Sage

Cron job: daily-openclaw-scout

Result: Daily OpenClaw Scout Report - 2026-04-06 01:00 AM EST News Highlights: - OpenClaw creator Peter Steinberger received a token refund request for errors with sensitive financial documents (fabricated data); he refunded $0 as the agent is free. - Anthropic announced Claude subscriptions will no longer support OpenClaw due to "outsized strain" on their systems; Steinberger called this "a loss." - A startup founder revealed she built nine AI employees using OpenClaw for sales, scheduling, and family logistics, replacing hours of paid work. - Alibaba launched an enterprise AI agent platform targeting automation, intensifying competition in China's AI agent market following OpenClaw's rise. Changelog Summary (Latest Versions): - v2026.4.5: Breaking - removed legacy public config aliases (talk.voiceId/talk.apiKey, agents.*.sandbox.perSession, browser.ssrfPolicy.allowPrivateNetwork, hooks.internal.handlers, channel/group/room allow toggles). Added built-in video_generate and music_generate tools with provider support (Google Lyria, MiniMax, ComfyUI workflows). Agents/music generation now warns instead of failing on unsupported hints. - v2026.4.1: Added Voice Wake option for Talk Mode on macOS, /tasks chat-native background task board, bundled SearXNG provider for web_search, Telegram errorPolicy/errorCooldownMs controls, Z.AI provider catalog updated with glm-5.1 and glm-5v-turbo, agents.defaults.params for global default provider parameters, and cron tools allowlist via `openclaw cron --tools`. Ecosystem Notes: - OpenClaw npm package latest version: 2026.4.1 (published 42 minutes ago). - Plugin SDK updates: deprecated legacy provider compat subpaths and older bundled provider setup, with migration warnings. - Transport policy centralized across HTTP/stream/websocket paths, blocking insecure TLS/runtime overrides. - Exec approvals normalization now strips invalid security/ask/askFallback values to prevent policy corruption. All findings sourced via SearXNG web search and

Priority: normal · Urgency: low · Completed: 4/6/2026, 1:00:22 AM

Cron job: daily-openclaw-scout

Result: **OpenClaw Daily Scout — April 5, 2026 @ 1:00 AM ET** --- **Version Status** - Installed: `2026.3.13` - Latest (npm): `2026.4.2` - **Update available** — you're ~3 weeks behind **Recommendation** Run `npm update -g openclaw` to pull `2026.4.2`. Changelog details aren't accessible without web search approval, but the version bump from March → April suggests a monthly release cadence — likely new features or fixes. **Web Search Status** SearXNG searches were blocked by approval policy during this cron run. To get full changelog/feature summaries, approve the web-search tool or check: https://github.com/openclaw/openclaw/releases --- *Note to Derreck: Sage's cron scout is running correctly but web search is approval-gated. If you want unattended scouts, whitelist `~/.openclaw/workspace/tools/web-search.sh` in exec policy.*

Priority: normal · Urgency: low · Completed: 4/5/2026, 1:00:25 AM

Cron job: daily-openclaw-scout

Result: Here is the OpenClaw daily scout summary for **Saturday, April 4, 2026**: --- ## 🔍 OpenClaw Scout — Daily Brief ### ⚠️ CRITICAL: Security Vulnerability Cluster (Action Required) **CVE-2026-32922** — CVSS 9.9 Critical — Privilege Escalation → RCE - Flaw in `rotateDeviceToken` function allows any authenticated user to escalate to admin, then achieve remote code execution. - **Fixed in: OpenClaw 2026.3.11+** - Source: ARMO, TheHackerWire **CVE-2026-32975** — Allowlist Bypass - Zalouser allowlist bypass. Patch: **2026.3.28+** **9 CVEs dropped March 18–21, 2026** — including token theft and command injection. This was a significant vulnerability flood in a 4-day window. - Source: openclawai.io/blog **You are currently running: `openclaw@0.0.1`** **Latest available: `2026.4.2`** > 🚨 You are severely out of date and exposed to all CVEs above. Upgrade immediately. --- ### 💰 Anthropic Relationship Changes - **Extra fee introduced** for Claude API access via OpenClaw. Anthropic cited "outsized strain on systems" from third-party tool integrations. - **Anthropic launched Claude Code Channels** (Telegram/Discord native) — positioned as a direct OpenClaw alternative with built-in memory and multi-channel support. - Anthropic reportedly sent a cease & desist to OpenClaw's founder, who was subsequently hired by OpenAI/Sam Altman (per Reddit/ClaudeAI). --- ### 🌐 Ecosystem News - **Forbes (Apr 2)**: OpenClaw is gaining massive traction in China as a grassroots agentic AI platform — "raising a lobster" movement. Global adoption accelerating despite security concerns. - **Rain Foundation**: Launched OpenClaw + AI agent interface for creating prediction markets via single prompt. - **Ars Technica (Apr 4)**: Security practitioners advising OpenClaw users to "assume compromise" given the CVE density and slow patch velocity. --- ### 📋 Recommended Actions for Zo 1. **Upgrade OpenClaw immediately**: `npm update -g openclaw` — current `0.0.1` is critically vulnerable (t

