OpenClaw Release Notes

2026.6.8

Highlights

Richer channel delivery: Telegram and WhatsApp are less brittle: Telegram renders structured text with tables, lists, expandable blockquotes, preserved intentional line breaks, and CLI-backed replies, while WhatsApp now honors configured ACP bindings. (#92679, #93164, #84082, #89421, #92513) Thanks @obviyus, @vincentkoc, @jzakirov, @spacegeologist, @TurboTheTurtle, @mcaxtr, @myrzka, and @dmorn.

More reliable agent runs: account-scoped DM sends, generated media completions, auto-reply message-tool final replies, reset archive fallback reads, restart shutdown aborts, yielded subagent pauses, and session identity prompts all stay on the correct recovery path. (#92788, #91246, #92879, #91357, #92631, #92468) Thanks @yetval, @TurboTheTurtle, @masatohoshino, @CadanHu, @vincentkoc, @ooiuuii, @openperf, @zhangguiping-xydt, @QQSHI13, @kumaxs, and @aleps001.

Safer model routing: new GLM-5.2 and Claude Haiku 4.5 catalog support arrives with normalized provider IDs, managed SecretRef auth, bounded model browsing, and safer OpenAI/Anthropic tool-schema recovery. (#92796, #90116, #92627, #90686, #92247, #92941) Thanks @arkyu2077, @liuhao1024, @lijenhsin, @rohitjavvadi, @samson910022, @maaron34, @syfvb, and @samson1357924.

Useful usage footers: /usage and reply payload hooks now have a native full footer renderer, default template, fixed-decimal formatting, credential-aware limits, better partial-count handling, and warnings for broken templates instead of silent bad output. (#92657, #89835, #89629) Thanks @Marvinthebored.

Predictable web search defaults: key-free providers such as Parallel Free, DuckDuckGo, Ollama, and Codex Hosted Search remain explicit opt-ins rather than surprising automatic fallbacks. (#93616) Thanks @davemorin and @vincentkoc.

Calmer UI and mobile sessions: workspace files start collapsed, WebChat backscroll survives streaming, the desktop session picker remains interactive, reset arguments survive dispatch, and iOS reconnects stale foreground Gateways. (#92779, #92622, #92705, #91353, #92552) Thanks @shakkernerd, @TurboTheTurtle, @NianJiuZst, @zhouhe-xydt, @Solvely-Colin, @MaBeitian, @vincentkoc, @Chang2020618, and @DrtyMorty.

Resilient memory and state: oversized OpenAI embedding batches split before 431s, QMD search stays available in transient mode, SQLite avoids WAL on NFS volumes, and full reindexes preserve rollback/cache recovery. (#92650, #92618, #92639, #91247, #92881) Thanks @mushuiyu886, @BrettHamlin, @zhbcher, @TurboTheTurtle, @Takhoffman, @849261680, @TSHOGX, @vincentkoc, and @AFabyTWE.

Changes

Providers/models: add GLM-5.2 support and Claude Haiku 4.5 catalog entries while keeping provider-qualified model IDs normalized across OpenRouter and Google Vertex paths. (#92796, #90116, #92627, #91218) Thanks @arkyu2077, @liuhao1024, @bymle, @maaron34, @lijenhsin, @davemorin, and @vincentkoc.

Web search: keep key-free providers such as Parallel Free, DuckDuckGo, Ollama, and Codex Hosted Search as explicit opt-ins instead of selecting them automatically when no API-backed provider is configured. (#93616) Thanks @davemorin and @vincentkoc.

Channel plugins: ship Telegram rich-message delivery and WhatsApp ACP binding support, including preserved intentional line breaks, rich prompt handoff to CLI backends, and transport fixtures for richer drafts. (#92679, #93164, #92513) Thanks @obviyus, @TurboTheTurtle, @vincentkoc, @mcaxtr, and @dmorn.

Agent commands: support /btw in CLI-backed sessions and keep CLI usage-error exits classified as usage failures instead of successful runs. (#92669, #92162) Thanks @joshavant, @Pandah97, @marcospaulo, @davemorin, and @vincentkoc.

Usage hooks: add built-in full footer rendering, default footer templates, per-turn usage state, credential-aware limits, and fixed-decimal formatting for usage-bar templates. (#92657, #89835, #89629) Thanks @Marvinthebored.

Fixes

Channels and delivery: preserve account-scoped DM channel send policy, intentional rich-message line breaks in Telegram and status output, rich Telegram final replies, rich Telegram tables and lists, Telegram thread-create CLI remapping, Feishu dynamic-agent routes after persisted binding reuse, Slack outbound message_sent hooks, contributed message-tool schema optionality, same-channel generated media completions, and channel chunking around surrogate pairs and Infinity limits. (#92788, #93164, #92679, #89421, #89943, #42837, #92814, #91137, #91246, #92735) Thanks @yetval, @obviyus, @spacegeologist, @rishitamrakar, @liuhao1024, @lundog, @TurboTheTurtle, @yhterrance, @vincentkoc, @myrzka, @cwlong163-afk, @kumaxs, @shakkernerd, and @RewardsPal.

Gemini CLI: use the selected OpenClaw OAuth/API-key auth profile in an isolated Gemini CLI runtime home, preventing ambient Google machine credentials from overriding the chosen profile. (#88748) Thanks @jason-allen-oneal and @shakkernerd.

Discord: give generated auto-thread titles a 60-second timeout and 4,096-token reasoning-model output budget, clamped to the selected model output cap. (#64734) Thanks @hanamizuki.

Agent, cron, and Gateway runtime: mark active main sessions before restart shutdown aborts, pause yielded subagent runs whose terminal also signals abort, clamp trusted subagent thinking overrides through provider/model fallback, preserve yielded media completions, deliver channel message-tool final replies through auto-reply while hiding internal delivery hints, restore reset archive fallback reads when active async transcripts are missing, de-duplicate main-session heartbeat events, expose session identity in runtime prompts, reject unknown OpenAI agent selectors, keep generated media completions, slash-command block replies, and trajectory export commands in WebChat, and require admin privileges for HTTP session/model override surfaces. (#91357, #92631, #92412, #92146, #92879, #91287, #92468, #92510, #91246, #92651, #92646) Thanks @ooiuuii, @openperf, @IWhatsskill, @masatohoshino, @CadanHu, @ZengWen-DT, @zhangguiping-xydt, @TurboTheTurtle, @oiGaDio, @aleps001, @vincentkoc, @GSL-R, @QQSHI13, @ryanhelms, @kumaxs, @steipete-oai, @hxy91819, @davemorin, and @nailujac.

Providers and model replay: preserve storeless OpenAI Responses replay compatibility, recover invalid OpenAI reasoning signatures and genericized Anthropic thinking-signature replay errors, route OAuth image defaults through Codex for eligible OpenAI profiles, avoid eager tool streaming for Claude 4.5 in Copilot, quarantine unreadable and post-hook OpenAI/Anthropic-family tool schemas without broadening allowed tool choices, deliver explicit thinking-off requests to LM Studio binary-thinking models, honor profile auth for SecretRef model entries, bound model browsing, strip provider prefixes where runtimes need bare IDs, and surface nested embedding fetch failures. (#90706, #92941, #92201, #92916, #92824, #75393, #92908, #92921, #92928, #92002, #90686, #92247, #92627, #91218, #92628) Thanks @snowzlm, @mmyzwl, @CarlCapital, @bek91, @Kailigithub, @vincentkoc, @rohitjavvadi, @samson910022, @nxmxbbd, @liuhao1024, @bymle, @mushuiyu886, @finchinslc, @syfvb, @lijenhsin, @crsnpalmer-art, @samson1357924, @shakkernerd, and @mlaihk.

Memory, state, diagnostics, and config: split header-too-large embedding batches, keep QMD memory search enabled in transient mode, avoid SQLite WAL on NFS volumes, preserve recovery scheduling outside stuck-session warning backoff, preserve full-reindex rollback/cache recovery, and treat raw Memory Wiki source pages as source evidence. (#92650, #92618, #92639, #91247, #92752, #92881, #59137, #92876) Thanks @mushuiyu886, @TurboTheTurtle, @849261680, @gnanam1990, @TSHOGX, @vincentkoc, @arlen8411, @BrettHamlin, @zhbcher, @Takhoffman, @AFabyTWE, @davemorin, and @zhuyankarl.

UI/mobile/TUI: preserve dashboard session parent lineage, WebChat backscroll, reset soft command args, sidebar session picker interactivity, collapsed workspace files, resolved /model confirmation refs, stale foreground iOS Gateway reconnects, and paused setup-parent stdin after inherited-stdio child exit. (#90658, #92622, #91353, #92705, #92779, #92773, #92552, #93159) Thanks @luoyanglang, @TurboTheTurtle, @zhouhe-xydt, @NianJiuZst, @shakkernerd, @NarahariRaghava, @Solvely-Colin, @fuller-stack-dev, @lily-oc, @MaBeitian, @vincentkoc, @obviyus, @DrtyMorty, and @Chang2020618.

Plugins and updates: repair missing required platform packages during managed plugin installs and updates, including omitted Codex platform binaries. Thanks @vincentkoc.

Dependencies: update Hono to 4.12.25 so published OpenClaw and ACPX packages use the patched runtime. Thanks @vincentkoc.

Updates: avoid a false downgrade prompt when the latest tag cannot resolve. (#92911) Thanks @Andy312432 and @vincentkoc.

Complete contribution record

This audited record covers the complete v2026.6.6..v2026.6.8 history: 192 merged PRs. The generation manifest also supplies direct commits as editorial input; the grouped notes above prioritize user impact.

Pull requests

PR #92144 fix(cron): report SQLite storage path in cron.status instead of legacy jobs.json. Related #91766. Thanks @liuhao1024 and @AaronFaby.

PR #92175 fix(channel): harden local setup trust. Thanks @hxy91819.

PR #91528 fix #73837: stop after failed Node package installs. Thanks @mushuiyu886 and @ItsMeForLua.

PR #91561 fix(wizard): report keyless web_search providers as ready, not missing a key. Thanks @NormallyGaussian.

PR #92073 fix: handle explicit silent assistant replies. Related #92038. Thanks @sallyom and @vultusv.

PR #91311 Allow Skill Workshop apply through trusted skill symlinks. Thanks @abnershang.

PR #88245 refactor(whatsapp): introduce inbound message contexts. Thanks @mcaxtr.

PR #92212 refactor: move workspace skill writes to lifecycle. Thanks @shakkernerd.

PR #92248 Remove ClawHub owner preflight. Thanks @Patrick-Erichsen.

PR #91617 test(sqlite): add state perf query plan harness. Related #91616. Thanks @galiniliev.

PR #91626 fix(daemon): keep status readable on unsupported services. Related #25621. Thanks @mushuiyu886 and @kucharskim.

PR #92295 fix(cron): preserve tz and staggerMs when --cron replaces expression. Related #92291. Thanks @liuhao1024 and @dcapclaw.

PR #92087 fix(docker): bundle QA Lab runtime in the image. Thanks @jesse-merhi.

PR #92004 fix(telegram): classify streaming preview edit failures instead of killing the draft. Thanks @obviyus.

PR #91997 fix(telegram): survive getUpdates conflicts in isolated polling ingress. Thanks @obviyus.

PR #92387 fix(anthropic-vertex): stop re-marking cache_control on transport-budgeted payloads. Related #91982. Thanks @openperf and @Takhoffman and @danieljimz.

PR #92229 Fix doctor preview channel SecretRef resolution. Related #91939. Thanks @joshavant and @Niriakot.

PR #92225 Fix disabled heartbeat one-shot cron retries. Related #91775. Thanks @joshavant and @A1fred-AI.

PR #92265 Fix configured DeepSeek model transport inheritance. Related #92148. Thanks @joshavant and @marcoraepple-sys.

PR #92226 Fail closed for CLI-backed /btw fallback. Related #92168. Thanks @joshavant and @wangwllu.

PR #92231 Fix suppressed heartbeat commitment delivery. Related #91948. Thanks @joshavant and @bizzle12368239.

PR #92280 fix(agents): classify structured unsupported model errors. Related #92118. Thanks @joshavant and @pikaqqqqqq.

PR #92276 Fix OTLP log trace correlation. Related #91865. Thanks @joshavant and @sinzin91.

PR #92282 fix(update): hand off Linux service auto-updates. Related #91823. Thanks @joshavant and @hanyizuo.

PR #92235 fix: resolve managed SecretRef provider auth. Related #92097. Thanks @joshavant and @LINSUISHENG034.

PR #92293 Fix provider static model fallback resolution. Related #92009. Thanks @joshavant and @mattsfraser.

PR #92343 fix(agent): continue after source message tool replies. Related #92169. Thanks @joshavant and @elyalvarado.

PR #92350 fix(codex): preserve memory prompt registration. Thanks @rubencu and @sallyom.

PR #92290 fix: clarify gateway SecretRef auth diagnostics. Related #91815. Thanks @joshavant and @mattsfraser.

PR #92286 fix: repair rejected Anthropic thinking replay. Related #91983. Thanks @joshavant and @reginaldomarcilon.

PR #92281 Fix Telegram spooled buffered replay. Related #92129. Thanks @joshavant and @riseandshinefutures.

PR #47493 fix(doctor): show per-step progress spinners during update. Thanks @amersheeny.

PR #92416 fix(outbound): honor top-level image param as send media source (#92407). Thanks @xydigit-sj and @ichirokyoto.

PR #92508 fix(sandbox): render CLI skill prompts from materialized paths. Thanks @brokemac79.

PR #92540 chore: fix esbuild production audit failure. Thanks @RomneyDa.

PR #91484 Add QA evidence artifact output. Thanks @RomneyDa.

PR #91500 Add QA scorecard taxonomy validation. Thanks @RomneyDa.

PR #84082 fix(telegram): allow expandable blockquotes. Thanks @jzakirov.

PR #92554 feat(moonshot): add Kimi K2.7 Code support.

PR #92396 fix(moonshot): backfill reasoning_content on assistant tool-call replay messages. Related #71491. Thanks @xialonglee and @RoseKongPS.

PR #92566 Fix lifecycle timeout cleanup after leader exit. Thanks @RomneyDa.

PR #92311 ci: split plugin ClawHub publishing paths. Thanks @Patrick-Erichsen.

PR #92216 fix(gateway): mirror hidden commentary-phase assistant events. Thanks @ragesaq.

PR #87596 fix(moonshot): rewrite duplicate native Kimi tool_call ids on replay. Related #51593. Thanks @Pluviobyte and @Faaab84.

PR #88993 Expose paged channel action results. Thanks @fuller-stack-dev.

PR #90326 fix(fireworks): resolve catalog model params from plugin.json via core. Thanks @obuchowski.

PR #86629 fix(doctor): warn for untrusted external Discord plugin. Related #83212. Thanks @brokemac79 and @ooiuuii and @cdeyoung67.

PR #90242 fix(providers): skip unreadable Mistral tool schemas. Thanks @vincentkoc.

PR #92498 fix(reply): mirror same-channel Slack final replies. Related #92489. Thanks @TurboTheTurtle and @TalkingHeadsJed.

PR #92083 fix(channels): default boundary logger for swallowed progress-draft start errors. Thanks @hansraj316.

PR #92564 fix(agents): isolate invalid plugin model catalogs [AI-assisted]. Related #92553. Thanks @tangtaizong666 and @fxstein.

PR #89827 docs: UX-013 — design system documentation. Thanks @BunsDev.

PR #89615 feat(ui): hide empty workboard columns. Thanks @BunsDev.

PR #89822 fix(a11y): B-1+B-2+B-3 — contrast, focus states, minimum font sizes. Thanks @BunsDev.

PR #92618 fix #92218: memory_search tool disabled with QMD backend. Thanks @mushuiyu886 and @zhbcher.

PR #92608 docs(gateway): add uptime monitoring guidance to health check docs (fixes #55768). Thanks @liuhao1024 and @faahim.

PR #92605 fix(docs): pin Windows Hub download links to v2026.6.5. Related #92470. Thanks @lzyyzznl and @arjkul.

PR #92593 #92589: fix(internal-runtime-context): wrap prompt-preface runtime context body in delimiters. Thanks @zhangqueping and @jovi2014-cyber.

PR #92606 Run Vitest and Playwright scenarios from qa suite. Thanks @RomneyDa.

PR #89629 feat(hooks): per-turn usageState on reply_payload_sending. Thanks @Marvinthebored.

PR #89835 feat(usage): native templated /usage full footer renderer. Thanks @Marvinthebored.

PR #92247 fix(models): bound /models and models list catalog loading. Related #91809. Thanks @samson910022 and @samson1357924 and @syfvb.

PR #92646 fix: require admin for HTTP model overrides. Thanks @steipete-oai.

PR #90686 fix(gateway): honor profile auth for SecretRef model entries. Related #90685. Thanks @rohitjavvadi.

PR #92651 fix: require admin for HTTP session kills. Thanks @steipete-oai.

PR #92652 test(models): stabilize plugin auth marker fixtures.

PR #89438 fix(slack): warn when channels map is keyed by name instead of channel ID. Related #81665. Thanks @Alix-007 and @cjalden.

PR #92631 fix(agents): pause yielded subagent runs whose terminal also signals abort. Related #92448. Thanks @openperf and @vincentkoc and @aleps001.

PR #92622 fix(ui): preserve WebChat backscroll during streaming. Related #92386. Thanks @TurboTheTurtle and @vincentkoc and @DrtyMorty.

PR #92627 fix(openrouter): strip openrouter/ prefix from model ID in normalizeResolvedModel hook (fixes #92611). Thanks @liuhao1024 and @lijenhsin.

PR #92146 fix(cron): preserve yielded media completions. Related #92120. Thanks @IWhatsskill and @nailujac.

PR #90116 fix: add Claude Haiku 4.5 static catalog entries. Related #90088. Thanks @arkyu2077 and @maaron34.

PR #91137 fix(channels): keep contributed message-tool schema properties optional. Related #67852. Thanks @lundog and @RewardsPal.

PR #75393 fix(copilot): disable eager tool streaming for Claude 4.5. Related #75348. Thanks @Kailigithub and @finchinslc.

PR #92628 fix #73713: surface nested embedding fetch failures. Thanks @mushuiyu886 and @crsnpalmer-art.

PR #92510 fix(gateway): reject unknown OpenAI agent selectors. Related #92504. Thanks @zhangguiping-xydt and @ryanhelms.

PR #91453 fix #91420: [Bug]: Delivery retry loop corrupts active sessions (R-004) — retry selector bypasses delivery.mode=none. Thanks @zhangguiping-xydt and @CarotaWealth.

PR #92468 fix #92453: add session identity to runtime prompt. Thanks @zhangguiping-xydt and @QQSHI13.

PR #89943 fix(slack): emit message_sent hook on outbound delivery (mirror Telegram). Related #89942. Thanks @rishitamrakar.

PR #92668 fix(docs): finalize i18n postprocess before skip. Thanks @hxy91819.

PR #92673 fix: split image setup and request timeout semantics. Thanks @hxy91819.

PR #92162 #92069: fix(cli): usage errors exit 0. Thanks @Pandah97 and @marcospaulo.

PR #91185 fix(browser): remove dead requireRef import and void expression in register.navigation.ts. Related #83878. Thanks @whiteyzy and @davinci282828.

PR #90706 fix(OpenAI Responses): disable item id replay for storeless providers. Related #89728. Thanks @snowzlm.

PR #90247 fix(disk-space): promote 1024 MiB to 1.0 GiB in disk warnings. Related #90245. Thanks @jbetala7.

PR #92657 feat(usage): ship built-in /usage full footer. Thanks @Marvinthebored.

PR #90464 perf(terminal): reuse ANSI scanner during truncation. Thanks @yyzquwu.

PR #91281 fix(feishu): clear client cache when SDK is replaced via setFeishuClientRuntimeForTest. Related #83911. Thanks @whiteyzy and @davinci282828.

PR #92639 fix(memory): keep memory_search in transient qmd mode. Related #92464. Thanks @TurboTheTurtle and @Takhoffman and @BrettHamlin.

PR #91287 fix(cron): de-duplicate main-session systemEvent in heartbeat model input. Related #44922. Thanks @ZengWen-DT and @GSL-R.

PR #91246 Fix webchat media completion handoff. Related #91003. Thanks @TurboTheTurtle and @kumaxs.

PR #91353 fix(ui): preserve /reset soft args in Control UI dispatch. Related #91316. Thanks @zhouhe-xydt and @MaBeitian.

PR #92679 feat(telegram): send rich message text. Thanks @obviyus.

PR #92705 fix(ui): restore sidebar session picker interactivity above desktop workbench. Related #92707. Thanks @NianJiuZst and @vincentkoc.

PR #91218 fix(google): strip provider prefix from Vertex model path. Thanks @bymle.

PR #92669 feat: support /btw in CLI-backed sessions. Thanks @joshavant.

PR #91357 fix(gateway): mark active main sessions before restart shutdown aborts. Related #91355. Thanks @ooiuuii.

PR #91066 fix(parallel): send openclaw-parallel User-Agent on free Search MCP requests. Thanks @NormallyGaussian.

PR #90658 fix(ui): preserve dashboard session parent lineage when session list is stale. Related #90623. Thanks @luoyanglang and @lily-oc.

PR #92552 fix(ios): force stale foreground gateway reconnects. Thanks @Solvely-Colin.

PR #89421 fix(telegram): expose thread create CLI remap. Related #81581. Thanks @spacegeologist and @myrzka.

PR #92779 fix: start workspace files collapsed. Related #90359. Thanks @shakkernerd and @Chang2020618.

PR #91247 fix(state): avoid sqlite wal on nfs state volumes. Related #90491. Thanks @849261680 and @AFabyTWE.

PR #92773 fix(tui): show resolved canonical model ref in /model confirmation. Thanks @NarahariRaghava.

PR #92752 fix(diagnostics): keep recovery scheduling out of the stuck-session warning backoff. Related #92742. Thanks @gnanam1990 and @Takhoffman and @zhuyankarl.

PR #92735 fix(markdown-core): treat Infinity chunk limit as unbounded, not 1. Related #92734. Thanks @yhterrance.

PR #92695 docs(config): correct maxConcurrent default in agent-defaults type comments (AI-assisted). Thanks @ArielSmoliar.

PR #92766 clarify before_install hook scope. Related #91593. Thanks @sallyom and @Trump-last.

PR #92677 docs(nodes): add openclaw.json config example to Nodes overview. Related #92662. Thanks @liuhao1024 and @Casper-Mars.

PR #92513 Honor WhatsApp configured ACP bindings. Related #92449. Thanks @TurboTheTurtle and @mcaxtr and @dmorn.

PR #92650 fix #92465: split OpenAI 431 embedding batches. Thanks @mushuiyu886 and @BrettHamlin.

PR #92796 feat(providers): add GLM-5.2 support.

PR #92788 fix(sessions): derive channel from account-scoped DM session keys in send-policy. Thanks @yetval.

PR #92590 Docker image ships an extraneous stale openclaw in /app/node_modules (extensions pin the published release). Related #92551. Thanks @lzyyzznl and @fxstein.

PR #92393 chore(deps): bump the swift-deps group across 1 directory with 3 updates.

PR #92476 fix(agents): preserve compatible CLI session runtime pins. Thanks @yu-xin-c.

PR #92483 fix(matrix): validate CLI numeric option ranges. Related #92482. Thanks @rohitjavvadi.

PR #92490 fix(canvas): validate CLI numeric options. Related #92487. Thanks @rohitjavvadi.

PR #92802 fix(ui): reflow composer beside workspace rail. Thanks @Solvely-Colin and @shakkernerd.

PR #91059 fix(configure): mask gateway token input in CLI wizard prompt. Thanks @anurag-bg-neu.

PR #91143 fix(ports): only classify SSH -L/-R tunnels on the queried port as ssh. Related #91142. Thanks @jbetala7.

PR #91110 fix(tavily): keep web_search contract executable. Related #91096. Thanks @extrasmall0 and @xucongyuan98-sys.

PR #91181 fix(daemon): strip schtasks backslash prefix when matching gateway task name. Related #90494. Thanks @425072024 and @Darnellicious.

PR #91187 fix(cron): isolate auth profile failure policy so cron runs don't pollute shared cooldowns. Related #90991. Thanks @openperf and @cx306806112.

PR #92807 fix(heartbeat): route outbound mirror to isolated session key. Thanks @agent-merkava.

PR #92745 fix(memory): explain skipped short-term recall hits. Related #92706. Thanks @mushuiyu886 and @armarinho.

PR #92488 fix(gateway): forward image-only input on /v1/responses (parity with chat completions). Thanks @s554097550 and @cursoragent.

PR #92604 fix(status): avoid cumulative usage for context percent. Related #83526. Thanks @ashishpatel26 and @darconadalabarga.

PR #92810 fix: reject unvalidated voice media streams. Thanks @steipete-oai.

