OpenClaw Newsletter - 2026-05-03
OpenClaw Newsletter
Sunday, May 3, 2026Top Stories
- openclaw 2026.5.2 — Highlights - External plugin installation, update, doctor repair, dependency reporting, and artifact metadata now cover the npm-first cutover, stale configured installs, missing package payloads, and...
- openclaw 2026.5.2-beta.3 — 2026.5.2 Highlights - External plugin installation now covers diagnostics, onboarding, doctor repair, channel setup, install/update records, and artifact metadata while keeping bare package installs...
- openclaw 2026.5.2-beta.2 — 2026.5.2 Highlights - External plugin installation now covers diagnostics, onboarding, doctor repair, channel setup, install/update records, and artifact metadata while keeping bare package installs...
- [Bug]: A2UI bundle/hash depends on ui/node_modules presence — Bug type Behavior bug (incorrect output/state without crash) Beta release blocker No Summary Running pnpm build on the same checkout rewrites src/canvas-host/a2ui/.bundle.hash and...
- [Bug]: latest OpenClaw still emits massive pre-tool update_plan bursts on long GPT-5/Codex tasks — Summary On the latest OpenClaw, I am still seeing very large pre-tool update_plan bursts on long tasks. The task eventually completes, but it can spend a long time repeatedly emitting update_plan...
- [Bug]: Massive virtual memory bloat (22GB+ VIRT) immediately after Gateway startup, identical to previously reported issue #6413. This issue was closed as "not planned" but the problem persists on the latest stable release. — Bug type Crash (process/app exits or hangs) Beta release blocker No Summary Massive virtual memory bloat (22GB+ VIRT) immediately after Gateway startup, identical to previously reported issue #6413....
- [Bug]: WhatsApp outbound messages create ghost chats due to missing LID→PN resolution in createWebSendApi — Bug type Behavior bug (incorrect output/state without crash) Beta release blocker No Summary Version: OpenClaw 2026.4.15-beta.1 / Baileys v7.0.0-rc.9 Description: When an agent sends a WhatsApp...
- Explicit ACP agent runs: embedded backend visibility failure and stale final JSON state after sessions_yield — OpenClaw explicit agent --json ACP runs currently hit two separate bugs in the embedded explicit-run path. Both are fixed locally for now, but only as hotfixes in installed Homebrew dist files....
- [Bug]: Discrepancy in models.json: bundled plugins bypass the onboard lifecycle to inject models into the manifest — Bug type Behavior bug (incorrect output/state without crash) Beta release blocker No Summary The models.json manifest includes model entries from bundled plugins (arcee and codex) that bypass the...
- CLI: `openclaw agents list` fails with unresolved SecretRef; CLI process hangs after completion — Description Two related bugs in the openclaw agents CLI commands: Bug 1: agents list fails when Telegram botTokens use SecretRef openclaw agents list calls buildProviderStatusIndex() which attempts...
- Gateway becomes unresponsive under subagent load on Windows - completion announcements timeout — Bug The gateway becomes unresponsive when handling multiple subagent completion announcements, causing cascading timeouts and failed deliveries. This is distinct from #7042 (which was hard crashes) -...
- [Bug]: Source-dependent instructions/tools drift invalidates OpenAI prompt cache within the same session — Summary For the same target session and the same prompt_cache_key, OpenClaw can assemble different instructions and different tool sets depending on the dispatch source (direct user turn vs...
- OpenClaw 2026.5.2 gateway HTTP surface times out while service remains active with high CPU — Bug type Regression (worked before, now fails) Beta release blocker No Summary After updating to OpenClaw 2026.5.2, the gateway service remains active and port 18789 is bound, but the gateway HTTP...
- Agent should be notified when MCP server fails to start — Problem When a configured MCP server fails to start (e.g. npm package removed from registry), the error is logged at gateway level but the agent is never informed. The agent simply receives a reduced...
- [Bug] exec crontab fails with SIGKILL in 2026.4.9 — Problem After upgrading to OpenClaw 2026.4.9, exec commands for crontab timing out or getting SIGKilled immediately. Environment - OpenClaw version: 2026.4.9 (0512059) - macOS: 26.4 (arm64) - Node:...
- Tool granularity vs server-side aggregation — best practices for high-count skills / tools (65+)? — Context We're using OpenClaw 4.8 at a fintech company to build an AI investment-research assistant. Our current setup: - 60+ structured REST endpoints exposed through an internal data service...
