From a18c60e141cc683134578c5bacfb1a9680114660 Mon Sep 17 00:00:00 2001
From: Shakker <shakkerdroid@gmail.com>
Date: Fri, 5 Jun 2026 00:17:50 +0100
Subject: [PATCH] test: scope sandbox audit home env

---
 .../audit-sandbox-docker-config.test.ts       | 20 +++----------------
 1 file changed, 3 insertions(+), 17 deletions(-)

diff --git a/src/security/audit-sandbox-docker-config.test.ts b/src/security/audit-sandbox-docker-config.test.ts
index 08ad33e3a769..9670b71be5fd 100644
--- a/src/security/audit-sandbox-docker-config.test.ts
+++ b/src/security/audit-sandbox-docker-config.test.ts
@@ -3,6 +3,7 @@ import os from "node:os";
 import path from "node:path";
 import { afterEach, describe, expect, it, vi } from "vitest";
 import type { OpenClawConfig } from "../config/config.js";
+import { withEnvAsync } from "../test-utils/env.js";
 import {
   collectSandboxDangerousConfigFindings,
   collectSandboxDockerNoopFindings,
@@ -44,12 +45,8 @@ describe("security audit sandbox docker config", () => {
 
   it("evaluates sandbox docker config findings", async () => {
     const isolatedHome = path.join(os.tmpdir(), "openclaw-security-audit-home");
-    const previousHome = process.env.HOME;
-    const previousUserProfile = process.env.USERPROFILE;
-    process.env.HOME = isolatedHome;
-    process.env.USERPROFILE = isolatedHome;
     vi.spyOn(os, "homedir").mockReturnValue(isolatedHome);
-    try {
+    await withEnvAsync({ HOME: isolatedHome, USERPROFILE: isolatedHome }, async () => {
       const cases = [
         {
           name: "mode off with docker config only",
@@ -191,17 +188,6 @@ describe("security audit sandbox docker config", () => {
           });
         }),
       );
-    } finally {
-      if (previousHome === undefined) {
-        delete process.env.HOME;
-      } else {
-        process.env.HOME = previousHome;
-      }
-      if (previousUserProfile === undefined) {
-        delete process.env.USERPROFILE;
-      } else {
-        process.env.USERPROFILE = previousUserProfile;
-      }
-    }
+    });
   });
 });