PR #92800 fix(telegram): answer callback queries before sequentialize delays them. Related #42156. Thanks @liuhao1024 and @Diaspar4u.

PR #92547 fix(nodes): surface pending reapproval diagnostics. Thanks @fuller-stack-dev.

PR #92690 fix(doctor): avoid false-positive legacy cron store warning when store was already migrated (fixes #92683). Thanks @liuhao1024 and @motteman.

PR #92806 fix(telegram): skip IPv4 fallback when user explicitly configures non-ipv4first dnsResultOrder (fixes #41671). Thanks @liuhao1024 and @vincentkoc and @leandroirani933-ctrl.

PR #92778 fix(macos): defer isOverflowing mutation to break SwiftUI render loop (fixes #43480). Thanks @liuhao1024 and @vincentkoc and @gdiab.

PR #92795 fix(gateway): use resolveNonNegativeNumber for totalTokens to display 0 instead of ? (fixes #43009). Thanks @liuhao1024 and @vincentkoc and @ltxy12138-ai.

PR #92746 fix(gateway): preserve active runs during plugin finalization. Thanks @scotthuang and @vincentkoc.

PR #92820 UI: localize Logs tab labels. Thanks @rubensfox20.

PR #92825 fix(telegram): preserve command callbacks while prefixing generic callback data. Related #54909. Thanks @hnshah and @timt80.

PR #90889 fix: cap session context overrides by model window. Related #39857. Thanks @xdanger.

PR #92830 fix(copilot): strip replayed thinking blocks. Related #81520. Thanks @giodl73-repo and @warcold.

PR #92834 feat(browser): extend --labels overlay to full-page and element captures. Thanks @hxy91819 and @FMLS and @cursoragent.

PR #92836 fix(discord): raise thread title timeout and tokens to fit reasoning models. Thanks @hanamizuki.

PR #92095 fix #92039: [Bug]: WhatsApp login reports success before auth is durably persisted, so Docker rebuilds/upgrades can force relink. Thanks @zhangguiping-xydt and @dinorastoder.

PR #92801 fix(stale): exempt ClawSweeper actionable labels from stale lifecycle (fixes #89564). Thanks @liuhao1024 and @brokemac79.

PR #89736 fix(status): render sub-1000 token counts as plain integers. Related #89735. Thanks @jbetala7 and @vincentkoc.

PR #92792 fix(agents): catch malformed image blocks in sanitizeContentBlocksImages. Thanks @LowCode191 and @vincentkoc.

PR #92555 ci: gate stable releases on Windows companion assets. Thanks @fuller-stack-dev.

PR #91824 fix(agents): add usage guidance to sessions_spawn tool description (fixes #91814). Thanks @zenglingbiao and @vincentkoc and @cattails-lgao.

PR #92840 fix(feishu): await HTTP server shutdown during monitor cleanup. Related #48183. Thanks @alex-xuweilong and @ai-nurmamat.

PR #91632 feat: add tool search directory mode. Thanks @fuller-stack-dev.

PR #92823 fix(qqbot): surface failed media sends. Thanks @zhangguiping-xydt and @vincentkoc.

PR #92849 fix(tailscale): preserve parse errors for malformed JSON. Thanks @franciscomaestre.

PR #92045 Fix diagnostics OTEL runtime install trust. Thanks @efpiva.

PR #92853 fix(acp): accept MCP date protocolVersion in ACP server. Related #56102. Thanks @bugkill3r and @moliveto.

PR #92854 fix(hooks): reject slug-generator error payloads. Thanks @Cypherm.

PR #92855 fix(ui): repair iOS Safari chat viewport handling. Thanks @macdao.

PR #91586 fix(update): continue after package doctor warnings. Thanks @fuller-stack-dev.

PR #92862 fix(feishu): target typing reaction on inbound message. Thanks @huiwen01.

PR #92861 fix(lobster): surface workflow path errors. Related #68101. Thanks @vvitovec and @MPC7500.

PR #69975 fix(cli): clarify --tz help text for offset-less --at values. Related #59456. Thanks @rrrrrredy.

PR #90682 fix(openai): preserve opaque reasoning transcript fields. Related #90093. Thanks @toruvieI and @richardmqq.

PR #92373 fix(anthropic): strip thinking blocks from history when thinking is disabled (fixes #92360). Thanks @liuhao1024 and @notnaji.

PR #87346 fix(anthropic): merge consecutive assistant turns in turn validation. Related #87329. Thanks @Jefsky and @travellingsoldier85.

PR #92896 fix(anthropic): quarantine invalid direct tool schemas. Thanks @vincentkoc.

PR #90739 fix(active-memory): preserve verbose recall summaries. Related #90454. Thanks @brokemac79 and @nocode-ananas.

PR #92558 Simplify QA scorecard mapping shape. Thanks @RomneyDa.

PR #92876 fix(memory-wiki): stop flagging raw source pages as malformed. Thanks @vincentkoc.

PR #92908 fix(providers): quarantine unreadable Anthropic payload tools. Thanks @vincentkoc.

PR #92881 fix(memory): preserve reindex rollback recovery. Thanks @TSHOGX and @vincentkoc.

PR #92921 fix(openai): quarantine unreadable tool schemas. Thanks @vincentkoc.

PR #92550 Fold Telegram RTT sampling into live QA evidence. Thanks @RomneyDa.

PR #92824 fix(media): route OAuth image defaults through Codex. Related #87168. Thanks @bek91.

PR #92928 fix(openai): guard post-hook tool payloads. Thanks @vincentkoc.

PR #92814 fix(feishu): re-resolve route when dynamic agent binding already exists in runtime config (fixes #42837). Thanks @liuhao1024 and @vincentkoc and @cwlong163-afk.

PR #89055 fix: restart gateway after isolated cron setup timeout. Thanks @ghitafilali.

PR #90574 fix(openai): omit gpt-5.5 tool reasoning effort. Thanks @BSG2000.

PR #92941 fix(openai): recover invalid reasoning signatures.

PR #92914 fix(agents): clamp unsupported thinking for subagent spawns instead of hard-failing. Related #92412. Thanks @openperf and @oiGaDio.

PR #92573 fix: preserve config-selected subagent model overrides. Related #92486. Thanks @arkyu2077 and @PatrickTrent.

PR #92852 fix(gateway): fall back to polling when config watcher exhausts inotify retries. Related #92851. Thanks @danbao.

PR #92362 fix(gateway): build row metadata context for single session lists. Thanks @anyech.

PR #92897 fix(memory-wiki): tolerate public artifacts without agent ids. Related #92207. Thanks @yu-xin-c and @qq230849622-a11y.

PR #92002 fix(lmstudio): deliver thinking "off" to binary-thinking models. Related #91913. Thanks @nxmxbbd and @mlaihk.

PR #92738 Forward suppressed-source progress for message-tool channel replies. Thanks @ragesaq.

PR #92916 #92201: Embedded runner: freshly streamed thinking signatures intermittently invalid on replay (Anthropic); recovery wrapper never fires because error text is genericized. Thanks @mmyzwl and @CarlCapital.

PR #90936 fix(agents): do not misclassify client-disconnect abort as run timeout. Related #90764. Thanks @openperf and @reginaldomarcilon.

PR #93009 fix(agents): make wrapToolWithBeforeToolCallHook idempotent to prevent double hook execution (fixes #92973). Thanks @zenglingbiao and @dertbv.

PR #92318 fix(cron): require explicit message target proof. Thanks @hxy91819.

PR #93022 fix(gateway): repair usage cost aggregation across agents. Thanks @luke-skywalker-open-claw and @stablegenius49.

PR #93159 fix(tui): keep parent stdin paused after exit. Thanks @fuller-stack-dev.

PR #93616 Keep key-free web search providers opt-in. Thanks @davemorin and @vincentkoc.

PR #93164 fix(telegram): preserve rich markdown line breaks. Thanks @vincentkoc.

Release verification

npm package: https://www.npmjs.com/package/openclaw/v/2026.6.8

registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.8.tgz

integrity: sha512-iziR8fi69+ojrtX7FYYvTpkGcVnmyLpIhvchgt5LFkkdHVWw973XAAekKVZ3/xQJ5FG4NwgHkXL0LLTrgsNOSQ==

release SHA: 844f405ac1be805d5c598922a37254f12ab6d765

full release CI report: https://github.com/openclaw/releases/blob/main/evidence/2026.6.8/release-evidence.md

release publish: https://github.com/openclaw/openclaw/actions/runs/27631170936

npm preflight: https://github.com/openclaw/openclaw/actions/runs/27627935264

full release validation: https://github.com/openclaw/openclaw/actions/runs/27627935341

plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/27631412538

plugin ClawHub publish: https://github.com/openclaw/openclaw/actions/runs/27631418543

plugin ClawHub bootstrap: not needed

OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/27632229765

npm Telegram beta E2E: not supplied

Windows Hub promotion: https://github.com/openclaw/openclaw/actions/runs/27632639125 from openclaw/[email protected]

macOS signed/notarized preflight: https://github.com/openclaw/releases/actions/runs/27632793120

macOS Swift validation: https://github.com/openclaw/releases/actions/runs/27632792831

macOS asset promotion: https://github.com/openclaw/releases/actions/runs/27635471007

stable appcast: #93722

Original source

v2026.6.15-alpha.1

Original source

2026.6.8

Highlights

Richer channel delivery: Telegram and WhatsApp are less brittle: Telegram renders structured text with tables, lists, expandable blockquotes, preserved intentional line breaks, and CLI-backed replies, while WhatsApp now honors configured ACP bindings. (#92679, #93164, #84082, #89421, #92513) Thanks @obviyus, @vincentkoc, @jzakirov, @spacegeologist, @TurboTheTurtle, @mcaxtr, @myrzka, and @dmorn.

More reliable agent runs: account-scoped DM sends, generated media completions, auto-reply message-tool final replies, reset archive fallback reads, restart shutdown aborts, yielded subagent pauses, and session identity prompts all stay on the correct recovery path. (#92788, #91246, #92879, #91357, #92631, #92468) Thanks @yetval, @TurboTheTurtle, @masatohoshino, @CadanHu, @vincentkoc, @ooiuuii, @openperf, @zhangguiping-xydt, @QQSHI13, @kumaxs, and @aleps001.

Safer model routing: new GLM-5.2 and Claude Haiku 4.5 catalog support arrives with normalized provider IDs, managed SecretRef auth, bounded model browsing, and safer OpenAI/Anthropic tool-schema recovery. (#92796, #90116, #92627, #90686, #92247, #92941) Thanks @arkyu2077, @liuhao1024, @lijenhsin, @rohitjavvadi, @samson910022, @maaron34, @syfvb, and @samson1357924.

Useful usage footers: /usage and reply payload hooks now have a native full footer renderer, default template, fixed-decimal formatting, credential-aware limits, better partial-count handling, and warnings for broken templates instead of silent bad output. (#92657, #89835, #89629) Thanks @Marvinthebored.

Predictable web search defaults: key-free providers such as Parallel Free, DuckDuckGo, Ollama, and Codex Hosted Search remain explicit opt-ins rather than surprising automatic fallbacks. (#93616) Thanks @davemorin and @vincentkoc.

Calmer UI and mobile sessions: workspace files start collapsed, WebChat backscroll survives streaming, the desktop session picker remains interactive, reset arguments survive dispatch, and iOS reconnects stale foreground Gateways. (#92779, #92622, #92705, #91353, #92552) Thanks @shakkernerd, @TurboTheTurtle, @NianJiuZst, @zhouhe-xydt, @Solvely-Colin, @MaBeitian, @vincentkoc, @Chang2020618, and @DrtyMorty.

Resilient memory and state: oversized OpenAI embedding batches split before 431s, QMD search stays available in transient mode, SQLite avoids WAL on NFS volumes, and full reindexes preserve rollback/cache recovery. (#92650, #92618, #92639, #91247, #92881) Thanks @mushuiyu886, @BrettHamlin, @zhbcher, @TurboTheTurtle, @Takhoffman, @849261680, @TSHOGX, @vincentkoc, and @AFabyTWE.

Changes

Providers/models: add GLM-5.2 support and Claude Haiku 4.5 catalog entries while keeping provider-qualified model IDs normalized across OpenRouter and Google Vertex paths. (#92796, #90116, #92627, #91218) Thanks @arkyu2077, @liuhao1024, @bymle, @maaron34, @lijenhsin, @davemorin, and @vincentkoc.

Web search: keep key-free providers such as Parallel Free, DuckDuckGo, Ollama, and Codex Hosted Search as explicit opt-ins instead of selecting them automatically when no API-backed provider is configured. (#93616) Thanks @davemorin and @vincentkoc.

Channel plugins: ship Telegram rich-message delivery and WhatsApp ACP binding support, including preserved intentional line breaks, rich prompt handoff to CLI backends, and transport fixtures for richer drafts. (#92679, #93164, #92513) Thanks @obviyus, @TurboTheTurtle, @vincentkoc, @mcaxtr, and @dmorn.

Agent commands: support /btw in CLI-backed sessions and keep CLI usage-error exits classified as usage failures instead of successful runs. (#92669, #92162) Thanks @joshavant, @Pandah97, @marcospaulo, @davemorin, and @vincentkoc.

Usage hooks: add built-in full footer rendering, default footer templates, per-turn usage state, credential-aware limits, and fixed-decimal formatting for usage-bar templates. (#92657, #89835, #89629) Thanks @Marvinthebored.

Fixes

Channels and delivery: preserve account-scoped DM channel send policy, intentional rich-message line breaks in Telegram and status output, rich Telegram final replies, rich Telegram tables and lists, Telegram thread-create CLI remapping, Feishu dynamic-agent routes after persisted binding reuse, Slack outbound message_sent hooks, contributed message-tool schema optionality, same-channel generated media completions, and channel chunking around surrogate pairs and Infinity limits. (#92788, #93164, #92679, #89421, #89943, #42837, #92814, #91137, #91246, #92735) Thanks @yetval, @obviyus, @spacegeologist, @rishitamrakar, @liuhao1024, @lundog, @TurboTheTurtle, @yhterrance, @vincentkoc, @myrzka, @cwlong163-afk, @kumaxs, @shakkernerd, and @RewardsPal.

Gemini CLI: use the selected OpenClaw OAuth/API-key auth profile in an isolated Gemini CLI runtime home, preventing ambient Google machine credentials from overriding the chosen profile. (#88748) Thanks @jason-allen-oneal and @shakkernerd.

Discord: give generated auto-thread titles a 60-second timeout and 4,096-token reasoning-model output budget, clamped to the selected model output cap. (#64734) Thanks @hanamizuki.

Agent, cron, and Gateway runtime: mark active main sessions before restart shutdown aborts, pause yielded subagent runs whose terminal also signals abort, clamp trusted subagent thinking overrides through provider/model fallback, preserve yielded media completions, deliver channel message-tool final replies through auto-reply while hiding internal delivery hints, restore reset archive fallback reads when active async transcripts are missing, de-duplicate main-session heartbeat events, expose session identity in runtime prompts, reject unknown OpenAI agent selectors, keep generated media completions, slash-command block replies, and trajectory export commands in WebChat, and require admin privileges for HTTP session/model override surfaces. (#91357, #92631, #92412, #92146, #92879, #91287, #92468, #92510, #91246, #92651, #92646) Thanks @ooiuuii, @openperf, @IWhatsskill, @masatohoshino, @CadanHu, @ZengWen-DT, @zhangguiping-xydt, @TurboTheTurtle, @oiGaDio, @aleps001, @vincentkoc, @GSL-R, @QQSHI13, @ryanhelms, @kumaxs, @steipete-oai, @hxy91819, @davemorin, and @nailujac.

Providers and model replay: preserve storeless OpenAI Responses replay compatibility, recover invalid OpenAI reasoning signatures and genericized Anthropic thinking-signature replay errors, route OAuth image defaults through Codex for eligible OpenAI profiles, avoid eager tool streaming for Claude 4.5 in Copilot, quarantine unreadable and post-hook OpenAI/Anthropic-family tool schemas without broadening allowed tool choices, deliver explicit thinking-off requests to LM Studio binary-thinking models, honor profile auth for SecretRef model entries, bound model browsing, strip provider prefixes where runtimes need bare IDs, and surface nested embedding fetch failures. (#90706, #92941, #92201, #92916, #92824, #75393, #92908, #92921, #92928, #92002, #90686, #92247, #92627, #91218, #92628) Thanks @snowzlm, @mmyzwl, @CarlCapital, @bek91, @Kailigithub, @vincentkoc, @rohitjavvadi, @samson910022, @nxmxbbd, @liuhao1024, @bymle, @mushuiyu886, @finchinslc, @syfvb, @lijenhsin, @crsnpalmer-art, @samson1357924, @shakkernerd, and @mlaihk.

Memory, state, diagnostics, and config: split header-too-large embedding batches, keep QMD memory search enabled in transient mode, avoid SQLite WAL on NFS volumes, preserve recovery scheduling outside stuck-session warning backoff, preserve full-reindex rollback/cache recovery, and treat raw Memory Wiki source pages as source evidence. (#92650, #92618, #92639, #91247, #92752, #92881, #59137, #92876) Thanks @mushuiyu886, @TurboTheTurtle, @849261680, @gnanam1990, @TSHOGX, @vincentkoc, @arlen8411, @BrettHamlin, @zhbcher, @Takhoffman, @AFabyTWE, @davemorin, and @zhuyankarl.

UI/mobile/TUI: preserve dashboard session parent lineage, WebChat backscroll, reset soft command args, sidebar session picker interactivity, collapsed workspace files, resolved /model confirmation refs, stale foreground iOS Gateway reconnects, and paused setup-parent stdin after inherited-stdio child exit. (#90658, #92622, #91353, #92705, #92779, #92773, #92552, #93159) Thanks @luoyanglang, @TurboTheTurtle, @zhouhe-xydt, @NianJiuZst, @shakkernerd, @NarahariRaghava, @Solvely-Colin, @fuller-stack-dev, @lily-oc, @MaBeitian, @vincentkoc, @obviyus, @DrtyMorty, and @Chang2020618.

Plugins and updates: repair missing required platform packages during managed plugin installs and updates, including omitted Codex platform binaries. Thanks @vincentkoc.

Dependencies: update Hono to 4.12.25 so published OpenClaw and ACPX packages use the patched runtime. Thanks @vincentkoc.

Updates: avoid a false downgrade prompt when the latest tag cannot resolve. (#92911) Thanks @Andy312432 and @vincentkoc.

Complete contribution record

This audited record covers the complete v2026.6.6..v2026.6.8 history: 192 merged PRs. The generation manifest also supplies direct commits as editorial input; the grouped notes above prioritize user impact.

Pull requests

PR #92144 fix(cron): report SQLite storage path in cron.status instead of legacy jobs.json. Related #91766. Thanks @liuhao1024 and @AaronFaby.

PR #92175 fix(channel): harden local setup trust. Thanks @hxy91819.

PR #91528 fix #73837: stop after failed Node package installs. Thanks @mushuiyu886 and @ItsMeForLua.

PR #91561 fix(wizard): report keyless web_search providers as ready, not missing a key. Thanks @NormallyGaussian.

PR #92073 fix: handle explicit silent assistant replies. Related #92038. Thanks @sallyom and @vultusv.

PR #91311 Allow Skill Workshop apply through trusted skill symlinks. Thanks @abnershang.

PR #88245 refactor(whatsapp): introduce inbound message contexts. Thanks @mcaxtr.

PR #92212 refactor: move workspace skill writes to lifecycle. Thanks @shakkernerd.

PR #92248 Remove ClawHub owner preflight. Thanks @Patrick-Erichsen.

PR #91617 test(sqlite): add state perf query plan harness. Related #91616. Thanks @galiniliev.

PR #91626 fix(daemon): keep status readable on unsupported services. Related #25621. Thanks @mushuiyu886 and @kucharskim.

PR #92295 fix(cron): preserve tz and staggerMs when --cron replaces expression. Related #92291. Thanks @liuhao1024 and @dcapclaw.

PR #92087 fix(docker): bundle QA Lab runtime in the image. Thanks @jesse-merhi.

PR #92004 fix(telegram): classify streaming preview edit failures instead of killing the draft. Thanks @obviyus.

PR #91997 fix(telegram): survive getUpdates conflicts in isolated polling ingress. Thanks @obviyus.

PR #92387 fix(anthropic-vertex): stop re-marking cache_control on transport-budgeted payloads. Related #91982. Thanks @openperf and @Takhoffman and @danieljimz.

PR #92229 Fix doctor preview channel SecretRef resolution. Related #91939. Thanks @joshavant and @Niriakot.

PR #92225 Fix disabled heartbeat one-shot cron retries. Related #91775. Thanks @joshavant and @A1fred-AI.

PR #92265 Fix configured DeepSeek model transport inheritance. Related #92148. Thanks @joshavant and @marcoraepple-sys.

PR #92226 Fail closed for CLI-backed /btw fallback. Related #92168. Thanks @joshavant and @wangwllu.

PR #92231 Fix suppressed heartbeat commitment delivery. Related #91948. Thanks @joshavant and @bizzle12368239.

PR #92280 fix(agents): classify structured unsupported model errors. Related #92118. Thanks @joshavant and @pikaqqqqqq.

PR #92276 Fix OTLP log trace correlation. Related #91865. Thanks @joshavant and @sinzin91.

PR #92282 fix(update): hand off Linux service auto-updates. Related #91823. Thanks @joshavant and @hanyizuo.

PR #92235 fix: resolve managed SecretRef provider auth. Related #92097. Thanks @joshavant and @LINSUISHENG034.

PR #92293 Fix provider static model fallback resolution. Related #92009. Thanks @joshavant and @mattsfraser.

PR #92343 fix(agent): continue after source message tool replies. Related #92169. Thanks @joshavant and @elyalvarado.

PR #92350 fix(codex): preserve memory prompt registration. Thanks @rubencu and @sallyom.

PR #92290 fix: clarify gateway SecretRef auth diagnostics. Related #91815. Thanks @joshavant and @mattsfraser.

PR #92286 fix: repair rejected Anthropic thinking replay. Related #91983. Thanks @joshavant and @reginaldomarcilon.

PR #92281 Fix Telegram spooled buffered replay. Related #92129. Thanks @joshavant and @riseandshinefutures.

PR #47493 fix(doctor): show per-step progress spinners during update. Thanks @amersheeny.

PR #92416 fix(outbound): honor top-level image param as send media source (#92407). Thanks @xydigit-sj and @ichirokyoto.

PR #92508 fix(sandbox): render CLI skill prompts from materialized paths. Thanks @brokemac79.

PR #92540 chore: fix esbuild production audit failure. Thanks @RomneyDa.

PR #91484 Add QA evidence artifact output. Thanks @RomneyDa.

PR #91500 Add QA scorecard taxonomy validation. Thanks @RomneyDa.

PR #84082 fix(telegram): allow expandable blockquotes. Thanks @jzakirov.

PR #92554 feat(moonshot): add Kimi K2.7 Code support.

PR #92396 fix(moonshot): backfill reasoning_content on assistant tool-call replay messages. Related #71491. Thanks @xialonglee and @RoseKongPS.

PR #92566 Fix lifecycle timeout cleanup after leader exit. Thanks @RomneyDa.

PR #92311 ci: split plugin ClawHub publishing paths. Thanks @Patrick-Erichsen.

PR #92216 fix(gateway): mirror hidden commentary-phase assistant events. Thanks @ragesaq.

PR #87596 fix(moonshot): rewrite duplicate native Kimi tool_call ids on replay. Related #51593. Thanks @Pluviobyte and @Faaab84.

PR #88993 Expose paged channel action results. Thanks @fuller-stack-dev.

PR #90326 fix(fireworks): resolve catalog model params from plugin.json via core. Thanks @obuchowski.

PR #86629 fix(doctor): warn for untrusted external Discord plugin. Related #83212. Thanks @brokemac79 and @ooiuuii and @cdeyoung67.

PR #90242 fix(providers): skip unreadable Mistral tool schemas. Thanks @vincentkoc.

PR #92498 fix(reply): mirror same-channel Slack final replies. Related #92489. Thanks @TurboTheTurtle and @TalkingHeadsJed.

PR #92083 fix(channels): default boundary logger for swallowed progress-draft start errors. Thanks @hansraj316.

PR #92564 fix(agents): isolate invalid plugin model catalogs [AI-assisted]. Related #92553. Thanks @tangtaizong666 and @fxstein.

PR #89827 docs: UX-013 — design system documentation. Thanks @BunsDev.

PR #89615 feat(ui): hide empty workboard columns. Thanks @BunsDev.

PR #89822 fix(a11y): B-1+B-2+B-3 — contrast, focus states, minimum font sizes. Thanks @BunsDev.

PR #92618 fix #92218: memory_search tool disabled with QMD backend. Thanks @mushuiyu886 and @zhbcher.

PR #92608 docs(gateway): add uptime monitoring guidance to health check docs (fixes #55768). Thanks @liuhao1024 and @faahim.

