releaseintermediate

[Release] openclaw/openclaw v2026.5.3-1: openclaw 2026.5.3-1

By steipeteMay 4, 2026github

OpenClaw v2026.5.3-1 is a hotfix release for the npm core package addressing a security scanner issue. The fix prevents the install scanner from incorrectly blocking official bundled plugin packages when process.env access and API calls appear in different sections of the compiled bundle. The updated package is published on the beta dist-tag for testing before stable release.

Key Points

•Security scanner was incorrectly flagging official bundled plugins as blocked
•Issue occurred when process.env access and API sends appeared in distant parts of compiled bundle
•Hotfix modifies plugin/security scanning logic to allow legitimate bundled packages
•Core npm package published as openclaw@2026.5.3-1 on beta dist-tag
•Enables proper installation of official plugins without false-positive security blocks
•Targets compiled bundle analysis to distinguish between legitimate and suspicious patterns

Found this useful? Add it to a playbook for a step-by-step implementation guide.

Workflow Diagram

Start Process

Step A

Step B

Step C

Complete

Quality★★★★★

Concepts

Prompt Injection Defense Integrations MCP Servers Releases Security Security Scanning