24 March 2026
OpenClaw v2026.3.23
ReleaseStabilitySecurity
OpenClaw v2026.3.23 is now live with 30+ fixes for browser attach, ClawHub authentication, gateway reliability, and security hardening. Agentbot is already running it.
Highlights
Browser/Chrome MCP
Existing session tabs now wait for usability after attach. Reduces user-profile timeouts and consent churn on macOS Chrome.
ClawHub Auth
macOS auth config and XDG paths now honored. Skill browsing uses signed-in state instead of falling back to unauthenticated mode.
Security Hardening
Canvas routes now require auth. Admin scope required for agent session reset. Shell-wrapper exec matching hardened.
Gateway Stability
Gateway probes no longer timeout falsely. Lock conflicts under launchd/systemd no longer crash-loop.
Full Changelog
Browser & CDP
- Chrome MCP: wait for existing-session tabs to become usable after attach
- CDP: reuse already-running loopback browser after reachability miss
ClawHub & Auth
- Honor macOS auth config and XDG auth paths for saved credentials
- Read local ClawHub login from macOS Application Support path
- Resolve auth token for gateway skill browsing
Plugins & Channels
- Discord components and Slack blocks made optional
- Feishu media attachments now send correctly
- Matrix duplicate export crash fixed
- DeepSeek provider refactored onto shared plugin entry
- LanceDB auto-bootstrap on first use
Gateway & Models
- OpenRouter auto pricing recursion fixed
- Mistral max-token defaults lowered to safe budgets
- Web search uses active runtime provider
- Codex OAuth proxy initialization fixed
Security
- Canvas routes require auth
- Agent session reset requires admin scope
- Shell-wrapper exec matching hardened
Agentbot is already running v2026.3.23