PR #92605 fix(docs): pin Windows Hub download links to v2026.6.5. Related #92470. Thanks @lzyyzznl and @arjkul.

PR #92593 #92589: fix(internal-runtime-context): wrap prompt-preface runtime context body in delimiters. Thanks @zhangqueping and @jovi2014-cyber.

PR #92606 Run Vitest and Playwright scenarios from qa suite. Thanks @RomneyDa.

PR #89629 feat(hooks): per-turn usageState on reply_payload_sending. Thanks @Marvinthebored.

PR #89835 feat(usage): native templated /usage full footer renderer. Thanks @Marvinthebored.

PR #92247 fix(models): bound /models and models list catalog loading. Related #91809. Thanks @samson910022 and @samson1357924 and @syfvb.

PR #92646 fix: require admin for HTTP model overrides. Thanks @steipete-oai.

PR #90686 fix(gateway): honor profile auth for SecretRef model entries. Related #90685. Thanks @rohitjavvadi.

PR #92651 fix: require admin for HTTP session kills. Thanks @steipete-oai.

PR #92652 test(models): stabilize plugin auth marker fixtures.

PR #89438 fix(slack): warn when channels map is keyed by name instead of channel ID. Related #81665. Thanks @Alix-007 and @cjalden.

PR #92631 fix(agents): pause yielded subagent runs whose terminal also signals abort. Related #92448. Thanks @openperf and @vincentkoc and @aleps001.

PR #92622 fix(ui): preserve WebChat backscroll during streaming. Related #92386. Thanks @TurboTheTurtle and @vincentkoc and @DrtyMorty.

PR #92627 fix(openrouter): strip openrouter/ prefix from model ID in normalizeResolvedModel hook (fixes #92611). Thanks @liuhao1024 and @lijenhsin.

PR #92146 fix(cron): preserve yielded media completions. Related #92120. Thanks @IWhatsskill and @nailujac.

PR #90116 fix: add Claude Haiku 4.5 static catalog entries. Related #90088. Thanks @arkyu2077 and @maaron34.

PR #91137 fix(channels): keep contributed message-tool schema properties optional. Related #67852. Thanks @lundog and @RewardsPal.

PR #75393 fix(copilot): disable eager tool streaming for Claude 4.5. Related #75348. Thanks @Kailigithub and @finchinslc.

PR #92628 fix #73713: surface nested embedding fetch failures. Thanks @mushuiyu886 and @crsnpalmer-art.

PR #92510 fix(gateway): reject unknown OpenAI agent selectors. Related #92504. Thanks @zhangguiping-xydt and @ryanhelms.

PR #91453 fix #91420: [Bug]: Delivery retry loop corrupts active sessions (R-004) — retry selector bypasses delivery.mode=none. Thanks @zhangguiping-xydt and @CarotaWealth.

PR #92468 fix #92453: add session identity to runtime prompt. Thanks @zhangguiping-xydt and @QQSHI13.

PR #89943 fix(slack): emit message_sent hook on outbound delivery (mirror Telegram). Related #89942. Thanks @rishitamrakar.

PR #92668 fix(docs): finalize i18n postprocess before skip. Thanks @hxy91819.

PR #92673 fix: split image setup and request timeout semantics. Thanks @hxy91819.

PR #92162 #92069: fix(cli): usage errors exit 0. Thanks @Pandah97 and @marcospaulo.

PR #91185 fix(browser): remove dead requireRef import and void expression in register.navigation.ts. Related #83878. Thanks @whiteyzy and @davinci282828.

PR #90706 fix(OpenAI Responses): disable item id replay for storeless providers. Related #89728. Thanks @snowzlm.

PR #90247 fix(disk-space): promote 1024 MiB to 1.0 GiB in disk warnings. Related #90245. Thanks @jbetala7.

PR #92657 feat(usage): ship built-in /usage full footer. Thanks @Marvinthebored.

PR #90464 perf(terminal): reuse ANSI scanner during truncation. Thanks @yyzquwu.

PR #91281 fix(feishu): clear client cache when SDK is replaced via setFeishuClientRuntimeForTest. Related #83911. Thanks @whiteyzy and @davinci282828.

PR #92639 fix(memory): keep memory_search in transient qmd mode. Related #92464. Thanks @TurboTheTurtle and @Takhoffman and @BrettHamlin.

PR #91287 fix(cron): de-duplicate main-session systemEvent in heartbeat model input. Related #44922. Thanks @ZengWen-DT and @GSL-R.

PR #91246 Fix webchat media completion handoff. Related #91003. Thanks @TurboTheTurtle and @kumaxs.

PR #91353 fix(ui): preserve /reset soft args in Control UI dispatch. Related #91316. Thanks @zhouhe-xydt and @MaBeitian.

PR #92679 feat(telegram): send rich message text. Thanks @obviyus.

PR #92705 fix(ui): restore sidebar session picker interactivity above desktop workbench. Related #92707. Thanks @NianJiuZst and @vincentkoc.

PR #91218 fix(google): strip provider prefix from Vertex model path. Thanks @bymle.

PR #92669 feat: support /btw in CLI-backed sessions. Thanks @joshavant.

PR #91357 fix(gateway): mark active main sessions before restart shutdown aborts. Related #91355. Thanks @ooiuuii.

PR #91066 fix(parallel): send openclaw-parallel User-Agent on free Search MCP requests. Thanks @NormallyGaussian.

PR #90658 fix(ui): preserve dashboard session parent lineage when session list is stale. Related #90623. Thanks @luoyanglang and @lily-oc.

PR #92552 fix(ios): force stale foreground gateway reconnects. Thanks @Solvely-Colin.

PR #89421 fix(telegram): expose thread create CLI remap. Related #81581. Thanks @spacegeologist and @myrzka.

PR #92779 fix: start workspace files collapsed. Related #90359. Thanks @shakkernerd and @Chang2020618.

PR #91247 fix(state): avoid sqlite wal on nfs state volumes. Related #90491. Thanks @849261680 and @AFabyTWE.

PR #92773 fix(tui): show resolved canonical model ref in /model confirmation. Thanks @NarahariRaghava.

PR #92752 fix(diagnostics): keep recovery scheduling out of the stuck-session warning backoff. Related #92742. Thanks @gnanam1990 and @Takhoffman and @zhuyankarl.

PR #92735 fix(markdown-core): treat Infinity chunk limit as unbounded, not 1. Related #92734. Thanks @yhterrance.

PR #92695 docs(config): correct maxConcurrent default in agent-defaults type comments (AI-assisted). Thanks @ArielSmoliar.

PR #92766 clarify before_install hook scope. Related #91593. Thanks @sallyom and @Trump-last.

PR #92677 docs(nodes): add openclaw.json config example to Nodes overview. Related #92662. Thanks @liuhao1024 and @Casper-Mars.

PR #92513 Honor WhatsApp configured ACP bindings. Related #92449. Thanks @TurboTheTurtle and @mcaxtr and @dmorn.

PR #92650 fix #92465: split OpenAI 431 embedding batches. Thanks @mushuiyu886 and @BrettHamlin.

PR #92796 feat(providers): add GLM-5.2 support.

PR #92788 fix(sessions): derive channel from account-scoped DM session keys in send-policy. Thanks @yetval.

PR #92590 Docker image ships an extraneous stale openclaw in /app/node_modules (extensions pin the published release). Related #92551. Thanks @lzyyzznl and @fxstein.

PR #92393 chore(deps): bump the swift-deps group across 1 directory with 3 updates.

PR #92476 fix(agents): preserve compatible CLI session runtime pins. Thanks @yu-xin-c.

PR #92483 fix(matrix): validate CLI numeric option ranges. Related #92482. Thanks @rohitjavvadi.

PR #92490 fix(canvas): validate CLI numeric options. Related #92487. Thanks @rohitjavvadi.

PR #92802 fix(ui): reflow composer beside workspace rail. Thanks @Solvely-Colin and @shakkernerd.

PR #91059 fix(configure): mask gateway token input in CLI wizard prompt. Thanks @anurag-bg-neu.

PR #91143 fix(ports): only classify SSH -L/-R tunnels on the queried port as ssh. Related #91142. Thanks @jbetala7.

PR #91110 fix(tavily): keep web_search contract executable. Related #91096. Thanks @extrasmall0 and @xucongyuan98-sys.

PR #91181 fix(daemon): strip schtasks backslash prefix when matching gateway task name. Related #90494. Thanks @425072024 and @Darnellicious.

PR #91187 fix(cron): isolate auth profile failure policy so cron runs don't pollute shared cooldowns. Related #90991. Thanks @openperf and @cx306806112.

PR #92807 fix(heartbeat): route outbound mirror to isolated session key. Thanks @agent-merkava.

PR #92745 fix(memory): explain skipped short-term recall hits. Related #92706. Thanks @mushuiyu886 and @armarinho.

PR #92488 fix(gateway): forward image-only input on /v1/responses (parity with chat completions). Thanks @s554097550 and @cursoragent.

PR #92604 fix(status): avoid cumulative usage for context percent. Related #83526. Thanks @ashishpatel26 and @darconadalabarga.

PR #92810 fix: reject unvalidated voice media streams. Thanks @steipete-oai.

PR #92800 fix(telegram): answer callback queries before sequentialize delays them. Related #42156. Thanks @liuhao1024 and @Diaspar4u.

PR #92547 fix(nodes): surface pending reapproval diagnostics. Thanks @fuller-stack-dev.

PR #92690 fix(doctor): avoid false-positive legacy cron store warning when store was already migrated (fixes #92683). Thanks @liuhao1024 and @motteman.

PR #92806 fix(telegram): skip IPv4 fallback when user explicitly configures non-ipv4first dnsResultOrder (fixes #41671). Thanks @liuhao1024 and @vincentkoc and @leandroirani933-ctrl.

PR #92778 fix(macos): defer isOverflowing mutation to break SwiftUI render loop (fixes #43480). Thanks @liuhao1024 and @vincentkoc and @gdiab.

PR #92795 fix(gateway): use resolveNonNegativeNumber for totalTokens to display 0 instead of ? (fixes #43009). Thanks @liuhao1024 and @vincentkoc and @ltxy12138-ai.

PR #92746 fix(gateway): preserve active runs during plugin finalization. Thanks @scotthuang and @vincentkoc.

PR #92820 UI: localize Logs tab labels. Thanks @rubensfox20.

PR #92825 fix(telegram): preserve command callbacks while prefixing generic callback data. Related #54909. Thanks @hnshah and @timt80.

PR #90889 fix: cap session context overrides by model window. Related #39857. Thanks @xdanger.

PR #92830 fix(copilot): strip replayed thinking blocks. Related #81520. Thanks @giodl73-repo and @warcold.

PR #92834 feat(browser): extend --labels overlay to full-page and element captures. Thanks @hxy91819 and @FMLS and @cursoragent.

PR #92836 fix(discord): raise thread title timeout and tokens to fit reasoning models. Thanks @hanamizuki.

PR #92095 fix #92039: [Bug]: WhatsApp login reports success before auth is durably persisted, so Docker rebuilds/upgrades can force relink. Thanks @zhangguiping-xydt and @dinorastoder.

PR #92801 fix(stale): exempt ClawSweeper actionable labels from stale lifecycle (fixes #89564). Thanks @liuhao1024 and @brokemac79.

PR #89736 fix(status): render sub-1000 token counts as plain integers. Related #89735. Thanks @jbetala7 and @vincentkoc.

PR #92792 fix(agents): catch malformed image blocks in sanitizeContentBlocksImages. Thanks @LowCode191 and @vincentkoc.

PR #92555 ci: gate stable releases on Windows companion assets. Thanks @fuller-stack-dev.

PR #91824 fix(agents): add usage guidance to sessions_spawn tool description (fixes #91814). Thanks @zenglingbiao and @vincentkoc and @cattails-lgao.

PR #92840 fix(feishu): await HTTP server shutdown during monitor cleanup. Related #48183. Thanks @alex-xuweilong and @ai-nurmamat.

PR #91632 feat: add tool search directory mode. Thanks @fuller-stack-dev.

PR #92823 fix(qqbot): surface failed media sends. Thanks @zhangguiping-xydt and @vincentkoc.

PR #92849 fix(tailscale): preserve parse errors for malformed JSON. Thanks @franciscomaestre.

PR #92045 Fix diagnostics OTEL runtime install trust. Thanks @efpiva.

PR #92853 fix(acp): accept MCP date protocolVersion in ACP server. Related #56102. Thanks @bugkill3r and @moliveto.

PR #92854 fix(hooks): reject slug-generator error payloads. Thanks @Cypherm.

PR #92855 fix(ui): repair iOS Safari chat viewport handling. Thanks @macdao.

PR #91586 fix(update): continue after package doctor warnings. Thanks @fuller-stack-dev.

PR #92862 fix(feishu): target typing reaction on inbound message. Thanks @huiwen01.

PR #92861 fix(lobster): surface workflow path errors. Related #68101. Thanks @vvitovec and @MPC7500.

PR #69975 fix(cli): clarify --tz help text for offset-less --at values. Related #59456. Thanks @rrrrrredy.

PR #90682 fix(openai): preserve opaque reasoning transcript fields. Related #90093. Thanks @toruvieI and @richardmqq.

PR #92373 fix(anthropic): strip thinking blocks from history when thinking is disabled (fixes #92360). Thanks @liuhao1024 and @notnaji.

PR #87346 fix(anthropic): merge consecutive assistant turns in turn validation. Related #87329. Thanks @Jefsky and @travellingsoldier85.

PR #92896 fix(anthropic): quarantine invalid direct tool schemas. Thanks @vincentkoc.

PR #90739 fix(active-memory): preserve verbose recall summaries. Related #90454. Thanks @brokemac79 and @nocode-ananas.

PR #92558 Simplify QA scorecard mapping shape. Thanks @RomneyDa.

PR #92876 fix(memory-wiki): stop flagging raw source pages as malformed. Thanks @vincentkoc.

PR #92908 fix(providers): quarantine unreadable Anthropic payload tools. Thanks @vincentkoc.

PR #92881 fix(memory): preserve reindex rollback recovery. Thanks @TSHOGX and @vincentkoc.

PR #92921 fix(openai): quarantine unreadable tool schemas. Thanks @vincentkoc.

PR #92550 Fold Telegram RTT sampling into live QA evidence. Thanks @RomneyDa.

PR #92824 fix(media): route OAuth image defaults through Codex. Related #87168. Thanks @bek91.

PR #92928 fix(openai): guard post-hook tool payloads. Thanks @vincentkoc.

PR #92814 fix(feishu): re-resolve route when dynamic agent binding already exists in runtime config (fixes #42837). Thanks @liuhao1024 and @vincentkoc and @cwlong163-afk.

PR #89055 fix: restart gateway after isolated cron setup timeout. Thanks @ghitafilali.

PR #90574 fix(openai): omit gpt-5.5 tool reasoning effort. Thanks @BSG2000.

PR #92941 fix(openai): recover invalid reasoning signatures.

PR #92914 fix(agents): clamp unsupported thinking for subagent spawns instead of hard-failing. Related #92412. Thanks @openperf and @oiGaDio.

PR #92573 fix: preserve config-selected subagent model overrides. Related #92486. Thanks @arkyu2077 and @PatrickTrent.

PR #92852 fix(gateway): fall back to polling when config watcher exhausts inotify retries. Related #92851. Thanks @danbao.

PR #92362 fix(gateway): build row metadata context for single session lists. Thanks @anyech.

PR #92897 fix(memory-wiki): tolerate public artifacts without agent ids. Related #92207. Thanks @yu-xin-c and @qq230849622-a11y.

PR #92002 fix(lmstudio): deliver thinking "off" to binary-thinking models. Related #91913. Thanks @nxmxbbd and @mlaihk.

PR #92738 Forward suppressed-source progress for message-tool channel replies. Thanks @ragesaq.

PR #92916 #92201: Embedded runner: freshly streamed thinking signatures intermittently invalid on replay (Anthropic); recovery wrapper never fires because error text is genericized. Thanks @mmyzwl and @CarlCapital.

PR #90936 fix(agents): do not misclassify client-disconnect abort as run timeout. Related #90764. Thanks @openperf and @reginaldomarcilon.

PR #93009 fix(agents): make wrapToolWithBeforeToolCallHook idempotent to prevent double hook execution (fixes #92973). Thanks @zenglingbiao and @dertbv.

PR #92318 fix(cron): require explicit message target proof. Thanks @hxy91819.

PR #93022 fix(gateway): repair usage cost aggregation across agents. Thanks @luke-skywalker-open-claw and @stablegenius49.

PR #93159 fix(tui): keep parent stdin paused after exit. Thanks @fuller-stack-dev.

PR #93616 Keep key-free web search providers opt-in. Thanks @davemorin and @vincentkoc.

PR #93164 fix(telegram): preserve rich markdown line breaks. Thanks @vincentkoc.

Release verification

npm package: https://www.npmjs.com/package/openclaw/v/2026.6.8-beta.2

registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.8-beta.2.tgz

integrity: sha512-44ab7b24zUY14dpEVt9TZpd6o6PfbYfnNjSbALHULsCkE7e1ju+ZOia46EawvRLqbYqOwjM9oucnbk7P9/eWsQ==

release SHA: b1736723d716b1abe1f8d324772371661146f3b8

release publish: https://github.com/openclaw/openclaw/actions/runs/27587320308

postpublish recovery: exact npm install, 35 npm plugins, and 35 ClawHub packages verified after registry propagation

npm preflight: https://github.com/openclaw/openclaw/actions/runs/27582865457

full release validation: https://github.com/openclaw/openclaw/actions/runs/27584541070

plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/27587508776

plugin ClawHub publish: https://github.com/openclaw/openclaw/actions/runs/27587512198

plugin ClawHub bootstrap: not needed

OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/27587814328

npm Telegram beta E2E: https://github.com/openclaw/openclaw/actions/runs/27588410701

Original source

2026.6.8

Highlights

Richer channel delivery: Telegram and WhatsApp are less brittle: Telegram renders structured text with tables, lists, expandable blockquotes, preserved intentional line breaks, and CLI-backed replies, while WhatsApp now honors configured ACP bindings. (#92679, #93164, #84082, #89421, #92513) Thanks @obviyus, @vincentkoc, @jzakirov, @spacegeologist, @TurboTheTurtle, @mcaxtr, @myrzka, and @dmorn.

More reliable agent runs: account-scoped DM sends, generated media completions, auto-reply message-tool final replies, reset archive fallback reads, restart shutdown aborts, yielded subagent pauses, and session identity prompts all stay on the correct recovery path. (#92788, #91246, #92879, #91357, #92631, #92468) Thanks @yetval, @TurboTheTurtle, @masatohoshino, @CadanHu, @vincentkoc, @ooiuuii, @openperf, @zhangguiping-xydt, @QQSHI13, @kumaxs, and @aleps001.

Safer model routing: new GLM-5.2 and Claude Haiku 4.5 catalog support arrives with normalized provider IDs, managed SecretRef auth, bounded model browsing, and safer OpenAI/Anthropic tool-schema recovery. (#92796, #90116, #92627, #90686, #92247, #92941) Thanks @arkyu2077, @liuhao1024, @lijenhsin, @rohitjavvadi, @samson910022, @maaron34, @syfvb, and @samson1357924.

Useful usage footers: /usage and reply payload hooks now have a native full footer renderer, default template, fixed-decimal formatting, credential-aware limits, better partial-count handling, and warnings for broken templates instead of silent bad output. (#92657, #89835, #89629) Thanks @Marvinthebored.

Predictable web search defaults: key-free providers such as Parallel Free, DuckDuckGo, Ollama, and Codex Hosted Search remain explicit opt-ins rather than surprising automatic fallbacks. (#93616) Thanks @davemorin and @vincentkoc.

Calmer UI and mobile sessions: workspace files start collapsed, WebChat backscroll survives streaming, the desktop session picker remains interactive, reset arguments survive dispatch, and iOS reconnects stale foreground Gateways. (#92779, #92622, #92705, #91353, #92552) Thanks @shakkernerd, @TurboTheTurtle, @NianJiuZst, @zhouhe-xydt, @Solvely-Colin, @MaBeitian, @vincentkoc, @Chang2020618, and @DrtyMorty.

Resilient memory and state: oversized OpenAI embedding batches split before 431s, QMD search stays available in transient mode, SQLite avoids WAL on NFS volumes, and full reindexes preserve rollback/cache recovery. (#92650, #92618, #92639, #91247, #92881) Thanks @mushuiyu886, @BrettHamlin, @zhbcher, @TurboTheTurtle, @Takhoffman, @849261680, @TSHOGX, @vincentkoc, and @AFabyTWE.

Changes

Providers/models: add GLM-5.2 support and Claude Haiku 4.5 catalog entries while keeping provider-qualified model IDs normalized across OpenRouter and Google Vertex paths. (#92796, #90116, #92627, #91218) Thanks @arkyu2077, @liuhao1024, @bymle, @maaron34, @lijenhsin, @davemorin, and @vincentkoc.

Web search: keep key-free providers such as Parallel Free, DuckDuckGo, Ollama, and Codex Hosted Search as explicit opt-ins instead of selecting them automatically when no API-backed provider is configured. (#93616) Thanks @davemorin and @vincentkoc.

Channel plugins: ship Telegram rich-message delivery and WhatsApp ACP binding support, including preserved intentional line breaks, rich prompt handoff to CLI backends, and transport fixtures for richer drafts. (#92679, #93164, #92513) Thanks @obviyus, @TurboTheTurtle, @vincentkoc, @mcaxtr, and @dmorn.

Agent commands: support /btw in CLI-backed sessions and keep CLI usage-error exits classified as usage failures instead of successful runs. (#92669, #92162) Thanks @joshavant, @Pandah97, @marcospaulo, @davemorin, and @vincentkoc.

Usage hooks: add built-in full footer rendering, default footer templates, per-turn usage state, credential-aware limits, and fixed-decimal formatting for usage-bar templates. (#92657, #89835, #89629) Thanks @Marvinthebored.

Fixes

Channels and delivery: preserve account-scoped DM channel send policy, intentional rich-message line breaks in Telegram and status output, rich Telegram final replies, rich Telegram tables and lists, Telegram thread-create CLI remapping, Feishu dynamic-agent routes after persisted binding reuse, Slack outbound message_sent hooks, contributed message-tool schema optionality, same-channel generated media completions, and channel chunking around surrogate pairs and Infinity limits. (#92788, #93164, #92679, #89421, #89943, #42837, #92814, #91137, #91246, #92735) Thanks @yetval, @obviyus, @spacegeologist, @rishitamrakar, @liuhao1024, @lundog, @TurboTheTurtle, @yhterrance, @vincentkoc, @myrzka, @cwlong163-afk, @kumaxs, @shakkernerd, and @RewardsPal.

Gemini CLI: use the selected OpenClaw OAuth/API-key auth profile in an isolated Gemini CLI runtime home, preventing ambient Google machine credentials from overriding the chosen profile. (#88748) Thanks @jason-allen-oneal and @shakkernerd.

Discord: give generated auto-thread titles a 60-second timeout and 4,096-token reasoning-model output budget, clamped to the selected model output cap. (#64734) Thanks @hanamizuki.

Agent, cron, and Gateway runtime: mark active main sessions before restart shutdown aborts, pause yielded subagent runs whose terminal also signals abort, clamp trusted subagent thinking overrides through provider/model fallback, preserve yielded media completions, deliver channel message-tool final replies through auto-reply while hiding internal delivery hints, restore reset archive fallback reads when active async transcripts are missing, de-duplicate main-session heartbeat events, expose session identity in runtime prompts, reject unknown OpenAI agent selectors, keep generated media completions, slash-command block replies, and trajectory export commands in WebChat, and require admin privileges for HTTP session/model override surfaces. (#91357, #92631, #92412, #92146, #92879, #91287, #92468, #92510, #91246, #92651, #92646) Thanks @ooiuuii, @openperf, @IWhatsskill, @masatohoshino, @CadanHu, @ZengWen-DT, @zhangguiping-xydt, @TurboTheTurtle, @oiGaDio, @aleps001, @vincentkoc, @GSL-R, @QQSHI13, @ryanhelms, @kumaxs, @steipete-oai, @hxy91819, @davemorin, and @nailujac.

Providers and model replay: preserve storeless OpenAI Responses replay compatibility, recover invalid OpenAI reasoning signatures and genericized Anthropic thinking-signature replay errors, route OAuth image defaults through Codex for eligible OpenAI profiles, avoid eager tool streaming for Claude 4.5 in Copilot, quarantine unreadable and post-hook OpenAI/Anthropic-family tool schemas without broadening allowed tool choices, deliver explicit thinking-off requests to LM Studio binary-thinking models, honor profile auth for SecretRef model entries, bound model browsing, strip provider prefixes where runtimes need bare IDs, and surface nested embedding fetch failures. (#90706, #92941, #92201, #92916, #92824, #75393, #92908, #92921, #92928, #92002, #90686, #92247, #92627, #91218, #92628) Thanks @snowzlm, @mmyzwl, @CarlCapital, @bek91, @Kailigithub, @vincentkoc, @rohitjavvadi, @samson910022, @nxmxbbd, @liuhao1024, @bymle, @mushuiyu886, @finchinslc, @syfvb, @lijenhsin, @crsnpalmer-art, @samson1357924, @shakkernerd, and @mlaihk.

