OpenClaw beta operators get a concrete reminder that recovery code needs its own limits

The interesting pattern is not one more bug report; it is recovery code becoming an operational surface. Repair loops, fallback resolution, provider-error formatting, and command-handler defaults are supposed to make failures safer, but without caps and clear contracts they can fill disks, remove redundancy, alarm end users, or pollute chats. That is exactly the class of issue that matters once agents run for days instead of demos.

• Issue #80960 gives a field observation of 2,180 backup files and about 2.1 GB of growth from repeated session-file repair on one stuck session
• The issue points to spawn-attempt and compaction callers that can re-invoke repair, and references PR #77945 as one local cleanup approach
• PR #80961 adds runtime and doctor warnings for string model config because it can silently disable fallback behavior
• Issue #80877 documents Anthropic Max OAuth transient errors being rendered as an API-key billing failure in Telegram
• PR #80952 adds suppressReply support so Telegram plugin commands can avoid a duplicate “No response generated” message after custom delivery

• The strongest evidence is issue and PR activity, not a new stable release
• Disk growth depends on a malformed or repeatedly repaired session path, so not every install will reproduce it
• Warnings and wording fixes help operators notice problems but do not replace staging tests for long-running beta gateways