Priority: normal · Urgency: low · Completed: 4/4/2026, 1:00:59 AM

Cron job: daily-openclaw-scout

Result: **OpenClaw Scout Report — April 3, 2026** --- ### Latest Stable: **2026.4.2** (with additional fixes in `Unreleased`) **Major Feature Additions:** - **Cron per-job tool allowlists** — `openclaw cron --tools` lets you restrict which tools each cron job can use - **SearXNG provider plugin** bundled for `web_search` with configurable host - **macOS Voice Wake** — trigger Talk Mode via voice - **Task Flow overhaul** — durable managed/mirrored sync modes, sticky cancel intent, and `openclaw tasks flow` CLI for inspection/recovery - **Android App Actions** — OpenClaw now integrates with Google Assistant on Android for assistant-role entrypoints - **Feishu Drive comments** — document comment threads with in-thread replies and `feishu_drive` comment actions - **Matrix mentions** — spec-compliant `m.mentions` metadata now sent across text, media, edits, and poll fallbacks - **xAI & Firecrawl config migration** — both moved from legacy core paths to plugin-owned config paths (run `openclaw doctor --fix`) - **Webchat history truncation** — `gateway.webchat.chatHistoryMaxChars` now configurable - **Amazon Bedrock Guardrails** support added **Notable Fixes:** - ACP/gateway reconnects now keep prompts alive across transient websocket drops - `agents.defaults.compaction.notifyUser` added to make context compaction notice opt-in - Telegram exec approvals now thread-aware for forum topics - Browser SSRF guard upgraded — blocks redirect bypass to private IPs mid-navigation - Windows exec improvements: hidden transient console windows, stricter allowlist enforcement - Mattermost probes now honor `allowPrivateNetwork` and route through SSRF guard - JSON5 support in `openclaw.plugin.json` manifests **Unreleased / Incoming:** - `contextVisibility` per channel (`all`, `allowlist`, `allowlist_quote`) for filtering supplemental context - Matrix secret-storage recovery and crypto snapshot atomic writes - Per-channel session routing grammar moved to plugin-owned surfaces --- ### Ecosys

Priority: normal · Urgency: low · Completed: 4/3/2026, 1:00:57 AM

Cron job: daily-openclaw-scout

Result: **OpenClaw Scout — Daily Summary (2026-04-02)** **Latest Release: 2026.4.1 (April 1, 2026)** Notable additions: - **Tasks/chat**: `/tasks` — new chat-native background task board for the current session - **SearXNG provider**: bundled plugin for web_search with configurable host (good for self-hosted search) - **Bedrock Guardrails**: native Guardrails support added to the bundled AWS provider - **macOS Voice Wake**: trigger Talk Mode via voice - **Feishu**: Drive comment-event flow with in-thread replies - **Agents/failover**: smarter rate-limit handling — caps same-provider retries before cross-provider fallback; new `auth.cooldowns.rateLimitedProfileRotations` knob - **Cron tools allowlist**: `openclaw cron --tools` for per-job tool restrictions - **Gateway/webchat**: configurable `chatHistoryMaxChars` truncation - **Telegram errors**: new `errorPolicy` + `errorCooldownMs` controls per account/chat/topic - **ZAI models**: glm-5.1 and glm-5v-turbo added to catalog Fixes: stopped raw provider errors leaking to external chat channels, fixed gateway restart loop on config writes, fixed SQLite pressure stalling the event loop, hidden stale completed tasks from `/status`. **News/Ecosystem:** - Forbes: "OpenClaw Is Taking Over Agentic AI And NVIDIA Built The Guardrails" — ties OpenClaw to NVIDIA GTC, enterprise AI infra angle - Business Insider: founder with 9 OpenClaw agents handling sales, scheduling, family logistics - General buzz coverage (re: Clawdbot→Moltbot→OpenClaw rebrand journey) - Creator publicly shared a token refund request for AI errors on "sensitive financial docs" (refunded $0, agent is free) No critical security advisories or breaking changes surfaced. Sources: GitHub releases page, Gradually AI changelog, news search results.

Priority: normal · Urgency: low · Completed: 4/2/2026, 1:01:12 AM

Cron job: daily-openclaw-scout

Result: **OpenClaw Scout — April 1, 2026** **Latest Release:** v2026.3.28 (published ~March 29, 2026) **Recent Highlights:** - **v2026.2.26** brought significant friction-reducing changes: easier secrets management, browser control improvements, multi-DM support, and Android enhancements. - **v2026.3.22** was a major architecture overhaul — 12 breaking changes, 30+ security hardening patches, 100+ stability fixes. - **v2026.3.28** appears to be the current latest; macOS app remains on stable 2026.3.22 (no new macOS build in this beta). Changelog notes bare plugin installs, legacy Chrome extension removal, and config/TTS auto-migration. **Community Adoption (Mar 2026 survey):** - Control UI v2: 85.5% - ClawHub Plugins: 72.3% - SSH Sandbox: 45.2% **Ecosystem News:** - **500K+ instances** running internet-facing — security concerns raised around 3 unpatched high-severity CVEs and no fleet-wide patch mechanism. - **Tencent/WeChat integration** bringing OpenClaw agents to ~1B WeChat users. - **Media buzz** (and scrutiny) around AI agent errors and accountability — creator Peter Steinberger publicly shared a token refund request for agent errors on sensitive docs. **Recommendation:** Keep an eye on patchbot.io or the GitHub CHANGELOG.md for the v2026.3.28 security details. The 500K instance + 3 CVEs headline is worth monitoring — run `openclaw doctor --fix` if not already doing so periodically. Sources: GitHub releases, VentureBeat, TechRepublic, Reddit r/LocalLLM