Memory, state, diagnostics, and config: split header-too-large embedding batches, keep QMD memory search enabled in transient mode, avoid SQLite WAL on NFS volumes, preserve recovery scheduling outside stuck-session warning backoff, preserve full-reindex rollback/cache recovery, and treat raw Memory Wiki source pages as source evidence. (#92650, #92618, #92639, #91247, #92752, #92881, #59137, #92876) Thanks @mushuiyu886, @TurboTheTurtle, @849261680, @gnanam1990, @TSHOGX, @vincentkoc, @arlen8411, @BrettHamlin, @zhbcher, @Takhoffman, @AFabyTWE, @davemorin, and @zhuyankarl.

UI/mobile/TUI: preserve dashboard session parent lineage, WebChat backscroll, reset soft command args, sidebar session picker interactivity, collapsed workspace files, resolved /model confirmation refs, stale foreground iOS Gateway reconnects, and paused setup-parent stdin after inherited-stdio child exit. (#90658, #92622, #91353, #92705, #92779, #92773, #92552, #93159) Thanks @luoyanglang, @TurboTheTurtle, @zhouhe-xydt, @NianJiuZst, @shakkernerd, @NarahariRaghava, @Solvely-Colin, @fuller-stack-dev, @lily-oc, @MaBeitian, @vincentkoc, @obviyus, @DrtyMorty, and @Chang2020618.

Plugins and updates: repair missing required platform packages during managed plugin installs and updates, including omitted Codex platform binaries. Thanks @vincentkoc.

Dependencies: update Hono to 4.12.25 so published OpenClaw and ACPX packages use the patched runtime. Thanks @vincentkoc.

Updates: avoid a false downgrade prompt when the latest tag cannot resolve. (#92911) Thanks @Andy312432 and @vincentkoc.

Complete contribution record

This audited record covers the complete v2026.6.6..v2026.6.8 history: 192 merged PRs. The generation manifest also supplies direct commits as editorial input; the grouped notes above prioritize user impact.

Pull requests

PR #92144 fix(cron): report SQLite storage path in cron.status instead of legacy jobs.json. Related #91766. Thanks @liuhao1024 and @AaronFaby.

PR #92175 fix(channel): harden local setup trust. Thanks @hxy91819.

PR #91528 fix #73837: stop after failed Node package installs. Thanks @mushuiyu886 and @ItsMeForLua.

PR #91561 fix(wizard): report keyless web_search providers as ready, not missing a key. Thanks @NormallyGaussian.

PR #92073 fix: handle explicit silent assistant replies. Related #92038. Thanks @sallyom and @vultusv.

PR #91311 Allow Skill Workshop apply through trusted skill symlinks. Thanks @abnershang.

PR #88245 refactor(whatsapp): introduce inbound message contexts. Thanks @mcaxtr.

PR #92212 refactor: move workspace skill writes to lifecycle. Thanks @shakkernerd.

PR #92248 Remove ClawHub owner preflight. Thanks @Patrick-Erichsen.

PR #91617 test(sqlite): add state perf query plan harness. Related #91616. Thanks @galiniliev.

PR #91626 fix(daemon): keep status readable on unsupported services. Related #25621. Thanks @mushuiyu886 and @kucharskim.

PR #92295 fix(cron): preserve tz and staggerMs when --cron replaces expression. Related #92291. Thanks @liuhao1024 and @dcapclaw.

PR #92087 fix(docker): bundle QA Lab runtime in the image. Thanks @jesse-merhi.

PR #92004 fix(telegram): classify streaming preview edit failures instead of killing the draft. Thanks @obviyus.

PR #91997 fix(telegram): survive getUpdates conflicts in isolated polling ingress. Thanks @obviyus.

PR #92387 fix(anthropic-vertex): stop re-marking cache_control on transport-budgeted payloads. Related #91982. Thanks @openperf and @Takhoffman and @danieljimz.

PR #92229 Fix doctor preview channel SecretRef resolution. Related #91939. Thanks @joshavant and @Niriakot.

PR #92225 Fix disabled heartbeat one-shot cron retries. Related #91775. Thanks @joshavant and @A1fred-AI.

PR #92265 Fix configured DeepSeek model transport inheritance. Related #92148. Thanks @joshavant and @marcoraepple-sys.

PR #92226 Fail closed for CLI-backed /btw fallback. Related #92168. Thanks @joshavant and @wangwllu.

PR #92231 Fix suppressed heartbeat commitment delivery. Related #91948. Thanks @joshavant and @bizzle12368239.

PR #92280 fix(agents): classify structured unsupported model errors. Related #92118. Thanks @joshavant and @pikaqqqqqq.

PR #92276 Fix OTLP log trace correlation. Related #91865. Thanks @joshavant and @sinzin91.

PR #92282 fix(update): hand off Linux service auto-updates. Related #91823. Thanks @joshavant and @hanyizuo.

PR #92235 fix: resolve managed SecretRef provider auth. Related #92097. Thanks @joshavant and @LINSUISHENG034.

PR #92293 Fix provider static model fallback resolution. Related #92009. Thanks @joshavant and @mattsfraser.

PR #92343 fix(agent): continue after source message tool replies. Related #92169. Thanks @joshavant and @elyalvarado.

PR #92350 fix(codex): preserve memory prompt registration. Thanks @rubencu and @sallyom.

PR #92290 fix: clarify gateway SecretRef auth diagnostics. Related #91815. Thanks @joshavant and @mattsfraser.

PR #92286 fix: repair rejected Anthropic thinking replay. Related #91983. Thanks @joshavant and @reginaldomarcilon.

PR #92281 Fix Telegram spooled buffered replay. Related #92129. Thanks @joshavant and @riseandshinefutures.

PR #47493 fix(doctor): show per-step progress spinners during update. Thanks @amersheeny.

PR #92416 fix(outbound): honor top-level image param as send media source (#92407). Thanks @xydigit-sj and @ichirokyoto.

PR #92508 fix(sandbox): render CLI skill prompts from materialized paths. Thanks @brokemac79.

PR #92540 chore: fix esbuild production audit failure. Thanks @RomneyDa.

PR #91484 Add QA evidence artifact output. Thanks @RomneyDa.

PR #91500 Add QA scorecard taxonomy validation. Thanks @RomneyDa.

PR #84082 fix(telegram): allow expandable blockquotes. Thanks @jzakirov.

PR #92554 feat(moonshot): add Kimi K2.7 Code support.

PR #92396 fix(moonshot): backfill reasoning_content on assistant tool-call replay messages. Related #71491. Thanks @xialonglee and @RoseKongPS.

PR #92566 Fix lifecycle timeout cleanup after leader exit. Thanks @RomneyDa.

PR #92311 ci: split plugin ClawHub publishing paths. Thanks @Patrick-Erichsen.

PR #92216 fix(gateway): mirror hidden commentary-phase assistant events. Thanks @ragesaq.

PR #87596 fix(moonshot): rewrite duplicate native Kimi tool_call ids on replay. Related #51593. Thanks @Pluviobyte and @Faaab84.

PR #88993 Expose paged channel action results. Thanks @fuller-stack-dev.

PR #90326 fix(fireworks): resolve catalog model params from plugin.json via core. Thanks @obuchowski.

PR #86629 fix(doctor): warn for untrusted external Discord plugin. Related #83212. Thanks @brokemac79 and @ooiuuii and @cdeyoung67.

PR #90242 fix(providers): skip unreadable Mistral tool schemas. Thanks @vincentkoc.

PR #92498 fix(reply): mirror same-channel Slack final replies. Related #92489. Thanks @TurboTheTurtle and @TalkingHeadsJed.

PR #92083 fix(channels): default boundary logger for swallowed progress-draft start errors. Thanks @hansraj316.

PR #92564 fix(agents): isolate invalid plugin model catalogs [AI-assisted]. Related #92553. Thanks @tangtaizong666 and @fxstein.

PR #89827 docs: UX-013 — design system documentation. Thanks @BunsDev.

PR #89615 feat(ui): hide empty workboard columns. Thanks @BunsDev.

PR #89822 fix(a11y): B-1+B-2+B-3 — contrast, focus states, minimum font sizes. Thanks @BunsDev.

PR #92618 fix #92218: memory_search tool disabled with QMD backend. Thanks @mushuiyu886 and @zhbcher.

PR #92608 docs(gateway): add uptime monitoring guidance to health check docs (fixes #55768). Thanks @liuhao1024 and @faahim.

PR #92605 fix(docs): pin Windows Hub download links to v2026.6.5. Related #92470. Thanks @lzyyzznl and @arjkul.

PR #92593 #92589: fix(internal-runtime-context): wrap prompt-preface runtime context body in delimiters. Thanks @zhangqueping and @jovi2014-cyber.

PR #92606 Run Vitest and Playwright scenarios from qa suite. Thanks @RomneyDa.

PR #89629 feat(hooks): per-turn usageState on reply_payload_sending. Thanks @Marvinthebored.

PR #89835 feat(usage): native templated /usage full footer renderer. Thanks @Marvinthebored.

PR #92247 fix(models): bound /models and models list catalog loading. Related #91809. Thanks @samson910022 and @samson1357924 and @syfvb.

PR #92646 fix: require admin for HTTP model overrides. Thanks @steipete-oai.

PR #90686 fix(gateway): honor profile auth for SecretRef model entries. Related #90685. Thanks @rohitjavvadi.

PR #92651 fix: require admin for HTTP session kills. Thanks @steipete-oai.

PR #92652 test(models): stabilize plugin auth marker fixtures.

PR #89438 fix(slack): warn when channels map is keyed by name instead of channel ID. Related #81665. Thanks @Alix-007 and @cjalden.

PR #92631 fix(agents): pause yielded subagent runs whose terminal also signals abort. Related #92448. Thanks @openperf and @vincentkoc and @aleps001.

PR #92622 fix(ui): preserve WebChat backscroll during streaming. Related #92386. Thanks @TurboTheTurtle and @vincentkoc and @DrtyMorty.

PR #92627 fix(openrouter): strip openrouter/ prefix from model ID in normalizeResolvedModel hook (fixes #92611). Thanks @liuhao1024 and @lijenhsin.

PR #92146 fix(cron): preserve yielded media completions. Related #92120. Thanks @IWhatsskill and @nailujac.

PR #90116 fix: add Claude Haiku 4.5 static catalog entries. Related #90088. Thanks @arkyu2077 and @maaron34.

PR #91137 fix(channels): keep contributed message-tool schema properties optional. Related #67852. Thanks @lundog and @RewardsPal.

PR #75393 fix(copilot): disable eager tool streaming for Claude 4.5. Related #75348. Thanks @Kailigithub and @finchinslc.

PR #92628 fix #73713: surface nested embedding fetch failures. Thanks @mushuiyu886 and @crsnpalmer-art.

PR #92510 fix(gateway): reject unknown OpenAI agent selectors. Related #92504. Thanks @zhangguiping-xydt and @ryanhelms.

PR #91453 fix #91420: [Bug]: Delivery retry loop corrupts active sessions (R-004) — retry selector bypasses delivery.mode=none. Thanks @zhangguiping-xydt and @CarotaWealth.

PR #92468 fix #92453: add session identity to runtime prompt. Thanks @zhangguiping-xydt and @QQSHI13.

PR #89943 fix(slack): emit message_sent hook on outbound delivery (mirror Telegram). Related #89942. Thanks @rishitamrakar.

PR #92668 fix(docs): finalize i18n postprocess before skip. Thanks @hxy91819.

PR #92673 fix: split image setup and request timeout semantics. Thanks @hxy91819.

PR #92162 #92069: fix(cli): usage errors exit 0. Thanks @Pandah97 and @marcospaulo.

PR #91185 fix(browser): remove dead requireRef import and void expression in register.navigation.ts. Related #83878. Thanks @whiteyzy and @davinci282828.

PR #90706 fix(OpenAI Responses): disable item id replay for storeless providers. Related #89728. Thanks @snowzlm.

PR #90247 fix(disk-space): promote 1024 MiB to 1.0 GiB in disk warnings. Related #90245. Thanks @jbetala7.

PR #92657 feat(usage): ship built-in /usage full footer. Thanks @Marvinthebored.

PR #90464 perf(terminal): reuse ANSI scanner during truncation. Thanks @yyzquwu.

PR #91281 fix(feishu): clear client cache when SDK is replaced via setFeishuClientRuntimeForTest. Related #83911. Thanks @whiteyzy and @davinci282828.

PR #92639 fix(memory): keep memory_search in transient qmd mode. Related #92464. Thanks @TurboTheTurtle and @Takhoffman and @BrettHamlin.

PR #91287 fix(cron): de-duplicate main-session systemEvent in heartbeat model input. Related #44922. Thanks @ZengWen-DT and @GSL-R.

PR #91246 Fix webchat media completion handoff. Related #91003. Thanks @TurboTheTurtle and @kumaxs.

PR #91353 fix(ui): preserve /reset soft args in Control UI dispatch. Related #91316. Thanks @zhouhe-xydt and @MaBeitian.

PR #92679 feat(telegram): send rich message text. Thanks @obviyus.

PR #92705 fix(ui): restore sidebar session picker interactivity above desktop workbench. Related #92707. Thanks @NianJiuZst and @vincentkoc.

PR #91218 fix(google): strip provider prefix from Vertex model path. Thanks @bymle.

PR #92669 feat: support /btw in CLI-backed sessions. Thanks @joshavant.

PR #91357 fix(gateway): mark active main sessions before restart shutdown aborts. Related #91355. Thanks @ooiuuii.

PR #91066 fix(parallel): send openclaw-parallel User-Agent on free Search MCP requests. Thanks @NormallyGaussian.

PR #90658 fix(ui): preserve dashboard session parent lineage when session list is stale. Related #90623. Thanks @luoyanglang and @lily-oc.

PR #92552 fix(ios): force stale foreground gateway reconnects. Thanks @Solvely-Colin.

PR #89421 fix(telegram): expose thread create CLI remap. Related #81581. Thanks @spacegeologist and @myrzka.

PR #92779 fix: start workspace files collapsed. Related #90359. Thanks @shakkernerd and @Chang2020618.

PR #91247 fix(state): avoid sqlite wal on nfs state volumes. Related #90491. Thanks @849261680 and @AFabyTWE.

PR #92773 fix(tui): show resolved canonical model ref in /model confirmation. Thanks @NarahariRaghava.

PR #92752 fix(diagnostics): keep recovery scheduling out of the stuck-session warning backoff. Related #92742. Thanks @gnanam1990 and @Takhoffman and @zhuyankarl.

PR #92735 fix(markdown-core): treat Infinity chunk limit as unbounded, not 1. Related #92734. Thanks @yhterrance.

PR #92695 docs(config): correct maxConcurrent default in agent-defaults type comments (AI-assisted). Thanks @ArielSmoliar.

PR #92766 clarify before_install hook scope. Related #91593. Thanks @sallyom and @Trump-last.

PR #92677 docs(nodes): add openclaw.json config example to Nodes overview. Related #92662. Thanks @liuhao1024 and @Casper-Mars.

PR #92513 Honor WhatsApp configured ACP bindings. Related #92449. Thanks @TurboTheTurtle and @mcaxtr and @dmorn.

PR #92650 fix #92465: split OpenAI 431 embedding batches. Thanks @mushuiyu886 and @BrettHamlin.

PR #92796 feat(providers): add GLM-5.2 support.

PR #92788 fix(sessions): derive channel from account-scoped DM session keys in send-policy. Thanks @yetval.

PR #92590 Docker image ships an extraneous stale openclaw in /app/node_modules (extensions pin the published release). Related #92551. Thanks @lzyyzznl and @fxstein.

PR #92393 chore(deps): bump the swift-deps group across 1 directory with 3 updates.

PR #92476 fix(agents): preserve compatible CLI session runtime pins. Thanks @yu-xin-c.

PR #92483 fix(matrix): validate CLI numeric option ranges. Related #92482. Thanks @rohitjavvadi.

PR #92490 fix(canvas): validate CLI numeric options. Related #92487. Thanks @rohitjavvadi.

PR #92802 fix(ui): reflow composer beside workspace rail. Thanks @Solvely-Colin and @shakkernerd.

PR #91059 fix(configure): mask gateway token input in CLI wizard prompt. Thanks @anurag-bg-neu.

PR #91143 fix(ports): only classify SSH -L/-R tunnels on the queried port as ssh. Related #91142. Thanks @jbetala7.

PR #91110 fix(tavily): keep web_search contract executable. Related #91096. Thanks @extrasmall0 and @xucongyuan98-sys.

PR #91181 fix(daemon): strip schtasks backslash prefix when matching gateway task name. Related #90494. Thanks @425072024 and @Darnellicious.

PR #91187 fix(cron): isolate auth profile failure policy so cron runs don't pollute shared cooldowns. Related #90991. Thanks @openperf and @cx306806112.

PR #92807 fix(heartbeat): route outbound mirror to isolated session key. Thanks @agent-merkava.

PR #92745 fix(memory): explain skipped short-term recall hits. Related #92706. Thanks @mushuiyu886 and @armarinho.

PR #92488 fix(gateway): forward image-only input on /v1/responses (parity with chat completions). Thanks @s554097550 and @cursoragent.

PR #92604 fix(status): avoid cumulative usage for context percent. Related #83526. Thanks @ashishpatel26 and @darconadalabarga.

PR #92810 fix: reject unvalidated voice media streams. Thanks @steipete-oai.

PR #92800 fix(telegram): answer callback queries before sequentialize delays them. Related #42156. Thanks @liuhao1024 and @Diaspar4u.

PR #92547 fix(nodes): surface pending reapproval diagnostics. Thanks @fuller-stack-dev.

PR #92690 fix(doctor): avoid false-positive legacy cron store warning when store was already migrated (fixes #92683). Thanks @liuhao1024 and @motteman.

PR #92806 fix(telegram): skip IPv4 fallback when user explicitly configures non-ipv4first dnsResultOrder (fixes #41671). Thanks @liuhao1024 and @vincentkoc and @leandroirani933-ctrl.

PR #92778 fix(macos): defer isOverflowing mutation to break SwiftUI render loop (fixes #43480). Thanks @liuhao1024 and @vincentkoc and @gdiab.

PR #92795 fix(gateway): use resolveNonNegativeNumber for totalTokens to display 0 instead of ? (fixes #43009). Thanks @liuhao1024 and @vincentkoc and @ltxy12138-ai.

PR #92746 fix(gateway): preserve active runs during plugin finalization. Thanks @scotthuang and @vincentkoc.

PR #92820 UI: localize Logs tab labels. Thanks @rubensfox20.

PR #92825 fix(telegram): preserve command callbacks while prefixing generic callback data. Related #54909. Thanks @hnshah and @timt80.

PR #90889 fix: cap session context overrides by model window. Related #39857. Thanks @xdanger.

PR #92830 fix(copilot): strip replayed thinking blocks. Related #81520. Thanks @giodl73-repo and @warcold.

PR #92834 feat(browser): extend --labels overlay to full-page and element captures. Thanks @hxy91819 and @FMLS and @cursoragent.

PR #92836 fix(discord): raise thread title timeout and tokens to fit reasoning models. Thanks @hanamizuki.

PR #92095 fix #92039: [Bug]: WhatsApp login reports success before auth is durably persisted, so Docker rebuilds/upgrades can force relink. Thanks @zhangguiping-xydt and @dinorastoder.

PR #92801 fix(stale): exempt ClawSweeper actionable labels from stale lifecycle (fixes #89564). Thanks @liuhao1024 and @brokemac79.

PR #89736 fix(status): render sub-1000 token counts as plain integers. Related #89735. Thanks @jbetala7 and @vincentkoc.

PR #92792 fix(agents): catch malformed image blocks in sanitizeContentBlocksImages. Thanks @LowCode191 and @vincentkoc.

PR #92555 ci: gate stable releases on Windows companion assets. Thanks @fuller-stack-dev.

PR #91824 fix(agents): add usage guidance to sessions_spawn tool description (fixes #91814). Thanks @zenglingbiao and @vincentkoc and @cattails-lgao.

PR #92840 fix(feishu): await HTTP server shutdown during monitor cleanup. Related #48183. Thanks @alex-xuweilong and @ai-nurmamat.

PR #91632 feat: add tool search directory mode. Thanks @fuller-stack-dev.

PR #92823 fix(qqbot): surface failed media sends. Thanks @zhangguiping-xydt and @vincentkoc.

PR #92849 fix(tailscale): preserve parse errors for malformed JSON. Thanks @franciscomaestre.

PR #92045 Fix diagnostics OTEL runtime install trust. Thanks @efpiva.

PR #92853 fix(acp): accept MCP date protocolVersion in ACP server. Related #56102. Thanks @bugkill3r and @moliveto.

PR #92854 fix(hooks): reject slug-generator error payloads. Thanks @Cypherm.

PR #92855 fix(ui): repair iOS Safari chat viewport handling. Thanks @macdao.

PR #91586 fix(update): continue after package doctor warnings. Thanks @fuller-stack-dev.

PR #92862 fix(feishu): target typing reaction on inbound message. Thanks @huiwen01.

PR #92861 fix(lobster): surface workflow path errors. Related #68101. Thanks @vvitovec and @MPC7500.

PR #69975 fix(cli): clarify --tz help text for offset-less --at values. Related #59456. Thanks @rrrrrredy.

PR #90682 fix(openai): preserve opaque reasoning transcript fields. Related #90093. Thanks @toruvieI and @richardmqq.

PR #92373 fix(anthropic): strip thinking blocks from history when thinking is disabled (fixes #92360). Thanks @liuhao1024 and @notnaji.

PR #87346 fix(anthropic): merge consecutive assistant turns in turn validation. Related #87329. Thanks @Jefsky and @travellingsoldier85.

PR #92896 fix(anthropic): quarantine invalid direct tool schemas. Thanks @vincentkoc.

PR #90739 fix(active-memory): preserve verbose recall summaries. Related #90454. Thanks @brokemac79 and @nocode-ananas.

PR #92558 Simplify QA scorecard mapping shape. Thanks @RomneyDa.

PR #92876 fix(memory-wiki): stop flagging raw source pages as malformed. Thanks @vincentkoc.

PR #92908 fix(providers): quarantine unreadable Anthropic payload tools. Thanks @vincentkoc.

PR #92881 fix(memory): preserve reindex rollback recovery. Thanks @TSHOGX and @vincentkoc.

PR #92921 fix(openai): quarantine unreadable tool schemas. Thanks @vincentkoc.

PR #92550 Fold Telegram RTT sampling into live QA evidence. Thanks @RomneyDa.

PR #92824 fix(media): route OAuth image defaults through Codex. Related #87168. Thanks @bek91.

PR #92928 fix(openai): guard post-hook tool payloads. Thanks @vincentkoc.

PR #92814 fix(feishu): re-resolve route when dynamic agent binding already exists in runtime config (fixes #42837). Thanks @liuhao1024 and @vincentkoc and @cwlong163-afk.

PR #89055 fix: restart gateway after isolated cron setup timeout. Thanks @ghitafilali.

PR #90574 fix(openai): omit gpt-5.5 tool reasoning effort. Thanks @BSG2000.

PR #92941 fix(openai): recover invalid reasoning signatures.

PR #92914 fix(agents): clamp unsupported thinking for subagent spawns instead of hard-failing. Related #92412. Thanks @openperf and @oiGaDio.

PR #92573 fix: preserve config-selected subagent model overrides. Related #92486. Thanks @arkyu2077 and @PatrickTrent.

PR #92852 fix(gateway): fall back to polling when config watcher exhausts inotify retries. Related #92851. Thanks @danbao.

PR #92362 fix(gateway): build row metadata context for single session lists. Thanks @anyech.

PR #92897 fix(memory-wiki): tolerate public artifacts without agent ids. Related #92207. Thanks @yu-xin-c and @qq230849622-a11y.

PR #92002 fix(lmstudio): deliver thinking "off" to binary-thinking models. Related #91913. Thanks @nxmxbbd and @mlaihk.

PR #92738 Forward suppressed-source progress for message-tool channel replies. Thanks @ragesaq.

PR #92916 #92201: Embedded runner: freshly streamed thinking signatures intermittently invalid on replay (Anthropic); recovery wrapper never fires because error text is genericized. Thanks @mmyzwl and @CarlCapital.

PR #90936 fix(agents): do not misclassify client-disconnect abort as run timeout. Related #90764. Thanks @openperf and @reginaldomarcilon.

PR #93009 fix(agents): make wrapToolWithBeforeToolCallHook idempotent to prevent double hook execution (fixes #92973). Thanks @zenglingbiao and @dertbv.

