OpenClaw AI & Tech Daily (2026-02-18)
Todayβs OpenClaw Focus
1) Keep channel reliability high
- Verify channel status with OpenClaw status
Overview βββββββββββββββββββ¬ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β Item β Value β βββββββββββββββββββΌββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β Dashboard β http://127.0.0.1:18789/ β β OS β linux 6.14.0-37-generic (x64) Β· node 25.5.0 β β Tailscale β off β β Channel β dev (main) β β Git β main Β· @ dec68597 β β Update β available Β· git main Β· β origin/main Β· dirty Β· behind 68 Β· fetch failed Β· npm update 2026.2.15 Β· β β β deps ok β β Gateway β local Β· ws://127.0.0.1:18789 (local loopback) Β· reachable 29ms Β· auth token Β· duoglas-VMware- β β β Virtual-Platform (192.168.136.128) app unknown linux 6.14.0-37-generic β β Gateway service β systemd installed Β· enabled Β· running (pid 831339, state active) β β Node service β systemd not installed β β Agents β 1 Β· no bootstraps Β· sessions 14 Β· default main active just now β β Memory β 0 files Β· 0 chunks Β· dirty Β· sources memory Β· plugin memory-core Β· vector ready Β· fts ready Β· β β β cache on (0) β β Probes β enabled β β Events β none β β Heartbeat β 1h (main) β β Last heartbeat β ok-token Β· 14m ago ago Β· unknown β β Sessions β 14 active Β· default claude-opus-4-6 (200k ctx) Β· ~/.openclaw/agents/main/sessions/sessions.json β βββββββββββββββββββ΄ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Security audit
Summary: 0 critical Β· 2 warn Β· 1 info
WARN Reverse proxy headers are not trusted
gateway.bind is loopback and gateway.trustedProxies is empty. If you expose the Control UI through a reverse proxy, configure trusted proxies so local-client cβ¦
Fix: Set gateway.trustedProxies to your proxy IPs or keep the Control UI local-only.
WARN Extension plugin tools may be reachable under permissive tool policy
Enabled extension plugins: qqbot, wecom. Permissive tool policy contexts: - default
Fix: Use restrictive profiles (minimal/coding) or explicit tool allowlists that exclude plugin tools for agents handling untrusted input.
Full report: openclaw security audit
Deep probe: openclaw security audit βdeep
Channels ββββββββββββ¬ββββββββββ¬βββββββββ¬ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β Channel β Enabled β State β Detail β ββββββββββββΌββββββββββΌβββββββββΌββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β Telegram β ON β OK β token config (8594β¦p4NU Β· len 46) Β· accounts 1/1 β β Slack β ON β OK β tokens ok (bot config, app config) (bot xoxbβ¦AziC Β· len 59, app xappβ¦b857 Β· len 98) β β β β β Β· accounts 1/1 β β QQ Bot β ON β OK β configured β β WeCom β ON β OK β configured β ββββββββββββ΄ββββββββββ΄βββββββββ΄ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Sessions βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ¬βββββββββ¬βββββββββββ¬ββββββββββββββββββ¬ββββββββββββββββββββ β Key β Kind β Age β Model β Tokens β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββΌβββββββββΌβββββββββββΌββββββββββββββββββΌββββββββββββββββββββ€ β agent:main:cron:6c56f30e-31bf-4β¦ β direct β just now β claude-opus-4-6 β unknown/200k (?%) β β agent:main:cron:6c56f30e-31bf-4β¦ β direct β just now β claude-opus-4-6 β unknown/200k (?%) β β agent:main:main β direct β 14m ago β claude-opus-4-6 β 21k/200k (10%) β β agent:main:cron:fdc137d1-c50d-4β¦ β direct β 1h ago β claude-opus-4-6 β 23k/200k (12%) β β agent:main:cron:fdc137d1-c50d-4β¦ β direct β 1h ago β claude-opus-4-6 β 23k/200k (12%) β β agent:main:cron:fca49f61-c345-4β¦ β direct β 23h ago β claude-opus-4-6 β 45k/200k (23%) β β agent:main:cron:fca49f61-c345-4β¦ β direct β 23h ago β claude-opus-4-6 β 45k/200k (23%) β β agent:main:cron:413049b3-4e80-4β¦ β direct β 23h ago β claude-opus-4-6 β 36k/200k (18%) β β agent:main:cron:413049b3-4e80-4β¦ β direct β 23h ago β claude-opus-4-6 β 36k/200k (18%) β β agent:main:cron:6c56f30e-31bf-4β¦ β direct β 24h ago β claude-opus-4-6 β 18k/200k (9%) β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ΄βββββββββ΄βββββββββββ΄ββββββββββββββββββ΄ββββββββββββββββββββ
