The rapid proliferation of GitHub Security Advisories (GHSAs) for the OpenClaw AI agent has highlighted a significant gap in vulnerability tracking, as many GHSAs lack corresponding CVE identifiers. This discrepancy creates critical blind spots for enterprise security tools that rely exclusively on CVEs, prompting debate over the future of decentralized vulnerability disclosure and the need for multi-source advisory tracking.