- [Bug]: Managed cron task runs do not populate progressSummary, leaving /tasks and session_status mostly silent during execution — Bug type Behavior bug (incorrect output/state without crash) Beta release blocker No Summary The background-task ledger supports progressSummary, but on OpenClaw 2026.4.8 managed cron jobs do not...
- Feature Request: Built-in Command Risk Classifier for exec approvals — Summary Add a built-in command risk classification system to OpenClaw's exec approval mechanism, similar to Claude Code's command classification. Motivation Currently, OpenClaw's exec approval system...
- Update stability issues: gateway hangs and channel integrations become unresponsive — Problem Description After updating OpenClaw multiple times over the past few days, I consistently encounter the following issues: 1. Gateway hangs frequently - The gateway process gets stuck and...
- fix(discord): propagate blockquote context across chunk boundaries — Summary Fixes #63409 When chunkDiscordText() flushed a chunk in the middle of a blockquote, the next chunk started without the leading > prefix. Discord renders each message independently, so...
- fix: filter phantom provider entries inferred from aggregator model ID prefixes — Summary - Fixes #62317: /model status shows a phantom [google] provider entry when an OpenRouter model has an ID like google/gemini-3-flash-preview - The pi-coding-agent ModelRegistry splits model...
- fix(macos): harden exec approval sockets against SIGPIPE — Summary - harden macOS exec approval socket descriptors with SO_NOSIGPIPE - apply the guard to both client and server-side accepted socket fds - add a regression test proving the socket option is...
- Expand skill scanner with additional security detection rules — Summary Adds four new detection rules to the skill scanner (src/security/skill-scanner.ts) to catch previously undetected attack patterns in third-party skills: New Rules |
- [Feature]: Expose per-run token usage on the WebSocket lifecycle event stream — Problem The lifecycle end event contains only timing data (startedAt, endedAt, aborted, stopReason). Token and cost metrics collected in agentMeta during a run are persisted to the session store but...
- Auth profile failover blocked by file lock contention on rate_limit errors — Bug When an auth profile hits a 429 rate_limit_error, the gateway logs decision=rotate_profile but never executes the rotation to the next profile. The run terminates as failed. Timeout errors rotate...
- [Feature]: 分布式部署的可能性? — Summary 如果用两台OpenClaw网关节点连在一起,一台控制多agents ,一台保存记忆、处理记忆,这个方案可行吗? Problem to solve 解决单台云服务器性能不够,无法处理大量数据向量嵌入 Proposed solution 如果能实现分布式节点,那就可以多台网关多agen共享同一套记忆库,理论上就没有性能瓶颈了。 Alternatives considered _No...
- Feature Request: Enforce skill execution sandbox when enabled: false — Problem Setting skills.entries..enabled: false (including the UI toggle) only removes the skill from auto-matching. It does not prevent the agent from: 1. Reading the skill's SKILL.md via the read...
- Feature: pairing list-approved and pairing revoke commands — Problem There is no CLI command to: 1. List approved/paired senders for a channel 2. Revoke (de-pair) a previously approved sender Current state - openclaw pairing list — only shows pending requests,...
- Feature Request: Add STATE.md to auto-loaded workspace bootstrap files — Problem After context compaction, agents lose their working state — what they were doing, what's in progress, what decisions were just made. The current recovery requires reading multiple files...
- Scheduled auto-upgrade cron can fail without visible notification, and gateway recovery does not restore macOS LaunchAgent gateway — Summary Scheduled auto-upgrade cron can fail without a reliable visible notification, and post-upgrade gateway recovery does not restore a macOS LaunchAgent gateway. Environment - OpenClaw version:...
- feat(acp): forward image blocks in tool call results — Summary - extractToolCallContent() in the ACP event mapper previously only extracted type: "text" blocks from tool results, silently dropping image content blocks - ACP clients (Feishu, Discord,...
- media: fix resource leaks and temp file cleanup in downloadToFile — Summary - Fix write stream leak on size-limit abort: When a download exceeds MAX_BYTES, req.destroy() was called but the createWriteStream was never closed, leaking file descriptors under load - Add...