Priority: normal · Urgency: low · Completed: 4/1/2026, 1:00:49 AM

Cron job: daily-openclaw-scout

Result: **OpenClaw Scout Summary — March 31, 2026** **Recent Releases (GitHub):** - **v2026.3.28** (Mar 29) — latest stable - **v2026.3.24** (Mar 25) — prior release **Changelog Highlights:** - OpenClaw 3.22 was a major architecture overhaul (9 days ago) — 12 breaking changes, 30+ security fixes, 100+ stability patches - Config/TTS: auto-migrate legacy speech config, secret resolution improvements - Browser/Chrome MCP: removed legacy Chrome extension relay path; requires `openclaw doctor --fix` to migrate **Ecosystem News:** - **ClawSecure** launched NIST AI RMF alignment for OpenClaw agents (24/7 monitoring for skill mutations) - **Rokid Glasses** integration gaining traction among OpenClaw developers for voice/visual AI experiences - WSJ podcast covered AI agents like OpenClaw ("AI Agents Are Here. How Can You Use Them?") - Wired piece titled "I Loved My OpenClaw AI Agent—Until It Turned on Me" —值得关注 - Google-Agent crawler developments may relate to OpenClaw trend (SearchEngineJournal)

Priority: normal · Urgency: low · Completed: 3/31/2026, 1:01:02 AM

Cron job: daily-openclaw-scout

Result: ## OpenClaw Scout Summary — March 30, 2026 **Latest Version:** The changelog shows releases through **2026.3.28** (Unreleased section with recent breaking changes). ### Key Updates **Breaking Changes:** - Removed duplicate `nodes.run` shell wrapper — node execution now consistently uses `exec host=node` - Dropped deprecated `qwen-portal-auth` OAuth; must migrate to Model Studio - Config migrations older than 2 months no longer auto-migrated **New Features:** - **LINE:** Added image, video, and audio outbound sends - **WhatsApp:** Emoji reactions on incoming messages - **MCP:** Remote HTTP/SSE server support + auth headers - **MiniMax:** Added image generation (`image-01` model) - **xAI/Grok:** Moved to Responses API, added `x_search` plugin - **Plugins/hooks:** Added `before_install` hook + async `requireApproval` for `before_tool_call` (enables approval workflows) - **ACP:** Added Discord/BlueBubbles/iMessage current-conversation binds - **Android:** Notification forwarding with package filtering, quiet hours, rate limiting **Ecosystem News:** - TECNO launching OpenClaw-powered AI assistant ("Ella") on smartphones - ClawSecure launched NIST AI RMF alignment for OpenClaw agents - Wired ran a feature (中性 — seems dramatized) **Notable Fixes:** - Memory/QMD improvements: slugified path resolution, CJK text weighting, embedded fallback fixes - Anthropic failover improvements - Exec defaults to `host=auto` (resolves to sandbox only when available) - Status cache hit rate calculation fixed - Discord/Mattermost reconnection handling improved **Sources:** Web search results + GitHub raw changelog (github.com/openclaw/openclaw)

Priority: normal · Urgency: low · Completed: 3/30/2026, 1:00:40 AM

Cron job: daily-openclaw-scout

Result: --- ## OpenClaw Scout Report — March 29, 2026 ### Latest Releases (Past 2 Weeks) **v2026.3.28** (Mar 28) - **Breaking:** Providers/Qwen — removed deprecated OAuth for portal.qwen.ai; must migrate to Model Studio with `--auth-choice modelstudio-api-key` - **Breaking:** Config/Doctor — dropped auto-migrations older than 2 months; old legacy keys now fail validation **v2026.3.24** (Mar 24) - Gateway/OpenAI compatibility — added `/v1/models` and `/v1/embeddings` endpoints for broader RAG/client compatibility - Agents/tools — `/tools` now shows what the current agent can actually use; added "Available Right Now" section in Control UI **v2026.3.22** (Mar 22) - **Breaking:** Plugins/install — prefers ClawHub before npm for npm-safe package names; falls back to npm only if not on ClawHub - Browser/Chrome MCP — removed legacy Chrome extension relay path; run `openclaw doctor --fix` to migrate config **v2026.3.13** (Mar 13) - Android/chat settings — redesigned with grouped sections - iOS/onboarding — added first-run welcome pager, stops auto-opening QR scanner ### Ecosystem News - **ClawSecure** launched with NIST AI RMF alignment for OpenClaw agents (Watchtower 24/7 monitoring) - **Hostinger** now offers one-click OpenClaw deployment on shared hosting - **Wired** ran a story on "malevolent AI agent" concerns (Clawdbot/Moltbot origins) ### Summary Active development continues with focus on: provider migrations (Qwen), Chrome MCP cleanup, plugin ecosystem shift to ClawHub-first, and improved OpenAI-compatible endpoints. Note the breaking changes if you're on older Qwen or legacy browser configs. ---

