Agent DailyAgent Daily
releaseintermediate

[Release] openclaw/openclaw v2026.4.15-beta.1: OpenClaw 2026.4.15-beta.1

By steipetegithub
View original on github

OpenClaw v2026.4.15-beta.1 introduces significant enhancements across control UI, memory management, and security. Key additions include OAuth token health monitoring, cloud storage support for LanceDB memory indexes, GitHub Copilot embedding provider integration, and experimental lean mode for local models. The release focuses on security hardening with credential redaction, symlink protection, and improved authentication handling, alongside numerous bug fixes for CLI configuration, memory access control, and provider failover logic.

Key Points

  • Model Auth status card displays OAuth token health and provider rate-limit pressure with expiration alerts, backed by cached `models.authStatus` gateway method
  • LanceDB memory now supports cloud storage for durable indexes on remote object storage instead of local disk only
  • GitHub Copilot embedding provider added for memory search with dedicated host helper for plugin reuse and safer payload validation
  • Experimental `agents.defaults.experimental.localModelLean: true` reduces prompt size by dropping heavyweight default tools (browser, cron, message) for weaker local-model setups
  • Security fix: secrets redacted in exec approval prompts to prevent credential leakage in rendered content
  • Memory-core QMD backend now restricts file reads to canonical memory files and indexed documents, preventing generic workspace-file read bypass
  • Symlink protection added to workspace file operations via `fs-safe` helpers with real-path resolution from file descriptors
  • Gateway authentication uses constant-time comparison (`safeEqualSecret`) for MCP bearer tokens and enforces loopback origin checks
  • CLI configuration race conditions fixed by re-reading persisted config hash after writes
  • Cron/agents tool policy forwarding restored to ensure `--tools` allowlists and message-tool suppression take effect at runtime

Found this useful? Add it to a playbook for a step-by-step implementation guide.

Workflow Diagram

Start Process
Step A
Step B
Step C
Complete
Sign in to view workflow diagram
Quality

Concepts

Prompt Injection DefenseMCP ServersMemory SystemsSkills & ToolsDeploymentSetup & InfrastructureAgent TeamsReleasesTool UseSecurityMemory & IdentityAnnouncementsEcosystemInstallationUpdates & News

Artifacts (5)

Local Model Lean Configurationyamlconfig
agents:
  defaults:
    experimental:
      localModelLean: true
Memory LanceDB Cloud Storage Configurationyamlconfig
memory:
  lancedb:
    storage:
      type: cloud
      provider: s3  # or other remote object storage
      bucket: your-bucket-name
      region: us-east-1
Gateway Auth Resolution Patternjavascripttemplate
// Resolve active gateway bearer per-request
const auth = await getResolvedAuth();

// Use constant-time comparison for sensitive tokens
const isValid = safeEqualSecret(providedToken, expectedToken);

// Check loopback origin for MCP requests
const isLoopback = checkBrowserOrigin(request.origin);
// Allowed: 127.0.0.1:*, localhost:*, same-origin
Workspace File Safe Access Patternjavascripttemplate
// Use fs-safe helpers for workspace file operations
const content = await readFileWithinRoot(workspacePath, allowedRoot);
const fd = await openFileWithinRoot(filePath, allowedRoot);
const realPath = await getRealPathFromFD(fd); // Resolve from FD first

// Reject symlink aliases for allowlisted agent files
if (isSymlink(realPath)) {
  throw new Error('Symlink aliases not permitted');
}
QMD Memory File Access Restrictionsyamlconfig
# Allowed canonical memory files
allowed_files:
  - MEMORY.md
  - memory.md
  - DREAMS.md
  - dreams.md
  - memory/**
  - active_indexed_qmd_documents

# Denied: arbitrary workspace markdown paths
denied_patterns:
  - ../**
  - /etc/**
  - workspace_root/**