openclaw v2026.6.7-beta.1 release notes: what's new & changelog
OpenClaw v2026.6.7-beta.1 delivers tighter channel delivery across major platforms, expanded provider resilience for Kimi and Anthropic models, and hardened security boundaries for runtime context and local setup trust.
Key Changes
Channel Delivery and Outbound Flows
Delivery reliability is improved across Slack, Telegram, and other outbound media. Key updates include:
- Slack Transcript Mirroring: Delivered same-channel Slack final replies are now mirrored into the owning OpenClaw transcript without duplicating runtime-owned assistant turns (#92498).
- Telegram Replay Fixes: Buffered/deferred message processing now maintains ownership of the update lifecycle until final reply dispatch settles, preventing the premature acknowledgement of live updates (#92281).
- Media Handling: The
messagetool now honors top-levelimageparameters as first-class media sources for send actions, preventing silent attachment loss (#92416). - Progress Drafts: Startup failures for timer-fired progress drafts are now reported via a default boundary logger rather than being silently swallowed (#92083).
- Action Results: Discord archived thread-list actions now expose normalized pagination metadata, including
complete,hasMore, andnextBeforecursors (#88993).
Provider and Model Resilience
Model handling is more resilient, with new support and critical repairs for several providers:
- Moonshot/Kimi: Added support for Kimi K2.7 Code with always-on reasoning and multimodal input (#92554). Additionally,
reasoning_contentis now backfilled on assistant tool-call replay messages to prevent 400 errors during long sessions or compaction (#92396). - Anthropic: Repaired persisted signed-thinking replay state; if a provider rejects a thinking block signature, the system now strips the poisoned blocks from the active session branch to prevent subsequent turn failures (#92286). For Anthropic Vertex, the system no longer re-marks
cache_controlon transport-budgeted payloads, avoiding the "maximum of 4 blocks" rejection error (#92387). - DeepSeek: Configured model rows now inherit bundled static catalog transport for known models instead of falling back to OpenAI Responses defaults (#92265).
- Mistral: The system now skips unreadable tool schemas while preserving healthy sibling tools, preventing request payload construction crashes (#90242).
- Fireworks: Catalog model parameters are now resolved from
plugin.jsonvia core to ensure authoritative context window limits (#90326).
Security and Boundary Hardening
User-visible context and authentication boundaries are now safer:
- Runtime Context Leakage: Internal runtime context bodies are now wrapped in delimiters, allowing
stripInternalRuntimeContextto fully remove sensitive metadata (e.g.,<relevant-memories>) from user-visible surfaces like Feishu streaming cards (#92593). - Local Setup Trust: Local setup trust is hardened, and
openclaw doctornow provides actionable remediation for configured channel plugins blocked by missing explicit trust or restrictive allowlists (#86629, #92175). - CLI Fallbacks: The
/btwcommand now fails closed when it would otherwise fall back to direct provider auth for a model routed through a CLI runtime alias (#92226). - Sandbox Paths: Sandboxed CLI startup prompts now render skill prompts from materialized paths rather than persisted host install paths, preventing models from attempting to inspect inaccessible host files (#92508).
Agent and Runtime Recovery
Recovery paths for agents, memory, and cron services have been improved:
- Model Registry: Invalid plugin model catalogs are now isolated, ensuring that a single bad catalog does not abort the entire custom-model load (#92564).
- Codex Memory: Fixed a regression where fresh Codex runs omitted
## Memory Recallguidance; the selected memory plugin is now preserved during scoped harness loads (#92350). - Memory Search: When using the QMD backend, startup failures are now preserved and reported alongside builtin fallback errors, providing better diagnostic clarity (#92618).
- Cron and Heartbeats: Fixed a bug where disabled heartbeats caused immediate one-shot cron job termination; these now follow bounded retry policies (#92225). Additionally, suppressed heartbeat sends are no longer treated as successful commitment deliveries (#92231).
- Linux Service Updates: Startup auto-updates for Linux gateway services now route through managed systemd handoff to avoid mutation failures (#92282).
UI and Developer Experience
- Accessibility: Improved contrast ratios for muted text, updated
:focus-visiblestates, and lifted minimum font sizes to 12px across the UI (#89822). - Workboard: Added a toolbar checkbox to hide empty status columns (#89615).
- Documentation: Added comprehensive design system documentation covering glass surfaces, color tokens, motion standards, and accessibility checklists (#89827). Added guidance for Gateway uptime monitoring using
/healthto avoid session store bloat (#92608). - QA Lab: QA Lab runtime is now bundled into Docker images (#92087), and QA evidence now emits scorecard taxonomy and evidence artifacts (#91484, #91500).
Impact
This release significantly reduces the risk of silent failures in channel delivery (particularly for Slack and Telegram) and eliminates several high-impact provider errors related to thinking-block replays and cache-control budgets. For operators, the improved openclaw doctor diagnostics and the new /health monitoring guidance reduce the overhead of maintaining gateway stability. The hardening of runtime context delimiters prevents the accidental leakage of internal agent metadata to end-users.
FAQ
What's new in v2026.6.7-beta.1?
This release introduces support for Kimi K2.7 Code, improves delivery reliability for Slack and Telegram, adds UI accessibility enhancements, and hardens security boundaries for internal runtime context and local setup trust.
Are there any breaking changes?
The provided source material does not mention any breaking changes.
How do I upgrade?
The provided source material does not provide specific upgrade instructions beyond the standard release process.