openclaw 2026.2.17

Changes

• Agents/Anthropic: add opt-in 1M context beta header support for Opus/Sonnet via model params.context1m: true (maps to anthropic-beta: context-1m-2025-08-07).
• Agents/Models: support Anthropic Sonnet 4.6 (anthropic/claude-sonnet-4-6) across aliases/defaults with forward-compat fallback when upstream catalogs still only expose Sonnet 4.5.
• Commands/Subagents: add /subagents spawn for deterministic subagent activation from chat commands. (#18218) Thanks @JoshuaLelon.
• Agents/Subagents: add an accepted response note for sessions_spawn explaining polling subagents are disabled for one-off calls. Thanks @tyler6204.
• Agents/Subagents: prefix spawned subagent task messages with context to preserve source information in downstream handling. Thanks @tyler6204.
• iOS/Share: add an iOS share extension that forwards shared URL/text/image content directly to gateway agent.request, with delivery-route fallback and optional receipt acknowledgements. (#19424) Thanks @mbelinky.
• iOS/Talk: add a Background Listening toggle that keeps Talk Mode active while the app is backgrounded (off by default for battery safety). Thanks @zeulewan.
• iOS/Talk: add a Voice Directive Hint toggle for Talk Mode prompts so users can disable ElevenLabs voice-switching instructions to save tokens when not needed. (#18250) Thanks @zeulewan.
• iOS/Talk: harden barge-in behavior by disabling interrupt-on-speech when output route is built-in speaker/receiver, reducing false interruptions from local TTS bleed-through. Thanks @zeulewan.
• Slack: add native single-message text streaming with Slack chat.startStream/appendStream/stopStream; keep reply threading aligned with replyToMode, default streaming to enabled, and fall back to normal delivery when streaming fails. (#9972) Thanks @natedenh.
• Slack: add configurable streaming modes for draft previews. (#18555) Thanks @Solvely-Colin.
• Telegram/Agents: add inline button style support (primary|success|danger) across message tool schema, Telegram action parsing, send pipeline, and runtime prompt guidance. (#18241) Thanks @obviyus.
• Telegram: surface user message reactions as system events, with configurable channels.telegram.reactionNotifications scope. (#10075) Thanks @Glucksberg.
• iMessage: support replyToId on outbound text/media sends and normalize leading [[reply_to:<id>]] tags so replies target the intended iMessage. Thanks @tyler6204.
• Tool Display/Web UI: add intent-first tool detail views and exec summaries. (#18592) Thanks @xdLawless2.
• Discord: expose native /exec command options (host/security/ask/node) so Discord slash commands get autocomplete and structured inputs. Thanks @thewilloftheshadow.
• Discord: allow reusable interactive components with components.reusable=true so buttons, selects, and forms can be used multiple times before expiring. Thanks @thewilloftheshadow.
• Discord: add per-button allowedUsers allowlist for interactive components to restrict who can click buttons. Thanks @thewilloftheshadow.
• Cron/Gateway: separate per-job webhook delivery (delivery.mode = "webhook") from announce delivery, enforce valid HTTP(S) webhook URLs, and keep a temporary legacy notify + cron.webhook fallback for stored jobs. (#17901) Thanks @advaitpaliwal.
• Cron/CLI: add deterministic default stagger for recurring top-of-hour cron schedules (including 6-field seconds cron), auto-migrate existing jobs to persisted schedule.staggerMs, and add openclaw cron add/edit --stagger <duration> plus --exact overrides for per-job timing control.
• Cron: log per-run model/provider usage telemetry in cron run logs/webhooks and add a local usage report script for aggregating token usage by job. (#18172) Thanks @HankAndTheCrew.
• Tools/Web: add URL allowlists for web_search and web_fetch. (#18584) Thanks @smartprogrammer93.
• Browser: add extraArgs config for custom Chrome launch arguments. (#18443) Thanks @JayMishra-source.
• Voice Call: pre-cache inbound greeting TTS for faster first playback. (#18447) Thanks @JayMishra-source.