PR #92318 fix(cron): require explicit message target proof. Thanks @hxy91819.

PR #93022 fix(gateway): repair usage cost aggregation across agents. Thanks @luke-skywalker-open-claw and @stablegenius49.

PR #93159 fix(tui): keep parent stdin paused after exit. Thanks @fuller-stack-dev.

PR #93616 Keep key-free web search providers opt-in. Thanks @davemorin and @vincentkoc.

PR #93164 fix(telegram): preserve rich markdown line breaks. Thanks @vincentkoc.

Release verification

npm package: https://www.npmjs.com/package/openclaw/v/2026.6.8-beta.1

registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.8-beta.1.tgz

integrity: sha512-m1SHMi+aFaQnlAczgBvUgKA9mgL1Td3WnySoaf8X9Uy5SOLbBzdJ1miBV7NnINTVE+ec6Rb+jfXCGlEspthX/g==

release SHA: 43d00c7724b5b4856ad4055b2dcd21ce6ef61550

npm preflight: https://github.com/openclaw/openclaw/actions/runs/27505699831

full release validation: https://github.com/openclaw/openclaw/actions/runs/27504321919

release publish orchestration: https://github.com/openclaw/openclaw/actions/runs/27513932430 (failed after plugin publish verification; direct OpenClaw npm recovery used)

plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/27514038012 (published; one post-publish metadata verifier failed for @openclaw/llama-cpp-provider readme metadata)

OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/27514298229

postpublish verifier: node --import tsx scripts/openclaw-npm-postpublish-verify.ts 2026.6.8-beta.1 passed

clean npm smoke: npm exec --package [email protected] -- openclaw --version returned OpenClaw 2026.6.8-beta.1 (43d00c7)

ClawHub plugin publish: https://github.com/openclaw/openclaw/actions/runs/27514039764 failed plugin-inspector on packaged transport plugin setupEntry metadata; follow-up required

dependency evidence asset: openclaw-2026.6.8-beta.1-dependency-evidence.zip

npm Telegram beta E2E: https://github.com/openclaw/openclaw/actions/runs/27514468230 (running)

Original source

openclaw 2026.6.8-alpha.2

Original source

2026.6.7

Highlights

Durable channel replies: Telegram polling and preview failures recover instead of ending a stream, Slack keeps delivered replies in the transcript, and top-level image sends retain their intended media source. (#92281, #92498, #92416) Thanks @joshavant, @TurboTheTurtle, @xydigit-sj, @ichirokyoto, @TalkingHeadsJed, and @riseandshinefutures.

More dependable provider sessions: SecretRef-backed profiles, configured DeepSeek transports, static model fallback, Anthropic thinking replay, and Codex prompt memory all recover cleanly instead of leaving a turn unusable. (#92265, #92235, #92293, #92286, #92350) Thanks @joshavant, @rubencu, @sallyom, @marcoraepple-sys, @LINSUISHENG034, @mattsfraser, and @reginaldomarcilon.

Kimi K2.7 Code support: the provider catalog now includes the new Kimi coding model, with replay handling that preserves its reasoning content across tool turns. (#92554, #92396) Thanks @xialonglee and @RoseKongPS.

Safer operations: SQLite-backed cron status, disabled heartbeat retries, Linux service updates, and external-plugin diagnosis now expose clearer, actionable state to operators. (#92144, #92225, #92282, #86629) Thanks @liuhao1024, @joshavant, @brokemac79, @AaronFaby, @cdeyoung67, @ooiuuii, @shakkernerd, @A1fred-AI, and @hanyizuo.

Guarded skill installs: Skill Workshop support-file targets now go through trusted lifecycle writes instead of unbounded filesystem updates, while ClawHub package checks stay on the current release path. (#91311) Thanks @abnershang.

Changes

Skills and plugin workflows now permit trusted Skill Workshop support-file targets only through guarded lifecycle writes, and package publishing uses the current ClawHub plugin checks. (#91311) Thanks @abnershang and @vincentkoc.

Providers: add Kimi K2.7 Code support. (#92554)

Fixes

Channels and delivery: recover Telegram preview and polling failures, retain Slack final replies in transcripts, preserve top-level outbound image parameters, and make channel-action result pages available to callers. (#92281, #92498, #92407, #88993) Thanks @joshavant, @TurboTheTurtle, @xydigit-sj, @fuller-stack-dev, @TalkingHeadsJed, and @riseandshinefutures.

Agent/provider reliability: preserve configured model transport/auth resolution, fail closed for unsupported CLI-backed /btw fallback, continue after source message-tool replies, repair Anthropic thinking replay, and keep Codex memory prompts registered. (#92265, #92226, #92343, #92286, #92350) Thanks @joshavant, @rubencu, @sallyom, @marcoraepple-sys, @wangwllu, @elyalvarado, and @reginaldomarcilon.

Operations: make cron and daemon status resilient, preserve disabled heartbeat one-shot retries, hand off Linux service auto-updates, and keep lifecycle timeout cleanup alive after leader exit. (#92144, #92225, #92282, #92566) Thanks @liuhao1024, @joshavant, @RomneyDa, @AaronFaby, @A1fred-AI, and @hanyizuo.

Complete contribution record

This audited record covers the complete v2026.6.6..v2026.6.7-beta.1 history: 59 merged PRs. The generation manifest also supplies direct commits as editorial input; the grouped notes above prioritize user impact.

Pull requests

PR #92144 fix(cron): report SQLite storage path in cron.status instead of legacy jobs.json. Related #91766. Thanks @liuhao1024 and @AaronFaby.

PR #92175 fix(channel): harden local setup trust. Thanks @hxy91819.

PR #91528 fix #73837: stop after failed Node package installs. Thanks @mushuiyu886 and @ItsMeForLua.

PR #91561 fix(wizard): report keyless web_search providers as ready, not missing a key. Thanks @NormallyGaussian.

PR #92073 fix: handle explicit silent assistant replies. Related #92038. Thanks @sallyom and @vultusv.

PR #91311 Allow Skill Workshop apply through trusted skill symlinks. Thanks @abnershang.

PR #88245 refactor(whatsapp): introduce inbound message contexts. Thanks @mcaxtr.

PR #92212 refactor: move workspace skill writes to lifecycle. Thanks @shakkernerd.

PR #92248 Remove ClawHub owner preflight. Thanks @Patrick-Erichsen.

PR #91617 test(sqlite): add state perf query plan harness. Related #91616. Thanks @galiniliev.

PR #91626 fix(daemon): keep status readable on unsupported services. Related #25621. Thanks @mushuiyu886 and @kucharskim.

PR #92295 fix(cron): preserve tz and staggerMs when --cron replaces expression. Related #92291. Thanks @liuhao1024 and @dcapclaw.

PR #92087 fix(docker): bundle QA Lab runtime in the image. Thanks @jesse-merhi.

PR #92004 fix(telegram): classify streaming preview edit failures instead of killing the draft. Thanks @obviyus.

PR #91997 fix(telegram): survive getUpdates conflicts in isolated polling ingress. Thanks @obviyus.

PR #92387 fix(anthropic-vertex): stop re-marking cache_control on transport-budgeted payloads. Related #91982. Thanks @openperf and @Takhoffman and @danieljimz.

PR #92229 Fix doctor preview channel SecretRef resolution. Related #91939. Thanks @joshavant and @Niriakot.

PR #92225 Fix disabled heartbeat one-shot cron retries. Related #91775. Thanks @joshavant and @A1fred-AI.

PR #92265 Fix configured DeepSeek model transport inheritance. Related #92148. Thanks @joshavant and @marcoraepple-sys.

PR #92226 Fail closed for CLI-backed /btw fallback. Related #92168. Thanks @joshavant and @wangwllu.

PR #92231 Fix suppressed heartbeat commitment delivery. Related #91948. Thanks @joshavant and @bizzle12368239.

PR #92280 fix(agents): classify structured unsupported model errors. Related #92118. Thanks @joshavant and @pikaqqqqqq.

PR #92276 Fix OTLP log trace correlation. Related #91865. Thanks @joshavant and @sinzin91.

PR #92282 fix(update): hand off Linux service auto-updates. Related #91823. Thanks @joshavant and @hanyizuo.

PR #92235 fix: resolve managed SecretRef provider auth. Related #92097. Thanks @joshavant and @LINSUISHENG034.

PR #92293 Fix provider static model fallback resolution. Related #92009. Thanks @joshavant and @mattsfraser.

PR #92343 fix(agent): continue after source message tool replies. Related #92169. Thanks @joshavant and @elyalvarado.

PR #92350 fix(codex): preserve memory prompt registration. Thanks @rubencu and @sallyom.

PR #92290 fix: clarify gateway SecretRef auth diagnostics. Related #91815. Thanks @joshavant and @mattsfraser.

PR #92286 fix: repair rejected Anthropic thinking replay. Related #91983. Thanks @joshavant and @reginaldomarcilon.

PR #92281 Fix Telegram spooled buffered replay. Related #92129. Thanks @joshavant and @riseandshinefutures.

PR #47493 fix(doctor): show per-step progress spinners during update. Thanks @amersheeny.

PR #92416 fix(outbound): honor top-level image param as send media source (#92407). Thanks @xydigit-sj and @ichirokyoto.

PR #92508 fix(sandbox): render CLI skill prompts from materialized paths. Thanks @brokemac79.

PR #92540 chore: fix esbuild production audit failure. Thanks @RomneyDa.

PR #91484 Add QA evidence artifact output. Thanks @RomneyDa.

PR #91500 Add QA scorecard taxonomy validation. Thanks @RomneyDa.

PR #84082 fix(telegram): allow expandable blockquotes. Thanks @jzakirov.

PR #92554 feat(moonshot): add Kimi K2.7 Code support.

PR #92396 fix(moonshot): backfill reasoning_content on assistant tool-call replay messages. Related #71491. Thanks @xialonglee and @RoseKongPS.

PR #92566 Fix lifecycle timeout cleanup after leader exit. Thanks @RomneyDa.

PR #92311 ci: split plugin ClawHub publishing paths. Thanks @Patrick-Erichsen.

PR #92216 fix(gateway): mirror hidden commentary-phase assistant events. Thanks @ragesaq.

PR #87596 fix(moonshot): rewrite duplicate native Kimi tool_call ids on replay. Related #51593. Thanks @Pluviobyte and @Faaab84.

PR #88993 Expose paged channel action results. Thanks @fuller-stack-dev.

PR #90326 fix(fireworks): resolve catalog model params from plugin.json via core. Thanks @obuchowski.

PR #86629 fix(doctor): warn for untrusted external Discord plugin. Related #83212. Thanks @brokemac79 and @ooiuuii and @cdeyoung67.

PR #90242 fix(providers): skip unreadable Mistral tool schemas. Thanks @vincentkoc.

PR #92498 fix(reply): mirror same-channel Slack final replies. Related #92489. Thanks @TurboTheTurtle and @TalkingHeadsJed.

PR #92083 fix(channels): default boundary logger for swallowed progress-draft start errors. Thanks @hansraj316.

PR #92564 fix(agents): isolate invalid plugin model catalogs [AI-assisted]. Related #92553. Thanks @tangtaizong666 and @fxstein.

PR #89827 docs: UX-013 — design system documentation. Thanks @BunsDev.

PR #89615 feat(ui): hide empty workboard columns. Thanks @BunsDev.

PR #89822 fix(a11y): B-1+B-2+B-3 — contrast, focus states, minimum font sizes. Thanks @BunsDev.

PR #92618 fix #92218: memory_search tool disabled with QMD backend. Thanks @mushuiyu886 and @zhbcher.

PR #92608 docs(gateway): add uptime monitoring guidance to health check docs (fixes #55768). Thanks @liuhao1024 and @faahim.

PR #92605 fix(docs): pin Windows Hub download links to v2026.6.5. Related #92470. Thanks @lzyyzznl and @arjkul.

PR #92593 #92589: fix(internal-runtime-context): wrap prompt-preface runtime context body in delimiters. Thanks @zhangqueping and @jovi2014-cyber.

PR #92606 Run Vitest and Playwright scenarios from qa suite. Thanks @RomneyDa.

Original source

openclaw 2026.6.10-alpha.2

Original source

Highlights

QQBot now strips model reasoning/thinking scaffolding before native delivery, preventing raw <thinking> content from leaking into channel replies. (#89913, #90132) Thanks @openperf.

MCP tool results now coerce resource_link, resource, audio, malformed image, and future non-text/image blocks at the materialize boundary, preventing Anthropic 400s and poisoned session history after a tool returns richer MCP content. (#90710, #90728) Thanks @RanSHammer and @849261680.

Anthropic extended-thinking sessions recover after prompt-cache expiry or Gateway restart because stream start events wait for message_start, letting pre-generation signature errors trigger the existing recovery retry. (#90667, #90697) Thanks @openperf.

Parallel is now a bundled web_search provider with PARALLEL_API_KEY discovery, guarded endpoint handling, cache-safe session ids, onboarding picker support, and docs. (#85158) Thanks @NormallyGaussian.

Google Vertex ADC users get static catalog rows and runtime model resolution again, while single-provider cooldown recovery and memory adapter status checks are more reliable. (#90506, #90609, #90717, #90816) Thanks @849261680.

Matrix can preflight voice notes before mention gating, preserve thread reads/replies through Matrix relations pagination, and carry QA coverage for voice and thread flows. (#78016, #90415)

Auth and plugin install state is more durable: auth profiles now live in SQLite, official npm plugin install records keep their trusted pins, and prerelease fallback integrity checks avoid carrying stale integrity forward. (#89102, #88585)

Agent, tool, and provider loops are stricter around MCP lease timestamps, prompt-cache tool names, local tool catalogs, unreadable dynamic tools, owner-only HTTP tools, and provider catalog metadata, reducing hidden retries and unsafe exposure. (#91124, #91233, #90022, #90261)

macOS node mode no longer silently self-reconnects away from a healthy direct Gateway session, reducing unexpected companion app session churn. (#90668, #90815) Thanks @vrurg.

Upgrade and service paths are safer: cron legacy JSON stores migrate during doctor preflight, service env placeholders no longer mask state-dir secrets, WhatsApp startup waits are bounded, and disabled WhatsApp accounts tear down on config reload. (#90072, #90208, #90277, #90488, #90486, #87951, #87965) Thanks @MonkeyLeeT, @sallyom, @mcaxtr, and @MukundaKatta.

Changes

Search/providers: add the Parallel bundled web-search plugin, live provider tests, registration contracts, onboarding/docs wiring, and guarded api.parallel.ai/v1/search support. (#85158) Thanks @NormallyGaussian.

Matrix/channels: add voice-message preflight and thread-aware read/reply behavior, including Matrix QA scenario wiring and docs for voice-message behavior. (#78016, #90415)

Skills/ClawHub: install ClawHub skills backed by GitHub repositories through the resolved install API, download the pinned GitHub commit, keep install-policy checks, and report install telemetry after success. (#90478) Thanks @Patrick-Erichsen.

Skills/ClawHub: avoid one filesystem watcher per skill file during refresh, keeping large skill trees from exhausting watcher limits.

Google Chat/channels: add native approval card actions and click handling so Google Chat approvals use platform-native cards instead of generic message flow.

Mobile: Android provider/model screens now surface expiring, unavailable, unresolved, and attention states more clearly, Android adds theme mode selection, and iOS settings and Talk tabs keep diagnostics, gateway rows, attachment labels, fallback copy, and unavailable Talk controls reachable. (#90752, #91201)

Memory: QMD search can use the new rerank toggle, and memory adapter status uses the resolved default model identity when checking plain status. (#61834)

Docs/tooling: add Parallel search docs, refresh weather-skill guidance toward web_fetch, clarify legacy openai-codex auth, document release/test helper scripts, and tighten changed-test routing docs for CI/debugging work. (#90028, #90250) Thanks @fuller-stack-dev.

Release/process: switch release trains to YYYY.M.PATCH monthly patch numbering, keep pre-transition tags compatible, and pin the June 2026 floor at 2026.6.5 after the published beta.

Release/process: defer the session-metadata SQLite migration from the 2026.6.5 beta train so this release keeps the existing JSON-backed session metadata path while the migration risk is worked on main.

Release metadata: align OpenClaw, publishable plugin manifests, generated shrinkwraps, app version metadata, iOS release notes, Matrix plugin changelog, and generated release baselines with the 2026.6.5 beta train.

Platform maintenance: refresh Android, Swift/macOS, Docker, CodeQL, Buildx, Docker build/push, and Codex Action dependencies for this release train. (#74980, #81757, #86481, #86483, #90601)

Fixes

Channel content boundaries: QQBot now strips reasoning/thinking tags before sending, preserving final answers while hiding internal model narration from users. (#89913, #90132) Thanks @openperf.

Agents/MCP/providers: coerce non-text/image MCP tool-result blocks before they reach provider converters, preserving valid images and turning richer MCP content into text instead of malformed image blocks. (#90710, #90728) Thanks @RanSHammer and @849261680.

Anthropic/Codex/ACP/agent recovery: defer Anthropic stream start events until message_start, strip stale compaction thinking signatures before Anthropic replay, detect unsigned thinking-only stalls, refresh prompt fences after compaction writes, reject empty completion handoffs, preserve parent streaming-off overrides/shared progress commentary, forward heartbeat metadata to context-engine hooks, and cover Codex session/thread migration edge cases. (#90667, #90697, #90163, #90108, #89874, #89505, #90632, #89302, #90729, #90317, #90319) Thanks @openperf, @100yenadmin, and @ooiuuii.

Agents/Codex/tools: MCP lease release no longer refreshes lastUsedAt, prompt-cache tool names are guarded, lean local tool catalogs stay compact, unreadable dynamic tools are quarantined, orphan tool errors still surface, native subagent completion results survive app-server monitoring, and background-session name derivation avoids regex backtracking risk. (#91124, #90612, #90022, #91235, #91233)

Provider/model resolution: preserve Google Vertex ADC auth markers in generated catalogs, re-probe a single-provider primary after cooldown, share Codex model visibility, fail closed for unknown model auth, preserve Codex alias availability, keep unresolved profile refs unknown, and avoid resolving auth while listing models. (#90506, #90609, #90717, #90702) Thanks @849261680.

Provider/model resolution: live provider model catalogs keep helper coverage, Ollama catalog metadata is preserved, Google provider prefixes are stripped from Gemini paths, Foundry Responses reasoning replay ids survive, MiniMax M3 thinking stays enabled, Vertex multi-region calls use the right regional host, and OpenRouter streamed generation cost is reconciled. (#91125)

Gateway/macOS/mobile: avoid duplicate Gateway probe warnings by identity, rate-limit node pairing requests while preserving paired-node reconnects, keep macOS node mode on a healthy direct Gateway session, keep iOS diagnostics and gateway rows reachable, and avoid Linux ARM Gradle resource tasks during Android builds. (#85791, #90147, #90668, #90815) Thanks @giodl73-repo and @vrurg.

Gateway/security/config: owner-only HTTP tools are gated, sandbox skills remain readable in writable sandboxes, legacy agent registry and Codex model metadata migrate safely, and stalled MCP response bodies time out instead of tying up Gateway workers. (#90261)

Gateway/config: config.patch now preserves explicit array replacement semantics for arrays without merge keys, so replacement patches do not accidentally merge stale entries. (#91551)

SDK: event pump failures now surface to clients instead of being swallowed behind a quiet iterator shutdown.

Agents/transcripts: inline image payload redaction now catches data URLs and repaired transcript images before they can leak raw image bytes into stored or exported transcripts. (#91529)

Plugins/Gateway: legacy flat Control UI descriptors from shipped JavaScript plugins now normalize name and missing surface fields into session descriptors, restoring Kitchen Sink RPC descriptor proof for package-backed plugin validation.

TUI/chat/Workboard/auto-reply: optimistic user messages stay stable across stale history reloads, runId reassignment, and abort windows instead of disappearing, jumping, or lingering as ghost rows; Workboard stale lifecycle bulk updates no longer overwrite newer status/provenance; message-tool sends now count as delivery. (#86205, #89600, #88592, #90123) Thanks @RomneyDa.

Cron/update/service env: doctor config preflight now migrates legacy cron JSON stores into SQLite before runtime reads, isolated agent turn payload messages preserve timeout context, service env planning skips unresolved placeholders that would mask state-dir .env values, and session transcript rewrites keep registry markers/discriminants consistent. (#90072, #90208, #91230, #90277, #90488) Thanks @MonkeyLeeT and @sallyom.

State/storage: Matrix sync and crypto sidecars, memory-wiki import/source-sync state, sandbox registry state, ACPX process state, device-pair notify state, Zalo hosted media, and plugin SDK dedupe state now use SQLite-owned storage instead of ad hoc runtime files. (#91100, #91108, #91056)

Security/config/tooling: guard MCP HTTP redirects, protect global agent config defaults, and keep release/test/tooling proof failures bounded and explicit. (#89732, #90145)

Channels: WhatsApp restarts when per-account config changes, bounds background startup waits, closes failed sockets, and preserves reconnect behavior; Mattermost slash commands keep their state on globalThis; Feishu streaming cards preserve full merged content; iMessage private-API failures and send timeouts explain themselves while split-send coalescing honors balloon metadata; voice-call tracks Twilio streams after connect; ClickClack reply tools respect toolsAllow; Discord runtime adapters stay resolvable; and outbound delivery retries survive budget deferrals. (#87951, #87965, #90486, #68113, #90534, #90181, #90607, #89500, #91041, #90858, #91119, #91241) Thanks @MukundaKatta, @mcaxtr, @infoanton, @mushuiyu886, and @sahibzada-allahyar.

Feishu: retry transient send rate-limit errors (HTTP 429, per-chat code 230020, tenant-level code 11232) with linear backoff, including SDK responses that fulfill with rate-limit bodies instead of throwing, and route streaming-card sends through the retry wrapper. (#89659) Thanks @ladygege.

WhatsApp: captured replies after restart now route through the successor controller instead of the stale pre-restart controller. (#85823)

Release/CI/E2E: main CI guard drift, PR merge diff scoping, live Docker credential staging, base-image qualification, installer Docker classification, Playwright dependency install recovery, API-key auth for Codex live Docker lanes, Parallels option terminators, and JSON-mode progress handling are tighter so release proof fails cleaner. (#90532, #90287, #90058) Thanks @RomneyDa, @hxy91819, and @mrunalp.

Release/CI/E2E: installed-package root dist verification now allows the current package's JavaScript file count while keeping dependency, per-file-size, and scan-bound checks active.

Release/CI/E2E: Chutes OAuth model-discovery proof now accepts standard Headers requests, and QR package install smoke caps Docker CPU requests to the hosted runner capacity so beta validation fails on real package regressions.

Release/CI/E2E: Docker E2E and live Docker harness runs now apply default memory, CPU, and process ceilings while preserving explicit per-lane overrides.

Release/CI/E2E: Docker E2E CPU limits now cap to the runner capacity, keeping package Telegram acceptance on hosted 8-vCPU runners focused on package regressions instead of impossible Docker resource requests.

Release/CI/E2E: task maintenance release checks now reset pinned config around isolated temp state dirs, keeping normal CI focused on the active session-store fixture instead of stale process snapshots.

Release/CI/E2E: plugin lifecycle matrix resource sampling now fails phases that exceed RSS, wall-clock, or CPU ceilings instead of only logging the measurements.

Release/CI/E2E: Codex npm plugin live assertions now cap transcript discovery and diagnostic log reads so failure proof stays bounded.

Release/CI/E2E: browser snapshot, release-scenario, release-user-journey, Telegram desktop/RTT/package, web-search, Parallels update, plugin update, doctor switch, and upgrade-survivor diagnostics now stream or bound log/artifact reads so failed proof stays inspectable without unbounded output.

Release/CI/E2E: ClawHub publish jobs prepare dependencies after checking out the target ref, and Docker store seed package discovery now targets the intended production packages. (#91547)

Release/CI/E2E: QA Lab capability-flip release validation now marks intentional tools.deny restores as array replacements, so beta validation fails only on real capability regressions.

Tests/state isolation: QA Lab valid-tool-call metrics now require runtime tool-call evidence when runtime parity data is available instead of counting tool-backed scenario pass status alone.

Tests/state isolation: QA Lab runtime parity now fails planned-only tool-call rows without matching tool results instead of treating matching mock plans as real tool evidence.

Tests/state isolation: QA Lab runtime parity now treats matching controlled tool errors as equivalent and falls back to transcript tool results when mock debug rows miss async image-generation starts.

Tests/state isolation: QA suites now fail closed on skipped summaries, missing runtime tool proof, planned-only rows, loose release limits, missing live/provider artifacts, failed agent reply markers, and package Telegram summary failures.