- OpenClaw repo stats for 2026-05-03 — 367679 stars, 75651 forks, 2075 contributors
- OpenClaw sponsors (122 total) — 122 sponsors supporting OpenClaw
- fix(search): cap vector hydration window
- fix(api): avoid redundant latest tag version reads
- fix(search): bound lexical fallback scans
- fix(convex): raise download rate limit
- fix(convex): reduce download and token write contention
- test(convex): update leaderboard page size expectation
- fix(convex): reduce hot rate-limit and catalog reads
- fix(scanner): avoid generic pay purchase tags
- fix(security): flag python file upload exfiltration
- fix(github): keep scanner appeal issues open
- fix(ui): restore skill downloads and search paging
- fix(convex): gate large index deletion
- fix(convex): retain built rate limit index
- fix(convex): avoid rate limit index backfill
- fix(convex): drop unused package stat index
- test(rate-limits): expect consumed shard quota
- fix(convex): reduce hot stat write contention
- fix(convex): bound skill health reads
- fix(packages): keep mirror artifact URLs on public host
- build(schema): update package response dist
- Update install instructions
- openclaw v2026.5.2 on npm — Multi-channel AI gateway with extensible messaging integrations
- sulpikar2/Qwen3.5-4B-Claude-4.6-Opus-Reasoning-openclaw
- ykarout/Qwen3.5-9b-Opus-Openclaw-Distilled-FP8 — text-generation
- OpenClaw on DigitalOcean — Deploy your own personal AI assistant with OpenClaw on a DigitalOcean Droplet® server, a powerful open-source platform that runs entirely on your infrastructure. OpenClaw connects to the messaging...
- OpenClaw isn't fooling me. I remember MS-DOS
- I tested 4 local models as memory classifiers for OpenClaw — and thinking models are a trap — I'm a backend engineer. When I started using OpenClaw, I kept hitting the same reliability problems...
- 70% of OpenClaw Skills Request OAuth Scopes They Don't Need — We ran two independent security scans across all 6,993 public skills in openclaw/skills. The dominant...
- Why Anthropic Cut Off OpenClaw — The Claude Subscription Policy Shift and What It Costs You — On April 4, 2026, Anthropic blocked Claude Pro/Max subscriptions from powering third-party agent tools. Add the Fast Mode 6x price multiplier, and this is a structural overhaul worth running the...
- NemoClaw practical guide for secure OpenClaw operations in 2026 — Most AI agent stacks still treat security as a post-demo fix. NemoClaw starts from the opposite...
- One Open Source Project a Day (No.52): Tank-OS - A Red Hat Engineer Baked an AI Agent Into a Bootable Linux Image Over a Weekend — Introduction "When an AI Agent starts deleting emails, accessing databases, and calling...
- Agent Memory Providers Compared — Honcho, Mem0, Hindsight, and Five More — Modern assistants still forget everything when you close the tab unless something persists beyond the...
- 7 OpenClaw Money-Making Cases in One Week — and the Hidden Cost Problem Behind Them — Recently I saw a post about 7 OpenClaw money-making cases from the past week. At first, these...
- Using Gemini with OpenClaw: Setup Guide + Real Use Cases — OpenClaw supports a wide range of LLM providers, and choosing the right one shapes how your agents...
- Is Claw Things just a hype or does it really deliver its promise? — The AI Assistant Boom started in the first of 2026, though it actually already happened in late 2025 with the release of claw things🦞…Continue reading on Medium »
- IDO Claw — Redefining Personal AI Computing — AI is evolving fast, but most systems are still trapped in cloud dependency or overloaded general-purpose hardware.Continue reading on Medium »
- From Prompts to Systems: Building Agentic AI with OpenClaw, Hermes, Gstack, and Paperclip on Oracle… — Build agentic AI systems on Oracle Cloud with OpenClaw, Hermes Agent, Gstack, and Paperclip.Continue reading on Medium »
- I Found 7 Practical Uses for Hermes Agent That Are Actually Useful — Most AI agent articles are too abstract.Continue reading on Medium »
- The duckh3 Project, Math for Deep Learning, OpenClaw New Memory | Issue 86 — A weekly curated update on data science and engineering topics and resources.Continue reading on Medium »
- Who Pays When the AI Apologizes? The Hidden Danger of Agentic Super-Apps — Tech gurus promise a frictionless future where a single AI handles everything. But when autonomous agents start accidentally wiping hard…Continue reading on InfoSec Write-ups »
- Running OpenClaw in a Docker Container on Ubuntu 22.04 — If you desire, you can follow the documentation that OpenClaw has proposed themself. You can find this documentation here.Continue reading on Medium »
- NanoClaw — Lightweight AI assistant runs in Apple containers with isolated Linux container processes for superior OS-level security, transparency, and privacy compared to complex chatbots, enabling quick code...