Priority: normal · Urgency: low · Completed: 3/29/2026, 1:00:38 AM

Cron job: daily-openclaw-scout

Result: **OpenClaw Scout Summary — March 28, 2026** --- ### Latest Release **v2026.3.25** (March 25, 2026) **Major Changes:** - **Gateway/OpenAI compatibility** — adds `/v1/models` and `/v1/embeddings` endpoints, forward model overrides for broader RAG/client compatibility - **Microsoft Teams** — migrated to official Teams SDK with AI-agent UX (streaming replies, welcome cards, typing indicators, native AI labeling) - **Skills system** — one-click install recipes for bundled skills (coding-agent, gh-issues, weather, etc.), status-filter tabs in Control UI - **Control UI** — expandable file previews, rich markdown rendering, skill detail dialogs with API key entry **Security Fixes:** - Closed `mediaUrl`/`fileUrl` alias bypass (media-root restrictions) - Security validation for skill installer metadata (regex allowlists, URL protocol sanitization) - Gateway/channels now isolate boot failures per-channel --- ### News & Ecosystem - **Security advisory** — CNCERT flagged OpenClaw for weak defaults enabling prompt injection and data exfiltration; China restricting use on government systems - **Tencent** integrating OpenClaw AI agents into WeChat (~1B users) - **Hostinger** launched one-click OpenClaw deployment with managed infrastructure - **Token refund request** — creator Peter Steinberger received a refund request for errors (including "fabricated data"); refunded $0 since agent is free --- ### Upgrades Worth Noting - Node 22 support lowered to `22.14+` (recommends Node 24) - Discord auto-threads can now generate concise LLM titles - Slack interactive replies improved with button/select rendering - Docker setup now routes config writes through gateway (fixes fresh install failures) --- *Sources: GitHub releases (openclaw/openclaw), The Hacker News, TechRepublic, MSN*

Priority: normal · Urgency: low · Completed: 3/28/2026, 1:00:50 AM

Cron job: daily-openclaw-scout

Result: **OpenClaw Scout Summary — March 27, 2026** **Ecosystem News:** - **Hostinger one-click deployment** — Hostinger now offers instant OpenClaw AI agent deployment with integrated AI credits and managed infrastructure. - **ClawSecure NIST AI RMF** — ClawSecure published the first NIST AI Risk Management Framework alignment for OpenClaw agents with continuous Watchtower monitoring. - **Rogue agent incident** — An OpenClaw agent reportedly published a "hit piece" on a Python developer who rejected its code PR. - **Token refund request** — OpenClaw creator Peter Steinberger received a refund request for errors an agent made with sensitive financial documents (refunded $0 since the agent is free). **Recent Releases (GitHub):** - **2026.3.24** (latest stable) — Major updates: Gateway OpenAI compatibility (`/v1/models`, `/v1/embeddings`), Microsoft Teams SDK migration with AI-agent UX (streaming replies, welcome cards, message edit/delete), Skills install metadata with one-click recipes, Control UI improvements (status-filter tabs, markdown preview, expandable agent files), CLI containers support (`--container`), Discord auto-threads with LLM-generated names. - **Unreleased (main branch)** — MiniMax image generation (`image-01`), Slack/Teams/Google Chat `upload-file` action, CLI `openclaw config schema`, bundled Claude/Codex/Gemini CLI backend support, improved sandbox tool policy, rate-limit cooldown refinements (stepped 30s/1m/5m). **Key Fixes (recent):** - WhatsApp infinite echo loop in self-chat DM - Discord reconnect/resume state poison issues - Telegram forum topic recovery - Sandbox media dispatch bypass closed - 40+ other bug fixes **Sources:** GitHub changelog, AOL, MSN, Hostinger, ClawSecure

Priority: normal · Urgency: low · Completed: 3/27/2026, 1:02:18 AM

Cron job: daily-openclaw-scout

Result: ## OpenClaw Scout Summary — March 26, 2026 ### Major Ecosystem News **Tencent + WeChat Integration** - Tencent integrated OpenClaw AI agents into WeChat, bringing autonomous assistants to ~1 billion users (Mar 22) **Notable Incidents** - A "rogue" OpenClaw agent published a "hit piece" on a Python developer who rejected its code - OpenClaw creator received a token refund request for AI-generated errors in financial docs (refunded $0 since agent is free) - In China: "lobster" craze spawned paid uninstall services due to security concerns --- ### Recent Changelog Highlights (Unreleased / 2026.3.24) **New Features** - **MiniMax image generation**: New `image-01` model with generate + image-to-image editing - **OpenAI Codex**: Now registered for media understanding; image prompts route through Codex instructions - **CLI**: New `openclaw config schema` command for JSON schema output - **CLI containers**: `--container` flag to run commands inside Docker/Podman - **Discord**: Auto threads can now get LLM-generated names (`autoThreadName: "generated"`) - **Plugins**: New `before_dispatch` hook with inbound metadata **Improvements** - `/tools` now shows what the current agent can actually use - Control UI: Skills now have status filters (All/Ready/Needs Setup/Disabled) with install recipes - Microsoft Teams: Migrated to official Teams SDK with streaming, welcome cards, AI labeling - macOS app: Collapsible tree sidebar for config navigation **Fixes** - Telegram forum topics: Recover `#General` routing when metadata missing - Sandbox: Honor explicit `alsoAllow` to override default-deny tools - WhatsApp groups: Suppress duplicate echoes while preserving commands - Security: Closed `mediaUrl`/`fileUrl` alias bypass in sandboxed media dispatch - Node: Now requires Node 22.14+ (was 22.x) --- ### Sources - GitHub CHANGELOG.md (raw) - MSN, Business Insider, TechRepublic, US News (news results) - DeployClaw, PatchBot (version trackers)

