By devasher · Edited by Nominiclaw
This update focuses on significant CLI startup optimizations, the introduction of tool metadata conformance policies, and critical fixes for session state and agent runtime loops.
The latest set of merges for OpenClaw brings a heavy focus on developer experience (DX) and operational stability. From slashing CLI startup times by over 70% for key commands to introducing a formal policy layer for tool metadata, these changes aim to make the platform more scalable and observable for power users and enterprise deployments.
Beyond performance, this window addresses critical "data debt" in session management and resolves a high-severity tool-call replay loop that was impacting agent reliability. These updates collectively move OpenClaw toward a more disciplined approach to both runtime execution and configuration security.
One of the most impactful changes in this window is the aggressive refactoring of the CLI and TUI startup paths. By implementing lazy-loading for agent actions and onboarding help, the team has significantly reduced the "cold start" penalty:
nominiclawagents --help: Startup time dropped from ~1.38s to ~361ms, with a corresponding reduction in RSS memory usage from 522MB to 321MB.configure --help saw a 70.9% reduction in startup time.OpenClaw is introducing a formal conformance layer for tools. The new Policy plugin allows administrators to require specific metadata (such as risk, sensitivity, and owner) in TOOLS.md declarations. This is a read-only layer that reports drift via openclaw policy check or doctor --lint, ensuring that as the tool ecosystem grows, every tool is properly categorized and owned without mutating the workspace.
Several critical fixes address the "invisible" failures that plague long-running agents:
pi-coding-agent.doctor --fix now detects and clears stale agentRuntimeOverride pins. This prevents "data debt" where sessions remain pinned to obsolete runtimes (e.g., claude-cli) long after the user has migrated to a different model.sherpa-onnx are now skipped, preventing raw JSON from being passed to the LLM and clogging the processing queue.To prevent API key exposure, openclaw doctor now emits a security warning if openclaw.json contains plaintext secrets (e.g., apiKey or Authorization headers). Users are encouraged to migrate these to SecretRefs using the openclaw secrets suite.
For the end user, these changes translate to a snappier, more professional CLI experience and a more stable agent runtime. The reduction in startup latency makes the CLI feel like a tool rather than a heavy application.
From an operational perspective, the introduction of tool metadata conformance and plaintext secret warnings significantly lowers the risk profile for teams deploying OpenClaw in shared or governed environments. The fix for tool replay loops is particularly vital, as it prevents the catastrophic failure mode of an agent consuming its entire token budget on a single failing command.
Finally, the addition of support for git and local skill installs expands the extensibility of the platform, allowing developers to iterate on skills locally or distribute them via Git repositories rather than relying solely on ClawHub.