OpenClaw beta.6 turns this week’s scattered safety fixes into an upgrade target
OpenClaw v2026.5.12-beta.6 is the strongest new item in this run because it packages a broad operator-hardening wave into one official prerelease. The release stops iMessage media-only sends from leaking visible placeholder text, creates configured agent sessions before first agent-to-agent sends, moves the Gateway protocol to v4 with explicit delta/replace streaming frames, hides pending Node pairing capabilities until approval, requires approval for setup-code device pairing, browser pairing, and Control UI proxy-scoped access, and hardens trusted-proxy validation. It also caps inbound media download streams for Feishu / WhatsApp / Line, narrows plugin install-time code scans to plugin-owned runtime entrypoints while keeping dependency manifest denylist checks, centralizes config mutation retries, preserves and prunes managed peer dependencies, pins Docker setup paths so stale host .env paths do not leak into containers, and fixes several auth/profile/runtime edges including Copilot Gemini image descriptions, Anthropic session-rotation amnesia, OpenAI-compatible schema items, idle-model watchdog fallback, centralized transcript redaction, Telegram polling stalls, token-rotation offsets, delegated-session tool restrictions, node exec provenance, and hook CLI authority. A new issue, #81548, is worth reading alongside the release: it reports 25-30 seconds of OpenClaw overhead per isolated-agent turn on v2026.5.7 even when direct Ollama inference takes about 2.3 seconds, pointing at prompt assembly as the suspected bottleneck.
The release matters because always-on personal agents fail in boring places: pairing screens expose too much, plugin installs scan the wrong surface, media adapters buffer too much, transcripts retain secrets, config mutations race, and local-model users wait on framework overhead rather than inference. This is the kind of maintenance release that changes whether a gateway feels safe enough to leave running.
- OpenClaw v2026.5.12-beta.6 was published at 2026-05-13T21:00:40Z with a long fix list covering channel adapters, device pairing, plugin install, config mutation, transcript redaction, model auth, and runtime watchdog behavior
- The release requires approval for setup-code pairing, browser pairing, and Control UI proxy-scoped access, and hides pending Node pairing surfaces until approval
- The release caps inbound media download streams for Feishu / WhatsApp / Line and narrows plugin install-time code safety scans to plugin-owned runtime entrypoints while keeping dependency manifest checks
- The release centralizes transcript redaction for JSONL append paths and redacts persisted tool result detail metadata
- Issue #81548 reports OpenClaw v2026.5.7 adding 25-30 seconds of overhead per isolated-agent turn while direct Ollama with roughly 30K tokens completes in about 2.3 seconds
- Related fixes in the release cover idle model watchdog fallback, Telegram polling liveness, token-rotation offsets, delegated-session tool restrictions, node exec provenance, and hook CLI authority
- This is a beta prerelease; production operators should stage it before moving important channels
- The release is broad, so regressions may hide in combinations of channel adapter, plugin install, device pairing, and auth profile state
- The new latency issue is not marked fixed by beta.6, so local-model and isolated-agent users still need their own measurements