- Thunderbolt — Open-source AI platform for deploying language models across desktop and mobile systems, features model selection, on-premises setup, enterprise-level encryption, advanced security auditing, and...
- Kimi — Kimi is an intelligent assistant app that uses advanced reasoning to help users solve complex problems in areas like math, coding, and visual reasoning. It can handle both long and short...
- Apollo AI — Customizable interface for private, on-device AI model chatting, open source and closed source LLM connections, OpenRouter support, custom backend support, and unified access to language models...
- MiroThinker — MiroThinker is an open-source search agent model, built for tool-augmented reasoning and real-world information seeking, aiming to match the deep research experience of OpenAI Deep Research and...
- Private GPT — Ask questions to your documents without an internet connection, using the power of LLMs. 100% private, no data leaves your execution environment at any point. You can ingest documents and ask...
- Helpful Skills or Hidden Payloads? Bitdefender Labs Dives Deep into the OpenClaw Malicious Skill Trap — With hundreds of malicious OpenClaw skills blending in among legitimate ones, manually reviewing every script or command isn’t realistic — especially when skills are designed to look helpful and...
- the debate about openclaw not being safe on your PC or Mac etc, or like don't use it on your computer because its gonn
- @forgebitz that's so true, haven't heard anyhting about openclaw in a while 😅
- This open source is so good @stainlu great job, @openclaw you need to check this out built for agents https://t.co/A3Zz9
- OpenAI首席执行官Sam Altman表示,ChatGPT用户现可使用其账户登录代理平台OpenClaw,并直接使用现有的ChatGPT订阅服务。这一举措提升了ChatGPT订阅的灵活性和跨平台使用体验。
- m1okhBMDVyQVJxTPhb4LLS3S1zCCkVPVUuPo6Mepump openclaw flagged $CAMERON as a strong hold. not surprised ┃🧫┃ $CAMERON
- OpenClaw创始人加入了OpenAI,领导"AI Agent基础设施"团队。 一个人做的开源项目,GitHub star超Linux,被OpenAI直接收编。 这就是2026年个人开发者的天花板: 你不需要团队,不需要融资, 只需要
- @altryne @wooolfred Openclaw is garbage now.
- @openclaw Tui works again! Just in time to be able to ask my bot to repair the broken Matrix issue the update just creat
- OpenClaw is making waves in the open-source AI hardware space. Exciting to see community-driven innovation! #OpenClaw #A
- ARea51UmRfn22Ds7KwFZirSMEEn1gtBdrhW4zLeveeV1 openclaw called $AALIEN bullish. i'm listening Was Made Using - @OpenCl
- @mitchmalone @openclaw @OpenAI very curious what you most repeated use case is?
- @DavidPreti what do you use openclaw for again that Claude Code is less suited for? for codex, is that w/ gpt? Or still
- zfZPpLhgGBvrf487QZ3vL9riivPHgXp1RpQXKLApump openclaw on $butting —momentum strong, risk low. easy Was Made Using - @
- DTfN4DotNupzDbqpg6dX4jfXekB5vVkePxjuyivJpump just ran $BEE through openclaw. risk is low, upside is real Was Made Us
- HXzqEEUjQ6JevbrJiMBAwoiCVikZb93XHmYtde4iCA3G openclaw called $Spirit perfectly last time. running the scan again Was
- GK9yk7r6VGtQ6e5HCknjUiogQ17EQrgu1E59wzkYpump openclaw been right on $Adam twice already. trusting the scan ┃🧫┃ $Adam
- 2Fiut5a3s7vBkGFKXd7kH2v8W1idJ9g7CWAvMEdVpump openclaw on $GAY —momentum strong, risk low. easy ┃🧫┃ $GAY ┃💰┃ MC : $1
- If #OpenClaw breaks on firmware > 2026.4.23, it’s likely a dependency issue — Brave in my case: 100% at CPU, slow UI,
- the debate about openclaw not being safe on your PC or Mac etc, or like don't use it on your computer because its gonn
- OpenClaw is making waves in the open-source AI hardware space. Exciting to see community-driven innovation! #OpenClaw #A
Trending on X
- the debate about openclaw not being safe on your PC or Mac etc, or like don't use it on your computer because its gonn
- @forgebitz that's so true, haven't heard anyhting about openclaw in a while 😅
- This open source is so good @stainlu great job, @openclaw you need to check this out built for agents https://t.co/A3Zz9
- OpenAI首席执行官Sam Altman表示,ChatGPT用户现可使用其账户登录代理平台OpenClaw,并直接使用现有的ChatGPT订阅服务。这一举措提升了ChatGPT订阅的灵活性和跨平台使用体验。
- m1okhBMDVyQVJxTPhb4LLS3S1zCCkVPVUuPo6Mepump openclaw flagged $CAMERON as a strong hold. not surprised ┃🧫┃ $CAMERON
- OpenClaw创始人加入了OpenAI,领导"AI Agent基础设施"团队。 一个人做的开源项目,GitHub star超Linux,被OpenAI直接收编。 这就是2026年个人开发者的天花板: 你不需要团队,不需要融资, 只需要
- @altryne @wooolfred Openclaw is garbage now.
