← Back to Blogs
GH Release

OpenClaw v2026.4.29-beta.1 Release: Enhanced Intelligence, Reliability, and Security

315697250 Apr 30, 2026

OpenClaw v2026.4.29-beta.1 Release: Enhanced Intelligence, Reliability, and Security

OpenClaw is proud to announce the release of v2026.4.29-beta.1, a significant beta update that brings a host of new features, performance improvements, and critical fixes. This release focuses on deepening agent intelligence, expanding platform coverage, bolstering system reliability, and enhancing security, ensuring a more capable and stable environment for your autonomous agents.

Key Changes

This release delivers substantial upgrades across several core areas, from how agents communicate and remember, to broader model support and foundational system stability.

Advanced Messaging and Automation

Messaging and automation capabilities have received a major overhaul, providing agents with more nuanced control and better operational visibility:

  • Active-Run Steering by Default: The system now defaults to steer for active-run queueing, ensuring that all pending Pi steering messages are drained at the next model boundary. This replaces the legacy one-at-a-time queue behavior, offering more efficient message processing. A 500ms follow-up fallback debounce is also introduced.
  • Visible Reply Enforcement: Operators can now enforce visible output to go through message(action=send) for any source chat using the new global messages.visibleReplies setting, with messages.groupChat.visibleReplies available for group/channel overrides.
  • Spawned Subagent Routing Metadata: Subagent chat and agent broadcast payloads now surface spawnedBy information, allowing clients to route child session events more effectively without needing additional lookups (PR #63244).
  • Opt-in Follow-up Commitments: Agents can now infer follow-up commitments from conversation context, stored per agent and channel, and delivered via heartbeat. This feature includes CLI management and configurable settings (commitments.enabled, commitments.maxPerDay) to prevent immediate echoes of magical check-ins (PR #74189).

Intelligent Memory and Knowledge Management

Memory capabilities have evolved, transforming into a more sophisticated, people-aware knowledge base:

  • People-Aware Wiki: Memory now includes agent-facing people wiki metadata, canonical aliases, person cards, relationship graphs, privacy/provenance reports, and enhanced search modes for person lookup, question routing, source evidence, and raw claims.
  • Per-Conversation Active Memory Filters: Operators can enable recall only for selected direct, group, or channel conversations using new allowedChatIds and deniedChatIds filters, ensuring privacy and relevance (PR #67977).
  • Partial Recall on Timeout: When the hidden memory sub-agent times out, the system now returns bounded partial recall summaries, including temporary-transcript paths, preventing the loss of useful recovered context (PR #73219).
  • Bounded REM Preview Diagnostics: A new read-only doctor.memory.remHarness RPC allows operator clients to preview bounded REM dreaming output without triggering mutations (PR #66673).

Expanded Provider and Model Coverage

OpenClaw continues to broaden its support for leading AI models and providers, enhancing flexibility and performance:

  • NVIDIA Provider Onboarding: Full support for NVIDIA models has been added, including API-key onboarding, setup documentation, static catalog metadata, and literal model-ref picker support (PR #71204).
  • Faster Manifest-Backed Model Paths: Explicitly configured openai-codex/gpt-5.4-mini entries are now suppressed to prevent stale configurations from bypassing manifest capability blocks. Model catalog computations and OpenAI listable catalog now leverage manifest fast paths, improving performance and reliability.
  • Bedrock Opus 4.7 Thinking Parity: The full Claude Opus 4.7 thinking profile (xhigh, adaptive, max) is now exposed for Bedrock model references, aligning with Anthropic transport behavior (PR #74701).
  • Safer Replay and Streaming: Malformed event-only or blank-data SSE frames are now dropped before reaching the OpenAI SDK stream parser, preventing crashes (PR #52802). Additionally, <final> tags split across streamed model deltas are stripped before reaching SSE clients, ensuring clean output (PR #63325).

Enhanced Gateway and Plugin Reliability

Significant efforts have been made to improve the stability and performance of the gateway and packaged plugins:

  • Improved Slow-Host Startup: Local discovery advertisement is now bounded during startup, and the gateway waits for the event loop to become responsive before opening WebSocket connections, addressing stalls on Windows and other constrained hosts (PR #73865, #48270).
  • Reusable Model Catalogs: The gateway now serves the last successful model catalog while stale reloads refresh in the background, preventing blocking during model-provider rediscovery (PR #74135).
  • Event-Loop Readiness Diagnostics: An opt-in startup diagnostics timeline records gateway lifecycle and plugin-load phases, aiding in slow-start diagnosis.
  • Runtime-Dependency Repair: A new openclaw plugins deps command provides inspection and repair capabilities for missing bundled runtime dependencies.
  • Stale-Session Recovery: Conservative stuck-session recovery has been implemented to release stale session lanes while preserving active work, preventing legitimate long-running turns from being aborted (PR #73581).
  • Version-Scoped Update Caches: Packaged Node compile caches are now scoped by OpenClaw version and install metadata, preventing reuse of stale compiled chunks after updates.

