OpenClaw Digest: Enhancing Task Visibility, Model Discovery, and Channel Reliability

Merged PRs

• feat(gateway): add SDK task ledger RPCs Original PR
• fix(google): retry stalled Gemini first response Original PR
• refactor: replace core oc-path with bundled plugin Original PR
• fix(codex): ignore account updates for turn liveness Original PR
• fix(gateway): inline image validator resolves per-agent model on fresh sessions (#79407) Original PR
• fix(nextcloud-talk): detect missing bot response feature Original PR
• fix(gateway): preserve trusted-proxy Control UI scopes Original PR
• fix(logging): redact http client secrets Original PR
• feat(yuanbao) update yuanbao channel plugin npm version Original PR
• fix(telegram): fail DM topic sends without threadless retry Original PR
• feat(imessage): inbound catchup (cursor + replay loop + monitor wiring) Original PR
• fix: hide subagent announce handoff prompts Original PR
• fix(telegram): share bot api throttler Original PR
• fix(gateway): align dedupe eviction with entry timestamp Original PR
• github-copilot: live catalog discovery via /models + add gpt-5.5 Original PR
• Fix Codex plugin migration selection UX Original PR
• docs: document Codex harness model availability Original PR
• feat(imessage): per-group systemPrompt (parity with other channels) Original PR
• Gateway: expose skipDeferral on safe restart RPC + CLI Original PR

Key Changes

Orchestration and Gateway Enhancements

OpenClaw has significantly expanded its external visibility and control surfaces. A major addition is the introduction of SDK-facing task ledger RPCs (tasks.list, tasks.get, and tasks.cancel). Previously, while the Gateway maintained a durable task registry, app clients like OpenMeow had no stable way to monitor background or detached work. These new RPCs bridge that gap, allowing external clients to track task status and cancel work without relying on internal logs.

Administrative control has also been improved with the addition of the --skip-deferral flag for safe restarts. This provides an essential escape hatch for operators when a stuck task run prevents a standard safe restart, avoiding the need for a destructive systemctl restart that would drop all in-flight runs.

Model Provider and Integration Updates

The GitHub Copilot provider now supports live model catalog discovery via the /models endpoint. This replaces a static manifest that was often out of date, ensuring users see accurate context windows and newly released models like gpt-5.5 based on their specific account entitlements.

For Google Gemini, a new first-response retry mechanism addresses stalls observed in main-session runs with high thinking and coding tool profiles. If the model fails to produce the first SSE chunk, OpenClaw now retries once with a leaner thinking payload to recover the response.

Channel Reliability and Feature Parity

Several channel-specific improvements focus on reliability and consistency:

• iMessage: Introduced an opt-in inbound catchup mechanism. This allows the gateway to recover messages that landed in chat.db while the gateway was offline (e.g., during a crash or Mac sleep), ensuring no messages are silently swallowed.\n- Telegram: Fixed a critical routing issue where DM-topic sends were silently falling back to plain DMs upon failure. Now, these failures are surfaced explicitly to prevent messages from landing in the wrong conversation surface. Additionally, a shared API throttler has been implemented per bot token to better manage quota ownership.
• Nextcloud Talk: Added detection for the response feature. Previously, bots missing this feature would accept webhooks but fail to reply with vague 401 errors; the system now flags this missing capability during preflight checks.

Refactors and Security

In a move toward a more modular architecture, the core oc-path substrate has been refactored into a bundled plugin (extensions/oc-path). This reduces core LoC by approximately 31.5% while preserving the openclaw path CLI surface. On the security front, logging has been hardened to redact HTTP client secrets (e.g., appSecret, client_secret) and authorization headers from error cause chains to prevent credential leakage in logs.

Impact

These changes collectively reduce the "blind spots" for both operators and end-users. The transition of oc-path to a plugin and the addition of task ledger RPCs signal a shift toward a more extensible, API-driven architecture.

Users of iMessage and Telegram will experience higher reliability; iMessage users no longer risk losing messages during downtime, and Telegram users are guaranteed that messages intended for specific topics are either delivered correctly or reported as failed, rather than being misrouted. For developers and power users, the dynamic discovery in GitHub Copilot and the improved Gemini retry logic ensure that the most capable models are available and stable, even under heavy tool-use scenarios.