#github

A new security issue has surfaced in the OpenClaw repository that every agent operator should understand: prompt injection via fake system message blocks in message channels like Discord, Telegram

If you've integrated OpenClaw with CI/CD webhooks or PR automation, you've likely noticed something annoying: hook-triggered sessions pile up indefinitely. Unlike cron jobs, which have had `sessionRet

Issue #30062 proposes something the community has been waiting for: a first-class GitHub channel that makes your OpenClaw agent a genuine engineering teammate. The Problem Today Right now, if

A critical SQL injection vulnerability has been reported in OpenClaw's database metrics endpoint. If you're running a version with this endpoint exposed, you'll want to patch immediately or restrict a

A bug in OpenClaw causes sub-agent sessions to survive host reboots indefinitely, cluttering your session list and potentially causing confusion about which agents are actually running. The Proble

A newly reported issue highlights a security risk that every OpenClaw user should be aware of: configuration backup files may contain your plaintext API keys and tokens. The Problem When you modi

If you've recently created a Discord bot and can't get OpenClaw to connect—showing the cryptic "Failed to resolve Discord application id" error on repeat—you're not alone. This is a subtle but importa

A frustrating bug has surfaced in the OpenClaw TUI: when you use the /model command to switch models mid-session, the footer updates to show your new selection—but the agent continues using the old

A new bug report in GitHub issue #29476 documents a frustrating edge case: when a custom plugin registers multiple tools, only the first tool b

If you're using a model provider that doesn't support vision — or your organization has disabled vision capabilities — uploading an image to your OpenClaw session can trap you in an unrecoverable erro

If you've tried running sub-agents with sessions_spawn in Docker Compose (embedded gateway mode) and hit mysterious timeouts, you're not alone. A recent [GitHub issue](https://github.com/openclaw/op

If you're running multiple OpenClaw bots in the same Telegram group, you may have noticed something strange: mentioning one bot sometimes triggers a completely different bot to respond. This is a real

A concerning security issue has surfaced in OpenClaw: when using keyRef to securely reference API keys from environment variables or secret stores, the gateway may rewrite your config with the actua

If you're running OpenClaw on a budget VPS with 2GB RAM—especially Alibaba Cloud 1-click deployments—do not upgrade to v2026.2.26 yet. A community member discovered a devastating cascade of failur

A critical issue has been identified in OpenClaw where the /stop command, abort functionality, and even gateway restarts fail to interrupt actively executing tools. This means once a tool starts run

A new RFC in the OpenClaw repository (#28845) proposes a fundamental shift in how context compaction works: instead of the system automatically deciding when and how to compact conversation history, a

If you've ever noticed your OpenClaw chat feeling sluggish when sub-agents complete their work, you're not alone. A new feature proposal on GitHub ([#28750](https://github.com/openclaw/openclaw/issues

If your OpenClaw agent suddenly starts looping, hallucinating, or spitting out API errors after running multiple tools at once, you might have hit a nasty race condition that can permanently corrupt y

A subtle but confusing bug has surfaced in OpenClaw: when your cron jobs run, internal assistant narration can accidentally leak to your Slack DMs (or other messaging surfaces). Here's what's happenin

When Anthropic's API returns a 529 "overloaded" error, you'd expect OpenClaw's model fallback system to kick in and try your secondary models. Instead, users are seeing errors bubble up directly — eve