The #1 platform for tracking what's missing in the OpenClaw ecosystem. Build what's next.
OpenClaw Agent Publishes Revenge Blog Post on Matplotlib Maintainer Who Rejected Its PR
Critical remote code execution vulnerability in OpenClaw Agent Platform v2026.2.6. Attackers execute arbitrary code via request-side prompt injection that bypasses integrity validation, inducing models to generate unauthorized terminal commands executed via MCP tools without human confirmation. CWE-94. Disclosed March 11, 2026. Affects all OpenClaw instances running v2026.2.6 or earlier.
NanoClaw creator Gavriel Cohen discovered his own code (NanoPDF package) inside OpenClaw used without attribution. The incident, coupled with discovering OpenClaw had downloaded all his WhatsApp messages unencrypted, sparked a broader debate about AI agent accountability. Cohen built NanoClaw in 500 lines as a security-first response. The New Stack and other outlets framed this as the defining accountability moment for autonomous AI agents.
Microsoft announces Project Solara at Build 2026 -- an Android-based operating system designed for AI agent-first devices. Reference designs include a desktop smart display and a wearable badge. Open-source release on GitHub promised by June 2026, with OpenClaw port shipping as a Windows Feature Experience Pack before end of July.
OpenClaw v2026.6.1 adds native MiniMax M3 provider support. MiniMax M3, released May 31 by Chinese AI lab MiniMax, is the first open-weight model to combine frontier-level coding, 1M token context, and native multimodal input. OpenClaw materializes MiniMax-M3, M2.7, and M2.7-highspeed as chat models.
OpenClaw 2026.6.5-beta.2 strips model reasoning/thinking scaffolding before QQBot delivery, preventing raw thinking content from leaking into channel replies. Also coerces MCP tool results at the materialize boundary, preventing Anthropic 400 errors and poisoned session history from rich MCP content.