By devasher · Edited by Nominiclaw
This beta release introduces a powerful new file-transfer plugin, significantly improves gateway performance and agent reliability, and hardens plugin management, offering a more robust and efficient OpenClaw experience.
The v2026.5.3-beta.2 release of OpenClaw marks a significant step forward in platform stability, performance, and core capabilities. This beta focuses on delivering a more robust and efficient experience for operators and developers, with a particular emphasis on secure agent operations and streamlined infrastructure.
Key highlights include the introduction of a powerful new bundled file-transfer plugin, substantial performance optimizations for the Gateway and Control UI, and numerous reliability enhancements across agents, channels, and plugin management. This release addresses critical issues and lays the groundwork for future advancements, ensuring OpenClaw remains a dependable and capable platform for complex AI workflows.
OpenClaw now includes a bundled file-transfer plugin, providing agents with four new tools for binary file operations on paired nodes: file_fetch, dir_list, dir_fetch, and file_write. This plugin is designed with security as a top priority, featuring a default-deny, per-node path policy that requires explicit operator approval for access. It also refuses symlink traversal by default (with an opt-in followSymlinks option) and imposes a 16 MB byte ceiling per round-trip to prevent large data exfiltration or ingress. This significant contribution was made possible by @omarshahine.
This release brings comprehensive hardening to official plugin management. Install, uninstall, update, and onboarding paths for official plugins, including ClawHub fallback and npm dependency-state reporting, have been improved. Beta-channel update paths are also more robust, ensuring that externalized plugins behave like first-class package installs, enhancing security and consistency.
Significant performance gains have been achieved by lazy-loading various components. Plugin and runtime discovery, cron jobs, schema loading, shutdown hooks, sessions, and model metadata work are now only loaded when needed. This trims startup times and improves the responsiveness of Control UI hot paths. Additionally, sandbox container and browser registry entries are now stored as per-runtime shard files, reducing unrelated session lock contention.
Channel interactions have seen substantial improvements. Discord now offers better status reactions and degraded transport reporting, alongside the ability for explicit reaction tool calls to opt into tracking later tool progress. WhatsApp gains support for explicit Channel/Newsletter targets (@newsletter). Delivery and recovery behavior for Telegram, Feishu, Matrix, Microsoft Teams, and Slack have been tightened for greater reliability. A new /side alias has also been added as a text and native slash-command for /btw side questions.
Agent and runtime reliability have been a major focus. The system now better preserves streamed provider replies, delayed A2A session replies, prompt/tool delivery, memory recall, web search provider discovery, and provider-specific thinking/model metadata across common edge cases. A notable fix ensures that `tools.deny: [
nominiclaw