OpenClaw’s Massive v2026.3.7/3.8 Update: Plug‑in Context Engine and Persistent Agents

Background: What is OpenClaw?

OpenClaw is a cross‑platform personal AI assistant framework that can connect to Telegram, Discord, Slack, Feishu, WeChat Work and other instant‑messaging platforms. It runs on the user’s own server and can interface with large‑model back‑ends such as OpenAI, Anthropic, Google Gemini, Ollama, turning AI chat into a self‑hosted, customizable infrastructure.

At the time of writing it has over 286 000 GitHub stars, making it one of the fastest‑growing AI open‑source projects.

v2026.3.7 – Architecture‑level upgrades

1. Plug‑in ContextEngine

The release adds a new ContextEngine plugin interface with lifecycle hooks bootstrap, ingest, assemble, compact, etc. Previously only a built‑in compaction strategy existed; now developers can write custom plugins such as lossless-claw to manage context selection and merging. When no plugin is installed behavior is unchanged, so the upgrade is non‑breaking.

2. ACP persistent binding

ACP (Agent Client Protocol) previously created temporary bindings that disappeared when a thread closed. v2026.3.7 stores bindings persistently, allowing an agent to be attached to a top‑level Discord channel or a Telegram topic and survive restarts. Onur Solmaz demonstrated that coding agents like Claude Code or Codex can now stay active in a channel and execute code tasks.

3. GPT‑5.4 and Gemini 3.1 Flash‑Lite support

The version integrates OpenAI’s GPT‑5.4 (via the openai‑codex interface, offering a 1.05 M‑token context window and 128 k max‑token output) and Google’s Gemini 3.1 Flash‑Lite preview. The team also fixed legacy Codex parameter limits to align the model’s capabilities with the advertised limits.

4. Docker slim image via multi‑stage build

A standard multi‑stage Docker build is introduced together with the OPENCLAW_VARIANT=slim option, producing a bookworm‑slim based image that is considerably smaller and starts faster on VPS or container clusters.

5. SecretRef gateway authentication

Security is improved by adding a SecretRef mode for gateway tokens, removing the need to store plain‑text tokens in configuration files. This change is breaking: when both gateway.auth.token and gateway.auth.password are present, gateway.auth.mode must be set to token or password.

Other notable changes

HEIF image support – direct handling of iPhone‑taken HEIF photos.

Zalo channel adaptation – Vietnamese platform optimizations.

iOS App Store compliance – client aligns with store requirements.

Talk mode silent‑timeout configuration – configurable silence period in voice interactions.

Web‑search Brave LLM context mode – more precise LLM summaries when invoking Brave search.

Routing‑binding performance index – pre‑indexes large binding configs to avoid multi‑second stalls.

Bug‑fixes span Telegram message deduplication, browser CDP compatibility, Ollama remote authentication, and Feishu streaming card push, illustrating the project’s engineering complexity.

v2026.3.8 – Security and stability hardening

1. ACP Provenance

Adds provenance metadata so an agent knows who invoked it. Three modes are available via openclaw acp --provenance off|meta|meta+receipt. This aids multi‑tenant deployments and audit scenarios by recording source context and request IDs.

2. Built‑in backup system

Commands openclaw backup create and openclaw backup verify enable configuration‑only backups ( --only-config) and exclusion of workspaces ( --no-include-workspace). The system now prompts for a backup before destructive operations.

3. Telegram message deduplication

Deduplication granularity shifts from “per session key” to “per agent”, eliminating duplicate replies when both agent:main:main and agent:main:telegram:direct:<id> match.

4. Twelve security fixes

Browser SSRF protection – blocks private‑network redirects in strict navigation flows.

MS Teams allowlist bypass fix – hardens authorization. system.run binding hardening – prevents post‑approval script tampering.

Skills download isolation – prevents tool paths from being rebound outside target directories.

Additional fixes address macOS Talk mode crashes, TUI theme auto‑detection via COLORFGBG, gateway restart timeout handling, and cron restart throttling.

Overall, v2026.3.7 and v2026.3.8 together deliver a comprehensive upgrade from architecture to security. The plug‑in ContextEngine improves extensibility, ACP persistence lets agents reside in daily workflows, and the new backup and hardening features make production deployments safer. Users should verify the breaking change to gateway.auth.mode before upgrading.

Project URL: https://github.com/openclaw/openclaw