← Back to Blogs
GH Release

OpenClaw v2026.5.4-beta.2: A Leap Forward in Voice Agents, Performance, and Security

317571307 May 5, 2026

OpenClaw v2026.5.4-beta.2: A Leap Forward in Voice Agents, Performance, and Security

The OpenClaw project is excited to announce the release of v2026.5.4-beta.2, a significant update that brings substantial improvements across several core areas. This release focuses on delivering a more responsive, secure, and powerful agent experience, with particular attention to real-time voice interactions, system performance, and foundational security.

This beta release introduces a much snappier OpenClaw voice agent for Google Meet and Voice Calls, alongside a suite of performance optimizations that reduce startup times and memory footprint. It also includes critical security hardening measures, expanded channel capabilities, and new features for plugin developers, paving the way for more sophisticated and integrated agent workflows.

Key Changes

Enhanced Google Meet/Voice Call Experience

A major highlight of v2026.5.4-beta.2 is the dramatically improved experience for OpenClaw voice agents participating in Google Meet and Voice Calls. The update overhauls Twilio dial-in joins to integrate seamlessly with the real-time Gemini voice bridge. This includes:

  • Paced Audio Streaming: Ensuring audio is delivered smoothly and naturally.
  • Backpressure-Aware Buffering: Preventing audio from piling up and causing delays.
  • Barge-in Queue Clearing: Allowing callers to interrupt the agent more effectively.
  • No TwiML Fallback: Maintaining real-time speech without interruptions.

These changes collectively deliver a much snappier and more natural voice agent interaction for Meet participants.

Google Meet/Voice Call: make Twilio dial-in joins speak through the realtime Gemini voice bridge with paced audio streaming, backpressure-aware buffering, barge-in queue clearing, and no TwiML fallback during realtime speech, giving Meet participants a much snappier OpenClaw voice agent. (#77064)

Robust Plugin SDK for Advanced Workflows

The plugin ecosystem receives a foundational upgrade with new capabilities that empower developers to build more complex and integrated agent workflows. Drawing from PRs #73384 and #75609, the Plugin SDK now allows plugins to:

  • Define typed session actions that can be invoked through the host.
  • Send session-bound attachments via host-owned outbound delivery.
  • Schedule future session turns using the existing cron-compatible scheduler.
  • Request bounded agent-finalize retries to repair replies before finalization.

These "workflow seams" provide the building blocks for advanced features like deployment approvers, budget guards, and SLA watchers, enabling plugins to interact with the agent's lifecycle and session state in powerful new ways.

Significant Performance and Stability Improvements

This release includes numerous optimizations aimed at enhancing the overall performance and stability of OpenClaw:

  • Reduced Cold Scans: Agents and plugins now reuse the current workspace-scoped plugin metadata snapshot, avoiding repeated cold scans on hot control-plane paths (#77519, #77532).
  • Faster Gateway Startup: Non-readiness sidecars are deferred, hot-path channel plugin barrel imports are avoided, and trusted bundled plugin metadata is fast-pathed, reducing plugin-load and memory pressure during startup.
  • Control UI Responsiveness: Improvements to chat controls, session pickers, and debug logging for long animation frames make the dashboard more responsive and easier to diagnose.
  • Memory Management: Bounded runtime trajectory capture and queued sidecar writes prevent oversized traces from monopolizing Gateway cleanup (#77124).
  • Session Store Efficiency: openclaw sessions output is now capped to the newest 100 rows by default, with pagination metadata, to prevent unbounded work on large session stores (#77500).

Critical Security Hardening

Several critical security vulnerabilities, particularly on Windows, have been addressed:

  • Windows Path Resolution: Workspace .env files can no longer override SystemRoot, WINDIR, or LOCALAPPDATA, preventing attackers from redirecting reg.exe, icacls.exe, whoami.exe, or cmd.exe to malicious binaries during various operations (#74454, #74458, #77470, #77472).
  • QQBot Command Authorization: Private-only authenticated QQBot slash commands are now correctly gated by authorization checks and excluded from generic framework command registration, preventing unauthorized configuration changes (#76375, #77212, #77453).
  • Device Pairing Scopes: The /pair command now requires explicit operator.pairing privileges on chat surfaces, preventing unauthorized management of device enrollment state (#76377).
  • WebSocket Auth Scopes: Unapproved trusted-proxy Control UI WebSocket sessions no longer retain client-requested operator scopes without a paired or approved baseline, enhancing Gateway RPC authorization (#77413).
  • Browser SSRF Guards: Strict current-tab URL checks are enforced before existing-session screenshots and debug/export routes, matching existing-session snapshot handling (#75731).

Expanded Channel Capabilities and Reliability

Channels receive numerous fixes and enhancements:

  • Discord: Improved transport health surfacing in openclaw channels status (#76327), preference for IPv4 for REST and gateway WebSocket startup paths (#77398), and more reliable final reply delivery (#77520).
  • Telegram: Support for interactive reply buttons (#76238), better handling of media attachments when image optimization is unavailable (#77117, #77081), and acceptance of plugin-owned numeric forum-topic targets (#77137).
  • WhatsApp: Support for explicit Channel/Newsletter @newsletter outbound message targets (#13417).
  • BlueBubbles: Fixed webhook authentication when channels.bluebubbles.password is configured as a SecretRef (#76369).
  • External Channel Contract Resolution: A generic loader for external plugin root sidecars ensures SecretRef-backed channel credentials in externalized plugins resolve correctly at runtime (#76449, #76371).
  • Zalouser: Startup name matching now requires explicit opt-in via dangerouslyAllowNameMatching for display-name entries in allowFrom, groupAllowFrom, and groups (#77411).