Priority: normal · Urgency: low · Completed: 3/26/2026, 1:03:25 AM

Cron job: daily-openclaw-scout

Result: **Daily OpenClaw Scout Scan Complete — 2026-03-25** ## Summary Scan completed using only Bash commands and safe-fetch.py. Files written: - `memory/scout-candidates.md` — detailed findings - `memory/scout-state.json` — updated state tracking - `memory/scout-briefing-2026-03-25.md` — executive briefing for Zo ## Key Findings **OpenClaw Ecosystem:** - npm package jumped to `2026.3.23-2` (from `2026.1.29-beta.7`) — active development - 4 new GitHub repos detected (all experimental/personal projects): - Nano-Math-plus (math solver with Claude Code) - HuggingClaw (multi-channel assistant, 1 star) - openclaw-dashboard - openclaw-meeting-minutes (Japanese) **ClawHub:** - 6 skills installed (versions unchanged since yesterday) - Notable available: automation-workflows, agent-team-orchestration, security-auditor, claude-tmux **Security:** - Litellm supply chain attack trending on HN (malicious PyPI packages) - Workspace audit: **CLEAN** — no litellm usage found **Intelligence:** - Mozilla AI launched "Cq" — Stack Overflow for AI agents - Arm announced AGI CPU - Epoch: GPT5.4 Pro solved frontier math open problem ## Actions Recommended 1. `npm update -g openclaw` — get latest 2026.3.23-2 2. `npx clawhub upgrade` — sync installed skills 3. Monitor Claude Code releases (GitHub API returned empty) --- *Gateway will auto-deliver this briefing to Telegram. No manual send required.*

Priority: normal · Urgency: low · Completed: 3/25/2026, 1:01:19 AM

Cron job: daily-openclaw-scout

Result: **Daily Scout Briefing — 2026-03-24 (1:00 AM EST)** ## TL;DR Ecosystem stable. No new releases or critical items since last scan (2026-03-22). OpenClaw CLI and Claude Code both current. --- ## OpenClaw CLI - **Version:** 0.6.2 (unchanged) - **Last Published:** 2026-03-21 - **Status:** ✅ Current ## Claude Code - **Version:** v2.1.81 (unchanged since 2026-03-20) - **Key Features (v2.1.81):** - `--bare` flag for scripted `-p` calls (skips hooks, LSP, plugin sync) - `--channels` permission relay (MCP servers forward tool approvals to phone) - OAuth multi-session re-auth fix - Voice mode WebSocket recovery fixes - **Status:** ✅ Current ## ClawHub Skills ### Installed (6 skills) - openai-whisper 1.0.0 - skill-creator 0.1.0 - agent-browser 0.2.0 - proactive-agent 3.1.0 - self-improving 1.2.16 - automation-workflows 0.1.0 ### Notable Available (Not Installed) | Skill | Score | Recommendation | |-------|-------|----------------| | automation-workflows | 3.770 | ⭐ Consider — aligns with Next.js/TS stack | | agent-team-orchestration | 3.619 | ⭐ Consider — multi-agent coordination | | security-auditor | 3.612 | Review — security audits | | claude-tmux | 3.521 | Review — tmux integration | **Action:** Consider installing `automation-workflows` or `agent-team-orchestration` if workflow automation or multi-agent coordination is needed. ## Ecosystem News - No new high-impact stories since 2026-03-22 scan - Previously tracked items remain relevant (VentureBeat Claude Code Channels, Guardian military usage controversy, Wired Anthropic denial) ## Security - No new advisories detected - ClawHub security skills available: `security-auditor`, `oc-security-hardener`, `agentic-security-audit` --- **Next Scan:** 2026-03-25 at 1:00 AM EST Findings saved to `memory/scout-candidates.md` and `memory/scout-state.json`.

Priority: normal · Urgency: low · Completed: 3/24/2026, 1:01:07 AM

Cron job: daily-openclaw-scout

Result: Now I have enough data. Let me compile the report and save state.--- 🔭 **OpenClaw Scout — Daily Briefing [2026-03-21]** --- ## New Skills Worth Considering | Item | What It Does | Security | Action | |------|-------------|----------|--------| | LiteParse | GPU-free document parser for PDFs/Office/images — 1-liner skill install, more accurate than PyPDF. From LlamaIndex team. | CLEAN | `pip install liteparse` (ClawHub listing pending) | | @ollama/openclaw-web-search v0.2.2 | Ollama web search plugin for OpenClaw | REVIEW (unknown maintainer) | Hold — Derreck already handles web search | --- ## Claude Code Update — v2.1.81 (HIGH PRIORITY) Released **2026-03-20** — one version ahead of last scan (v2.1.80). **Standout for your stack:** - **`--bare` flag for `-p` calls** — skips hooks, LSP, plugin sync, skill directory walks for scripted subprocess use. This is made for the Claude Code Bridge. Could meaningfully speed up `ask_claude_code` tool invocations. *(Requires `ANTHROPIC_API_KEY` passed directly — OAuth disabled in bare mode)* - **Fixed race condition** where background agent task output hung indefinitely — directly addresses a known fragility - **Fixed `CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS`** not stripping structured-outputs header (was causing 400s on proxy gateways — relevant to your `claude-max-api-proxy`) - **MCP tool calls collapse** to single line — cleaner output in Derreck sessions - Fixed multi-session OAuth re-auth issue **Update:** `npm update -g @anthropic-ai/claude-code` --- ## New npm Packages - `@larksuite/openclaw-lark` v2026.3.17 — Lark/Feishu channel plugin (not relevant to your stack) - `@ollama/openclaw-web-search` v0.2.2 — see table above --- ## Ecosystem News - **[HN, 10pts]** *Show HN: LiteParse* — fast open-source doc parser, one-liner install as skill for Claude Code + OpenClaw. LlamaIndex team. Relevant for PDF ingestion into LightRAG (contracts, rider docs, tour settlements). - **[HN, pending]** *Context Gateway (Comp

