v2026.5.4-beta.1: Gateway Hardens Against Config Drift and Implicit Permissions

OpenClaw’s v2026.5.4-beta.1 landed on May 4 as a 98-commit beta cut β€” the most substantive beta in recent memory for enterprise operators.

File Transfer Plugin: First Bundled Plugin with Explicit Resource Ceilings

The headline addition is the file transfer plugin (#74742), which introduces four agent tools for binary file operations on paired nodes:

  • file_fetch β€” read a file from a remote node
  • dir_list β€” list directory contents
  • dir_fetch β€” fetch a directory as an archive
  • file_write β€” write a file to a remote node

The architecture is the real story. This is the first bundled plugin that ships with explicit configuration and bounded resource ceilings rather than implicit, documentation-driven permissions. Default-deny per-node path policies, symlink traversal refused unless followSymlinks is opt-in, a 16 MB per-round-trip ceiling, and operator approval required for every path access. Future bundled plugins are expected to follow the same pattern.

Gateway Config: Fail-Closed

Previously, the Gateway would attempt to auto-restore a last-known-good state when it encountered invalid configuration β€” silently masking configuration drift. v2026.5.4 makes invalid config fail closed: the Gateway stops entirely rather than silently recovering. The fix path is openclaw doctor --fix. CI/CD pipelines that deploy config changes should add a doctor validation step before hitting production.

Startup Performance Overhaul

Gateway startup was systematically improved through lazy-loading:

  • Model-catalog test helpers, QR pairing helpers, TypeBox memory-tool schema construction, and run-session lookup are off the hot startup path
  • Sidecar deferral pushes non-readiness sidecars until after the ready signal
  • Native-loadable plugin paths skip jiti import unless fallback is needed

For large plugin-heavy deployments, daemonized services should see materially faster restarts.

/steer: In-Session Intervention

The /steer <message> command (#76934) lets operators intervene in an active session run without starting a new turn β€” useful for correcting direction mid-task without losing context.

← Back to News