- @openclaw Tui works again! Just in time to be able to ask my bot to repair the broken Matrix issue the update just creat
- OpenClaw is making waves in the open-source AI hardware space. Exciting to see community-driven innovation! #OpenClaw #A
- ARea51UmRfn22Ds7KwFZirSMEEn1gtBdrhW4zLeveeV1 openclaw called $AALIEN bullish. i'm listening Was Made Using - @OpenCl
- @mitchmalone @openclaw @OpenAI very curious what you most repeated use case is?
- @DavidPreti what do you use openclaw for again that Claude Code is less suited for? for codex, is that w/ gpt? Or still
- zfZPpLhgGBvrf487QZ3vL9riivPHgXp1RpQXKLApump openclaw on $butting —momentum strong, risk low. easy Was Made Using - @
- DTfN4DotNupzDbqpg6dX4jfXekB5vVkePxjuyivJpump just ran $BEE through openclaw. risk is low, upside is real Was Made Us
- HXzqEEUjQ6JevbrJiMBAwoiCVikZb93XHmYtde4iCA3G openclaw called $Spirit perfectly last time. running the scan again Was
- GK9yk7r6VGtQ6e5HCknjUiogQ17EQrgu1E59wzkYpump openclaw been right on $Adam twice already. trusting the scan ┃🧫┃ $Adam
- 2Fiut5a3s7vBkGFKXd7kH2v8W1idJ9g7CWAvMEdVpump openclaw on $GAY —momentum strong, risk low. easy ┃🧫┃ $GAY ┃💰┃ MC : $1
- If #OpenClaw breaks on firmware > 2026.4.23, it’s likely a dependency issue — Brave in my case: 100% at CPU, slow UI,
- the debate about openclaw not being safe on your PC or Mac etc, or like don't use it on your computer because its gonn
- OpenClaw is making waves in the open-source AI hardware space. Exciting to see community-driven innovation! #OpenClaw #A
Releases
- openclaw 2026.5.2 — Highlights - External plugin installation, update, doctor repair, dependency reporting, and artifact metadata now cover the npm-first cutover, stale configured installs, missing package payloads, and...
- openclaw 2026.5.2-beta.3 — 2026.5.2 Highlights - External plugin installation now covers diagnostics, onboarding, doctor repair, channel setup, install/update records, and artifact metadata while keeping bare package installs...
- openclaw 2026.5.2-beta.2 — 2026.5.2 Highlights - External plugin installation now covers diagnostics, onboarding, doctor repair, channel setup, install/update records, and artifact metadata while keeping bare package installs...
- OpenClaw repo stats for 2026-05-03 — 367679 stars, 75651 forks, 2075 contributors
- openclaw v2026.5.2 on npm — Multi-channel AI gateway with extensible messaging integrations
Community
- [Bug]: A2UI bundle/hash depends on ui/node_modules presence — Bug type Behavior bug (incorrect output/state without crash) Beta release blocker No Summary Running pnpm build on the same checkout rewrites src/canvas-host/a2ui/.bundle.hash and...
- [Bug]: latest OpenClaw still emits massive pre-tool update_plan bursts on long GPT-5/Codex tasks — Summary On the latest OpenClaw, I am still seeing very large pre-tool update_plan bursts on long tasks. The task eventually completes, but it can spend a long time repeatedly emitting update_plan...