• Skills: compact skill file <location> paths in the system prompt by replacing home-directory prefixes with ~, and add targeted compaction tests for prompt serialization behavior. (#14776) Thanks @bitfish3.
• Skills: refine skill-description routing boundaries with explicit "Use when"/"NOT for" guidance for coding-agent/github/weather, and clarify PTY/browser fallback wording. (#14577) Thanks @DylanWoodAkers.
• Auto-reply/Prompts: include trusted inbound message_id in conversation metadata payloads for downstream targeting workflows. Thanks @tyler6204.
• Auto-reply: include sender_id in trusted inbound metadata so moderation workflows can target the sender without relying on untrusted text. (#18303) Thanks @crimeacs.
• UI/Sessions: avoid duplicating typed session prefixes in display names (for example Subagent Subagent ...). Thanks @tyler6204.
• Agents/Z.AI: enable tool_stream by default for real-time tool call streaming, with opt-out via params.tool_stream: false. (#18173) Thanks @tianxiao1430-jpg.
• Plugins: add before_agent_start model/provider overrides before resolution. (#18568) Thanks @natefikru.
• Mattermost: add emoji reaction actions plus reaction event notifications, including an explicit boolean remove flag to avoid accidental removals. (#18608) Thanks @echo931.
• Memory/Search: add FTS fallback plus query expansion for memory search. (#18304) Thanks @irchelper.
• Agents/Models: support per-model thinkingDefault overrides in model config. (#18152) Thanks @wu-tian807.
• Agents: enable llms.txt discovery in default behavior. (#18158) Thanks @yolo-maxi.
• Extensions/Auth: add OpenAI Codex CLI auth provider integration. (#18009) Thanks @jiteshdhamaniya.
• Feishu: add Bitable create-app/create-field tools for automation workflows. (#17963) Thanks @gaowanqi08141999.
• Docker: add optional OPENCLAW_INSTALL_BROWSER build arg to preinstall Chromium + Xvfb in the Docker image, avoiding runtime Playwright installs. (#18449)

Fixes

• Agents/Image: collapse resize diagnostics to one line per image and include visible pixel/byte size details in the log message for faster triage.
• Agents/Subagents: preemptively guard accumulated tool-result context before model calls by truncating oversized outputs and compacting oldest tool-result messages to avoid context-window overflow crashes. Thanks @tyler6204.
• Agents/Subagents: add explicit subagent guidance to recover from [compacted: tool output removed to free context] / [truncated: output exceeded context limit] markers by re-reading with smaller chunks instead of full-file cat. Thanks @tyler6204.
• Agents/Tools: make read auto-page across chunks (when no explicit limit is provided) and scale its per-call output budget from model contextWindow, so larger contexts can read more before context guards kick in. Thanks @tyler6204.
• Agents/Tools: strip duplicated read truncation payloads from tool-result details and make pre-call context guarding account for heavy tool-result metadata, so repeated read calls no longer bypass compaction and overflow model context windows. Thanks @tyler6204.
• Reply threading: keep reply context sticky across streamed/split chunks and preserve replyToId on all chunk sends across shared and channel-specific delivery paths (including iMessage, BlueBubbles, Telegram, Discord, and Matrix), so follow-up bubbles stay attached to the same referenced message. Thanks @tyler6204.
• Gateway/Agent: defer transient lifecycle error snapshots with a short grace window so agent.wait does not resolve early during retry/failover. Thanks @tyler6204.
• Hooks/Automation: bridge outbound/inbound message lifecycle into internal hook events (message:received, message:sent) with session-key correlation guards, while keeping per-payload success/error reporting accurate for chunked and best-effort deliveries. (PR #9387)
• Media understanding: honor agents.defaults.imageModel during auto-discovery so implicit image analysis uses configured primary/fallback image models. (PR #7607)
• iOS/Onboarding: stop auth Step 3 retry-loop churn by pausing reconnect attempts on unauthorized/missing-token gateway errors and keeping auth/pairing issue state sticky during manual retry. (#19153) Thanks @mbelinky.