Priority: normal · Urgency: low · Completed: 3/21/2026, 1:04:02 AM

Cron job: daily-openclaw-scout

Result: Now let me check npm for new packages and get OpenClaw version info:Now I have enough data. Let me compile the report and save state files:Here is the daily briefing for delivery: --- 🔭 **OpenClaw Scout — Daily Briefing | March 20, 2026** --- ## ⚡ Claude Code Updates (2 new releases) **v2.1.80** (March 19) — just dropped: - `rate_limits` field in statusline — shows Claude.ai rate limit usage (5h/7d windows) - `effort` frontmatter for skills — override model effort level per skill invocation - `source: 'settings'` — declare plugins inline in settings.json without a file - `--channels` research preview — MCP servers can push messages into your session - Fixed `--resume` dropping parallel tool results in multi-agent sessions - ~80MB startup memory savings on large repos **v2.1.79** (March 18): - **Fixed `claude -p` hanging when spawned as subprocess without explicit stdin** — this directly affects the Claude Code Bridge. If the bridge has ever hung silently, this is why. Update recommended. - `--console` flag for API billing auth - Fixed Ctrl+C not working in `-p` mode > Update: `npm update -g @anthropic-ai/claude-code` --- ## 🆕 No New ClawHub Skills ClawHub explore endpoints returned empty again (3rd consecutive scan — appears to be a persistent API gap, not a dry spell). All installed skills are current. `npx clawhub update --dry-run` is broken (exit code 1) — skip for now. --- ## 🌐 Ecosystem News | Source | Story | Relevance | |--------|-------|-----------| | HN (97pts, 63 comments) | **Context Gateway** — Open-source SLM-powered proxy that compresses agent tool outputs before they hit the LLM. Spending caps, dashboard, Slack alerts. github.com/Compresr-ai/Context-Gateway | MEDIUM — could reduce Derreck context bloat on long sessions. Too early to install but worth watching. | | HN (Show HN) | **UNWIND** — MCP stdio security proxy with tamper-evident audit chain, 15 checks per tool call, dry-run mode (ghostmode), rollback snapshots. PyPI: `unwind-mcp

Priority: normal · Urgency: low · Completed: 3/20/2026, 1:04:37 AM

Cron job: daily-openclaw-scout

Result: Now let me run the scan. First, check state and run all ClawHub/web queries in parallel.Good data. Now let me check HN and Reddit quickly, then compile the report.Good data collected. Now compile the report and save files.Here is the daily briefing: --- **🔭 OpenClaw Scout — Daily Briefing [2026-03-19]** **🚨 ACTION REQUIRED — Claude Code Update** Claude Code **v2.1.79** dropped yesterday (2026-03-18) with a fix that directly affects the `claude-code-bridge`: > **Fixed `claude -p` hanging when spawned as a subprocess without explicit stdin (e.g. Python `subprocess.run`)** The bridge calls `claude -p` from Python — this bug was likely causing silent hangs in escalation calls. Recommend upgrading now: `npm update -g @anthropic-ai/claude-code` Other v2.1.79 fixes: Ctrl+C working in `-p` mode, startup memory -18MB, `CLAUDE_CODE_PLUGIN_SEED_DIR` supports multiple dirs (`:` separator). Also in v2.1.77–78: **Two security fixes** — `PreToolUse` hooks could bypass `deny` rules (fixed), and silent sandbox disable when deps missing (now shows visible warning). --- **📦 New Skills Worth Considering** | Skill | What It Does | Security | Install | |-------|-------------|----------|---------| | `security-auditor` | OWASP/auth/SQL/XSS code review (updated Mar 13) | REVIEW | `npx clawhub install security-auditor --force` | | `social-media-scheduler` | Content calendar & post planning | REVIEW | `npx clawhub install social-media-scheduler --force` | | `porteden-email` | Gmail/Outlook/Exchange access via gog-cli | REVIEW | `npx clawhub install porteden-email --force` | *All three from unknown owners — needs `npx clawhub inspect <slug> --files` before installing. ClawHub showed no new/trending skills today.* **Pending from yesterday (no decision yet):** `agent-team-orchestration` (CLEAN) — still the top recommendation. --- **🔄 Installed Skill Updates** No updates available for any of the 6 installed skills (openai-whisper, skill-creator, agent-browser, proactive-agent,

Priority: normal · Urgency: low · Completed: 3/19/2026, 1:04:20 AM

Cron job: daily-openclaw-scout

Result: Now I have enough data. Let me compile the report and save state.🔭 **OpenClaw Scout — Daily Briefing | Wed March 18, 2026** --- ## New Skills Worth Considering | Skill | What It Does | Security | Install | |-------|-------------|----------|---------| | agent-team-orchestration | Structured multi-agent orchestration: roles, task lifecycle (inbox→spec→build→review→done), handoff protocols, quality gates | CLEAN | `npx clawhub install agent-team-orchestration` | --- ## Updates Available No updates detected for installed skills. All 22 skills are current. OpenClaw itself: **v2026.3.13** — you're on the latest. --- ## Ecosystem News **Claude Code shipped TWO releases yesterday (March 17):** - **[v2.1.78]** `${CLAUDE_PLUGIN_DATA}` — plugin persistent state that survives updates; `effort`/`maxTurns`/`disallowedTools` frontmatter for plugin-shipped agents; response text now streams line-by-line; **Security:** fixed silent sandbox disable when deps missing + fixed `.git`/`.claude` dirs writable in bypassPermissions mode + fixed MCP `deny` rules not actually blocking tools - **[v2.1.77]** Opus 4.6 max output bumped to **64k tokens** (128k upper bound); `SendMessage` auto-resumes stopped background agents; **Security:** fixed `PreToolUse` hooks returning `"allow"` bypassing deny rules; `/fork` renamed to `/branch` - **[v2.1.76 — Mar 14]** MCP elicitation (servers can request mid-task structured input); `PostCompact` hook; `/effort` slash command **npm — Fresh packages from March 17:** - `@filiksyos/mcptoskill` v0.3.0 — Turn any MCP server into an OpenClaw skill (could convert our Postgres/GitHub/Gmail MCPs into formal skills — **REVIEW**, unknown maintainer) - `openclaw-mcp` v1.3.0 — MCP server for OpenClaw integration (enables external MCP clients to talk to OpenClaw — **REVIEW**, unknown maintainer) --- ## Security Alerts - **None for installed skills.** agent-team-orchestration is CLEAN. - Two npm packages above need maintainer vetting before touching — not

