OpenClaw v2026.5.14-beta.2 Release Summary

Key Changes

Voice & Realtime Communication

OpenClaw has expanded its realtime voice capabilities by adding Telnyx Media Streaming support. This allows realtime voice providers (such as OpenAI Realtime) to drive Telnyx calls with sub-second latency, achieving parity with existing Twilio support. The update implements PCMU 8 kHz μ-law audio and introduces a StreamFrameAdapter to handle provider-specific WebSocket frame parsing and serialization.

Codex & ACP Enhancements

Significant updates have been made to the Codex app-server and Agent Client Protocol (ACP) integration:

• MCP Server Preservation: Codex app-server sessions now reliably receive plugin-bundled MCP tools and preserve user-configured MCP servers across thread resumes, ensuring tools survive gateway restarts.
• Diagnostic Visibility: ACP runtime errors now surface redacted diagnostics from numeric JSON-RPC RequestError details, replacing generic "Internal error" messages with actionable feedback.
• Cron Alignment: Codex cron bootstrap handling is now aligned with the pi harness, suppressing native project-doc injection for lightweight runs to reduce latency and avoid unnecessary context loading.
• Migration Hardening: The Codex migration process now uses the managed Codex binary for source inventory, preventing failures caused by broken global installs.

Gateway & Performance Optimizations

• Startup Efficiency: The Gateway now lazy-loads Canvas startup modules and protocol validators, significantly reducing cold-import CPU and RSS costs. Startup trace attribution has also been refined to provide fine-grained timings for auth, plugin loading, and sidecar services.
• Event Throttling: A new throttling mechanism for Gateway agent text events prevents high-frequency bursts from overwhelming clients while ensuring no assistant or thinking text bytes are dropped.
• OpenAI Compatibility: The /v1/chat/completions endpoint now correctly forwards response_format to upstream providers, restoring support for structured outputs (JSON object/schema).

Security Hardening

• Windows ACL Audit: The security scanner now correctly classifies broad Windows SIDs (e.g., Anonymous Logon, Guests, Interactive) as "world" principals. This ensures that world-writable paths are flagged as critical severity rather than mere warnings.
• Shell Execution: Safe-bin argument validation has been hardened to reject POSIX-style parameter expansion tokens, preventing potential argv boundary rewrites during execution.
• SSRF Protection: Custom provider baseUrl trust is now scoped by exact origin. This allows self-hosted LLM providers on private IPs to work without requiring a broad allowPrivateNetwork opt-in, while still blocking metadata endpoints.

Channel & UI Updates

• WhatsApp: Added lifecycle status reactions (queued → thinking → tool → done/error), matching the experience on Telegram and Discord. Text slash commands are now marked as command turns to ensure visibility in group reply modes.
• Telegram: Fixed a critical bug where isolated polling ingress could halt with "Bot not initialized" errors. Startup getMe probes are now bounded to prevent event-loop starvation in multi-account configurations.
• Control UI: The chat interface now correctly orders items by timestamp, ensuring that live tool outputs and stream segments appear in the correct chronological sequence relative to history.

Impact

For Developers and Power Users

• Improved Diagnostics: The combination of ACP error surfacing and refined startup tracing makes debugging complex agent-runtime interactions significantly easier.
• Better Tooling: The addition of Telnyx realtime support and the fix for Codex MCP server persistence expand the utility of OpenClaw as a voice and tool-integrated agent platform.
• Config Reliability: The openclaw doctor --fix command now correctly migrates native Ollama contextWindow and maxTokens budgets into params.num_ctx, resolving a regression that caused context truncation.

For System Administrators

• Enhanced Security: The stricter Windows ACL auditing and shell-bin validation reduce the attack surface for hosted instances.
• Stability: Fixes for ERR_HTTP2_INVALID_SESSION prevent the gateway from crashing during destroyed HTTP/2 session teardowns.

Upgrade Guide

Breaking Changes & Migration

While this release is largely backward compatible, users should note the following:

• Ollama Users: If you were relying on contextWindow or maxTokens for native Ollama providers, run openclaw doctor --fix to migrate these values to the required params.num_ctx format.
• Windows Users: You may see an increase in "critical" security findings in your audit logs as broad SIDs are now correctly classified as world-writable.
• Config Management: The CLI now rejects attempts to manually set meta.lastTouchedVersion or meta.lastTouchedAt, as these are strictly auto-managed by the system.