• Voice-call: auto-end calls when media streams disconnect to prevent stuck active calls. (#18435) Thanks @JayMishra-source.
• Voice call/Gateway: prevent overlapping closed-loop turn races with per-call turn locking, route transcript dedupe via source-aware fingerprints with strict cache eviction bounds, and harden voicecall latency stats for large logs without spread-operator stack overflow. (#19140) Thanks @mbelinky.
• iOS/Chat: route ChatSheet RPCs through the operator session instead of the node session to avoid node-role authorization failures for chat.history, chat.send, and sessions.list. (#19320) Thanks @mbelinky.
• macOS/Update: correct the Sparkle appcast version for 2026.2.15 so updates are offered again. (#18201)
• Gateway/Auth: clear stale device-auth tokens after device token mismatch errors so re-paired clients can re-auth. (#18201)
• Telegram: enable DM voice-note transcription with CLI fallback handling. (#18564) Thanks @thhuang.
• Telegram/Polls: restore Telegram poll action wiring in channel handlers. (#18122) Thanks @akyourowngames.
• WebChat: strip reply/audio directive tags from rendered chat output. (#18093) Thanks @aldoeliacim.
• Discord: honor configured HTTP proxy for app-id and allowlist REST resolution. (#17958) Thanks @k2009.
• BlueBubbles: add fallback path to recover outbound message_id from fromMe webhooks when platform message IDs are missing. Thanks @tyler6204.
• BlueBubbles: match outbound message-id fallback recovery by chat identifier as well as account context. Thanks @tyler6204.
• BlueBubbles: include sender identifier in untrusted conversation metadata for conversation info payloads. Thanks @tyler6204.
• Security/Exec: fix the OC-09 credential-theft path via environment-variable injection. (#18048) Thanks @aether-ai-agent.
• Security/Config: confine $include resolution to the top-level config directory, harden traversal/symlink checks with cross-platform-safe path containment, and add doctor hints for invalid escaped include paths. (#18652) Thanks @aether-ai-agent.
• Providers: improve error messaging for unconfigured local ollama/vllm providers. (#18183) Thanks @arosstale.
• TTS: surface all provider errors instead of only the last error in aggregated failures. (#17964) Thanks @ikari-pl.
• CLI/Doctor/Configure: skip gateway auth checks for loopback-only setups. (#18407) Thanks @sggolakiya.
• CLI/Doctor: reconcile gateway service-token drift after re-pair flows. (#18525) Thanks @norunners.
• Process/Windows: disable detached spawn in exec runs to prevent empty command output. (#18067) Thanks @arosstale.
• Process: gracefully terminate process trees with SIGTERM before SIGKILL. (#18626) Thanks @sauerdaniel.
• Sessions/Windows: use atomic session-store writes to prevent context loss on Windows. (#18347) Thanks @twcwinston.
• Agents/Image: validate base64 image payloads before provider submission. (#18263) Thanks @sriram369.
• Models CLI: validate catalog entries in openclaw models set. (#18129) Thanks @carrotRakko.
• Usage: isolate last-turn totals in token usage reporting to avoid mixed-turn totals. (#18052) Thanks @arosstale.
• Cron: resolve accountId from agent bindings in isolated sessions. (#17996) Thanks @simonemacario.
• Gateway/HTTP: preserve unbracketed IPv6 Host headers when normalizing requests. (#18061) Thanks @Clawborn.
• Sandbox: fix workspace-directory orphaning during SHA-1 -> SHA-256 slug migration. (#18523) Thanks @yinghaosang.
• Ollama/Qwen: handle Qwen 3 reasoning field format in Ollama responses. (#18631) Thanks @mr-sk.
• OpenAI/Transcripts: always drop orphaned reasoning blocks from transcript repair. (#18632) Thanks @TySabs.
• Fix types in all tests. Typecheck the whole repository.
• Gateway/Channels: wire gateway.channelHealthCheckMinutes into strict config validation, treat implicit account status as managed for health checks, and harden channel auto-restart flow (preserve restart-attempt caps across crash loops, propagate enabled/configured runtime flags, and stop pending restart backoff after manual stop). Thanks @steipete.
