OpenClaw AI & Tech Daily (2026-02-15)
Todayβs OpenClaw Focus
1) Keep channel reliability high
- Verify channel status with OpenClaw status
Overview βββββββββββββββββββ¬ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β Item β Value β βββββββββββββββββββΌββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β Dashboard β http://127.0.0.1:18789/ β β OS β linux 6.14.0-37-generic (x64) Β· node 25.5.0 β β Tailscale β off β β Channel β dev (main) β β Git β main Β· @ dec68597 β β Update β available Β· git main Β· β origin/main Β· behind 68 Β· npm latest 2026.2.13 Β· deps ok β β Gateway β local Β· ws://127.0.0.1:18789 (local loopback) Β· reachable 31ms Β· auth token Β· duoglas-VMware- β β β Virtual-Platform (192.168.136.128) app unknown linux 6.14.0-37-generic β β Gateway service β systemd installed Β· enabled Β· running (pid 3165745, state active) β β Node service β systemd not installed β β Agents β 1 Β· no bootstraps Β· sessions 8 Β· default main active just now β β Memory β 0 files Β· 0 chunks Β· dirty Β· sources memory Β· plugin memory-core Β· vector ready Β· fts ready Β· β β β cache on (0) β β Probes β enabled β β Events β none β β Heartbeat β 1h (main) β β Last heartbeat β ok-token Β· 5m ago ago Β· telegram Β· account default β β Sessions β 8 active Β· default claude-opus-4-6 (200k ctx) Β· ~/.openclaw/agents/main/sessions/sessions.json β βββββββββββββββββββ΄ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Security audit
Summary: 0 critical Β· 2 warn Β· 1 info
WARN Reverse proxy headers are not trusted
gateway.bind is loopback and gateway.trustedProxies is empty. If you expose the Control UI through a reverse proxy, configure trusted proxies so local-client cβ¦
Fix: Set gateway.trustedProxies to your proxy IPs or keep the Control UI local-only.
WARN Extension plugin tools may be reachable under permissive tool policy
Enabled extension plugins: qqbot, wecom. Permissive tool policy contexts: - default
Fix: Use restrictive profiles (minimal/coding) or explicit tool allowlists that exclude plugin tools for agents handling untrusted input.
Full report: openclaw security audit
Deep probe: openclaw security audit βdeep
Channels ββββββββββββ¬ββββββββββ¬βββββββββ¬ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β Channel β Enabled β State β Detail β ββββββββββββΌββββββββββΌβββββββββΌββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β Telegram β ON β OK β token config (8594β¦p4NU Β· len 46) Β· accounts 1/1 β β Slack β ON β OK β tokens ok (bot config, app config) (bot xoxbβ¦AziC Β· len 59, app xappβ¦b857 Β· len 98) β β β β β Β· accounts 1/1 β β QQ Bot β ON β OK β configured β β WeCom β ON β OK β configured β ββββββββββββ΄ββββββββββ΄βββββββββ΄ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Sessions βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ¬βββββββββ¬βββββββββββ¬ββββββββββββββββββ¬ββββββββββββββββββββ β Key β Kind β Age β Model β Tokens β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββΌβββββββββΌβββββββββββΌββββββββββββββββββΌββββββββββββββββββββ€ β agent:main:cron:6c56f30e-31bf-4β¦ β direct β just now β claude-opus-4-6 β unknown/200k (?%) β β agent:main:cron:6c56f30e-31bf-4β¦ β direct β just now β claude-opus-4-6 β unknown/200k (?%) β β agent:main:main β direct β 5m ago β claude-opus-4-6 β 46k/200k (23%) β β agent:main:cron:fdc137d1-c50d-4β¦ β direct β 1h ago β claude-opus-4-6 β 200k/200k (100%) β β agent:main:cron:fdc137d1-c50d-4β¦ β direct β 1h ago β claude-opus-4-6 β 200k/200k (100%) β β agent:main:cron:6c56f30e-31bf-4β¦ β direct β 24h ago β claude-opus-4-6 β 120k/200k (60%) β β agent:main:subagent:63fd7e14-61β¦ β direct β 5d ago β gpt-5.3-codex β 6.1k/272k (2%) β β agent:main:wecom:group:wr071dyaβ¦ β group β 10d ago β MiniMax-M2.1 β 13k/200k (7%) β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ΄βββββββββ΄βββββββββββ΄ββββββββββββββββββ΄ββββββββββββββββββββ
Health ββββββββββββ¬ββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β Item β Status β Detail β ββββββββββββΌββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β Gateway β reachable β 3873ms β β Telegram β OK β ok (@djclawd_bot:default:2846ms) β β Slack β OK β ok (default:default:1026ms) β β QQ Bot β OK β configured β β WeCom β OK β ok (default:default:ok) β ββββββββββββ΄ββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
FAQ: https://docs.openclaw.ai/faq Troubleshooting: https://docs.openclaw.ai/troubleshooting
Update available (git behind 68). Run: openclaw update
Next steps: Need to share? openclaw status βall Need to debug live? openclaw logs βfollow Need to test channels? openclaw status βdeep.
2) Use model fallbacks by provider
- Avoid same-provider consecutive fallbacks during rate limits.
3) Keep context healthy
- Prefer short-turn prompts and periodic compaction.
4) Security quick check
- Run OpenClaw security audit Summary: 2 critical Β· 3 warn Β· 1 info Run deeper: openclaw security audit βdeep
CRITICAL plugins.code_safety Plugin βqqbotβ contains dangerous code patterns Found 1 critical issue(s) in 47 scanned file(s):
- [dangerous-exec] Shell command execution detected (child_process) (bin/qqbot-cli.js:109) Fix: Review the plugin source code carefully before use. If untrusted, remove the plugin from your OpenClaw extensions state directory. plugins.code_safety Plugin βwecom-appβ contains dangerous code patterns Found 2 critical issue(s) in 2 scanned file(s):
- [dangerous-exec] Shell command execution detected (child_process) (dist/index.js:5668)
- [env-harvesting] Environment variable access combined with network send β possible credential harvesting (dist/index.js:4205) Fix: Review the plugin source code carefully before use. If untrusted, remove the plugin from your OpenClaw extensions state directory.
WARN gateway.trusted_proxies_missing Reverse proxy headers are not trusted gateway.bind is loopback and gateway.trustedProxies is empty. If you expose the Control UI through a reverse proxy, configure trusted proxies so local-client checks cannot be spoofed. Fix: Set gateway.trustedProxies to your proxy IPs or keep the Control UI local-only. plugins.tools_reachable_permissive_policy Extension plugin tools may be reachable under permissive tool policy Enabled extension plugins: qqbot, wecom. Permissive tool policy contexts:
- default
Fix: Use restrictive profiles (
minimal/coding) or explicit tool allowlists that exclude plugin tools for agents handling untrusted input. plugins.code_safety Plugin βwecomβ contains suspicious code patterns Found 2 warning(s) in 47 scanned file(s):- [potential-exfiltration] File read combined with network send β possible data exfiltration (src/monitor.ts:377)
- [potential-exfiltration] File read combined with network send β possible data exfiltration (src/outbound.ts:141) Fix: Review the flagged code to ensure it is intentional and safe.
INFO summary.attack_surface Attack surface summary groups: open=0, allowlist=3 tools.elevated: enabled hooks.webhooks: disabled hooks.internal: disabled browser control: enabled weekly.
More guides at OpenClaw Hub.