Tests/state isolation: provider, media, auth, cron, task, session, sandbox, Gateway, and Codex timeout fixtures now scope more home/state/env data per test, reducing cross-test leakage and making release validation failures less noisy. (#90027, #89974)

Sessions: the beta SQLite downgrade rescue now skips extra pre-reads for active non-empty JSON session stores, preserving cache race detection while still restoring missing or empty beta session files.

Release verification

npm package: https://www.npmjs.com/package/openclaw/v/2026.6.5-beta.6

registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.5-beta.6.tgz

integrity: sha512-jwz9IP/LbR6qgS5SUTpgeBArNf2eIM+8jc7LCEMAMQznsznjml/7IrsxBn2S89XieEX6BEhGVtjspOOJt0jVXg==

full release CI report: https://github.com/openclaw/releases/blob/main/evidence/2026.6.5-beta.6/release-evidence.md

release publish: https://github.com/openclaw/openclaw/actions/runs/27193326577

npm preflight: https://github.com/openclaw/openclaw/actions/runs/27191457144

full release validation: https://github.com/openclaw/openclaw/actions/runs/27191453479

plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/27193511392

plugin ClawHub publish: dispatched separately, not awaited by this proof: https://github.com/openclaw/openclaw/actions/runs/27193515101

OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/27193906215

npm Telegram beta E2E: not supplied

Original source

Highlights

QQBot now strips model reasoning/thinking scaffolding before native delivery, preventing raw <thinking> content from leaking into channel replies. (#89913, #90132) Thanks @openperf.

MCP tool results now coerce resource_link, resource, audio, malformed image, and future non-text/image blocks at the materialize boundary, preventing Anthropic 400s and poisoned session history after a tool returns richer MCP content. (#90710, #90728) Thanks @RanSHammer and @849261680.

Anthropic extended-thinking sessions recover after prompt-cache expiry or Gateway restart because stream start events wait for message_start, letting pre-generation signature errors trigger the existing recovery retry. (#90667, #90697) Thanks @openperf.

Parallel is now a bundled web_search provider with PARALLEL_API_KEY discovery, guarded endpoint handling, cache-safe session ids, onboarding picker support, and docs. (#85158) Thanks @NormallyGaussian.

Google Vertex ADC users get static catalog rows and runtime model resolution again, while single-provider cooldown recovery and memory adapter status checks are more reliable. (#90506, #90609, #90717, #90816) Thanks @849261680.

Matrix can preflight voice notes before mention gating, preserve thread reads/replies through Matrix relations pagination, and carry QA coverage for voice and thread flows. (#78016, #90415)

Auth and plugin install state is more durable: auth profiles now live in SQLite, official npm plugin install records keep their trusted pins, and prerelease fallback integrity checks avoid carrying stale integrity forward. (#89102, #88585)

Agent, tool, and provider loops are stricter around MCP lease timestamps, prompt-cache tool names, local tool catalogs, unreadable dynamic tools, owner-only HTTP tools, and provider catalog metadata, reducing hidden retries and unsafe exposure. (#91124, #91233, #90022, #90261)

macOS node mode no longer silently self-reconnects away from a healthy direct Gateway session, reducing unexpected companion app session churn. (#90668, #90815) Thanks @vrurg.

Upgrade and service paths are safer: cron legacy JSON stores migrate during doctor preflight, service env placeholders no longer mask state-dir secrets, WhatsApp startup waits are bounded, and disabled WhatsApp accounts tear down on config reload. (#90072, #90208, #90277, #90488, #90486, #87951, #87965) Thanks @MonkeyLeeT, @sallyom, @mcaxtr, and @MukundaKatta.

Changes

Search/providers: add the Parallel bundled web-search plugin, live provider tests, registration contracts, onboarding/docs wiring, and guarded api.parallel.ai/v1/search support. (#85158) Thanks @NormallyGaussian.

Matrix/channels: add voice-message preflight and thread-aware read/reply behavior, including Matrix QA scenario wiring and docs for voice-message behavior. (#78016, #90415)

Skills/ClawHub: install ClawHub skills backed by GitHub repositories through the resolved install API, download the pinned GitHub commit, keep install-policy checks, and report install telemetry after success. (#90478) Thanks @Patrick-Erichsen.

Google Chat/channels: add native approval card actions and click handling so Google Chat approvals use platform-native cards instead of generic message flow.

Mobile: Android provider/model screens now surface expiring, unavailable, unresolved, and attention states more clearly, Android adds theme mode selection, and iOS settings and Talk tabs keep diagnostics, gateway rows, attachment labels, fallback copy, and unavailable Talk controls reachable. (#90752, #91201)

Memory: QMD search can use the new rerank toggle, and memory adapter status uses the resolved default model identity when checking plain status. (#61834)

Docs/tooling: add Parallel search docs, refresh weather-skill guidance toward web_fetch, clarify legacy openai-codex auth, document release/test helper scripts, and tighten changed-test routing docs for CI/debugging work. (#90028, #90250) Thanks @fuller-stack-dev.

Release/process: switch release trains to YYYY.M.PATCH monthly patch numbering, keep pre-transition tags compatible, and pin the June 2026 floor at 2026.6.5 after the published beta.

Release metadata: align OpenClaw, publishable plugin manifests, generated shrinkwraps, app version metadata, iOS release notes, Matrix plugin changelog, and generated release baselines with the 2026.6.5 beta train.

Platform maintenance: refresh Android, Swift/macOS, Docker, CodeQL, Buildx, Docker build/push, and Codex Action dependencies for this release train. (#74980, #81757, #86481, #86483, #90601)

Fixes

Channel content boundaries: QQBot now strips reasoning/thinking tags before sending, preserving final answers while hiding internal model narration from users. (#89913, #90132) Thanks @openperf.

Agents/MCP/providers: coerce non-text/image MCP tool-result blocks before they reach provider converters, preserving valid images and turning richer MCP content into text instead of malformed image blocks. (#90710, #90728) Thanks @RanSHammer and @849261680.

Anthropic/Codex/ACP/agent recovery: defer Anthropic stream start events until message_start, strip stale compaction thinking signatures before Anthropic replay, detect unsigned thinking-only stalls, refresh prompt fences after compaction writes, reject empty completion handoffs, preserve parent streaming-off overrides/shared progress commentary, forward heartbeat metadata to context-engine hooks, and cover Codex session/thread migration edge cases. (#90667, #90697, #90163, #90108, #89874, #89505, #90632, #89302, #90729, #90317, #90319) Thanks @openperf, @100yenadmin, and @ooiuuii.

Agents/Codex/tools: MCP lease release no longer refreshes lastUsedAt, prompt-cache tool names are guarded, lean local tool catalogs stay compact, unreadable dynamic tools are quarantined, orphan tool errors still surface, native subagent completion results survive app-server monitoring, and background-session name derivation avoids regex backtracking risk. (#91124, #90612, #90022, #91235, #91233)

Provider/model resolution: preserve Google Vertex ADC auth markers in generated catalogs, re-probe a single-provider primary after cooldown, share Codex model visibility, fail closed for unknown model auth, preserve Codex alias availability, keep unresolved profile refs unknown, and avoid resolving auth while listing models. (#90506, #90609, #90717, #90702) Thanks @849261680.

Provider/model resolution: live provider model catalogs keep helper coverage, Ollama catalog metadata is preserved, Google provider prefixes are stripped from Gemini paths, Foundry Responses reasoning replay ids survive, MiniMax M3 thinking stays enabled, Vertex multi-region calls use the right regional host, and OpenRouter streamed generation cost is reconciled. (#91125)

Gateway/macOS/mobile: avoid duplicate Gateway probe warnings by identity, rate-limit node pairing requests while preserving paired-node reconnects, keep macOS node mode on a healthy direct Gateway session, keep iOS diagnostics and gateway rows reachable, and avoid Linux ARM Gradle resource tasks during Android builds. (#85791, #90147, #90668, #90815) Thanks @giodl73-repo and @vrurg.

Gateway/security/config: owner-only HTTP tools are gated, sandbox skills remain readable in writable sandboxes, legacy agent registry and Codex model metadata migrate safely, and stalled MCP response bodies time out instead of tying up Gateway workers. (#90261)

Plugins/Gateway: legacy flat Control UI descriptors from shipped JavaScript plugins now normalize name and missing surface fields into session descriptors, restoring Kitchen Sink RPC descriptor proof for package-backed plugin validation.

TUI/chat/Workboard/auto-reply: optimistic user messages stay stable across stale history reloads, runId reassignment, and abort windows instead of disappearing, jumping, or lingering as ghost rows; Workboard stale lifecycle bulk updates no longer overwrite newer status/provenance; message-tool sends now count as delivery. (#86205, #89600, #88592, #90123) Thanks @RomneyDa.

Cron/update/service env: doctor config preflight now migrates legacy cron JSON stores into SQLite before runtime reads, isolated agent turn payload messages preserve timeout context, service env planning skips unresolved placeholders that would mask state-dir .env values, and session transcript rewrites keep registry markers/discriminants consistent. (#90072, #90208, #91230, #90277, #90488) Thanks @MonkeyLeeT and @sallyom.

State/storage: Matrix sync and crypto sidecars, memory-wiki import/source-sync state, sandbox registry state, ACPX process state, device-pair notify state, Zalo hosted media, and plugin SDK dedupe state now use SQLite-owned storage instead of ad hoc runtime files. (#91100, #91108, #91056)

Security/config/tooling: guard MCP HTTP redirects, protect global agent config defaults, and keep release/test/tooling proof failures bounded and explicit. (#89732, #90145)

Channels: WhatsApp restarts when per-account config changes, bounds background startup waits, closes failed sockets, and preserves reconnect behavior; Mattermost slash commands keep their state on globalThis; Feishu streaming cards preserve full merged content; iMessage private-API failures and send timeouts explain themselves while split-send coalescing honors balloon metadata; voice-call tracks Twilio streams after connect; ClickClack reply tools respect toolsAllow; Discord runtime adapters stay resolvable; and outbound delivery retries survive budget deferrals. (#87951, #87965, #90486, #68113, #90534, #90181, #90607, #89500, #91041, #90858, #91119, #91241) Thanks @MukundaKatta, @mcaxtr, @infoanton, @mushuiyu886, and @sahibzada-allahyar.

Release/CI/E2E: main CI guard drift, PR merge diff scoping, live Docker credential staging, base-image qualification, installer Docker classification, Playwright dependency install recovery, API-key auth for Codex live Docker lanes, Parallels option terminators, and JSON-mode progress handling are tighter so release proof fails cleaner. (#90532, #90287, #90058) Thanks @RomneyDa, @hxy91819, and @mrunalp.

Release/CI/E2E: installed-package root dist verification now allows the current package's JavaScript file count while keeping dependency, per-file-size, and scan-bound checks active.

Release/CI/E2E: Chutes OAuth model-discovery proof now accepts standard Headers requests, and QR package install smoke caps Docker CPU requests to the hosted runner capacity so beta validation fails on real package regressions.

Release/CI/E2E: Matrix and Slack release validation fixtures now seed SQLite-backed session metadata, keeping channel proof aligned with the current session store.

Release/CI/E2E: Matrix exec approval and WhatsApp group activation release fixtures now seed SQLite-backed session metadata, and QA Lab capability-flip proof tolerates restart-aborted waits only after restored image media proof lands.

Release/CI/E2E: Discord native /think autocomplete release fixtures now seed SQLite-backed session overrides, keeping provider-specific reasoning choices aligned with the current session store.

Release/CI/E2E: Telegram native approval release fixtures now seed SQLite-backed session origin metadata, keeping plugin approval routing aligned with the current session store.

Release/CI/E2E: Memory Core dreaming release fixtures now seed SQLite-backed session metadata, keeping stale dreaming cleanup and session ingestion proof aligned with the current session store.

Release/CI/E2E: Docker E2E and live Docker harness runs now apply default memory, CPU, and process ceilings while preserving explicit per-lane overrides.

Release/CI/E2E: Docker E2E CPU limits now cap to the runner capacity, keeping package Telegram acceptance on hosted 8-vCPU runners focused on package regressions instead of impossible Docker resource requests.

Release/CI/E2E: task maintenance release checks now reset pinned config and one-time session migration state around isolated temp state dirs, keeping normal CI focused on the active session-store fixture instead of stale process snapshots.

Release/CI/E2E: plugin lifecycle matrix resource sampling now fails phases that exceed RSS, wall-clock, or CPU ceilings instead of only logging the measurements.

Release/CI/E2E: Codex npm plugin live assertions now cap transcript discovery and diagnostic log reads so failure proof stays bounded.

Release/CI/E2E: browser snapshot, release-scenario, release-user-journey, Telegram desktop/RTT/package, web-search, Parallels update, plugin update, doctor switch, and upgrade-survivor diagnostics now stream or bound log/artifact reads so failed proof stays inspectable without unbounded output.

Tests/state isolation: QA Lab valid-tool-call metrics now require runtime tool-call evidence when runtime parity data is available instead of counting tool-backed scenario pass status alone.

Tests/state isolation: QA Lab runtime parity now fails planned-only tool-call rows without matching tool results instead of treating matching mock plans as real tool evidence.

Tests/state isolation: QA Lab runtime parity now treats matching controlled tool errors as equivalent and falls back to transcript tool results when mock debug rows miss async image-generation starts.

Tests/state isolation: QA suites now fail closed on skipped summaries, missing runtime tool proof, planned-only rows, loose release limits, missing live/provider artifacts, failed agent reply markers, and package Telegram summary failures.

Tests/state isolation: provider, media, auth, cron, task, session, sandbox, Gateway, and Codex timeout fixtures now scope more home/state/env data per test, reducing cross-test leakage and making release validation failures less noisy. (#90027, #89974)

Release verification

npm package: https://www.npmjs.com/package/openclaw/v/2026.6.5-beta.5

registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.5-beta.5.tgz

integrity: sha512-xyh5/CLaxdm9Zh2VBnmS2wxYR6kcqIrMFXNTWklJbVHSmmkLy7HRH6Rnw0cm4pRUXOvh3WQUDJgOqQOjjxG6PQ==

full release CI report: https://github.com/openclaw/releases/blob/main/evidence/2026.6.5-beta.5/release-evidence.md

release publish: https://github.com/openclaw/openclaw/actions/runs/27171268701

npm preflight: https://github.com/openclaw/openclaw/actions/runs/27169704715

full release validation: https://github.com/openclaw/openclaw/actions/runs/27169706642

plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/27171395546

plugin ClawHub publish: https://github.com/openclaw/openclaw/actions/runs/27171399026

OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/27171782461

npm Telegram beta E2E: not supplied

Original source

2026.6.5

Highlights

QQBot now strips model reasoning/thinking scaffolding before native delivery, preventing raw <thinking> content from leaking into channel replies. (#89913, #90132) Thanks @openperf.

MCP tool results now coerce resource_link, resource, audio, malformed image, and future non-text/image blocks at the materialize boundary, preventing Anthropic 400s and poisoned session history after a tool returns richer MCP content. (#90710, #90728) Thanks @RanSHammer and @849261680.

Anthropic extended-thinking sessions recover after prompt-cache expiry or Gateway restart because stream start events wait for message_start, letting pre-generation signature errors trigger the existing recovery retry. (#90667, #90697) Thanks @openperf.

Parallel is now a bundled web_search provider with PARALLEL_API_KEY discovery, guarded endpoint handling, cache-safe session ids, onboarding picker support, and docs. (#85158) Thanks @NormallyGaussian.

Google Vertex ADC users get static catalog rows and runtime model resolution again, while single-provider cooldown recovery and memory adapter status checks are more reliable. (#90506, #90609, #90717, #90816) Thanks @849261680.

Matrix can preflight voice notes before mention gating, preserve thread reads/replies through Matrix relations pagination, and carry QA coverage for voice and thread flows. (#78016, #90415)

Auth and plugin install state is more durable: auth profiles now live in SQLite, official npm plugin install records keep their trusted pins, and prerelease fallback integrity checks avoid carrying stale integrity forward. (#89102, #88585)

Agent, tool, and provider loops are stricter around MCP lease timestamps, prompt-cache tool names, local tool catalogs, unreadable dynamic tools, owner-only HTTP tools, and provider catalog metadata, reducing hidden retries and unsafe exposure. (#91124, #91233, #90022, #90261)

macOS node mode no longer silently self-reconnects away from a healthy direct Gateway session, reducing unexpected companion app session churn. (#90668, #90815) Thanks @vrurg.

Upgrade and service paths are safer: cron legacy JSON stores migrate during doctor preflight, service env placeholders no longer mask state-dir secrets, WhatsApp startup waits are bounded, and disabled WhatsApp accounts tear down on config reload. (#90072, #90208, #90277, #90488, #90486, #87951, #87965) Thanks @MonkeyLeeT, @sallyom, @mcaxtr, and @MukundaKatta.

Changes

Search/providers: add the Parallel bundled web-search plugin, live provider tests, registration contracts, onboarding/docs wiring, and guarded api.parallel.ai/v1/search support. (#85158) Thanks @NormallyGaussian.

Matrix/channels: add voice-message preflight and thread-aware read/reply behavior, including Matrix QA scenario wiring and docs for voice-message behavior. (#78016, #90415)

Skills/ClawHub: install ClawHub skills backed by GitHub repositories through the resolved install API, download the pinned GitHub commit, keep install-policy checks, and report install telemetry after success. (#90478) Thanks @Patrick-Erichsen.

Google Chat/channels: add native approval card actions and click handling so Google Chat approvals use platform-native cards instead of generic message flow.

Mobile: Android provider/model screens now surface expiring, unavailable, unresolved, and attention states more clearly, Android adds theme mode selection, and iOS settings and Talk tabs keep diagnostics, gateway rows, attachment labels, fallback copy, and unavailable Talk controls reachable. (#90752, #91201)

Memory: QMD search can use the new rerank toggle, and memory adapter status uses the resolved default model identity when checking plain status. (#61834)

Docs/tooling: add Parallel search docs, refresh weather-skill guidance toward web_fetch, clarify legacy openai-codex auth, document release/test helper scripts, and tighten changed-test routing docs for CI/debugging work. (#90028, #90250) Thanks @fuller-stack-dev.

Release/process: switch release trains to YYYY.M.PATCH monthly patch numbering, keep pre-transition tags compatible, and pin the June 2026 floor at 2026.6.5 after the published beta.

Release metadata: align OpenClaw, publishable plugin manifests, generated shrinkwraps, app version metadata, iOS release notes, Matrix plugin changelog, and generated release baselines with the 2026.6.5 beta train.

Platform maintenance: refresh Android, Swift/macOS, Docker, CodeQL, Buildx, Docker build/push, and Codex Action dependencies for this release train. (#74980, #81757, #86481, #86483, #90601)

Fixes

Channel content boundaries: QQBot now strips reasoning/thinking tags before sending, preserving final answers while hiding internal model narration from users. (#89913, #90132) Thanks @openperf.

Agents/MCP/providers: coerce non-text/image MCP tool-result blocks before they reach provider converters, preserving valid images and turning richer MCP content into text instead of malformed image blocks. (#90710, #90728) Thanks @RanSHammer and @849261680.

Anthropic/Codex/ACP/agent recovery: defer Anthropic stream start events until message_start, strip stale compaction thinking signatures before Anthropic replay, detect unsigned thinking-only stalls, refresh prompt fences after compaction writes, reject empty completion handoffs, preserve parent streaming-off overrides/shared progress commentary, forward heartbeat metadata to context-engine hooks, and cover Codex session/thread migration edge cases. (#90667, #90697, #90163, #90108, #89874, #89505, #90632, #89302, #90729, #90317, #90319) Thanks @openperf, @100yenadmin, and @ooiuuii.

Agents/Codex/tools: MCP lease release no longer refreshes lastUsedAt, prompt-cache tool names are guarded, lean local tool catalogs stay compact, unreadable dynamic tools are quarantined, orphan tool errors still surface, native subagent completion results survive app-server monitoring, and background-session name derivation avoids regex backtracking risk. (#91124, #90612, #90022, #91235, #91233)

Provider/model resolution: preserve Google Vertex ADC auth markers in generated catalogs, re-probe a single-provider primary after cooldown, share Codex model visibility, fail closed for unknown model auth, preserve Codex alias availability, keep unresolved profile refs unknown, and avoid resolving auth while listing models. (#90506, #90609, #90717, #90702) Thanks @849261680.

Provider/model resolution: live provider model catalogs keep helper coverage, Ollama catalog metadata is preserved, Google provider prefixes are stripped from Gemini paths, Foundry Responses reasoning replay ids survive, MiniMax M3 thinking stays enabled, Vertex multi-region calls use the right regional host, and OpenRouter streamed generation cost is reconciled. (#91125)

Gateway/macOS/mobile: avoid duplicate Gateway probe warnings by identity, rate-limit node pairing requests while preserving paired-node reconnects, keep macOS node mode on a healthy direct Gateway session, keep iOS diagnostics and gateway rows reachable, and avoid Linux ARM Gradle resource tasks during Android builds. (#85791, #90147, #90668, #90815) Thanks @giodl73-repo and @vrurg.

Gateway/security/config: owner-only HTTP tools are gated, sandbox skills remain readable in writable sandboxes, legacy agent registry and Codex model metadata migrate safely, and stalled MCP response bodies time out instead of tying up Gateway workers. (#90261)

Plugins/Gateway: legacy flat Control UI descriptors from shipped JavaScript plugins now normalize name and missing surface fields into session descriptors, restoring Kitchen Sink RPC descriptor proof for package-backed plugin validation.

TUI/chat/Workboard/auto-reply: optimistic user messages stay stable across stale history reloads, runId reassignment, and abort windows instead of disappearing, jumping, or lingering as ghost rows; Workboard stale lifecycle bulk updates no longer overwrite newer status/provenance; message-tool sends now count as delivery. (#86205, #89600, #88592, #90123) Thanks @RomneyDa.

Cron/update/service env: doctor config preflight now migrates legacy cron JSON stores into SQLite before runtime reads, isolated agent turn payload messages preserve timeout context, service env planning skips unresolved placeholders that would mask state-dir .env values, and session transcript rewrites keep registry markers/discriminants consistent. (#90072, #90208, #91230, #90277, #90488) Thanks @MonkeyLeeT and @sallyom.

State/storage: Matrix sync and crypto sidecars, memory-wiki import/source-sync state, sandbox registry state, ACPX process state, device-pair notify state, Zalo hosted media, and plugin SDK dedupe state now use SQLite-owned storage instead of ad hoc runtime files. (#91100, #91108, #91056)

Security/config/tooling: guard MCP HTTP redirects, protect global agent config defaults, and keep release/test/tooling proof failures bounded and explicit. (#89732, #90145)

Channels: WhatsApp restarts when per-account config changes, bounds background startup waits, closes failed sockets, and preserves reconnect behavior; Mattermost slash commands keep their state on globalThis; Feishu streaming cards preserve full merged content; iMessage private-API failures and send timeouts explain themselves while split-send coalescing honors balloon metadata; voice-call tracks Twilio streams after connect; ClickClack reply tools respect toolsAllow; Discord runtime adapters stay resolvable; and outbound delivery retries survive budget deferrals. (#87951, #87965, #90486, #68113, #90534, #90181, #90607, #89500, #91041, #90858, #91119, #91241) Thanks @MukundaKatta, @mcaxtr, @infoanton, @mushuiyu886, and @sahibzada-allahyar.

Release/CI/E2E: main CI guard drift, PR merge diff scoping, live Docker credential staging, base-image qualification, installer Docker classification, Playwright dependency install recovery, API-key auth for Codex live Docker lanes, Parallels option terminators, and JSON-mode progress handling are tighter so release proof fails cleaner. (#90532, #90287, #90058) Thanks @RomneyDa, @hxy91819, and @mrunalp.

Release/CI/E2E: installed-package root dist verification now allows the current package's JavaScript file count while keeping dependency, per-file-size, and scan-bound checks active.

Release/CI/E2E: Chutes OAuth model-discovery proof now accepts standard Headers requests, and QR package install smoke caps Docker CPU requests to the hosted runner capacity so beta validation fails on real package regressions.

Release/CI/E2E: Matrix and Slack release validation fixtures now seed SQLite-backed session metadata, keeping channel proof aligned with the current session store.

Release/CI/E2E: Matrix exec approval and WhatsApp group activation release fixtures now seed SQLite-backed session metadata, and QA Lab capability-flip proof tolerates restart-aborted waits only after restored image media proof lands.

Release/CI/E2E: Discord native /think autocomplete release fixtures now seed SQLite-backed session overrides, keeping provider-specific reasoning choices aligned with the current session store.

Release/CI/E2E: Telegram native approval release fixtures now seed SQLite-backed session origin metadata, keeping plugin approval routing aligned with the current session store.

Release/CI/E2E: Memory Core dreaming release fixtures now seed SQLite-backed session metadata, keeping stale dreaming cleanup and session ingestion proof aligned with the current session store.

Release/CI/E2E: Docker E2E and live Docker harness runs now apply default memory, CPU, and process ceilings while preserving explicit per-lane overrides.