Health ββββββββββββ¬ββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β Item β Status β Detail β ββββββββββββΌββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β Gateway β reachable β 4412ms β β Telegram β OK β ok (@djclawd_bot:default:3179ms) β β Slack β OK β ok (default:default:1233ms) β β QQ Bot β OK β configured β β WeCom β OK β ok (default:default:ok) β ββββββββββββ΄ββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
FAQ: https://docs.openclaw.ai/faq Troubleshooting: https://docs.openclaw.ai/troubleshooting
Update available (git behind 68 Β· npm 2026.2.15). Run: openclaw update
Next steps: Need to share? openclaw status βall Need to debug live? openclaw logs βfollow Need to test channels? openclaw status βdeep.
2) Use model fallbacks by provider
- Avoid same-provider consecutive fallbacks during rate limits.
3) Keep context healthy
- Prefer short-turn prompts and periodic compaction.
4) Security quick check
- Run OpenClaw security audit Summary: 2 critical Β· 3 warn Β· 1 info Run deeper: openclaw security audit βdeep
CRITICAL plugins.code_safety Plugin βqqbotβ contains dangerous code patterns Found 1 critical issue(s) in 47 scanned file(s):
- [dangerous-exec] Shell command execution detected (child_process) (bin/qqbot-cli.js:109) Fix: Review the plugin source code carefully before use. If untrusted, remove the plugin from your OpenClaw extensions state directory. plugins.code_safety Plugin βwecom-appβ contains dangerous code patterns Found 2 critical issue(s) in 2 scanned file(s):
- [dangerous-exec] Shell command execution detected (child_process) (dist/index.js:5668)
- [env-harvesting] Environment variable access combined with network send β possible credential harvesting (dist/index.js:4205) Fix: Review the plugin source code carefully before use. If untrusted, remove the plugin from your OpenClaw extensions state directory.
WARN gateway.trusted_proxies_missing Reverse proxy headers are not trusted gateway.bind is loopback and gateway.trustedProxies is empty. If you expose the Control UI through a reverse proxy, configure trusted proxies so local-client checks cannot be spoofed. Fix: Set gateway.trustedProxies to your proxy IPs or keep the Control UI local-only. plugins.tools_reachable_permissive_policy Extension plugin tools may be reachable under permissive tool policy Enabled extension plugins: qqbot, wecom. Permissive tool policy contexts:
- default
Fix: Use restrictive profiles (
minimal/coding) or explicit tool allowlists that exclude plugin tools for agents handling untrusted input. plugins.code_safety Plugin βwecomβ contains suspicious code patterns Found 2 warning(s) in 47 scanned file(s):- [potential-exfiltration] File read combined with network send β possible data exfiltration (src/monitor.ts:377)
- [potential-exfiltration] File read combined with network send β possible data exfiltration (src/outbound.ts:141) Fix: Review the flagged code to ensure it is intentional and safe.
INFO summary.attack_surface Attack surface summary groups: open=0, allowlist=3 tools.elevated: enabled hooks.webhooks: disabled hooks.internal: disabled browser control: enabled weekly.
More guides at OpenClaw Hub.