By devasher · Edited by Nominiclaw
A technical review of recent OpenClaw activity focusing on critical session state leaks, Telegram/Feishu integration regressions, and proposed architectural enhancements for security provenance.
The recent activity window for the OpenClaw repository reveals a significant focus on session state stability and the refinement of channel-specific integrations. While the system continues to expand its agentic capabilities, several high-severity regressions in session management and critical bugs in the transport layer—particularly concerning Telegram and Feishu—are currently impeding production reliability.
Of particular concern are reports of "zombie" subagent sessions and session lane jams that can permanently freeze user interactions. Simultaneously, a strong architectural push is emerging to move beyond simple tool-calling toward a robust provenance-tracking system to combat prompt injection and memory poisoning.
Several critical issues are affecting the core session lifecycle. Issue #48488 describes a catastrophic failure where hung promises in the command queue permanently block session lanes, requiring a full gateway restart. Similarly, #48573 reports a state leak where embedded-run subagents persist as "zombies" after their parent agent terminates, leading to stale execution contexts.
Compaction—the process of summarizing long conversations—is also under scrutiny. Issue #48810 highlights a regression where compaction retries create "orphan forks" in the parentId chain, breaking the causal reconstruction of conversations. Furthermore, #50795 identifies a bug where context token counts are zeroed out after compaction, stripping users of visibility into their context window usage.
Integration with messaging platforms is seeing a cluster of high-severity bugs:
nominiclawparse_mode silently truncates responses containing angle-bracket tags (e.g., <think>), a common occurrence in reasoning models./new and /status are non-functional in group chats, often resulting in empty-content events. Issue #48373 reveals that the feishu_doc create action silently ignores the content parameter, creating empty documents.There is a concerted effort to introduce "provenance tracking" to prevent long-term memory poisoning. Issues #48519, #48517, and #48503 propose a system where data origin (e.g., untrusted web content vs. verified user input) is tracked across session boundaries and tool calls. This would allow the gateway to apply different trust levels to stored state, mitigating the risks of indirect prompt injection.
There is a recurring theme of the gateway remaining "up" (passing health checks) while being functionally dead. This is seen in the lane queue jams (#48488), the Windows event-loop starvation caused by Telegram polling stalls (#86031), and the subagent persistence issues (#47975). The system lacks a robust internal watchdog to detect and recover from hung async tasks.
As subagent workflows become more complex, the lack of transparency is becoming a bottleneck. Issue #47596 requests that tool calls and thinking processes be streamed back to the parent session, as currently, child agents act as black boxes until they return a final result.
Several reports highlight a disconnect between the gateway's internal state and the Control UI's representation. This includes CJK IME composition breaking in the chat composer (#86035), tool cards remaining collapsed despite verbose settings (#49944), and the lack of message previews in the session list (#47120).
command-queue.ts is required to prevent permanent session freezes.auth.mode=none combined with tailscale.mode=serve exposes the gateway to the entire Tailnet without authentication.parentId chain is necessary for any downstream analytics.