Release/CI/E2E: Docker E2E CPU limits now cap to the runner capacity, keeping package Telegram acceptance on hosted 8-vCPU runners focused on package regressions instead of impossible Docker resource requests.

Release/CI/E2E: task maintenance release checks now reset pinned config and one-time session migration state around isolated temp state dirs, keeping normal CI focused on the active session-store fixture instead of stale process snapshots.

Release/CI/E2E: plugin lifecycle matrix resource sampling now fails phases that exceed RSS, wall-clock, or CPU ceilings instead of only logging the measurements.

Release/CI/E2E: Codex npm plugin live assertions now cap transcript discovery and diagnostic log reads so failure proof stays bounded.

Release/CI/E2E: browser snapshot, release-scenario, release-user-journey, Telegram desktop/RTT/package, web-search, Parallels update, plugin update, doctor switch, and upgrade-survivor diagnostics now stream or bound log/artifact reads so failed proof stays inspectable without unbounded output.

Tests/state isolation: QA Lab valid-tool-call metrics now require runtime tool-call evidence when runtime parity data is available instead of counting tool-backed scenario pass status alone.

Tests/state isolation: QA Lab runtime parity now fails planned-only tool-call rows without matching tool results instead of treating matching mock plans as real tool evidence.

Tests/state isolation: QA Lab runtime parity now treats matching controlled tool errors as equivalent and falls back to transcript tool results when mock debug rows miss async image-generation starts.

Tests/state isolation: QA suites now fail closed on skipped summaries, missing runtime tool proof, planned-only rows, loose release limits, missing live/provider artifacts, failed agent reply markers, and package Telegram summary failures.

Tests/state isolation: provider, media, auth, cron, task, session, sandbox, Gateway, and Codex timeout fixtures now scope more home/state/env data per test, reducing cross-test leakage and making release validation failures less noisy. (#90027, #89974)

Release verification

npm package: [email protected] on dist-tag beta.

npm tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.5-beta.3.tgz

npm integrity: sha512-OUmv5kb3nEa9DZsnF4dVhwKlSApzr7KNgN+PCO7U5pbEQBlemAyLEgZDruiKmmoS6wlPjq73+PdD9i9c5zihOA==

npm preflight: https://github.com/openclaw/openclaw/actions/runs/27165128882

Docker release: https://github.com/openclaw/openclaw/actions/runs/27165128944

full release validation: https://github.com/openclaw/openclaw/actions/runs/27165128963

plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/27167497019

plugin ClawHub publish: https://github.com/openclaw/openclaw/actions/runs/27168216099

OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/27167084540

release publish wrapper recovery: https://github.com/openclaw/openclaw/actions/runs/27167309611 was cancelled after its rerun hit the already-published npm guard; release proof was completed from the successful beta.3 publish runs above.

postpublish verification: passed with OpenClaw npm, plugin npm, and ClawHub included; evidence assets are attached to this release.

Original source

2026.6.5

Highlights

QQBot now strips model reasoning/thinking scaffolding before native delivery, preventing raw <thinking> content from leaking into channel replies. (#89913, #90132) Thanks @openperf.

MCP tool results now coerce resource_link, resource, audio, malformed image, and future non-text/image blocks at the materialize boundary, preventing Anthropic 400s and poisoned session history after a tool returns richer MCP content. (#90710, #90728) Thanks @RanSHammer and @849261680.

Anthropic extended-thinking sessions recover after prompt-cache expiry or Gateway restart because stream start events wait for message_start, letting pre-generation signature errors trigger the existing recovery retry. (#90667, #90697) Thanks @openperf.

Parallel is now a bundled web_search provider with PARALLEL_API_KEY discovery, guarded endpoint handling, cache-safe session ids, onboarding picker support, and docs. (#85158) Thanks @NormallyGaussian.

Google Vertex ADC users get static catalog rows and runtime model resolution again, while single-provider cooldown recovery and memory adapter status checks are more reliable. (#90506, #90609, #90717, #90816) Thanks @849261680.

Matrix can preflight voice notes before mention gating, preserve thread reads/replies through Matrix relations pagination, and carry QA coverage for voice and thread flows. (#78016, #90415)

Auth and plugin install state is more durable: auth profiles now live in SQLite, official npm plugin install records keep their trusted pins, and prerelease fallback integrity checks avoid carrying stale integrity forward. (#89102, #88585)

macOS node mode no longer silently self-reconnects away from a healthy direct Gateway session, reducing unexpected companion app session churn. (#90668, #90815) Thanks @vrurg.

Upgrade and service paths are safer: cron legacy JSON stores migrate during doctor preflight, service env placeholders no longer mask state-dir secrets, WhatsApp startup waits are bounded, and disabled WhatsApp accounts tear down on config reload. (#90072, #90208, #90277, #90488, #90486, #87951, #87965) Thanks @MonkeyLeeT, @sallyom, @mcaxtr, and @MukundaKatta.

Changes

Search/providers: add the Parallel bundled web-search plugin, live provider tests, registration contracts, onboarding/docs wiring, and guarded api.parallel.ai/v1/search support. (#85158) Thanks @NormallyGaussian.

Matrix/channels: add voice-message preflight and thread-aware read/reply behavior, including Matrix QA scenario wiring and docs for voice-message behavior. (#78016, #90415)

Skills/ClawHub: install ClawHub skills backed by GitHub repositories through the resolved install API, download the pinned GitHub commit, keep install-policy checks, and report install telemetry after success. (#90478) Thanks @Patrick-Erichsen.

Google Chat/channels: add native approval card actions and click handling so Google Chat approvals use platform-native cards instead of generic message flow.

Mobile: Android provider/model screens now surface expiring, unavailable, unresolved, and attention states more clearly, while iOS settings and Talk tabs keep diagnostics, gateway rows, attachment labels, and unavailable Talk controls reachable.

Memory: QMD search can use the new rerank toggle, and memory adapter status uses the resolved default model identity when checking plain status. (#61834)

Docs/tooling: add Parallel search docs, refresh weather-skill guidance toward web_fetch, clarify legacy openai-codex auth, document release/test helper scripts, and tighten changed-test routing docs for CI/debugging work. (#90028, #90250) Thanks @fuller-stack-dev.

Platform maintenance: refresh Android, Swift/macOS, Docker, CodeQL, Buildx, Docker build/push, and Codex Action dependencies for this release train. (#74980, #81757, #86481, #86483, #90601)

Fixes

Channel content boundaries: QQBot now strips reasoning/thinking tags before sending, preserving final answers while hiding internal model narration from users. (#89913, #90132) Thanks @openperf.

Agents/MCP/providers: coerce non-text/image MCP tool-result blocks before they reach provider converters, preserving valid images and turning richer MCP content into text instead of malformed image blocks. (#90710, #90728) Thanks @RanSHammer and @849261680.

Anthropic/Codex/ACP/agent recovery: defer Anthropic stream start events until message_start, strip stale compaction thinking signatures before Anthropic replay, detect unsigned thinking-only stalls, refresh prompt fences after compaction writes, reject empty completion handoffs, preserve parent streaming-off overrides/shared progress commentary, forward heartbeat metadata to context-engine hooks, and cover Codex session/thread migration edge cases. (#90667, #90697, #90163, #90108, #89874, #89505, #90632, #89302, #90729, #90317, #90319) Thanks @openperf, @100yenadmin, and @ooiuuii.

Provider/model resolution: preserve Google Vertex ADC auth markers in generated catalogs, re-probe a single-provider primary after cooldown, share Codex model visibility, fail closed for unknown model auth, preserve Codex alias availability, keep unresolved profile refs unknown, and avoid resolving auth while listing models. (#90506, #90609, #90717, #90702) Thanks @849261680.

Gateway/macOS/mobile: avoid duplicate Gateway probe warnings by identity, rate-limit node pairing requests while preserving paired-node reconnects, keep macOS node mode on a healthy direct Gateway session, keep iOS diagnostics and gateway rows reachable, and avoid Linux ARM Gradle resource tasks during Android builds. (#85791, #90147, #90668, #90815) Thanks @giodl73-repo and @vrurg.

TUI/chat/Workboard/auto-reply: optimistic user messages stay stable across stale history reloads, runId reassignment, and abort windows instead of disappearing, jumping, or lingering as ghost rows; Workboard stale lifecycle bulk updates no longer overwrite newer status/provenance; message-tool sends now count as delivery. (#86205, #89600, #88592, #90123) Thanks @RomneyDa.

Cron/update/service env: doctor config preflight now migrates legacy cron JSON stores into SQLite before runtime reads, service env planning skips unresolved placeholders that would mask state-dir .env values, and session transcript rewrites keep registry markers/discriminants consistent. (#90072, #90208, #90277, #90488) Thanks @MonkeyLeeT and @sallyom.

Security/config/tooling: guard MCP HTTP redirects, protect global agent config defaults, and keep release/test/tooling proof failures bounded and explicit. (#89732, #90145)

Channels: WhatsApp restarts when per-account config changes, bounds background startup waits, closes failed sockets, and preserves reconnect behavior; Mattermost slash commands keep their state on globalThis; Feishu streaming cards preserve full merged content; voice-call tracks Twilio streams after connect; ClickClack reply tools respect toolsAllow. (#87951, #87965, #90486, #68113, #90534, #90181, #90607, #89500) Thanks @MukundaKatta, @mcaxtr, @infoanton, @mushuiyu886, and @sahibzada-allahyar.

Release/CI/E2E: main CI guard drift, PR merge diff scoping, live Docker credential staging, base-image qualification, installer Docker classification, Playwright dependency install recovery, API-key auth for Codex live Docker lanes, Parallels option terminators, and JSON-mode progress handling are tighter so release proof fails cleaner. (#90532, #90287, #90058) Thanks @RomneyDa, @hxy91819, and @mrunalp.

Tests/state isolation: provider, media, auth, cron, task, session, sandbox, Gateway, and Codex timeout fixtures now scope more home/state/env data per test, reducing cross-test leakage and making release validation failures less noisy. (#90027, #89974)

Release verification

npm package: https://www.npmjs.com/package/openclaw/v/2026.6.5-beta.1

registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.5-beta.1.tgz

integrity: sha512-NIQkOJbBELJhfO7G4OUapoUqPX9KaOOCQirTSVudDRXiP4BlgKNOH6VxfXY9xl+v0bLszkpkNQgKiX+f/grxpw==

GitHub release target: e386e60025d992ff21f73b4dae68a58a0e8ca79e

npm preflight: https://github.com/openclaw/openclaw/actions/runs/27051518776

full release validation: https://github.com/openclaw/openclaw/actions/runs/27051518826

standalone performance: https://github.com/openclaw/openclaw/actions/runs/27051518773

plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/27057329829

OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/27057520224

release publish parent: https://github.com/openclaw/openclaw/actions/runs/27057243331 (npm and plugin npm published; parent timed out before ClawHub approval/proof append)

plugin ClawHub publish: https://github.com/openclaw/openclaw/actions/runs/27058679788

npm postpublish verifier: node --import tsx scripts/openclaw-npm-postpublish-verify.ts 2026.6.5-beta.1 passed

published package smoke: npm exec --yes --package [email protected] -- openclaw --version returned OpenClaw 2026.6.5-beta.1 (e386e60); openclaw plugins --help loaded

plugin registry check: 34 publishable plugin packages resolved at 2026.6.5-beta.1

ClawHub live install proof: openclaw plugins install clawhub:@openclaw/[email protected] --pin installed matrix

dependency evidence asset: openclaw-2026.6.5-beta.1-dependency-evidence.zip

macOS app preflight: https://github.com/openclaw/releases/actions/runs/27057695610

macOS app validation: https://github.com/openclaw/releases/actions/runs/27058583792

macOS app publish: https://github.com/openclaw/releases/actions/runs/27058730659

macOS release assets: OpenClaw-2026.6.5-beta.1.zip, OpenClaw-2026.6.5-beta.1.dmg, and OpenClaw-2026.6.5-beta.1.dSYM.zip uploaded; stable appcast.xml unchanged

Parallels install/update validation: blocked locally because provider keys are not available to this shell; 1Password CLI has configured accounts but is not signed in

npm Telegram beta E2E: not supplied

Original source

Highlights

QQBot now strips model reasoning/thinking scaffolding before native delivery, preventing raw <thinking> content from leaking into channel replies. (#89913, #90132) Thanks @openperf.

MCP tool results now coerce resource_link, resource, audio, malformed image, and future non-text/image blocks at the materialize boundary, preventing Anthropic 400s and poisoned session history after a tool returns richer MCP content. (#90710, #90728) Thanks @RanSHammer and @849261680.

Anthropic extended-thinking sessions recover after prompt-cache expiry or Gateway restart because stream start events wait for message_start, letting pre-generation signature errors trigger the existing recovery retry. (#90667, #90697) Thanks @openperf.

Parallel is now a bundled web_search provider with PARALLEL_API_KEY discovery, guarded endpoint handling, cache-safe session ids, onboarding picker support, and docs. (#85158) Thanks @NormallyGaussian.

Google Vertex ADC users get static catalog rows and runtime model resolution again, while single-provider cooldown recovery and memory adapter status checks are more reliable. (#90506, #90609, #90717, #90816) Thanks @849261680.

Matrix can preflight voice notes before mention gating, preserve thread reads/replies through Matrix relations pagination, and carry QA coverage for voice and thread flows. (#78016, #90415)

Auth and plugin install state is more durable: auth profiles now live in SQLite, official npm plugin install records keep their trusted pins, and prerelease fallback integrity checks avoid carrying stale integrity forward. (#89102, #88585)

macOS node mode no longer silently self-reconnects away from a healthy direct Gateway session, reducing unexpected companion app session churn. (#90668, #90815) Thanks @vrurg.

Upgrade and service paths are safer: cron legacy JSON stores migrate during doctor preflight, service env placeholders no longer mask state-dir secrets, WhatsApp startup waits are bounded, and disabled WhatsApp accounts tear down on config reload. (#90072, #90208, #90277, #90488, #90486, #87951, #87965) Thanks @MonkeyLeeT, @sallyom, @mcaxtr, and @MukundaKatta.

Changes

Search/providers: add the Parallel bundled web-search plugin, live provider tests, registration contracts, onboarding/docs wiring, and guarded api.parallel.ai/v1/search support. (#85158) Thanks @NormallyGaussian.

Matrix/channels: add voice-message preflight and thread-aware read/reply behavior, including Matrix QA scenario wiring and docs for voice-message behavior. (#78016, #90415)

Skills/ClawHub: install ClawHub skills backed by GitHub repositories through the resolved install API, download the pinned GitHub commit, keep install-policy checks, and report install telemetry after success. (#90478) Thanks @Patrick-Erichsen.

Google Chat/channels: add native approval card actions and click handling so Google Chat approvals use platform-native cards instead of generic message flow.

Mobile: Android provider/model screens now surface expiring, unavailable, unresolved, and attention states more clearly, while iOS settings and Talk tabs keep diagnostics, gateway rows, attachment labels, and unavailable Talk controls reachable.

Memory: QMD search can use the new rerank toggle, and memory adapter status uses the resolved default model identity when checking plain status. (#61834)

Docs/tooling: add Parallel search docs, refresh weather-skill guidance toward web_fetch, clarify legacy openai-codex auth, document release/test helper scripts, and tighten changed-test routing docs for CI/debugging work. (#90028, #90250) Thanks @fuller-stack-dev.

Release/process: switch release trains to YYYY.M.PATCH monthly patch numbering, keep pre-transition tags compatible, and pin the June 2026 floor at 2026.6.5 after the published beta.

Platform maintenance: refresh Android, Swift/macOS, Docker, CodeQL, Buildx, Docker build/push, and Codex Action dependencies for this release train. (#74980, #81757, #86481, #86483, #90601)

Fixes

Channel content boundaries: QQBot now strips reasoning/thinking tags before sending, preserving final answers while hiding internal model narration from users. (#89913, #90132) Thanks @openperf.

Agents/MCP/providers: coerce non-text/image MCP tool-result blocks before they reach provider converters, preserving valid images and turning richer MCP content into text instead of malformed image blocks. (#90710, #90728) Thanks @RanSHammer and @849261680.

Anthropic/Codex/ACP/agent recovery: defer Anthropic stream start events until message_start, strip stale compaction thinking signatures before Anthropic replay, detect unsigned thinking-only stalls, refresh prompt fences after compaction writes, reject empty completion handoffs, preserve parent streaming-off overrides/shared progress commentary, forward heartbeat metadata to context-engine hooks, and cover Codex session/thread migration edge cases. (#90667, #90697, #90163, #90108, #89874, #89505, #90632, #89302, #90729, #90317, #90319) Thanks @openperf, @100yenadmin, and @ooiuuii.

Provider/model resolution: preserve Google Vertex ADC auth markers in generated catalogs, re-probe a single-provider primary after cooldown, share Codex model visibility, fail closed for unknown model auth, preserve Codex alias availability, keep unresolved profile refs unknown, and avoid resolving auth while listing models. (#90506, #90609, #90717, #90702) Thanks @849261680.

Gateway/macOS/mobile: avoid duplicate Gateway probe warnings by identity, rate-limit node pairing requests while preserving paired-node reconnects, keep macOS node mode on a healthy direct Gateway session, keep iOS diagnostics and gateway rows reachable, and avoid Linux ARM Gradle resource tasks during Android builds. (#85791, #90147, #90668, #90815) Thanks @giodl73-repo and @vrurg.

TUI/chat/Workboard/auto-reply: optimistic user messages stay stable across stale history reloads, runId reassignment, and abort windows instead of disappearing, jumping, or lingering as ghost rows; Workboard stale lifecycle bulk updates no longer overwrite newer status/provenance; message-tool sends now count as delivery. (#86205, #89600, #88592, #90123) Thanks @RomneyDa.

Cron/update/service env: doctor config preflight now migrates legacy cron JSON stores into SQLite before runtime reads, service env planning skips unresolved placeholders that would mask state-dir .env values, and session transcript rewrites keep registry markers/discriminants consistent. (#90072, #90208, #90277, #90488) Thanks @MonkeyLeeT and @sallyom.

Security/config/tooling: guard MCP HTTP redirects, protect global agent config defaults, and keep release/test/tooling proof failures bounded and explicit. (#89732, #90145)

Channels: WhatsApp restarts when per-account config changes, bounds background startup waits, closes failed sockets, and preserves reconnect behavior; Mattermost slash commands keep their state on globalThis; Feishu streaming cards preserve full merged content; voice-call tracks Twilio streams after connect; ClickClack reply tools respect toolsAllow. (#87951, #87965, #90486, #68113, #90534, #90181, #90607, #89500) Thanks @MukundaKatta, @mcaxtr, @infoanton, @mushuiyu886, and @sahibzada-allahyar.

Release/CI/E2E: main CI guard drift, PR merge diff scoping, live Docker credential staging, base-image qualification, installer Docker classification, Playwright dependency install recovery, API-key auth for Codex live Docker lanes, Parallels option terminators, and JSON-mode progress handling are tighter so release proof fails cleaner. (#90532, #90287, #90058) Thanks @RomneyDa, @hxy91819, and @mrunalp.

Tests/state isolation: provider, media, auth, cron, task, session, sandbox, Gateway, and Codex timeout fixtures now scope more home/state/env data per test, reducing cross-test leakage and making release validation failures less noisy. (#90027, #89974)

Release verification

npm package: https://www.npmjs.com/package/openclaw/v/2026.6.5-beta.2

registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.5-beta.2.tgz

integrity: sha512-6Bmx2rlReO1MOEi9ehuhsVO59keQ1xQQ8/PvwbNq0CatJkNwyCX/MBlhWrscByYAmBl6JCOSr+cLejoDk1sDBA==

full release CI report: https://github.com/openclaw/releases/blob/main/evidence/2026.6.5-beta.2/release-evidence.md

release publish: https://github.com/openclaw/openclaw/actions/runs/27077488131

npm preflight: https://github.com/openclaw/openclaw/actions/runs/27076839788

full release validation: https://github.com/openclaw/openclaw/actions/runs/27076840299

plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/27077565695

plugin ClawHub publish: dispatched separately, not awaited by this proof: https://github.com/openclaw/openclaw/actions/runs/27077567167

OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/27077747897

npm Telegram beta E2E: not supplied

Original source

2026.6.2

Highlights

Plugin and skill installs now use an operator install policy instead of the old dangerous-code scanner path, with clearer doctor, CLI, ClawHub, and troubleshooting surfaces for package, archive, source, upload, and marketplace installs. (#89516) Thanks @joshavant.

Telegram, Feishu, Discord, WhatsApp, and outbound delivery paths got safer around duplicate transcript mirrors, Telegram admin writeback, streamed-final previews, approval allowlists, setup runtime state, poll modifiers, Discord voice errors, and internal progress traces. (#88973, #89626, #89812, #89035, #89814, #89813, #89601) Thanks @pgondhi987, @Petru2224, @zhangguiping-xydt, @codezz, and @Takhoffman.

Chat, Control UI, Skill Workshop, Workboard, Android companion shell, and WebChat flows now preserve visible streaming text, reconcile completed sends, expose ACK timing, add Workboard keyboard movement, harden dialog accessibility, lazy-load usage views, keep current chat toggles working, and improve Android companion-first shell navigation. (#89801, #89777, #89802) Thanks @vincentkoc.

Security, policy, and config recovery now reject corrupt shell snapshots, unsupported policy keys, unsafe exec approval precheck environments, malformed script limits, and suspicious gateway startup configs while adding data-handling conformance checks. (#89701, #87074, #81488, #87056, #89480) Thanks @RomneyDa, @giodl73-repo, and @mmaps.

Gateway, agent, Codex, provider, model, and memory paths now recover session write-lock release failures, abandoned Codex app-server startups, stream-to-parent ACP spawns, custom-provider runtime fanout, bundled provider aliases, prompt-cache boundaries, Gemini stop sequences, Kimi cache markers, and watcher pressure warnings. (#89811, #89244) Thanks @RomneyDa and @Takhoffman.

Release, CI, Docker, Crabbox/Testbox, package, and E2E validation lanes now bound more network calls, malformed numeric limits, process groups, cleanup leaks, package hydration paths, Windows installer publishing, release asset verification, and log drains so failures produce bounded proof instead of hanging.

Changes

Plugins/security: replace dangerous-code scanner enforcement with operator install policy, install-policy context, doctor checks, install/update CLI wiring, ClawHub metadata paths, and package/archive/source/upload lifecycle coverage. (#89516) Thanks @joshavant.

Policy: add data-handling conformance checks and reject unsupported policy keys. (#87056, #87074) Thanks @giodl73-repo.

Telegram/channels: show commentary and reasoning in progress drafts, share progress draft compositors across channel plugins, and keep Telegram polling stop/reset boundaries cheaper and more reliable.

UI/mobile: add Workboard keyboard movement controls, tighten Workboard card operations, improve Android companion-first shell UX, and document chat ACK timing metadata. (#89802) Thanks @vincentkoc.

Release metadata: align the root package, publishable plugin manifests, generated shrinkwraps, appcast, iOS, Android, macOS, Matrix plugin changelog, and docs/generated baselines with the 2026.6.2 beta train.

Release/packaging: promote Windows node installer publishing, require verified Windows release asset links, and document GitHub release-note edits.

Docs: refresh Windows Hub setup guidance and document Gateway, CLI, and plugin SDK helper contracts.

Fixes

Channels/outbound: keep channel sends durable when transcript mirroring fails, stop schema-padded poll modifiers from blocking normal sends, preserve WebChat sessions_send handoffs, preserve Discord channel-label suppression while hiding internal agent failure traces, match Discord libopus error shapes, and sanitize Discord tool progress scaffolding. (#89626, #89812, #89601) Thanks @Petru2224, @codezz, and @Takhoffman.

Telegram/Feishu: require admin rights for Telegram target writeback, keep Telegram DM exec approval allowlists working with ask:off, prevent Telegram preview duplication across streaming modes, isolate verbose status after streamed finals, cancel clean restart stop timers, slow polling restart storms, and wire Feishu setup runtime setters. (#88973, #89035, #89813, #89814) Thanks @pgondhi987, @zhangguiping-xydt, and @Takhoffman.

Chat/UI/Gateway: preserve visible chat stream text, clear stale stream buffers before terminal commits, reconcile completed sends, scroll pending sends into view, harden Workboard dialog accessibility, stabilize WebChat prompt-cache affinity, overlap chat catalog startup, render chat history incrementally, lazy-load usage dashboard, and report gateway health auth diagnostics. (#89337) Thanks @RomneyDa.

Agents/Codex/providers/models: release session write locks when prompt-release fence reads fail, retire abandoned Codex app-server startups, keep stream-to-parent ACP spawns registered, close Codex startup clients on timeout, recover bundled provider aliases, avoid custom-provider runtime fanout, preserve provider prompt-cache boundaries, forward Gemini stop sequences, and strip Kimi-incompatible Anthropic cache markers. (#89811) Thanks @Takhoffman.

