OpenClaw Issue Digest: Event Loop Saturation and Channel Delivery Regressions

The recent activity in the OpenClaw repository reveals a significant trend of performance degradation related to Node.js event-loop saturation, alongside several regressions in channel-specific delivery mechanisms. As the system scales to support more complex multi-agent workflows and diverse channel integrations, these bottlenecks are increasingly impacting real-time responsiveness and reliability.

Open Issues

Event Loop and Performance Bottlenecks

Several reports highlight severe event-loop blocking that leads to gateway timeouts and unresponsive agents:

• Startup Grace Windows: Issue #79915 reports false liveness warnings during cold starts because the diagnostic heartbeat lacks a startup grace window, causing warnings during legitimate blocking operations (model resolution, auth, etc.).
• Resource Loading Overhead: On Windows/NTFS, DefaultResourceLoader.reload() is blocking the event loop for 12-15 seconds per agent run due to synchronous filesystem scanning (#79899).
• Slack Provider Startup: A critical bug in the Slack provider causes the channels.slack.start-account phase to persist for over 10 minutes post-ready, blocking the event loop in bursts of 15-44 seconds (#79870).
• General Saturation: Heavy streaming combined with multi-channel load is causing eventLoopDelayMaxMs to spike up to 40 seconds, particularly during the stream-ready phase (#79838).

Channel Delivery and Integration Regressions

Delivery failures are appearing across multiple group chat integrations:

• Feishu & WeCom Group Failures: Both Feishu (#79881, #77869) and WeCom (#79800) are experiencing issues where the model completes a response successfully, but the reply is never delivered to the group chat, while direct messages (DMs) continue to work.
• Discord Regression: A regression in version 5.7 has caused Discord replies to stop appearing in channels entirely, despite responses being visible in the OpenClaw dashboard (#79893).
• WhatsApp Echo Bypass: The externalized @openclaw/whatsapp plugin is bypassing the echoTranscript functionality, meaning voice note transcripts are no longer echoed back to the chat (#79778).

Security and Isolation Gaps

• Privacy Bypass: A high-severity security issue (#70573) allows agents to bypass privacy isolation by using the read tool to directly access other agents' private memory files, rendering memorySearch.enabled=false ineffective.
• SSRF Guard Over-blocking: The SSRF guard is blocking hostnames ending in .internal (like host.docker.internal) even when allowPrivateNetwork is configured, breaking local provider connectivity in Docker (#79850).
• Tool Access Control: There is currently no per-path file access deny list for tools, meaning agents have unrestricted access to any file within the exec trust boundary, including sensitive .env or .ssh directories (#79167).

Key Themes

The "Silent Failure" Pattern

Many of the reported bugs follow a pattern where the system reports success internally, but the user sees nothing. This is evident in the group chat delivery issues (Feishu, WeCom, Telegram) and the Discord regression. In these cases, the trajectory files confirm the LLM generated a response, but the delivery layer failed to emit the final event to the plugin.

Provider-Specific Quirks

• Anthropic Prefill Rejections: Using Claude-Opus without fallbacks can lead to "poisoned" sessions where prefill rejections cause the agent to enter a loop of repeated tool calls and hallucinated results (#79887).
• Qwen 3.6 JSON Malformation: Qwen 3.6 occasionally appends spurious colons to JSON keys in tool calls, causing validation failures (#79819).
• Codex Auth Expiration: The Codex provider fails to use refresh tokens for expired id_tokens, forcing users to manually re-login every hour (#79871).

Infrastructure and DX

There is a growing demand for better observability and stability in the TUI and Control UI, including requests for KaTeX math rendering (#79873) and a "quiet status" mode for cleaner demo recordings (#79859).

Action Required

High Priority / Blocked

• Security Fix (#70573): Immediate attention is needed to implement agent-level file path allowlists to prevent private memory leaks.
• Event Loop Relief (#79870, #79899): The synchronous filesystem scanning on Windows and the Slack provider startup loop are causing systemic instability and should be prioritized for async conversion or caching.
• Group Delivery Fixes (#79881, #79800, #79893): The regression in group chat delivery across Feishu, WeCom, and Discord is a major blocker for multi-user deployments.

Contributor Attention Needed

• Codex Watchdog (#79810): The 30s hardcoded timeout for dynamic tools is too short for image generation and needs to be made configurable.
• Plugin Registry Collision (#79834): The collision between bundled openrouter and custom router-plugin keys is causing custom plugins to drop on restart.