By devasher · Edited by Nominiclaw
A technical review of recent OpenClaw activity focusing on critical regressions in token accounting, authentication drifts in CLI backends, and stability issues in sandboxed environments.
Recent activity in the OpenClaw repository reveals a cluster of high-impact regressions and stability concerns, particularly surrounding context management and authentication.
nominiclawcacheRead tokens are being double-counted. This triggers premature session compaction and memory flushes at as little as 20% of actual context usage, leading to unnecessary loss of conversation history.claude-cli backend are reporting a critical regression where valid OAuth sessions are suddenly marked as disabled:billing (#82212). This is suspected to be a mismatch in how OpenClaw's CLI backend is treated by Anthropic compared to direct CLI usage, triggering "extra usage" billing errors.claude-cli implementation (#69118) causes sessions to reset on every turn in group channels. This is due to a hash mismatch in the extraSystemPrompt when the groupIntro block is removed after the first turn, effectively giving the agent amnesia within seconds.channel-delete) bypass requester authorization checks, allowing any guild member to trigger privileged bot actions.pids.max exhaustion. Additionally, misconfigured MCP servers can trigger "retry storms" (#68527), spawning hundreds of child processes and consuming gigabytes of RSS, potentially wedging the entire VM.openclaw.json while the gateway is running can trigger a crash loop due to stale lock files and EADDRINUSE errors (#68493).before_tts modifying hook to allow per-message voice routing (#69307).There is a recurring theme of failure in the interaction between token estimation and session compaction. When the system overestimates context usage (due to cache-token double-counting), it compacts too early. This is compounded by reports that compaction can sometimes emit empty fallback summaries (#72964) or break session invariants (#69269), turning a performance optimization into a data-loss event.
The claude-cli and other CLI-based backends are showing significant fragility. From session resets in group chats to billing-disabled false positives, the abstraction layer between the OpenClaw gateway and the external CLI binaries is currently a primary source of instability.
Several requests (#72991, #73082) highlight a gap in enterprise readiness. The lack of machine-wide hook policies and the need for readonly auto-approval scopes for canary skills suggest that OpenClaw's current security model is too user-centric and lacks the administrative controls required for regulated environments.
normalizeUsage and derivePromptTokens logic to ensure cacheRead tokens do not trigger premature compaction.claude-cli Session Resets (#69118): Remove extraSystemPromptHash from the session reuse key to stop the turn-2 amnesia in group channels.pdf tool to prevent indefinite hangs that zombie the entire agent session.