• Gateway/WebChat: hard-cap chat.history oversized payloads by truncating high-cost fields and replacing over-budget entries with placeholders, so history fetches stay within configured byte limits and avoid chat UI freezes. (#18505)
• UI/Usage: replace lingering undefined var(--text-muted) usage with var(--muted) in usage date-range and chart styles to keep muted text visible across themes. (#17975) Thanks @jogelin.
• UI/Usage: preserve selected-range totals when timeline data is downsampled by bucket-aggregating timeseries points (instead of dropping intermediate points), so filtered tokens/cost stay accurate. (#17959) Thanks @jogelin.
• UI/Sessions: refresh the sessions table only after successful deletes and preserve delete errors on cancel/failure paths, so deleted sessions disappear automatically without masking delete failures. (#18507)
• Scripts/UI/Windows: fix pnpm ui:* spawn EINVAL failures by restoring shell-backed launch for .cmd/.bat runners, narrowing shell usage to launcher types that require it, and rejecting unsafe forwarded shell metacharacters in UI script args. (#18594)
• Hooks/Session-memory: recover /new conversation summaries when session pointers are reset-path or missing sessionFile, and consistently prefer the newest .jsonl.reset.* transcript candidate for fallback extraction. (#18088)
• Auto-reply/Sessions: prevent stale thread ID leakage into non-thread sessions so replies stay in the main DM after topic interactions. (#18528) Thanks @j2h4u.
• Slack: restrict forwarded-attachment ingestion to explicit shared-message attachments and skip non-Slack forwarded image_url fetches, preventing non-forward attachment unfurls from polluting inbound agent context while preserving forwarded message handling.
• Feishu: detect bot mentions in post messages with embedded docs when message.mentions is empty. (#18074) Thanks @popomore.
• Agents/Sessions: align session lock watchdog hold windows with run and compaction timeout budgets (plus grace), preventing valid long-running turns from being force-unlocked mid-run while still recovering hung lock owners. (#18060)
• Cron: preserve default model fallbacks for cron agent runs when only model.primary is overridden, so failover still follows configured fallbacks unless explicitly cleared with fallbacks: []. (#18210) Thanks @mahsumaktas.
• Cron: route text-only announce output through the main session announce flow via runSubagentAnnounceFlow so cron text-only output remains visible to the initiating session. Thanks @tyler6204.
• Cron: treat timeoutSeconds: 0 as no-timeout (not clamped to 1), ensuring long-running cron runs are not prematurely terminated. Thanks @tyler6204.
• Cron announce injection now targets the session determined by delivery config (to + channel) instead of defaulting to the current session. Thanks @tyler6204.
• Cron/Heartbeat: canonicalize session-scoped reminder sessionKey routing and preserve explicit flat sessionKey cron tool inputs, preventing enqueue/wake namespace drift for session-targeted reminders. (#18637) Thanks @vignesh07.
• Cron/Webhooks: reuse existing session IDs for webhook/cron runs when the session key is stable and still fresh, preserving conversation history. (#18031) Thanks @Operative-001.
• Cron: prevent spin loops when cron jobs complete within the scheduled second by advancing the next run and enforcing a minimum refire gap. (#18073) Thanks @widingmarcus-cyber.
• OpenClawKit/iOS ChatUI: accept canonical session-key completion events for local pending runs and preserve message IDs across history refreshes, preventing stuck "thinking" state and message flicker after gateway replies. (#18165) Thanks @mbelinky.
• iOS/Onboarding: add QR-first onboarding wizard with setup-code deep link support, pairing/auth issue guidance, and device-pair QR generation improvements for Telegram/Web/TUI fallback flows. (#18162) Thanks @mbelinky and @Marvae.
• iOS/Gateway: stabilize connect/discovery state handling, add onboarding reset recovery in Settings, and fix iOS gateway-controller coverage for command-surface and last-connection persistence behavior. (#18164) Thanks @mbelinky.