Comprehensive Channel Fixes

Numerous fixes have been applied across various communication channels to improve resilience and user experience:

  • Slack: Addressed Block Kit limits for command argument menus, interactive replies, button URLs, confirmation text, and approval metadata, preventing invalid payloads (e.g., PRs like Slack/commands: keep native command argument menus on select controls...).
  • Telegram: Enhanced resilience for proxy, webhook, polling, and send operations, including honoring ALL_PROXY for HTTP/1-only transport (PR #74014), making raw network failures non-fatal (PR #60515), continuing polling when webhooks are absent (PR #47384), retrying quote replies (PR #74581), applying strict safe-send retries (PR #74203), surfacing polling liveness warnings (PR #74299), bounding command menu API calls (PR #74086), and including video width/height for correct orientation (PR #18915).
  • Discord: Improved startup and rate-limit handling, including cooling down Cloudflare/Error 1015 HTML 429 REST failures and sanitizing HTML bodies (PR #74489, #38853). Also, bare numeric outbound targets that match the DM allowlist are now treated as user DMs (PR #74303).
  • WhatsApp: Enhanced delivery and liveness, requiring Baileys outbound message IDs before marking auto-replies delivered (PR #49225), detecting group @mentions when the bot's E.164 is in allowFrom (PR #73453, #49317), publishing real transport-liveness into channel status (PR #72656), and stripping leaked plural tool-call XML wrappers (PR #71830).
  • Microsoft Teams, Matrix, Feishu: Resolved edge cases such as treating configured 19:...@thread.tacv2 IDs as resolved in Teams (PR #74683), completing cross-signing handshakes in Matrix (PR #74542), skipping empty-text messages in Feishu (PR #74634), cleaning up Bitable placeholder rows (PR #73920, #40602), and retrying file-typed iOS video downloads as media in Feishu (PR #73986, #50164, #49855).

Robust Security and Operations

Security and operational practices have been strengthened with new tools and policies:

  • OpenGrep Scanning: A precise OpenGrep rulepack, source-rule compiler, and PR/full scan workflows have been added to validate first-party code and upload SARIF to GitHub Code Scanning (PR #69483).
  • Sharper GHSA Triage Policy: Media/base64 decode and format-conversion overhead after configured acceptance limits are now classified as performance-only for GHSA triage, unless a limit bypass or other boundary bypass is demonstrated (PR #74311).
  • Safer Exec, Pairing, and Owner-Scope Handling: HTML tags are stripped during plain-text sanitization, credential bytes are compared with padded timing-safe buffers, and debug log arguments are sanitized for QQBot. Exec approval follow-up runs preserve turnSourceChannel as messageProvider (PR #74646). Device pairing now validates callerScopes against resolved token scopes during repair (PR #72925). Workspace PATH injection via service environment and trash helpers is blocked (PR #73264), and bundled plugin directory resolution is restricted to trusted package roots (PR #73275).
  • Docker and Onboarding Automation: The OPENCLAW_SKIP_ONBOARDING environment variable allows automated Docker installs to skip the interactive onboarding step (PR #55518).
  • Web-Fetch IPv6 ULA Opt-in: A tools.web.fetch.ssrfPolicy.allowIpv6UniqueLocalRange opt-in is added for trusted proxy stacks using fc00::/7 (PR #74351).

Impact

This release significantly enhances OpenClaw's capabilities across the board. For developers, the expanded model provider coverage, particularly with NVIDIA and improved OpenAI-compatible streaming, offers greater flexibility and performance. Operators will benefit from the enhanced reliability of the gateway and plugins, with better diagnostics and more robust handling of slow-start scenarios and stale sessions. The refined memory system, including the people-aware wiki and granular access controls, provides powerful new tools for building more intelligent and context-aware agents. End-users will experience a more polished and reliable interaction across various communication channels, with numerous fixes addressing common pain points in Slack, Telegram, Discord, WhatsApp, and other platforms. The strengthened security posture ensures a safer and more trustworthy environment for all operations.

Upgrade Guide

This beta release includes some changes that may require attention during an upgrade, particularly for users leveraging the SDK or specific channel integrations.

  • Active Memory SDK Users: The ActiveRecallResult type now includes a new timeout_partial status. If your application code exhaustively switches on result.status, you will encounter a TypeScript error. You must explicitly handle this new status to surface partial recall output, which was previously discarded on timeout (PR #73219).

  • QQBot Admin Commands: For QQBot users, administrative slash commands (e.g., /bot-logs, /bot-clear-storage, /bot-approve) now enforce stricter authorization. If you previously used these commands without explicitly configuring an allowFrom list, they will now be rejected. You must add your OpenID to the channels.qqbot.allowFrom list to regain access to these commands (PR #73616).

  • New Configuration Options: Several new configuration options have been introduced. While these are additive and generally backward-compatible, users are encouraged to review them for enhanced functionality or security:

    • messages.visibleReplies: To enforce visible output through message(action=send).
    • commitments.enabled / commitments.maxPerDay: To enable and tune inferred follow-up commitments (PR #74189).
    • NVIDIA Provider: Configuration for NVIDIA models (PR #71204).
    • tools.web.fetch.ssrfPolicy.allowIpv6UniqueLocalRange: For IPv6 ULA opt-in with trusted proxy stacks (PR #74351).
    • web.whatsapp.keepAliveIntervalMs, connectTimeoutMs, defaultQueryTimeoutMs: To fine-tune Baileys socket timing for WhatsApp Web (PR #73580).
    • channels.whatsapp.exposeErrorText: To control the visibility of raw error text in WhatsApp (PR #71830).

It is always recommended to test new releases in a staging environment before deploying to production.

References

Pull Requests

Releases