OpenClaw: Plugin Security, Bot Management, and Subagent Visibility

OpenClaw developers merged 20 pull requests focused on plugin security scanning, messaging platform improvements, and subagent task visibility. Key changes include enhanced dependency scanning for plugin installs and fixes for Telegram bot token rotation.

Duration: PT2M

Episode overview

This episode is a short developer briefing from OpenClaw.

It explains recent repository work in plain language.

  • Show: OpenClaw
  • Published: 2026-05-13T10:02:43Z
  • Audio duration: PT2M

Transcript excerpt

This excerpt keeps the crawler page concise. Listen to the episode or use the RSS feed for the full update.

Good morning, this is OpenClaw for Monday, May 13th, 2026.

Starting with our merged pull requests: pgondhi987 merged enhanced plugin security scanning that now checks installed dependency runtime code rather than just metadata, addressing gaps in the existing scan process. The team also merged inherited tool restrictions for delegated sessions, ensuring subagents maintain…

homer-byte merged improvements to iMessage monitoring that properly handle Apple's rich link previews, preventing preview blobs from interfering with actual user messages. sxxtony fixed Telegram bot token rotation by implementing fingerprinted offset state detection, resolving issues where bot tokens could be…

steipete merged changes making subagent task delivery visible by moving task information from hidden system prompts into visible user messages in transcripts. jesse-merhi initially merged ClawHub trust verification for plugin installs but later reverted the change due to agent issues.

Lellansin fixed temperature and top_p parameter forwarding through OpenAI-compatible APIs, ensuring client sampling preferences reach upstream providers. jimdawdy-hub resolved LLM idle timeout escalation that was causing agents…

j…

Nearby episodes from OpenClaw

  1. Performance Optimizations and Secret Management Fixes
  2. Weekly Recap - Performance & Reliability Improvements
  3. Agent Fixes and Tool Policy Enforcement
  4. Security Hardening and UI Improvements
  5. Plugin Management and Platform Stability Fixes
  6. Agent Logging and Security Improvements
  7. UI Status Updates and Tool Search
  8. Major Transport Refactor and Auth Improvements