• iOS/Talk: harden mobile talk config handling by ignoring redacted/env-placeholder API keys, support secure local keychain override, improve accessibility motion/contrast behavior in status UI, and tighten ATS to local-network allowance. (#18163) Thanks @mbelinky.
• iOS/Location: restore the significant location monitor implementation (service hooks + protocol surface + ATS key alignment) after merge drift so iOS builds compile again. (#18260) Thanks @ngutman.
• iOS/Signing: auto-select local Apple Development team during iOS project generation/build, prefer the canonical OpenClaw team when available, and support local per-machine signing overrides without committing team IDs. (#18421) Thanks @ngutman.
• Discord/Telegram: make per-account message action gates effective for both action listing and execution, and preserve top-level gate restrictions when account overrides only specify a subset of actions keys (account key -> base key -> default fallback). (#18494)
• Telegram: keep DM-topic replies and draft previews in the originating private-chat topic by preserving positive message_thread_id values for DM threads. (#18586) Thanks @sebslight.
• Telegram: preserve private-chat topic message_thread_id on outbound sends (message/sticker/poll), keep thread-not-found retry fallback, and avoid masking chat not found routing errors. (#18993) Thanks @obviyus.
• Discord: prevent duplicate media delivery when the model uses the message send tool with media, by skipping media extraction from messaging tool results since the tool already sent the message directly. (#18270)
• Discord: route audioAsVoice auto-replies through the voice message API so opt-in audio renders as voice messages. (#18041) Thanks @zerone0x.
• Discord: skip auto-thread creation in forum/media/voice/stage channels and keep group session last-route metadata fresh to avoid invalid thread API errors and lost follow-up sends. (#18098) Thanks @Clawborn.
• Discord/Commands: normalize commands.allowFrom entries with user:/discord:/pk: prefixes and <@id> mentions so command authorization matches Discord allowlist behavior. (#18042)
• Telegram: keep draft-stream preview replies attached to the user message for replyToMode: "all" in groups and DMs, preserving threaded reply context from preview through finalization. (#17880) Thanks @yinghaosang.
• Telegram: prevent streaming final replies from being overwritten by later final/error payloads, and suppress fallback tool-error warnings when a recovered assistant answer already exists after tool calls. (#17883) Thanks @Marvae and @obviyus.
• Telegram: debounce the first draft-stream preview update (30-char threshold) and finalize short responses by editing the stop-time preview message, improving first push notifications and avoiding duplicate final sends. (#18148) Thanks @Marvae.
• Telegram: disable block streaming when channels.telegram.streamMode is off, preventing newline/content-block replies from splitting into multiple messages. (#17679) Thanks @saivarunk.
• Telegram: keep streamMode: "partial" draft previews in a single message across assistant-message/reasoning boundaries, preventing duplicate preview bubbles during partial-mode tool-call turns. (#18956) Thanks @obviyus.
• Telegram: normalize native command names for Telegram menu registration (- -> _) to avoid BOT_COMMAND_INVALID command-menu wipeouts, and log failed command syncs instead of silently swallowing them. (#19257) Thanks @akramcodez.
• Telegram: route non-abort slash commands on the normal chat/topic sequential lane while keeping true abort requests (/stop, stop) on the control lane, preventing command/reply race conditions from control-lane bypass. (#17899) Thanks @obviyus.
• Telegram: ignore <media:...> placeholder lines when extracting MEDIA: tool-result paths, preventing false local-file reads and dropped replies. (#18510) Thanks @yinghaosang.
• Telegram: skip retries when inbound media getFile fails with Telegram's 20MB limit and continue processing message text, avoiding dropped messages for oversized attachments. (#18531) Thanks @brandonwise.
• Telegram: clear stored polling offsets when bot tokens change or accounts are deleted, preventing stale offsets after token rotations. (#18233)
• Telegram: enable autoSelectFamily by default on Node.js 22+ so IPv4 fallback works on broken IPv6 networks. (#18272) Thanks @nacho9900.
• Auto-reply/TTS: keep tool-result media delivery enabled in group chats and native command sessions (while still suppressing tool summary text) so NO_REPLY follow-ups do not drop successful TTS audio. (#17991) Thanks @zerone0x.
