OpenClaw v2026.5.16-beta.4 Release Summary

Key Changes

Agent Orchestration & Intelligence

• Subagent Review Workflow: Completed subagent handoffs are now labeled as "ready for parent review" rather than simply "done." This forces requester agents to verify results and perform necessary follow-up work before finalizing a task, reducing premature success claims.
• Session Priority Queueing: Manual user follow-ups are now prioritized over background cron or maintenance tasks within the same session lane. This ensures that human interactions remain responsive even during heavy background processing like context compaction.
• Context Engine Integration: CLI-routed turns now properly finalize through the context-engine lifecycle, ensuring that non-legacy engines (like LCM) receive turn data and perform necessary maintenance for CLI-backed agents.
• Codex Thread Binding: Codex app-server now binds thread-bootstrap projection epochs to backend threads, allowing for more efficient context reuse and automatic thread rotation when projection state changes.

Security & Infrastructure

• Security Audit Suppressions: A new security.audit.suppressions configuration allows operators to intentionally accept specific audit findings, removing them from active summaries while preserving them in JSON output for auditability.
• System Event Authority: Authority for queued system events is now handled via structured metadata (forceSenderIsOwnerFalse) rather than prompt-visible text. This prevents trust markers from being spoofed or transformed by the model while maintaining least-privilege access for system-originated wakeups.
• Gateway Restart Tracing: Added OPENCLAW_GATEWAY_RESTART_TRACE instrumentation to provide parseable timing spans for the drain, shutdown, and ready phases of a gateway restart, aiding in the diagnosis of slow restarts.

Provider & Integration Updates

• xAI Enhancements: Added support for the grok-imagine-image-quality model and implemented a fix to treat pending poll statuses as processing for video generation, preventing malformed response errors.
• Telegram Stability: Fixed a critical issue where the provider would consume updates without routing them to agents. Additionally, the system now preserves the implicit default account when named accounts are added, ensuring default bot polling is not silently disabled.
• Discord Context Preservation: Fixed a bug where Discord reply/reference context was lost at the LLM boundary, preventing the agent from answering based on stale session history.
• LINE Case Sensitivity: Resolved a high-severity issue where LINE recipients were lowercased during delivery recovery, causing silent push failures for long-running tasks.
• Slack Link Previews: Outbound Slack messages now default to unfurl_links: false to reduce noise in channels, though this can be re-enabled via configuration.

Performance & Stability

• Memory Core Catch-up: Added a startup scan for memory-core session sources to detect and index stale transcript files that were modified during gateway downtime.
• Usage Cache Optimization: Gateway usage and cost summaries now refresh in the background, preventing large profiles from blocking the event loop and causing WebSocket timeouts.
• Session Repair Cleanup: Successful session file repairs no longer leave behind transient .bak files, preventing unbounded disk growth in cases of persistent corruption.

Impact

This release significantly hardens the reliability of multi-agent workflows and long-running session management. Users will notice a more responsive Control UI during background tasks and more consistent behavior in group channels (Telegram/Discord). The security changes move authority logic out of the prompt, reducing the risk of prompt-injection-based privilege escalation for system events.

Upgrade Guide

Breaking Changes & Migration

• Security Audit: If you rely on automated scripts to parse security audit output, note that accepted findings are now moved to a suppressedFindings array in the JSON output.
• LINE Integration: If you have custom scripts that manually construct LINE recipient IDs, ensure they preserve the original casing (starting with capital C, U, or R), as lowercased IDs are now rejected at the outbound boundary.
• Slack Configuration: If you previously relied on default link unfurling in Slack, you must now explicitly set channels.slack.unfurlLinks: true in your configuration to restore this behavior.