Memory/build/update: warn after startup watcher pressure checks, externalize optional Baileys image backends, restore and pin Canvas A2UI compatibility assets, keep plugin repair fetch failures nonblocking, restore Skill Workshop view switching, and keep the current chat toggle active after awaited session switches. (#89244) Thanks @RomneyDa.

Security/config/tooling: reject corrupt shell snapshots, suspicious gateway startup configs, malformed release/test/tooling/Docker/perf numeric limits, oversized audit responses, unsafe exec precheck env, and invalid pending-agent SQLite scaffold denials. (#89701, #89705, #89480, #81488) Thanks @RomneyDa and @mmaps.

Release/CI/E2E: restore package changelog extraction after the post-2026.6.1 version bump, keep hydrated pnpm modules under node_modules for ARM/Linux package lifecycle scripts, keep OpenAI live-cache prerequisites advisory while Anthropic prerequisites stay blocking, retry Windows Parallels background log appends on transient file-lock errors, bound candidate GitHub and cross-OS Discord fetches, harden ARM smoke/browser checks, show Docker build heartbeats, reset Crabbox pnpm hydrate state, and isolate Testbox/Docker/release journey artifacts.

Release verification

npm package: https://www.npmjs.com/package/openclaw/v/2026.6.2-beta.1

registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.2-beta.1.tgz

integrity: sha512-0lugviNlRNrTTK3Az+aJ/1f9bu7lo1WHwqHO2lkW4GJIV5LT58XhpoXXL3TKzosqJjAjvW4JXJstrK6nhZwpHg==

full release validation: https://github.com/openclaw/openclaw/actions/runs/26918960809

npm preflight: https://github.com/openclaw/openclaw/actions/runs/26918964585

release publish: https://github.com/openclaw/openclaw/actions/runs/26920144100

release checks: https://github.com/openclaw/openclaw/actions/runs/26919202085

CI: https://github.com/openclaw/openclaw/actions/runs/26919201946

plugin prerelease validation: https://github.com/openclaw/openclaw/actions/runs/26919202959

performance: https://github.com/openclaw/openclaw/actions/runs/26918932463

plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/26920331316

plugin ClawHub publish: https://github.com/openclaw/openclaw/actions/runs/26920332148 (workflow ended with pixverse already-published race; all expected ClawHub versions verified live)

published package smoke: node --import tsx scripts/openclaw-npm-postpublish-verify.ts 2026.6.2-beta.1 passed

npm Telegram beta E2E: https://github.com/openclaw/openclaw/actions/runs/26921311123

Original source

Highlights

Agents and CLI-backed runtimes recover more cleanly from interrupted tool calls, stale session bindings, compaction handoffs, and media delivery retries. (#88129, #88136, #88141, #88162, #88182)

Channels and mobile delivery are steadier across Telegram, WhatsApp, iMessage, Slack, Discord, Microsoft Teams, Google Chat, Google Meet, and iOS realtime Talk. (#88096, #88105, #88183, #88231)

Provider and plugin requests now bound more timers, retries, OAuth/device-code lifetimes, media downloads, local service probes, and generated-content polling paths before they can hang a run.

Skills, session metadata, gateway runtime state, plugin metadata, memory watchers, and store writes do less repeated work on hot paths while keeping config, dispatch, and Linux file-watch behavior stable. (#89185, #89188, #85351) Thanks @RomneyDa and @NianJiuZst.

Skills and plugin loading now handle stale disabled snapshots and loader failures more clearly, so channel turns avoid disabled SecretRefs and operators get better recovery guidance. (#79072, #79173) Thanks @zeus1959.

Workboard, SecretRef plugin manifests, hosted iOS push relay, and external Copilot/Tokenjuice packaging add broader orchestration, integration, and plugin delivery surfaces. (#82326, #87469, #87796, #88107, #88117)

Skill Workshop now has a fuller Control UI flow with proposal lists, today actions, revision handoff, searchable file previews, review states, locale coverage, and reusable session routing.

Chat and Control UI startup paths keep sends alive through history loading, stream deltas incrementally, skip markdown work while streaming, keep drafts local while typing, clear the composer after sends, trace first-output latency, prioritize first connect, and expose calmer composer controls. (#88772, #88825, #88998, #89030, #89106) Thanks @vincentkoc and @sallyom.

Provider coverage and model metadata now include MiniMax M3, account OAuth endpoints, Google/Vertex catalog fixes, OpenRouter SQLite model caching, Copilot Claude 1M capabilities, Foundry reasoning alignment, and OpenAI response replay guards. (#88480, #88512, #88851, #88860)

iMessage monitor state, inbound queues, and plugin install ledgers moved toward SQLite-backed state so restarts and local monitors recover with less duplicate filesystem scanning. (#88794, #88797)

Release, CI, Docker, E2E, plugin install, and diagnostics lanes now cap more logs, response bodies, readiness probes, artifact checks, status polling, child workflow waits, docker package cleanup, quiet test stalls, and rollback snapshots so failures report bounded proof instead of stalling. (#88966) Thanks @RomneyDa.

Changes

Docs: add a dedicated Skill Workshop guide covering governed skill creation, reviewable proposals, CLI, Gateway, agent tool behavior, approval policy, support files, and recovery, and refresh the ClawHub showcase cards. (#88734) Thanks @shakkernerd and @vyctorbrzezowski.

Skills: let the skill_workshop agent tool apply, reject, and quarantine explicit proposals through the guarded review flow. Thanks @shakkernerd.

Skills: let proposals carry approved support files under standard skill folders, with scanner, hash, and rollback safeguards. Thanks @shakkernerd.

Skills: let pending proposals be revised in place with versioned, dated proposal frontmatter before approval. Thanks @shakkernerd.

Skills: add Skill Workshop with pending proposals, CLI/Gateway review actions, rollback metadata, and the skill_workshop agent tool. Thanks @shakkernerd.

Skill Workshop: add the Control UI navigation, styled dashboard, proposal today view, revision dialog, file preview modal, searchable preview files, reusable session handoff, and localized strings.

Plugins: externalize Tokenjuice as the official @openclaw/tokenjuice plugin with npm and ClawHub publish metadata.

Plugins: externalize the GitHub Copilot agent runtime as the official @openclaw/copilot plugin with npm and ClawHub publish metadata.

iOS: add hosted push relay defaults, realtime Talk playback, and a guarded WebSocket ping path for more reliable mobile sessions. (#88096, #88105, #88231)

iOS: support native iPad display layouts.

Workboard: add orchestration primitives and agent coordination tools for multi-agent planning and run tracking. (#87469)

Workboard: wire task-backed board runs and show task comments in the edit modal.

Code mode: add internal namespaces for scoped agent/global sessions and exact namespace tool dispatch. (#88043)

Code mode: add MCP API files and docs for code-mode integrations.

Control UI: add a Dreaming-tab agent selector and propagate the selected agent through Dreaming status, diary, and diary actions. (#78748) Thanks @stevenepalmer.

Control UI: add calmer chat composer controls, local draft typing state, and first-output latency instrumentation for active chat entry. (#88772, #88998) Thanks @vincentkoc.

Plugins: add a SecretRef provider integration manifest contract and extract shared LLM core packages for provider/plugin reuse. (#82326, #88117)

Plugins: persist the plugin install index in SQLite so installed package lookup survives reloads with less filesystem scanning. (#88794)

Providers: add MiniMax M3 model support. (#88860)

Doctor: add disk space health checks and stabilize post-upgrade JSON probes.

Channels: store inbound queues in SQLite and migrate iMessage monitor state to SQLite-backed tracking. (#88797)

Skills: add the core skills index and centralize skills runtime loading, status, filtering, and prompt formatting.

Fixes

Release/CI/E2E: fail early when Crabbox sparse-sync full checkouts do not have enough local disk, with guidance for moving the sync root.

Build: render independent CLI startup metadata help snapshots concurrently to cut cold build-all metadata time.

Plugins: stop timed-out package-boundary prep steps by process group so descendant TypeScript/helper processes do not survive local check cleanup.

Control UI: serve static assets asynchronously after safe-open checks so large UI files do not block Gateway request handling.

Scripts/UI: forward direct wrapper SIGHUP shutdown to child processes so terminal hangups do not leave wrapped dev commands running.

Gateway: return the post-expiration pending-work revision from node drains so reconnecting nodes do not observe stale queue revisions after expired items are pruned.

Release/CI/E2E: keep temporary full-sync checkouts alive while slow Crabbox leases boot, so sparse worktree runs do not lose their sync source before file-list generation.

Release/CI/E2E: normalize inherited Linux C.UTF-8 locale settings before raw AWS macOS Crabbox bootstrap commands, avoiding macOS locale warnings during package-manager hydration.

Release/CI/E2E: keep gateway watch regression checks from copying large static plugin assets inside the measured idle window.

Update: keep core updates nonblocking when a missing external plugin repair download stalls, while still blocking installed active plugin payload smoke failures.

Agents/providers: keep streaming tool-call argument parsing record-shaped when providers emit valid non-object JSON such as null or arrays.

Release/CI/E2E: reset incremental log readers when watched log files rotate without shrinking, so same-size replacements do not hide new readiness or RPC lines.

Talk: preserve explicit null payloads on controller-created turn and output-audio lifecycle events.

Agents/TUI: keep local custom provider runs from loading plugin runtime and auth alias metadata when plugins are disabled.

Agents/TUI: restore in-flight TUI run switch-back behavior, keep no-policy native hook fallback available, guard vanished workspaces, and keep lightweight isolated subagents lightweight.

Agents/media: keep async image, music, and video generation starts from ending the Codex turn, so mixed requests can continue with summaries or other work while media renders in the background.

Agents/Codex: keep public OpenAI API-key profiles from being treated as native Codex app-server auth while preserving persisted Codex OAuth sessions.

Agents/Codex: stream Codex app-server final-answer partials to live reply previews, preserve ACP metadata in SQLite, prefer real tool results over synthetic repair output, prevent aborted app-server turn handles from lingering, migrate legacy OpenAI Codex lastGood auth state, and preserve workspace/session metadata through ACP runtime refactors. (#88405, #88724, #88730) Thanks @vincentkoc.

Control UI: keep collapsed tool cards labeled with the tool name and action instead of generic output text. Thanks @shakkernerd.

Agents/Codex: surface Skill Workshop guidance in Codex app-server prompts when skill_workshop is available. Thanks @shakkernerd.

Skill Workshop: restore and localize the Control UI board/today view switcher so review workflows keep their intended layout toggle across locales. Thanks @shakkernerd.

Agents/auth: write auth profiles atomically, dispatch auth failures by type, add force re-login recovery, preserve workspaces during state-only uninstall, and compact before oversized turns so recovery paths avoid partial state. (#89181) Thanks @RomneyDa.

Skills: skip disabled skill env overrides from stale persisted snapshots so disabled skill apiKey SecretRefs cannot abort embedded or channel turns. (#79072, #79173) Thanks @zeus1959.

Skill Workshop: render the Control UI tab from filtered navigation state and keep filtered fallback routing stable.

CLI: avoid live catalog validation during openclaw agents add, so adding a secondary agent no longer depends on provider catalog availability. (#76284, #88314) Thanks @zhangguiping-xydt.

CLI: keep plugins list --json on the snapshot-only path so plugin sweeps avoid loading the full runtime status graph.

CLI/desktop: bridge WSL clipboard operations through the shell, recognize manual-update launchd jobs, and keep machine-readable startup output parseable during progress setup. (#88764, #88689) Thanks @alexzhu0.

Plugins: make PixVerse external-plugin ClawHub metadata explicit and keep it out of bundled dist builds.

Plugins: clarify plugin loader failure guidance so missing or incompatible plugin packages point operators at the right repair path.

Plugins: preserve npm plugin roots after blocked installs, skip plugin-local openclaw peer symlinks during rollback snapshots, relink those peers after restore, isolate cached tool runtime siblings, and isolate web-provider factory failures so one bad plugin does not poison sibling runtime paths. (#77237, #88807)

Cron: keep SQLite cron migrations compatible with legacy run-log tables, archived job stores, diagnostic cron names, and legacy one-shot delete-after-run behavior. (#88285)

Cron: keep update delivery validation scoped, harden restart state, and retire MCP runtimes on isolated cron cleanup.

Memory: serialize QMD update/embed writes per store, reduce Linux watcher fan-out, retry transient FileProvider-backed reads, preserve phase signals on read errors, harden envelope metadata sanitization, reattach Linux native watchers when directories are recreated, and rewrite generated transcript paths on rollover so memory/search state survives concurrent gateway and CLI activity. (#66339, #85931, #89185, #89188, #85351) Thanks @openperf, @amittell, @RomneyDa, and @NianJiuZst.

Memory: keep vector-disabled FTS indexes from resolving embedding providers during sync and search.

Providers: bound generated media downloads from OpenAI, Runway, xAI, MiniMax, BytePlus, DashScope-compatible, FAL, OpenRouter, Google, Vydra, and Comfy providers.

Providers: resolve Google defaults to google-generative-ai, register Vertex static catalog rows, align Foundry reasoning metadata, skip DeepSeek V4 thinking params on Foundry fallback, use MiniMax account OAuth endpoints, preserve Copilot Claude 1M capabilities, suppress disabled Ollama reasoning output, forward Gemini stop sequences, strip Kimi-incompatible Anthropic cache markers, keep OpenAI stop-finished tool calls, and avoid replay ids when the Responses store is disabled. (#88480, #88512, #76612) Thanks @coder999999999, @BryanTegomoh, and @vliuyt.

Providers: cap GitHub Copilot OAuth request timeouts before creating abort signals.

Cron: retry recurring jobs after transient model rate limits before waiting for the next scheduled slot.

Agents/Codex: keep live session locks during cleanup, recover interrupted CLI tool transcripts, preserve Codex auth and compaction session identity, clear orphan tool state, cap app-server idle timers, and keep media completion delivery retryable. (#88129, #88136, #88141, #88162, #88182)

Chat/UI: show Gateway chat failures as visible assistant messages in the Control UI instead of only setting an invisible error state.

Channels: cap Telegram, Discord, WhatsApp, Signal, Feishu, Google Chat, Microsoft Teams, QQBot, Nostr, Zalo, Zalouser, and Nextcloud-style request/retry timers; preserve SMS approval reply routes; and retry WhatsApp QR login 408 timeouts. (#88183)

Security/config parsing: reject unsafe OAuth/token lifetimes, retry-after delays, inbound timestamps, response body sizes, command timeout config, sandbox observer token TTLs, and gateway WebSocket calls after close.

Providers/media: cap local service, model, usage, queue, generated media, TTS, music, workflow polling, and provider OAuth request timers across hosted and local providers.

Release/CI/E2E: bound release candidate reads, beta smoke REST calls, plugin npm verification commands, changelog restore, cross-OS process groups, kitchen-sink and bundled plugin readiness probes, secret-provider probes, Telegram credential timeouts, Control UI i18n and CLI startup metadata generation, Vitest routing, dependency guard admin approvals, child workflow failure detection, quiet Node test shard stalls, docker package cleanup, and mainline test flakes. (#88127, #88137, #88155, #88160, #88966) Thanks @RomneyDa.

Release/CI/E2E: keep Kitchen Sink live plugin MCP probes resolving source-checkout workspace packages and align the live gauntlet with current Kitchen Sink diagnostics.

Release/CI/E2E: run the secret-provider integration proof through the repo pnpm runner so native macOS and Windows validation use the hydrated package-manager shim.

Release/CI/E2E: run the Telegram desktop proof gateway through the repo pnpm runner so native macOS proof uses the hydrated package-manager shim.

Docs/CI: run Mintlify anchor checks through the repo pnpm runner so docs link validation works when pnpm is only available through the hydrated package-manager shim.

Agents: keep configured fallback model metadata typed so provider params, context-token caps, and media input limits do not break changed-gate typechecks.

Agents: accept hidden sessions_send body aliases before validation while keeping the model-facing message schema canonical. (#88229) Thanks @zhangguiping-xydt.

Chat/UI: preserve startup chat sends during history loading, unblock the initial Control UI chat send, stream chat deltas incrementally, skip markdown parsing while streaming, keep drafts local while typing, guard composer rerenders, honor Chromium executable overrides, and detect system Chromium for E2E. (#88998) Thanks @vincentkoc.

Channels: stop schema-padded poll modifiers from turning normal send actions into invalid poll sends. (#89601) Thanks @codezz.

Channels: preserve long Feishu streaming replies, send visible fallbacks when accepted Feishu turns produce no final reply, tolerate iMessage self-chat timestamp skew, preserve colon-prefixed slash commands in mention parsing, decode Nostr npub allowlists correctly, and suppress raw provider errors during channel delivery. (#87896)

Config/status/doctor: skip unresolved shell references in state-dir dotenv files, resolve gateway auth secrets during deep status audits, respect explicit PI runtime policy, report runtime tool-schema errors, and keep post-upgrade JSON stable. (#88288)

Gateway/session state: list commands from the Gateway plugin registry, harden MCP loopback tool schemas, hide phantom agent-store rows from sessions.list, make task persistence failures explicit, and carry session UUIDs on interactive dispatch events.

Gateway/plugins: narrow plugin lookup memoization to the stable plugin/runtime inputs, avoiding repeated lookup work without mixing disabled or filtered plugin state.

OpenAI/TTS: handle speed directives for OpenAI TTS voices. (#74089)

CI/Crabbox: keep default runner capacity on the Azure credit-backed on-demand D4 lane with the Azure SSH port and a Git-independent full check job, so broad validation avoids low-priority spot quota stalls, hydrate port mismatches, non-Git hydrated workspaces, and stale AWS region hints.

CI/Crabbox: route Crabbox wrapper and Testbox workflow edits to their regression tests so changed-test gates do not silently run zero specs.

CI/workflows: route workflow sanity helper edits to their guard tests and cover composite-action input interpolation checks.

CI/tooling: route CI scope, dependency, changelog, and docs helper edits to their owner tests instead of silently skipping changed-test coverage.

CI/tooling: route package, release, and install helper edits to their owner tests so changed-test gates cover publish and installer script changes.

CI/tooling: route shared script library edits through their owner tests so lock, process, safety, and scan helpers do not skip changed-test coverage.

CI/tooling: skip expensive import-graph scans once a changed diff already requires broad fallback, keeping local changed-test planning fast while still collecting explicit owner tests.

CI/tooling: route script edits through conventional owner tests when matching test/scripts or src/scripts coverage already exists.

CI/tooling: honor option terminators in the memory FD repro script so follow-on arguments are not reparsed.

Release/CI/E2E: assert plugin lifecycle runtime inspect output instead of only capturing it.

Release/CI/E2E: make gateway-network prove the advertised health RPC and retry early WebSocket closes without burning full open timeouts.

Release/CI/E2E: honor option terminators across release, Parallels smoke, plugin gauntlet, and extension-memory scripts.

Release/CI/E2E: fail plugin gateway gauntlet QA chunks when the requested suite summary is missing or invalid.

Performance: prebuild QA runtime probes with generated plugin assets but without CLI startup metadata.

Performance: skip declaration bundling for runtime-only CLI startup and gateway watch build profiles.

Performance: reuse prepared provider handles, strict tool schemas, gateway runtime metadata, session maintenance config, plugin metadata, bundled skill allowlists, package-local plugin artifacts, single-entry store writes, and validated/serialized session prompt blobs.

Release verification

npm package: https://www.npmjs.com/package/openclaw/v/2026.6.1

registry tarball: https://registry.npmjs.org/openclaw/-/openclaw-2026.6.1.tgz

integrity: sha512-rGSwhIo8N37cQQ5puG8vmWZESE8q/ych5VFpzOQNcf49TF/rvCYyxiNAyot11qbUZF5wfLh8bsvofapnOEh0BQ==

npm dist-tags: openclaw@latest and openclaw@beta both point to 2026.6.1; GitHub latest points to v2026.6.1.

release publish: https://github.com/openclaw/openclaw/actions/runs/26907004505

npm preflight: https://github.com/openclaw/openclaw/actions/runs/26900686846

full release validation: https://github.com/openclaw/openclaw/actions/runs/26900640419

plugin npm publish: https://github.com/openclaw/openclaw/actions/runs/26907235209

plugin ClawHub publish: https://github.com/openclaw/openclaw/actions/runs/26907239724

OpenClaw npm publish: https://github.com/openclaw/openclaw/actions/runs/26907625257

package Telegram E2E: https://github.com/openclaw/openclaw/actions/runs/26901214260

Windows Hub x64 installer: https://github.com/openclaw/openclaw/releases/download/v2026.6.1/OpenClawCompanion-Setup-x64.exe

Windows Hub arm64 installer: https://github.com/openclaw/openclaw/releases/download/v2026.6.1/OpenClawCompanion-Setup-arm64.exe

Windows Hub SHA-256 manifest: https://github.com/openclaw/openclaw/releases/download/v2026.6.1/OpenClawCompanion-SHA256SUMS.txt

Windows Hub source release: https://github.com/openclaw/openclaw-windows-node/releases/tag/v0.6.0

Windows Hub signed installer promotion: https://github.com/openclaw/openclaw/actions/runs/26914718218

Windows Hub x64 SHA-256: f756c6537fcc06ba2da89f53bda4be953dfdcc523dc62256e49e0b0edf14dd30

Windows Hub arm64 SHA-256: 7e91de93420de49a529033fd9c7f29c52fd143443234746dbe9e242453f74365

verifier caveat: the release publish parent is red because its postpublish verifier expected plugin npm beta dist-tags to point to 2026.6.1; stable plugin publishes succeeded on latest while plugin beta remains on 2026.6.1-beta.3.

Original source

A useful agent should learn the work you keep giving it.

If you teach an agent how you do something, you should not have to paste the same explanation forever.

When that lesson becomes reusable, OpenClaw should show you the draft before it changes future runs.

That is

Skill Workshop

.

Skills

are how OpenClaw teaches an agent reusable procedures. A skill might be a short checklist for invoice follow-up, a release routine with validation steps, or a repo health workflow with scripts, templates, and examples beside the main instruction file.

A skill is not just Markdown. It changes future behavior.

That makes skill creation different from normal file editing. If the agent writes a bad answer, you can ignore one answer. If the agent writes a bad skill, that mistake can become part of how future work is done.

Skill Workshop puts a review step in front of that change.

Proposal First

When an agent creates or revises a skill through Skill Workshop, it starts as a proposal.

The proposal is not active. It carries the draft instruction, any support files, its review state, and the information OpenClaw needs to apply or reject it cleanly.

While it is pending, the file is

PROPOSAL.md

, not

SKILL.md

. The agent does not run it yet.

So the loop feels like normal collaboration:

You: Make this weekly inbox routine reusable.

Agent: Drafted a proposed skill.

You: Add the VIP sender rule and make the dry-run step clearer.

Agent: Revised the proposal.

You: Use it.

The agent does not need to create skill files by hand or guess where they belong. It does not need one path for chat, another for the UI, and another for the CLI.

It uses Skill Workshop.

Ask the agent for a reusable workflow. The result is a pending Skill Workshop proposal, not a direct write into live skills.

Shape It Before You Keep It

The Control UI treats proposed skills as reviewable work, not hidden files you have to hunt down.

Board view is the full workshop. You can move through pending, applied, rejected, and stale proposals. You can search, inspect, preview support files, and see what changed.

Board view keeps proposed skills searchable, inspectable, and separated by review state.

Today view is the faster pass.

Today view is built for moving through proposed skills one at a time.

It gives you the next proposal and asks a concrete question: should this become part of your skill set?

Use it when it is ready. Tweak it when it is close. Skip it when it should not become part of your skill set.

Tweak is where the workshop matters most.

Generated work is often almost right. The wording is off. A step is missing. The skill needs a safer fallback. The support file should be a template instead of a script. Skill Workshop turns those fixes into a revision conversation instead of a dead end.

The proposal remains the object being edited. The agent can revise it, and you can come back to the same proposal with its history intact.

Skills Can Bring Files

Useful skills often carry supporting material.

A digest skill may need a response template. A debugging skill may need example logs. A deployment skill may need a smoke-test script. A writing skill may need reference snippets.

Skill Workshop keeps those files with the proposal.

Support files travel with the proposal, so templates, scripts, references, and examples can be reviewed before apply.

Support files are allowed under the standard skill folders:

assets

,

examples

,

references

,

scripts

, and

templates

.

They are shown in the UI before you apply them. They are scanned with the proposal. They are written with the skill when you apply it.

The path rules are deliberately narrow. No absolute paths. No traversal. No hidden path segments. No writing outside the skill. A skill can be useful without making the write path loose.

The same proposal flow works from chat, the Control UI, channels, the CLI, and

Gateway

.

When granted access, agents can create, inspect, revise, apply, or reject proposals through the workshop path. You can review the same proposals from the UI, CLI, chat, channels, or Gateway.

Skill Workshop is the checkpoint before agent work becomes reusable behavior.

The agent brings back the pattern.

You shape what stays.

Original source