Priority: normal · Urgency: low · Completed: 3/18/2026, 1:03:34 AM

Cron job: daily-openclaw-scout

Result: Now I have enough data to compile the report. Let me save the findings and state files.I'm unable to write files in this cron session due to permission restrictions. Returning the briefing report as text output for automatic delivery. --- 🔭 **OpenClaw Scout — Daily Briefing [2026-03-17]** ## New Skills Worth Considering | Skill | What It Does | Security | Action | |-------|-------------|----------|--------| | `notebooklm-skill` | NotebookLM research → Claude writes content pipeline (Skill + MCP) | REVIEW — unknown org | Inspect before install | **Note:** `clawhub` CLI is not installed on this system. Run `npm install -g clawhub` to enable marketplace browsing. ## Updates Available OpenClaw is current at **v2026.3.13** (latest on npm). No update needed. ## Ecosystem News — Claude Code **🚨 v2.1.77 released TODAY (Mar 17, 2026) — includes a security fix:** - **SECURITY:** PreToolUse hooks returning `"allow"` could bypass `deny` permission rules, including enterprise managed settings — **now fixed** - **Token limits:** Default max output for Opus 4.6 → 64k tokens; upper bound for Opus 4.6 + Sonnet 4.6 → **128k tokens** - **New:** `allowRead` sandbox filesystem setting (re-allow reads inside `denyRead` regions) - **New:** `/copy N` — copy Nth-latest assistant response - **Fixed:** Auto-updater memory leak (accumulating tens of GB on repeated open/close) - **Fixed:** `--resume` silently truncating recent history - **Fixed:** Compound bash commands (`cd src && npm test`) now save per-subcommand allow rules - **API change:** `SendMessage` now auto-resumes stopped agents; Agent tool no longer accepts `resume` param - **Rename:** `/fork` → `/branch` (alias still works) - Runaway bash tasks now killed at 5GB output **v2.1.76 (Mar 14):** - MCP elicitation — servers can request structured input mid-task via dialog forms - `worktree.sparsePaths` for sparse checkout in large monorepos - `PostCompact` hook, `/effort` slash command - Fixed deferred tools losing input sc

Priority: normal · Urgency: low · Completed: 3/17/2026, 2:00:56 AM

Cron job: daily-openclaw-scout

Result: **OpenClaw Scout — Daily Briefing | 2026-03-17** --- **⚠️ Scout Run Blocked — Sandbox Restrictions** This cron session is running inside Claude Code with the working directory locked to `/tmp`. All scout operations require access to paths and tools outside this sandbox: - **File access blocked:** Cannot read `memory/scout-state.json`, `memory/scout-candidates.md`, or any workspace files under `~/.openclaw/workspace/agents-workspace/atlas/` - **`npx clawhub`** — requires approval (not auto-allowed in this session) - **`python3 ~/.openclaw/workspace/tools/safe-fetch.py`** — requires approval (not auto-allowed) - **Bash tool** — restricted to `/tmp` directory only **Root cause:** The `daily-openclaw-scout` cron is configured to spawn a Claude Code session, but Claude Code's permission sandbox in this environment does not grant the elevated filesystem and shell access the scout skill requires. --- **Recommendation for Zo / Derreck:** To fix this, the cron should either: 1. Run the scout in an **OpenClaw native session** (not Claude Code), where workspace tools run without sandbox restrictions, or 2. Grant Claude Code `bypassPermissions` mode for this cron job in the OpenClaw cron config No findings could be gathered this cycle. No state file was updated (cannot write outside `/tmp`). No duplicate reporting risk since nothing was processed.

Priority: normal · Urgency: low · Completed: 3/17/2026, 1:53:06 AM

Cron job: daily-openclaw-scout

Result: --- **🗺️ ATLAS — Daily OpenClaw Scout Briefing** **Date:** Tuesday, March 17, 2026 — 1:48 AM ET **Status:** ⚠️ PARTIAL — Web search permissions unavailable --- **BLOCKER** All web search attempts failed during this scheduled run. The `WebSearch` tool is listed as available but permission was not granted for this cron-triggered session. No live scraping of ClawHub, GitHub, Twitter/X, Reddit, or Hacker News was possible. This is a **cron session permission gap** — the scout skill depends on `WebSearch` access that is authorized in interactive sessions but not automatically carried into scheduled cron runs. --- **RECOMMENDED ACTION FOR ZO / DERRECK** To fix this permanently: - Grant `WebSearch` auto-approval in OpenClaw settings (add to `allowedTools` or permission policy for cron sessions) - Or re-run this scout manually in an interactive session where `WebSearch` is authorized --- **WHAT WAS ATTEMPTED** - OpenClaw new skills search - Claude Code slash commands / hooks / features (March 2026) - MCP new servers (March 2026) - Community highlights (Reddit, HN, GitHub) - Anthropic API updates All five queries blocked at permission layer — no fabricated results included. --- **STATE** `memory/scout-candidates.md` and `memory/scout-state.json` were **not updated** this run (no new verified findings to save). Previous state is preserved as-is. --- **Next scheduled run:** Wednesday, March 18, 2026 — 1:48 AM ET **Recommendation:** Fix `WebSearch` permission for cron sessions before next run.

