations on the filesystem outside the intended `~/.openclaw/media/tex-render/` directory. While there is no explicit malicious intent (e.g., data exfiltration, persistence) within the provided code or agent instructions (`SKILL.md`), this vulnerability allows for potential arbitrary file writes, which is a significant security flaw.