Developer and Operator Experience Enhancements

The release also brings several quality-of-life improvements:

  • New CLI Command: openclaw models auth list [--provider <id>] [--json] allows users to inspect saved per-agent auth profiles without dumping secrets.
  • Improved Control UI: Features like an agent-first filter in the chat session picker, responsive chat controls, collapsible New Job sidebar, and active agent name in dashboard breadcrumbs enhance usability.
  • Enhanced Diagnostics: Gateway startup phase spans, active work labels, and default sync-I/O tracing in pnpm gateway:watch make slow turns easier to attribute.
  • Plugin Migration Hints: Catalog-backed install hints are now emitted when plugins.entries or plugins.allow reference an uninstalled official external plugin, guiding operators to openclaw plugins install <spec> (#77483).
  • Shell Command Explainer: An internal shell command explainer backed by web-tree-sitter and tree-sitter-bash is added for future approval and command-review surfaces (#75004).

Impact

More Natural Voice Interactions

The comprehensive improvements to Google Meet and Voice Call integration mean that OpenClaw agents can now participate in real-time conversations with unprecedented fluidity. The reduced latency, improved barge-in capabilities, and more natural audio delivery translate directly into a more human-like and effective communication experience for users interacting with voice agents.

Empowering Plugin Developers

The expanded Plugin SDK, particularly the new workflow seams, provides a powerful foundation for developers to create more sophisticated and deeply integrated agent behaviors. This enables the creation of custom logic that can influence agent decisions, manage external resources, and orchestrate complex multi-step processes, significantly extending OpenClaw's capabilities beyond its core offerings.

Faster and More Reliable Operations

Users will notice a general increase in system responsiveness, from quicker Gateway startup times to more efficient agent execution. The numerous performance optimizations reduce resource consumption and minimize delays, making OpenClaw a more agile and dependable platform. Stability fixes across various components, especially channels and agent runtimes, contribute to a more robust and predictable experience.

Strengthened Security Posture

The security enhancements in this release are crucial for maintaining the integrity and trustworthiness of OpenClaw deployments. By addressing vulnerabilities related to Windows path resolution and command authorization in various integrations, the platform significantly reduces the risk of malicious code execution and unauthorized access, ensuring a safer environment for sensitive operations.

Improved Channel Ecosystem

The array of fixes and features for Discord, Telegram, WhatsApp, BlueBubbles, and Zalouser ensures that OpenClaw's channel integrations are more stable, feature-rich, and reliable. This means smoother communication, better media handling, and more consistent agent behavior across diverse messaging platforms, enhancing the overall utility of OpenClaw in multi-channel environments.

Streamlined Development and Management

New CLI commands, UI improvements, and enhanced diagnostics collectively improve the developer and operator experience. Debugging is easier, system status is clearer, and plugin management is more intuitive, allowing teams to build, deploy, and maintain OpenClaw agents with greater efficiency and confidence.

Upgrade Guide

This release includes several changes that may require user attention during the upgrade process. Please review the following guidance carefully.

Sandbox Registry Migration

If your OpenClaw installation still contains legacy monolithic sandbox registry files (e.g., containers.json or browsers.json), you will need to migrate them to the new sharded storage format. This is a one-time step to improve concurrency and reduce lock contention.

To perform the migration, run:

openclaw doctor --fix

Google Meet Configuration Updates

The default behavior for Google Meet agent joins has shifted, and some configuration keys have been refined:

  • mode: "agent" is now the default Chrome talk-back path, utilizing real-time transcription for input and regular OpenClaw TTS for speech output.
  • The previous direct bidirectional model behavior is available as mode: "bidi".
  • The legacy mode: "realtime" is now a compatibility alias for mode: "agent".
  • The real-time provider configuration is now split into realtime.transcriptionProvider (for agent-mode input) and realtime.voiceProvider (for bidi-mode voice).

If you have existing Gemini Live bidi configurations, run openclaw doctor --fix to migrate them to the new split provider keys.

Zalouser Name Matching Policy

For zalouser channel configurations, startup friend/group lookup and name-to-id mapping will now only occur if dangerouslyAllowNameMatching: true is explicitly enabled. If you rely on display names for allowFrom, groupAllowFrom, or groups entries in your zalouser configuration, you must add this setting to your config. Stable ID entries remain unaffected.

OpenRouter DeepSeek V4 Thinking Levels

The max thinking level for OpenRouter DeepSeek V4 models is no longer supported by OpenRouter's API. If your configuration uses max for openrouter/deepseek/deepseek-v4-pro, it will now be mapped to reasoning_effort: "xhigh". It is recommended to update your configurations to use xhigh directly to avoid potential issues.

CLI Session Output Limits

The openclaw sessions command now defaults to displaying only the newest 100 session rows. For larger session stores or to view all entries, use the --limit flag:

  • openclaw sessions --limit <n> to specify a custom limit.
  • openclaw sessions --limit all to display all sessions.

Plugin Discovery Behavior

Bundled provider discovery now honors restrictive plugins.allow configurations by default for new setups. If you have legacy restrictive allowlist configurations, openclaw doctor --fix will migrate them to plugins.bundledDiscovery: "compat" to preserve your existing upgrade behavior. It is advisable to run doctor --fix if you encounter unexpected plugin availability issues after upgrading.

IRC Channel Egress

The documentation clarifies that IRC uses raw TCP/TLS sockets outside operator-managed forward proxy routing. If you enable IRC, ensure that direct IRC egress is explicitly approved in your network environment.

References

Pull Requests

Releases