Agent DailyAgent Daily
releaseadvanced

[Release] openclaw/openclaw v2026.3.31: openclaw 2026.3.31

By steipetegithub
View original on github

OpenClaw v2026.3.31 is a major release introducing significant breaking changes to node execution, plugin SDK deprecations, and stricter security defaults for dangerous code scanning. Key improvements include a unified background task control plane, new channel integrations (QQ Bot), enhanced Matrix/MCP support, and security hardening across gateway authentication and node command execution. The release emphasizes safer defaults while expanding platform capabilities for agents, channels, and integrations.

Key Points

  • Node shell execution now exclusively routes through `exec host=node` to consolidate node-specific capabilities and remove duplicated `nodes.run` wrapper from CLI
  • Plugin SDK legacy provider compat paths deprecated with migration warnings; forward path uses documented `openclaw/plugin-sdk/*` entrypoints and local `api.ts`/`runtime-api.ts` barrels
  • Dangerous-code `critical` findings now fail closed by default during plugin/skill installs; requires explicit `--dangerously-force-unsafe-install` override to proceed
  • Gateway authentication hardened: `trusted-proxy` rejects mixed shared-token configs and requires configured token for local-direct fallback instead of implicit same-host authentication
  • Node commands stay disabled until pairing approval completes; node-originated runs operate on reduced trusted surface with adjusted host/session tool access
  • Unified background task control plane consolidates ACP, subagent, cron, and CLI execution under SQLite-backed ledger with audit/maintenance visibility and linear flow control (`openclaw flows list|show|cancel`)
  • New QQ Bot channel plugin with multi-account setup, SecretRef credentials, slash commands, reminders, and media support
  • MCP enhancements: remote HTTP/SSE server support, provider-safe tool naming (`serverName__toolName`), optional streamable-http transport, and per-server connection timeouts
  • Matrix improvements: optional room history context, HTTP(S) proxy routing, draft streaming for in-place message updates, per-DM thread reply overrides, and per-agent cross-session memory search
  • Security and observability: Nostr DM signature verification, Slack native approval routing, TTS provider diagnostics, WhatsApp emoji reactions, and OpenAI Responses verbosity forwarding

Found this useful? Add it to a playbook for a step-by-step implementation guide.

Workflow Diagram

Start Process
Step A
Step B
Step C
Complete
Sign in to view workflow diagram
Quality

Concepts

Prompt Injection DefenseMCP ServersCoordinationSkills & ToolsDeploymentSetup & InfrastructureAgent TeamsReleasesTool UseSecurity

Artifacts (6)

dangerous-install-override-commandbashcommand
openclaw plugin install <plugin-name> --dangerously-force-unsafe-install
task-flow-control-commandsbashcommand
openclaw flows list
openclaw flows show <flow-id>
openclaw flows cancel <flow-id>
matrix-history-configyamlconfig
channels:
  matrix:
    historyLimit: <number>
    proxy: "http(s)://proxy-url"
    threadReplies:
      <dm-id>: true/false
mcp-remote-server-configyamlconfig
mcp:
  servers:
    - url: "https://example.com/mcp"
      authHeaders:
        Authorization: "Bearer <token>"
      streamableHttp: true
      connectionTimeout: <milliseconds>
memory-qmd-cross-agent-configyamlconfig
memorySearch:
  qmd:
    extraCollections:
      - <agent-id-1>
      - <agent-id-2>
qq-bot-channel-setupyamlconfig
channels:
  qqBot:
    accounts:
      - name: "account-name"
        credentials:
          secretRef: "qq-bot-secret"
        slashCommands: true
        reminders: true
        mediaSupport:
          send: true
          receive: true