• Agents/Tools: deliver tool-result media even when verbose tool output is off so media attachments are not dropped. (#16679)
• Discord: optimize reaction notification handling to skip unnecessary message fetches in off/all/allowlist modes, streamline reaction routing, and improve reaction emoji formatting. (#18248) Thanks @thewilloftheshadow and @victorGPT.
• CLI/Pairing: make openclaw qr --remote prefer gateway.remote.url over tailscale/public URL resolution and register the openclaw clawbot qr legacy alias path. (#18091)
• CLI/QR: restore fail-fast validation for openclaw qr --remote when neither gateway.remote.url nor tailscale serve/funnel is configured, preventing unusable remote pairing QR flows. (#18166) Thanks @mbelinky.
• CLI: fix parent/subcommand option collisions across gateway, daemon, update, ACP, and browser command flows, while preserving legacy browser set headers --json <payload> compatibility.
• CLI/Doctor: ensure openclaw doctor --fix --non-interactive --yes exits promptly after completion so one-shot automation no longer hangs. (#18502)
• CLI/Doctor: auto-repair dmPolicy="open" configs missing wildcard allowlists and write channel-correct repair paths (including channels.googlechat.dm.allowFrom) so openclaw doctor --fix no longer leaves Google Chat configs invalid after attempted repair. (#18544)
• CLI/Doctor: detect gateway service token drift when the gateway token is only provided via environment variables, keeping service repairs aligned after token rotation.
• Gateway/Update: prevent restart crash loops after failed self-updates by restarting only on successful updates, stopping early on failed install/build steps, and running openclaw doctor --fix during updates to sanitize config. (#18131) Thanks @RamiNoodle733.
• Gateway/Update: preserve update.run restart delivery context so post-update status replies route back to the initiating channel/thread. (#18267) Thanks @yinghaosang.
• CLI/Update: run a standalone restart helper after updates, honoring service-name overrides and reporting restart initiation separately from confirmed restarts. (#18050)
• CLI/Daemon: warn when a gateway restart sees a stale service token so users can reinstall with openclaw gateway install --force, and skip drift warnings for non-gateway service restarts. (#18018)
• CLI/Daemon: prefer the active version-manager Node when installing daemons and include macOS version-manager bin directories in the service PATH so launchd services resolve user-managed runtimes.
• CLI/Status: fix openclaw status --all token summaries for bot-token-only channels so Mattermost/Zalo no longer show a bot+app warning. (#18527) Thanks @echo931.
• CLI/Configure: make the /model picker allowlist prompt searchable with tokenized matching in openclaw configure so users can filter huge model lists by typing terms like gpt-5.2 openai/. (#19010) Thanks @bjesuiter.
• CLI/Message: preserve --components JSON payloads in openclaw message send so Discord component payloads are no longer dropped. (#18222) Thanks @saurabhchopade.
• Voice Call: add an optional stale call reaper (staleCallReaperSeconds) to end stuck calls when enabled. (#18437)
• Auto-reply/Subagents: propagate group context (groupId, groupChannel, space) when spawning via /subagents spawn, matching tool-triggered subagent spawn behavior.
• Subagents: route nested announce results back to the parent session after the parent run ends, falling back only when the parent session is deleted. (#18043) Thanks @tyler6204.
• Subagents: cap announce retry loops with max attempts and expiry to prevent infinite retry spam after deferred announces. (#18444)
• Agents/Tools/exec: add a preflight guard that detects likely shell env var injection (e.g. $DM_JSON, $TMPDIR) in Python/Node scripts before execution, preventing recurring cron failures and wasted tokens when models emit mixed shell+language source. (#12836)
• Agents/Tools/exec: treat normal non-zero exit codes as completed and append the exit code to tool output to avoid false tool-failure warnings. (#18425)
• Agents/Tools: make loop detection progress-aware and phased by hard-blocking known process(action=poll|log) no-progress loops, warning on generic identical-call repeats, warning + no-progress-blocking ping-pong alternation loops (10/20), coalescing repeated warning spam into threshold buckets (including canonical ping-pong pairs), adding a global circuit breaker at 30 no-progress repeats, and emitting structured diagnostic tool.loop warning/error events for loop actions. (#16808) Thanks @akramcodez and @beca-oc.
