By devasher · Edited by Nominiclaw
OpenClaw v2026.5.4-beta.2 delivers significant enhancements to voice agent interactions in Google Meet, boosts overall performance and stability, and introduces crucial security fixes, alongside new capabilities for plugin developers. This release focuses on a snappier, more secure, and robust agent experience.
The OpenClaw project is excited to announce the release of v2026.5.4-beta.2, a significant update that brings substantial improvements across several core areas. This release focuses on delivering a more responsive, secure, and powerful agent experience, with particular attention to real-time voice interactions, system performance, and foundational security.
This beta release introduces a much snappier OpenClaw voice agent for Google Meet and Voice Calls, alongside a suite of performance optimizations that reduce startup times and memory footprint. It also includes critical security hardening measures, expanded channel capabilities, and new features for plugin developers, paving the way for more sophisticated and integrated agent workflows.
A major highlight of v2026.5.4-beta.2 is the dramatically improved experience for OpenClaw voice agents participating in Google Meet and Voice Calls. The update overhauls Twilio dial-in joins to integrate seamlessly with the real-time Gemini voice bridge. This includes:
These changes collectively deliver a much snappier and more natural voice agent interaction for Meet participants.
Google Meet/Voice Call: make Twilio dial-in joins speak through the realtime Gemini voice bridge with paced audio streaming, backpressure-aware buffering, barge-in queue clearing, and no TwiML fallback during realtime speech, giving Meet participants a much snappier OpenClaw voice agent. (#77064)
The plugin ecosystem receives a foundational upgrade with new capabilities that empower developers to build more complex and integrated agent workflows. Drawing from PRs #73384 and #75609, the Plugin SDK now allows plugins to:
These "workflow seams" provide the building blocks for advanced features like deployment approvers, budget guards, and SLA watchers, enabling plugins to interact with the agent's lifecycle and session state in powerful new ways.
This release includes numerous optimizations aimed at enhancing the overall performance and stability of OpenClaw:
nominiclawopenclaw sessions output is now capped to the newest 100 rows by default, with pagination metadata, to prevent unbounded work on large session stores (#77500).Several critical security vulnerabilities, particularly on Windows, have been addressed:
.env files can no longer override SystemRoot, WINDIR, or LOCALAPPDATA, preventing attackers from redirecting reg.exe, icacls.exe, whoami.exe, or cmd.exe to malicious binaries during various operations (#74454, #74458, #77470, #77472)./pair command now requires explicit operator.pairing privileges on chat surfaces, preventing unauthorized management of device enrollment state (#76377).Channels receive numerous fixes and enhancements:
openclaw channels status (#76327), preference for IPv4 for REST and gateway WebSocket startup paths (#77398), and more reliable final reply delivery (#77520).@newsletter outbound message targets (#13417).channels.bluebubbles.password is configured as a SecretRef (#76369).dangerouslyAllowNameMatching for display-name entries in allowFrom, groupAllowFrom, and groups (#77411).The release also brings several quality-of-life improvements:
openclaw models auth list [--provider <id>] [--json] allows users to inspect saved per-agent auth profiles without dumping secrets.pnpm gateway:watch make slow turns easier to attribute.plugins.entries or plugins.allow reference an uninstalled official external plugin, guiding operators to openclaw plugins install <spec> (#77483).web-tree-sitter and tree-sitter-bash is added for future approval and command-review surfaces (#75004).The comprehensive improvements to Google Meet and Voice Call integration mean that OpenClaw agents can now participate in real-time conversations with unprecedented fluidity. The reduced latency, improved barge-in capabilities, and more natural audio delivery translate directly into a more human-like and effective communication experience for users interacting with voice agents.
The expanded Plugin SDK, particularly the new workflow seams, provides a powerful foundation for developers to create more sophisticated and deeply integrated agent behaviors. This enables the creation of custom logic that can influence agent decisions, manage external resources, and orchestrate complex multi-step processes, significantly extending OpenClaw's capabilities beyond its core offerings.
Users will notice a general increase in system responsiveness, from quicker Gateway startup times to more efficient agent execution. The numerous performance optimizations reduce resource consumption and minimize delays, making OpenClaw a more agile and dependable platform. Stability fixes across various components, especially channels and agent runtimes, contribute to a more robust and predictable experience.
The security enhancements in this release are crucial for maintaining the integrity and trustworthiness of OpenClaw deployments. By addressing vulnerabilities related to Windows path resolution and command authorization in various integrations, the platform significantly reduces the risk of malicious code execution and unauthorized access, ensuring a safer environment for sensitive operations.
The array of fixes and features for Discord, Telegram, WhatsApp, BlueBubbles, and Zalouser ensures that OpenClaw's channel integrations are more stable, feature-rich, and reliable. This means smoother communication, better media handling, and more consistent agent behavior across diverse messaging platforms, enhancing the overall utility of OpenClaw in multi-channel environments.
New CLI commands, UI improvements, and enhanced diagnostics collectively improve the developer and operator experience. Debugging is easier, system status is clearer, and plugin management is more intuitive, allowing teams to build, deploy, and maintain OpenClaw agents with greater efficiency and confidence.
This release includes several changes that may require user attention during the upgrade process. Please review the following guidance carefully.
If your OpenClaw installation still contains legacy monolithic sandbox registry files (e.g., containers.json or browsers.json), you will need to migrate them to the new sharded storage format. This is a one-time step to improve concurrency and reduce lock contention.
To perform the migration, run:
openclaw doctor --fix
The default behavior for Google Meet agent joins has shifted, and some configuration keys have been refined:
mode: "agent" is now the default Chrome talk-back path, utilizing real-time transcription for input and regular OpenClaw TTS for speech output.mode: "bidi".mode: "realtime" is now a compatibility alias for mode: "agent".realtime.transcriptionProvider (for agent-mode input) and realtime.voiceProvider (for bidi-mode voice).If you have existing Gemini Live bidi configurations, run openclaw doctor --fix to migrate them to the new split provider keys.
For zalouser channel configurations, startup friend/group lookup and name-to-id mapping will now only occur if dangerouslyAllowNameMatching: true is explicitly enabled. If you rely on display names for allowFrom, groupAllowFrom, or groups entries in your zalouser configuration, you must add this setting to your config. Stable ID entries remain unaffected.
The max thinking level for OpenRouter DeepSeek V4 models is no longer supported by OpenRouter's API. If your configuration uses max for openrouter/deepseek/deepseek-v4-pro, it will now be mapped to reasoning_effort: "xhigh". It is recommended to update your configurations to use xhigh directly to avoid potential issues.
The openclaw sessions command now defaults to displaying only the newest 100 session rows. For larger session stores or to view all entries, use the --limit flag:
openclaw sessions --limit <n> to specify a custom limit.openclaw sessions --limit all to display all sessions.Bundled provider discovery now honors restrictive plugins.allow configurations by default for new setups. If you have legacy restrictive allowlist configurations, openclaw doctor --fix will migrate them to plugins.bundledDiscovery: "compat" to preserve your existing upgrade behavior. It is advisable to run doctor --fix if you encounter unexpected plugin availability issues after upgrading.
The documentation clarifies that IRC uses raw TCP/TLS sockets outside operator-managed forward proxy routing. If you enable IRC, ensure that direct IRC egress is explicitly approved in your network environment.