[Release] openclaw/openclaw v2026.5.3-beta.3: openclaw 2026.5.3-beta.3

OpenClaw v2026.5.3-beta.3 introduces a bundled file-transfer plugin with secure binary file operations, hardens plugin installation workflows, and optimizes Gateway performance through lazy-loading. Major improvements include enhanced channel support (WhatsApp, Discord, Telegram), improved agent runtime reliability, and numerous fixes for edge cases in streaming, transcription, and configuration management. The release emphasizes security (default-deny policies, symlink traversal protection), performance (startup optimization, hot-path trimming), and operational robustness (doctor command enhancements, state recovery).

Key Points

• •New bundled file-transfer plugin with `file_fetch`, `dir_list`, `dir_fetch`, `file_write` tools; implements default-deny per-node path policy with operator approval and 16 MB per-round-trip byte ceiling
• •Symlink traversal refused by default with opt-in `followSymlinks` flag for enhanced security on paired nodes
• •Gateway startup performance improved via lazy-loading of plugin/runtime discovery, cron, schema, shutdown, sessions, and model metadata
• •Plugin installation hardened: externalized plugins now behave like first-class package installs with improved npm dependency-state reporting and beta-channel update paths
• •New `/steer <message>` command enables queue-independent steering of active session runs without starting new turns when idle
• •`doctor --fix` now commits safe legacy migrations even with unrelated validation issues, ensuring `agents.defaults.llm` and legacy keys are cleaned up
• •WhatsApp Channel/Newsletter support with explicit `@newsletter` outbound message targets and channel session metadata routing
• •Unified `streaming.mode: "progress"` drafts with auto single-word status labels across Discord, Telegram, Matrix, Slack, and Microsoft Teams
• •Enhanced reliability: preserved streamed provider replies, delayed A2A session replies, prompt/tool delivery, memory recall, and web search provider discovery across edge cases
• •Sandbox container and browser registry entries stored as per-runtime shard files to reduce session lock contention during doctor migrations

Workflow Diagram

Concepts

Artifacts (6)

plugins:
  entries:
    file-transfer:
      config:
        nodes:
          - nodeId: "node-1"
            paths:
              - "/allowed/path"
            followSymlinks: false
            byteCeiling: 16777216  # 16 MB
            requireApproval: true

channels:
  streaming:
    mode: "progress"
    progress:
      label: true
      autoSingleWordStatus: true
  discord:
    statusReactions:
      trackToolCalls: true
  telegram:
    deliveryRecovery: true
  matrix:
    deliveryRecovery: true
  slack:
    deliveryRecovery: true
  teams:
    deliveryRecovery: true

channels:
  whatsapp:
    targets:
      - type: "newsletter"
        target: "@newsletter"
        sessionMetadata:
          channelId: "channel-123"
          routing: "channel-session"

/steer <message>

Description: Queue-independent steering of the active current-session run without starting a new turn when the session is idle.

Usage:
  /steer Continue with the next step
  /steer Reconsider the previous approach
  /steer Focus on the primary objective

openclaw doctor --fix

Behavior:
- Commits safe legacy migrations even when unrelated validation issues exist
- Cleans up known-legacy keys (e.g., agents.defaults.llm) regardless of other config problems
- Fails closed on invalid config during startup/hot-reload
- Owns last-known-good repair for invalid configurations
- Migrates legacy monolithic registry files to per-runtime shard files

/side <question>

Description: Alias for /btw side questions. Enables text and native slash-command usage.

Usage:
  /side What is the current context?
  /side Can you clarify this point?
  /side How does this relate to the main task?