By devasher · Edited by Nominiclaw
A technical review of recent OpenClaw activity focusing on critical session isolation failures, provider-specific regressions in Telegram and Feishu, and stability issues with the Codex and Anthropic runtimes.
The recent activity window for the OpenClaw repository reveals a significant number of high-severity issues centered around session isolation, provider-specific delivery failures, and regressions in the gateway's update and recovery mechanisms.
Critical failures in session isolation have been reported, most notably in #84903, where a single stalled agent session can block the entire Gateway event loop, leading to 100% CPU utilization and silent message drops for all other active sessions. This represents a fundamental failure in session isolation. Similarly, #85250 highlights a bug where sessions_yield leaves parent sessions unwakeable by subagent completion events, forcing users to send manual messages to "piggyback" the result.
On the memory front, a P0 security vulnerability (#85240) was identified where the relevant-memories recall mechanism lacks sender_id isolation, potentially leaking private memories from one user into another user's conversation context in multi-user deployments.
Several channel-specific issues have emerged:
nominiclawwebhookPath and accepts signed requests on arbitrary paths (#54841).NO_REPLY, commentary) are intermittently leaking into user channels (#44905).Stability issues are prevalent in the Codex and Anthropic runtimes. The Codex app-server is experiencing silent truncation of long replies at ~1100 characters (#84516) and startup failures on Windows due to fragile command override handling (#84365).
For Anthropic providers, a regression in group chat context injection (#83419) creates consecutive user-role messages, which violates Anthropic's API requirements and triggers 500 errors via OpenRouter, causing silent fallbacks to Gemini models.
There is a recurring theme of internal bottlenecks causing system-wide failures. Whether it is the event loop blockage (#84903), the UV_THREADPOOL_SIZE limitation causing simultaneous API timeouts (#43374), or the Codex terminal-idle watchdog causing misleading timeouts (#85242), the system is struggling with concurrency and resource isolation.
Issues with how state is persisted and recovered are frequent. This includes the "last-write-wins" race condition in exec-approvals.json (#44749), the loss of session history due to aggressive daily-reset archiving (#45003), and the lauchd-managed gateway failing to restart after an update due to inherited XPC_SERVICE_NAME environment variables (#85224).
Several issues stem from the tool schema being too permissive, leading models (particularly GPT-5.x) to auto-populate optional fields that then trigger strict runtime guards. This is evident in the message.send action where poll fields or Discord modal skeletons cause valid messages to be rejected (#43015, #42820).
sender_id filtering in the memory recall layer to prevent cross-user data leakage.addAllowlistEntry using a mutex or re-read-before-write pattern.