- [Bug]: Massive virtual memory bloat (22GB+ VIRT) immediately after Gateway startup, identical to previously reported issue #6413. This issue was closed as "not planned" but the problem persists on the latest stable release. — Bug type Crash (process/app exits or hangs) Beta release blocker No Summary Massive virtual memory bloat (22GB+ VIRT) immediately after Gateway startup, identical to previously reported issue #6413....
- [Bug]: WhatsApp outbound messages create ghost chats due to missing LID→PN resolution in createWebSendApi — Bug type Behavior bug (incorrect output/state without crash) Beta release blocker No Summary Version: OpenClaw 2026.4.15-beta.1 / Baileys v7.0.0-rc.9 Description: When an agent sends a WhatsApp...
- Explicit ACP agent runs: embedded backend visibility failure and stale final JSON state after sessions_yield — OpenClaw explicit agent --json ACP runs currently hit two separate bugs in the embedded explicit-run path. Both are fixed locally for now, but only as hotfixes in installed Homebrew dist files....
- [Bug]: Discrepancy in models.json: bundled plugins bypass the onboard lifecycle to inject models into the manifest — Bug type Behavior bug (incorrect output/state without crash) Beta release blocker No Summary The models.json manifest includes model entries from bundled plugins (arcee and codex) that bypass the...
- CLI: `openclaw agents list` fails with unresolved SecretRef; CLI process hangs after completion — Description Two related bugs in the openclaw agents CLI commands: Bug 1: agents list fails when Telegram botTokens use SecretRef openclaw agents list calls buildProviderStatusIndex() which attempts...
- Gateway becomes unresponsive under subagent load on Windows - completion announcements timeout — Bug The gateway becomes unresponsive when handling multiple subagent completion announcements, causing cascading timeouts and failed deliveries. This is distinct from #7042 (which was hard crashes) -...
- [Bug]: Source-dependent instructions/tools drift invalidates OpenAI prompt cache within the same session — Summary For the same target session and the same prompt_cache_key, OpenClaw can assemble different instructions and different tool sets depending on the dispatch source (direct user turn vs...
- OpenClaw 2026.5.2 gateway HTTP surface times out while service remains active with high CPU — Bug type Regression (worked before, now fails) Beta release blocker No Summary After updating to OpenClaw 2026.5.2, the gateway service remains active and port 18789 is bound, but the gateway HTTP...
- Agent should be notified when MCP server fails to start — Problem When a configured MCP server fails to start (e.g. npm package removed from registry), the error is logged at gateway level but the agent is never informed. The agent simply receives a reduced...
- [Bug] exec crontab fails with SIGKILL in 2026.4.9 — Problem After upgrading to OpenClaw 2026.4.9, exec commands for crontab timing out or getting SIGKilled immediately. Environment - OpenClaw version: 2026.4.9 (0512059) - macOS: 26.4 (arm64) - Node:...
- Tool granularity vs server-side aggregation — best practices for high-count skills / tools (65+)? — Context We're using OpenClaw 4.8 at a fintech company to build an AI investment-research assistant. Our current setup: - 60+ structured REST endpoints exposed through an internal data service...
- [Bug]: Managed cron task runs do not populate progressSummary, leaving /tasks and session_status mostly silent during execution — Bug type Behavior bug (incorrect output/state without crash) Beta release blocker No Summary The background-task ledger supports progressSummary, but on OpenClaw 2026.4.8 managed cron jobs do not...
- Feature Request: Built-in Command Risk Classifier for exec approvals — Summary Add a built-in command risk classification system to OpenClaw's exec approval mechanism, similar to Claude Code's command classification. Motivation Currently, OpenClaw's exec approval system...
- Update stability issues: gateway hangs and channel integrations become unresponsive — Problem Description After updating OpenClaw multiple times over the past few days, I consistently encounter the following issues: 1. Gateway hangs frequently - The gateway process gets stuck and...
- fix(discord): propagate blockquote context across chunk boundaries — Summary Fixes #63409 When chunkDiscordText() flushed a chunk in the middle of a blockquote, the next chunk started without the leading > prefix. Discord renders each message independently, so...
- fix: filter phantom provider entries inferred from aggregator model ID prefixes — Summary - Fixes #62317: /model status shows a phantom [google] provider entry when an OpenRouter model has an ID like google/gemini-3-flash-preview - The pi-coding-agent ModelRegistry splits model...
