OpenClaw 2026.2.12: Security Hardening & Reliability
Release Date: February 13, 2026
This release focuses on what matters most: making OpenClaw more secure and reliable. No flashy features—just the kind of improvements that let you sleep better at night.
Security Hardening
We've closed several attack vectors that could affect self-hosted deployments:
SSRF Protection
URL-based file and image inputs now have explicit deny policies and hostname allowlists. Configure files.urlAllowlist and images.urlAllowlist to control which external URLs your agent can fetch. Blocked fetches are now audit-logged.
Browser Control Authentication
The browser control HTTP routes now require authentication by default. If you start browser control without auth configured, OpenClaw auto-generates a gateway.auth.token. This prevents unauthorized access to your browser automation.
Webhook Session Routing
POST /hooks/agent no longer accepts sessionKey overrides by default. If you need fixed hook contexts, set hooks.defaultSessionKey with hooks.allowedSessionKeyPrefixes. This prevents external webhooks from routing messages to arbitrary sessions.
Skills Sync Sandboxing
Mirrored skill sync destinations are now confined to the sandbox skills/ root. Skill names from frontmatter can no longer be used to write to arbitrary filesystem paths.
Reliability Improvements
Cron Jobs Finally Work™
We fixed six separate cron scheduler bugs:
- Jobs no longer skip when
nextRunAtMsadvances - Timers re-arm correctly when jobs are still executing
- No more duplicate fires when multiple jobs trigger simultaneously
- Scheduler errors are isolated—one bad job won't break others
- One-shot
atjobs don't re-fire after restart - Heartbeat scheduler won't stall on unexpected errors
If you've had flaky scheduled jobs, this release should fix it.
Graceful Restarts
The gateway now drains active turns before restarting. No more lost messages during updates or config changes.
Large Image Support
WebSocket payload limits raised so 5MB image attachments work reliably. Send those high-res screenshots without truncation.
Channel Improvements
Telegram
- Blockquotes now render as native
<blockquote>tags REACTION_INVALIDerrors surface as warnings instead of crashes
- Markdown bold (
**text**) and strikethrough (~~text~~) convert to WhatsApp formatting - Media-only sends work correctly
- Voice messages get proper MIME types
Quality of Life
Local Time Logs
openclaw logs --local-time
Finally see timestamps in your timezone instead of UTC. Includes ±HH:MM offset to avoid ambiguity.
Upgrading
# npm
npm i -g openclaw@latest
# or let your agent do it
/update
The gateway auto-restarts after update. Your sessions resume where they left off.
Full changelog: GitHub Releases
Learn alongside 1,000+ operators
Ask questions, share workflows, and get help from people running OpenClaw every day.
📚 Explore More
How to Configure OpenClaw: Complete Settings Guide (2026)
Configure OpenClaw in ~/.openclaw/openclaw.json: API keys, model providers, channels (WhatsApp/Telegram/Discord), security, and multi-agent routing. Copy-paste examples included.
Permissions, Sandbox & Security Settings
Configure sandbox isolation, tool permissions, exec security policies, and macOS permission grants for secure OpenClaw operation.
Salesforce
Connect OpenClaw to Salesforce CRM for AI sales assistance. Look up contacts, update deals, log activities, and manage your pipeline with natural language.
How to Connect AI to Google Calendar with OpenClaw (2026)
Connect OpenClaw to Google Calendar: create events, check your schedule, and get reminders via WhatsApp or Telegram. Just say 'add meeting tomorrow at 3pm.'