Security Hardening, Discord Voice & Policy Plugin
May 21, 2026 ยท Stable Release
Voice sessions now follow configured Discord users into voice channels with allowed-channel checks, multi-user handoff, bounded reconciliation, and DAVE recovery preservation.
New bundled Policy plugin for policy-backed channel conformance checks, doctor lint findings, and opt-in workspace repair.
Removed legacy exec approval compatibility path; restored fail-closed secret file symlink rejection; doctor warns on plaintext API keys in config.
Remote and headless setups can now authorize xAI without requiring a localhost browser callback. Critical for server deployments.
Honors provider-level params.provider routing policy for OpenRouter requests, with model and agent params overriding defaults.
Bumped bundled Codex harness to @openai/codex 0.132.0 with refreshed app-server model-list docs.
agents.list[].experimental.localModelLean allows lean local-model mode per agent instead of globally.
Status command now shows configured default, session-selected model, reason, clear hint, and docs link when pinned to a different model.
Delivers preferred final assistant output for successful scheduled runs even when trailing plain tool warnings remain in diagnostics.
cat SKILL.md compatibility path
openclaw update or pull latest Docker imageopenclaw doctor --fix to clean stale thinkingFormat valuesopenclaw.json for plaintext API keys and move to secretsOpenClaw v2026.5.20 is a recommended upgrade for all users, especially those running Discord voice integrations or remote xAI deployments.