- fix(macos): harden exec approval sockets against SIGPIPE — Summary - harden macOS exec approval socket descriptors with SO_NOSIGPIPE - apply the guard to both client and server-side accepted socket fds - add a regression test proving the socket option is...
- Expand skill scanner with additional security detection rules — Summary Adds four new detection rules to the skill scanner (src/security/skill-scanner.ts) to catch previously undetected attack patterns in third-party skills: New Rules |
- [Feature]: Expose per-run token usage on the WebSocket lifecycle event stream — Problem The lifecycle end event contains only timing data (startedAt, endedAt, aborted, stopReason). Token and cost metrics collected in agentMeta during a run are persisted to the session store but...
- Auth profile failover blocked by file lock contention on rate_limit errors — Bug When an auth profile hits a 429 rate_limit_error, the gateway logs decision=rotate_profile but never executes the rotation to the next profile. The run terminates as failed. Timeout errors rotate...
- [Feature]: 分布式部署的可能性? — Summary 如果用两台OpenClaw网关节点连在一起,一台控制多agents ,一台保存记忆、处理记忆,这个方案可行吗? Problem to solve 解决单台云服务器性能不够,无法处理大量数据向量嵌入 Proposed solution 如果能实现分布式节点,那就可以多台网关多agen共享同一套记忆库,理论上就没有性能瓶颈了。 Alternatives considered _No...
- Feature Request: Enforce skill execution sandbox when enabled: false — Problem Setting skills.entries..enabled: false (including the UI toggle) only removes the skill from auto-matching. It does not prevent the agent from: 1. Reading the skill's SKILL.md via the read...
- Feature: pairing list-approved and pairing revoke commands — Problem There is no CLI command to: 1. List approved/paired senders for a channel 2. Revoke (de-pair) a previously approved sender Current state - openclaw pairing list — only shows pending requests,...
- Feature Request: Add STATE.md to auto-loaded workspace bootstrap files — Problem After context compaction, agents lose their working state — what they were doing, what's in progress, what decisions were just made. The current recovery requires reading multiple files...
- Scheduled auto-upgrade cron can fail without visible notification, and gateway recovery does not restore macOS LaunchAgent gateway — Summary Scheduled auto-upgrade cron can fail without a reliable visible notification, and post-upgrade gateway recovery does not restore a macOS LaunchAgent gateway. Environment - OpenClaw version:...
- feat(acp): forward image blocks in tool call results — Summary - extractToolCallContent() in the ACP event mapper previously only extracted type: "text" blocks from tool results, silently dropping image content blocks - ACP clients (Feishu, Discord,...
- media: fix resource leaks and temp file cleanup in downloadToFile — Summary - Fix write stream leak on size-limit abort: When a download exceeds MAX_BYTES, req.destroy() was called but the createWriteStream was never closed, leaking file descriptors under load - Add...
- OpenClaw sponsors (122 total) — 122 sponsors supporting OpenClaw
- fix(search): cap vector hydration window
- fix(api): avoid redundant latest tag version reads
- fix(search): bound lexical fallback scans
- fix(convex): raise download rate limit
- fix(convex): reduce download and token write contention
- test(convex): update leaderboard page size expectation
- fix(convex): reduce hot rate-limit and catalog reads
- fix(scanner): avoid generic pay purchase tags
- fix(security): flag python file upload exfiltration
- fix(github): keep scanner appeal issues open
- fix(ui): restore skill downloads and search paging
- fix(convex): gate large index deletion
- fix(convex): retain built rate limit index
- fix(convex): avoid rate limit index backfill
- fix(convex): drop unused package stat index
- test(rate-limits): expect consumed shard quota
- fix(convex): reduce hot stat write contention
- fix(convex): bound skill health reads
- fix(packages): keep mirror artifact URLs on public host
- build(schema): update package response dist
- Update install instructions
News
- sulpikar2/Qwen3.5-4B-Claude-4.6-Opus-Reasoning-openclaw
- ykarout/Qwen3.5-9b-Opus-Openclaw-Distilled-FP8 — text-generation
- OpenClaw on DigitalOcean — Deploy your own personal AI assistant with OpenClaw on a DigitalOcean Droplet® server, a powerful open-source platform that runs entirely on your infrastructure. OpenClaw connects to the messaging...