• Agents/Hooks: preserve the before_tool_call wrapped-marker across abort-signal tool wrapping so the hook runs once per tool call in normal agent sessions. (#16852) Thanks @sreuter.
• Agents/Tests: add before_message_write persistence regression coverage for block/mutate behavior (including synthetic tool-result flushes) and thrown-hook fallback persistence. (#18197) Thanks @shakkernerd
• Agents/Tools: scope the message tool schema to the active channel so Telegram uses buttons and Discord uses components. (#18215) Thanks @obviyus.
• Agents/Image tool: replace Anthropic-incompatible union schema with explicit image (single) and images (multi) parameters, keeping tool schemas anyOf/oneOf/allOf-free while preserving multi-image analysis support. (#18551, #18566) Thanks @aldoeliacim.
• Agents/Models: probe the primary model when its auth-profile cooldown is near expiry (with per-provider throttling), so runs recover from temporary rate limits without staying on fallback models until restart. (#17478) Thanks @PlayerGhost.
• Agents/Failover: classify provider abort stop-reason errors (Unhandled stop reason: abort, stop reason: abort, reason: abort) as timeout-class failures so configured model fallback chains trigger instead of surfacing raw abort failures. (#18618) Thanks @sauerdaniel.
• Models/CLI: sync auth-profiles credentials into agent auth.json before registry availability checks so openclaw models list --all reports auth correctly for API-key/token providers, normalize provider-id aliases when bridging credentials, and skip expired token mirrors. (#18610, #18615)
• Agents/Context: raise default total bootstrap prompt cap from 24000 to 150000 chars (keeping bootstrapMaxChars at 20000), include total-cap visibility in /context, and mark truncation from injected-vs-raw sizes so total-cap clipping is reflected accurately.
• Memory/QMD: scope managed collection names per agent and precreate glob-backed collection directories before registration, preventing cross-agent collection clobbering and startup ENOENT failures in fresh workspaces. (#17194) Thanks @jonathanadams96.
• Cron: preserve per-job schedule-error isolation in post-run maintenance recompute so malformed sibling jobs no longer abort persistence of successful runs. (#17852) Thanks @pierreeurope.
• Gateway/Config: prevent config.patch object-array merges from falling back to full-array replacement when some patch entries lack id, so partial agents.list updates no longer drop unrelated agents. (#17989) Thanks @stakeswky.
• Gateway/Auth: trim whitespace around trusted proxy entries before matching so configured proxies with stray spaces still authorize. (#18084) Thanks @Clawborn.
• Config/Discord: require string IDs in Discord allowlists, keep onboarding inputs string-only, and add doctor repair for numeric entries. (#18220) Thanks @thewilloftheshadow.
• Security/Sessions: create new session transcript JSONL files with user-only (0o600) permissions and extend openclaw security audit --fix to remediate existing transcript file permissions.
• Sessions/Maintenance: archive transcripts when pruning stale sessions, clean expired media in subdirectories, and purge .deleted transcript archives after the prune window to prevent disk leaks. (#18538)
• Infra/Fetch: ensure foreign abort-signal listener cleanup never masks original fetch successes/failures, while still preventing detached-finally unhandled rejection noise in wrapFetchWithAbortSignal. Thanks @Jackten.
• Heartbeat: allow suppressing tool error warning payloads during heartbeat runs via a new heartbeat config flag. (#18497) Thanks @thewilloftheshadow.
• Heartbeat: include sender metadata (From/To/Provider) in heartbeat prompts so model context matches the delivery target. (#18532) Thanks @dinakars777.
• Heartbeat/Telegram: strip configured responsePrefix before heartbeat ack detection (with boundary-safe matching) so prefixed HEARTBEAT_OK replies are correctly suppressed instead of leaking into DMs. (#18602)