Priority: normal · Urgency: low · Completed: 3/17/2026, 1:49:50 AM

Cron job: daily-openclaw-scout

Result: All web/search tools are blocked in this sandboxed Claude Code environment (only `/tmp` file access is permitted). Let me write the scout state and report with what's available.All tools are requiring manual approval in this environment, which is incompatible with unattended cron execution. Here is the plain-text scout briefing for delivery: --- ## 🗺️ Atlas — OpenClaw Scout Daily Briefing **Date:** Tuesday, March 17, 2026 — 1:00 AM ET **Run type:** Scheduled cron | **Status:** ⚠️ PARTIAL — Web tools blocked --- ### SCAN STATUS This cron run could not complete web intelligence gathering. All tools (WebSearch, WebFetch, file read/write) required interactive permission approval and were not pre-authorized for this unattended session. **No external content was retrieved. No fabricated findings are reported.** --- ### ACTION REQUIRED — ROUTE TO ZO VIA DERRECK The `openclaw-scout` cron cannot self-execute until web tool permissions are pre-approved. To fix: 1. **Run the scout interactively once** — approve WebSearch + WebFetch with `allow-always` when prompted 2. **Or use the `update-config` skill** to add WebSearch and WebFetch to the permitted tool list for automated/cron sessions 3. **Re-run** after permissions are in place — the scan will then be able to check ClawHub, GitHub, Twitter/X, Reddit, and Hacker News as designed --- ### WHAT THIS SCAN WOULD COVER (when unblocked) - New/trending skills on ClawHub - Updates to installed skills (comfyui, lightrag, blog-pipeline, etc.) - New MCP servers for Claude Code ecosystem - Claude Code hooks, slash commands, and workflow tips - Security assessment of any new tooling found - State delta vs. `memory/scout-state.json` to avoid re-reporting known items --- ### SECURITY NOTE No external content was ingested this run, so no injection risk. Scout state (`memory/scout-state.json`) was not updated — the next successful run will re-check from last known state. --- **Deliver to:** Zo (via Derreck) — advisory only

Priority: normal · Urgency: low · Completed: 3/17/2026, 1:01:31 AM

Cron job: daily-openclaw-scout

Result: Unable to access web search or the atlas workspace files from this Claude Code session context — the cron is running in a sandboxed environment with access restricted to `/tmp` and web search requires permissions not granted here. Here is the briefing based on model knowledge (cutoff August 2025), with all limitations clearly flagged: --- # 🗺️ ATLAS DAILY SCOUT BRIEFING — March 16, 2026 **⚠️ PARTIAL BRIEFING — Live search tools (WebSearch, GitHub MCP) and workspace file access are not authorized in this Claude Code session. Live ClawHub scraping, Twitter/X, Reddit, and GitHub searches could not be performed. The sections below reflect pre-cutoff knowledge through August 2025. A full live scan requires permission grants or running this skill via the OpenClaw native runtime (not Claude Code subprocess).** --- ## NEW SKILLS / TOOLS *(Unverified — requires live search)* Active development areas likely to have new releases since last scout run: - **LightRAG v2.x** — Active development on graph-based hybrid retrieval. Community MCP wrappers were emerging; a stable `lightrag-mcp` server would directly benefit your knowledge base workflows. - **ComfyUI MCP Server** — Community projects wrapping ComfyUI's queue API as an MCP server were gaining traction. Would replace direct API calls in your `comfyui` skill. - **Browser Automation skills** — Playwright MCP (`@playwright/mcp`) reached official release status; your existing `Agent Browser` skill may have an official Playwright replacement worth evaluating. - **SEO MCP servers** — Wrappers for Search Console API and Ahrefs/Semrush emerging in the MCP ecosystem. --- ## CLAUDE CODE ECOSYSTEM UPDATES *(Pre-cutoff confirmed + likely trajectory)* ### Confirmed features (as of Aug 2025) | Feature | Status | Relevance | |---|---|---| | Hooks system (`PreToolUse`, `PostToolUse`, `Stop`, `Notification`) | Live | High — audit logging, lint gates, cost guards | | Custom slash commands (`.claude/commands/*.md`) | Live | High —

Priority: normal · Urgency: low · Completed: 3/16/2026, 12:39:53 PM

Cron job: daily-openclaw-scout

Result: It looks like something went wrong on your end — the message came through as `[object Object]`, which usually means a JavaScript object got sent without being serialized properly. Could you resend what you were trying to ask or share? 🗺️

Priority: normal · Urgency: low · Completed: 3/16/2026, 12:29:15 PM

Cron job: daily-openclaw-scout

Result: Now I'll follow the protocol to run the daily scan. First, let me check if there's an existing scout-state.json to avoid re-reporting skills.

Priority: normal · Urgency: low · Completed: 3/16/2026, 12:26:55 PM

Cron job: daily-openclaw-scout

Result: Now I'll run the openclaw-scout skill following the protocol. Let me start by checking if I have the required `npx` binary and then proceed with the daily scan. First, let me check the current state and then run the scans.

Priority: normal · Urgency: low · Completed: 3/16/2026, 1:00:23 AM