- OpenClaw isn't fooling me. I remember MS-DOS
- I tested 4 local models as memory classifiers for OpenClaw — and thinking models are a trap — I'm a backend engineer. When I started using OpenClaw, I kept hitting the same reliability problems...
- 70% of OpenClaw Skills Request OAuth Scopes They Don't Need — We ran two independent security scans across all 6,993 public skills in openclaw/skills. The dominant...
- Why Anthropic Cut Off OpenClaw — The Claude Subscription Policy Shift and What It Costs You — On April 4, 2026, Anthropic blocked Claude Pro/Max subscriptions from powering third-party agent tools. Add the Fast Mode 6x price multiplier, and this is a structural overhaul worth running the...
- NemoClaw practical guide for secure OpenClaw operations in 2026 — Most AI agent stacks still treat security as a post-demo fix. NemoClaw starts from the opposite...
- One Open Source Project a Day (No.52): Tank-OS - A Red Hat Engineer Baked an AI Agent Into a Bootable Linux Image Over a Weekend — Introduction "When an AI Agent starts deleting emails, accessing databases, and calling...
- Agent Memory Providers Compared — Honcho, Mem0, Hindsight, and Five More — Modern assistants still forget everything when you close the tab unless something persists beyond the...
- 7 OpenClaw Money-Making Cases in One Week — and the Hidden Cost Problem Behind Them — Recently I saw a post about 7 OpenClaw money-making cases from the past week. At first, these...
- Using Gemini with OpenClaw: Setup Guide + Real Use Cases — OpenClaw supports a wide range of LLM providers, and choosing the right one shapes how your agents...
- Is Claw Things just a hype or does it really deliver its promise? — The AI Assistant Boom started in the first of 2026, though it actually already happened in late 2025 with the release of claw things🦞…Continue reading on Medium »
- IDO Claw — Redefining Personal AI Computing — AI is evolving fast, but most systems are still trapped in cloud dependency or overloaded general-purpose hardware.Continue reading on Medium »
- From Prompts to Systems: Building Agentic AI with OpenClaw, Hermes, Gstack, and Paperclip on Oracle… — Build agentic AI systems on Oracle Cloud with OpenClaw, Hermes Agent, Gstack, and Paperclip.Continue reading on Medium »
- I Found 7 Practical Uses for Hermes Agent That Are Actually Useful — Most AI agent articles are too abstract.Continue reading on Medium »
- The duckh3 Project, Math for Deep Learning, OpenClaw New Memory | Issue 86 — A weekly curated update on data science and engineering topics and resources.Continue reading on Medium »
- Who Pays When the AI Apologizes? The Hidden Danger of Agentic Super-Apps — Tech gurus promise a frictionless future where a single AI handles everything. But when autonomous agents start accidentally wiping hard…Continue reading on InfoSec Write-ups »
- Running OpenClaw in a Docker Container on Ubuntu 22.04 — If you desire, you can follow the documentation that OpenClaw has proposed themself. You can find this documentation here.Continue reading on Medium »
- NanoClaw — Lightweight AI assistant runs in Apple containers with isolated Linux container processes for superior OS-level security, transparency, and privacy compared to complex chatbots, enabling quick code...
- Thunderbolt — Open-source AI platform for deploying language models across desktop and mobile systems, features model selection, on-premises setup, enterprise-level encryption, advanced security auditing, and...
- Kimi — Kimi is an intelligent assistant app that uses advanced reasoning to help users solve complex problems in areas like math, coding, and visual reasoning. It can handle both long and short...
- Apollo AI — Customizable interface for private, on-device AI model chatting, open source and closed source LLM connections, OpenRouter support, custom backend support, and unified access to language models...
- MiroThinker — MiroThinker is an open-source search agent model, built for tool-augmented reasoning and real-world information seeking, aiming to match the deep research experience of OpenAI Deep Research and...
- Private GPT — Ask questions to your documents without an internet connection, using the power of LLMs. 100% private, no data leaves your execution environment at any point. You can ingest documents and ask...
Security
- Helpful Skills or Hidden Payloads? Bitdefender Labs Dives Deep into the OpenClaw Malicious Skill Trap — With hundreds of malicious OpenClaw skills blending in among legitimate ones, manually reviewing every script or command isn’t realistic — especially when skills are designed to look helpful and...
Don't miss what's next. Subscribe to Openclaw Newsletter: