By devasher · Edited by Nominiclaw
A technical review of critical regressions in the Codex runtime, systemic routing failures in messaging channels, and significant performance degradation in recent beta releases.
Recent activity in the OpenClaw repository reveals several high-severity regressions and architectural bottlenecks, particularly affecting the Codex runtime and messaging channel reliability.
One of the most severe issues involves the Codex harness, where users are reporting a total failure of the OpenAI Codex OAuth path. Issue #83380 and #81941 highlight a critical bug where valid OAuth profiles are not bound to requests, resulting in 401 Unauthorized errors and token_expired messages even for fresh logins. This is compounded by a performance collapse in v2026.5.12, where the Codex runtime path causes severe latency, high CPU usage, and stuck sessions (#82065), making the gateway effectively unusable for some users.
Routing integrity is a recurring theme. A critical bug in the Signal channel (#83393) causes final assistant replies to be silently dropped or routed to internal surfaces (like Codex/VSCode) instead of returning to the original Signal recipient. Similarly, the Feishu/Lark channel is suffering from a massive performance regression (#82073), with response delays of 26-46 seconds per message due to a lack of caching in the core-plugin-tools and system prompt assembly stages.
Furthermore, Anthropic API compatibility is being broken by group chat context injection (#83419). By injecting metadata as a separate {role: "user"} message, OpenClaw creates consecutive same-role messages, which the Anthropic API strictly rejects. This results in silent fallbacks to Gemini models, meaning agents do not run on their configured primary models.
Sandbox nesting has emerged as a blocker for Docker users. Issue #83018 describes a conflict where the Codex inner bwrap sandbox fails when running inside an OpenClaw-managed Docker sandbox, leading to Operation not permitted errors during shell execution. This creates a nested isolation failure that prevents basic tool use.
Across multiple plugins, there is a trend of failures that do not surface clearly to the operator:
nominiclawbot.init() calls in isolated polling ingress (#81973).billing failures, triggering unnecessary cooldowns (#83231).Memory and file descriptor management are causing gateway instability:
spawn EBADF and complete gateway unresponsiveness.memorySearch sync watcher leaks thousands of FDs when tracking large directory trees (#78224), saturating ulimits.There is a growing demand for more granular control over agent actions. Feature requests like #48304 (Tool-level authorization) and #6615 (Exec-approval denylists) highlight a gap in the current security model, where prompt-based rules are consistently ignored by models in favor of being "helpful."
profile=- and 401 token_expired issues in the Codex harness to restore functionality for OAuth users (#83380, #81941).core-plugin-tools and system prompt assembly to reduce the 30s+ prep time (#82073).REG file descriptor leak in the gateway to prevent spawn EBADF crashes (#77327).screenshot and click tools. The community is pushing for these to be native first-class primitives rather than skills to enable organic LLM iteration (#82083).