Agent DailyAgent Daily
releaseintermediate

[Release] openclaw/openclaw v2026.5.12-beta.6: openclaw 2026.5.12-beta.6

By github-actions[bot]github
View original on github

OpenClaw v2026.5.12-beta.6 is a comprehensive bug-fix and security-hardening release addressing 50+ issues across messaging channels, agent sessions, gateway protocols, plugin management, and authentication. Key improvements include fixing iMessage media handling, agent-to-agent messaging reliability, OAuth token exchange for GitHub Copilot, plugin dependency management, and enforcing stricter security controls for device pairing and proxy access. The release prioritizes stability in multi-agent communication, transcript redaction consistency, and dependency isolation while maintaining backward compatibility.

Key Points

  • Fixed iMessage media-only sends to eliminate visible placeholder text while preserving internal echo prevention mechanisms
  • Resolved agent-to-agent messaging failures by creating configured agent sessions before first send operations
  • Enhanced GitHub Copilot integration with proper OAuth token exchange and Gemini image payload routing through Chat Completions
  • Implemented stricter security controls requiring explicit approval for device pairing (setup-code, browser, Control UI) and hardened trusted-proxy validation
  • Improved plugin dependency management by preserving peer dependencies, limiting install-time code scans to plugin entrypoints, and pruning orphaned dependencies after removal
  • Standardized session transcript redaction across CLI, gateway, mirrors, and tool results using centralized configuration
  • Fixed agent idle watchdog timeouts through profile rotation and model fallback to prevent stuck turns on silent model streams
  • Enhanced gateway protocol with explicit chat deltaText/replace frames for SDK clients and improved Node pairing visibility controls
  • Resolved Telegram polling stalls by detecting liveness from getUpdates only and handling token rotation with legacy offset cleanup
  • Strengthened Docker security by pinning container paths to prevent host .env leaks and mounting auth-profile secret directories for OAuth persistence

Found this useful? Add it to a playbook for a step-by-step implementation guide.

Workflow Diagram

Start Process
Step A
Step B
Step C
Complete
Sign in to view workflow diagram
Quality

Concepts

IntegrationsCoordinationDockerMulti-Agent SystemsDeploymentAgent TeamsReleasesSecurityUpdates & News