Skip to content
OpenClaw VPS
Archived update

This post is kept for reference, but it is not part of the main hosted OpenClaw VPS blog feed.

OpenClaw 2026.2.1 โ€” What Shipped (Operator Guide)

Operator-focused summary of OpenClaw 2026.2.1: what shipped, what matters for hosted bots, and what to check after upgrade.

Jason Cochran
February 2, 2026
#openclaw#release-notes#operator-guide#update

This post covers what shipped in v2026.2.1 and what it means for OpenClaw VPS operators.

What shipped

Changes

  • Docs: onboarding/install/i18n/exec-approvals/Control UI/exe.dev/cacheRetention updates + misc nav/typos. (#3050, #3461, #4064, #4675, #4729, #4763, #5003, #5402, #5446, #5474, #5663, #5689, #5694, #5967, #6270, #6300, #6311, #6416, #6487, #6550, #6789)
  • Telegram: use shared pairing store. (#6127) Thanks @obviyus.
  • Agents: add OpenRouter app attribution headers. Thanks @alexanderatallah.
  • Agents: add system prompt safety guardrails. (#5445) Thanks @joshp123.
  • Agents: update pi-ai to 0.50.9 and rename cacheControlTtl -> cacheRetention (with back-compat mapping).
  • Agents: extend CreateAgentSessionOptions with systemPrompt/skills/contextFiles.
  • Agents: add tool policy conformance snapshot (no runtime behavior change). (#6011)
  • Auth: update MiniMax OAuth hint + portal auth note copy.
  • Discord: inherit thread parent bindings for routing. (#3892) Thanks @aerolalit.
  • Gateway: inject timestamps into agent and chat.send messages. (#3705) Thanks @conroywhitney, @CashWilliams.
  • Gateway: require TLS 1.3 minimum for TLS listeners. (#5970) Thanks @loganaden.
  • Web UI: refine chat layout + extend session active duration.
  • CI: add formal conformance + alias consistency checks. (#5723, #5807)

Fixes

  • Plugins: validate plugin/hook install paths and reject traversal-like names.
  • Telegram: add download timeouts for file fetches. (#6914) Thanks @hclsys.
  • Telegram: enforce thread specs for DM vs forum sends. (#6833) Thanks @obviyus.
  • Streaming: flush block streaming on paragraph boundaries for newline chunking. (#7014)
  • Streaming: stabilize partial streaming filters.
  • Auto-reply: avoid referencing workspace files in /new greeting prompt. (#5706) Thanks @bravostation.
  • Tools: align tool execute adapters/signatures (legacy + parameter order + arg normalization).
  • Tools: treat "*" tool allowlist entries as valid to avoid spurious unknown-entry warnings.
  • Skills: update session-logs paths from .clawdbot to .openclaw. (#4502)
  • Slack: harden media fetch limits and Slack file URL validation. (#6639) Thanks @davidiach.
  • Lint: satisfy curly rule after import sorting. (#6310)
  • Process: resolve Windows spawn() failures for npm-family CLIs by appending .cmd when needed. (#5815) Thanks @thejhinvirtuoso.
  • Discord: resolve PluralKit proxied senders for allowlists and labels. (#5838) Thanks @thewilloftheshadow.
  • Tlon: add timeout to SSE client fetch calls (CWE-400). (#5926)
  • Memory search: L2-normalize local embedding vectors to fix semantic search. (#5332)
  • Agents: align embedded runner + typings with pi-coding-agent API updates (pi 0.51.0).
  • Agents: ensure OpenRouter attribution headers apply in the embedded runner.
  • Agents: cap context window resolution for compaction safeguard. (#6187) Thanks @iamEvanYT.
  • System prompt: resolve overrides and hint using session_status for current date/time. (#1897, #1928, #2108, #3677)
  • Agents: fix Pi prompt template argument syntax. (#6543)
  • Subagents: fix announce failover race (always emit lifecycle end; timeout=0 means no-timeout). (#6621)
  • Teams: gate media auth retries.
  • Telegram: restore draft streaming partials. (#5543) Thanks @obviyus.
  • Onboarding: friendlier Windows onboarding message. (#6242) Thanks @shanselman.
  • TUI: prevent crash when searching with digits in the model selector.
  • Agents: wire beforetoolcall plugin hook into tool execution. (#6570, #6660) Thanks @ryancnelson.
  • Browser: secure Chrome extension relay CDP sessions.
  • Docker: use container port for gateway command instead of host port. (#5110) Thanks @mise42.
  • fix(lobster): block arbitrary exec via lobsterPath/cwd injection (GHSA-4mhr-g7xj-cg8j). (#5335) Thanks @vignesh07.
  • Security: sanitize WhatsApp accountId to prevent path traversal. (#4610)
  • Security: restrict MEDIA path extraction to prevent LFI. (#4930)
  • Security: validate message-tool filePath/path against sandbox root. (#6398)
  • Security: block LD/DYLD env overrides for host exec. (#4896) Thanks @HassanFleyah.
  • Security: harden web tool content wrapping + file parsing safeguards. (#4058) Thanks @VACInc.
  • Security: enforce Twitch allowFrom allowlist gating (deny non-allowlisted senders). Thanks @MegaManSec.

What matters for hosted operators

  • Validate channel delivery behavior (web chat + Telegram).
  • Verify model/provider settings and fallback behavior.
  • Run a smoke test after deploy: message flow, tool call, and response quality.

Post-upgrade checklist

  1. Send/receive test messages in active channels.
  2. Confirm bot settings and auth paths still behave as expected.
  3. Check billing/usage visibility and dashboard status.
  4. Log regressions immediately and keep rollback notes.

Related reading

Start your free 7-day Pro trial

Source

  • https://github.com/openclaw/openclaw/releases/tag/v2026.2.1

Get the free guide

Get the free plain-English PDF on the 10 costly mistakes people make when hosting an AI assistant themselves, plus a few short follow-up tips.

Ready to run OpenClaw without infrastructure headaches?

Start your free 7-day Pro trial on OpenClaw VPS and get a production-ready bot online with managed hosting, updates, and support.

Start your free 7-day Pro trialWhy OpenClaw VPS
Share this post

Related Posts

OpenClaw Troubleshooting Hub: BYOK, Web Chat, Telegram, and VPS Fixes

A troubleshooting hub for the most common OpenClaw VPS setup issues, from invalid BYOK keys to Telegram replies and private access confusion.

OpenClaw Tips and Tricks: Practical Setup, Hosting, and Workflow Guide

A plain-English hub for OpenClaw setup, VPS hosting, BYOK, Telegram, web chat, private access, security, troubleshooting, release notes, and first useful workflows.

Claude Opus 4.7: What It Means for Personal AI Assistants

Claude Opus 4.7 is Anthropic's latest Opus model, built for long-running asynchronous agents and carrying forward the coding and agentic focus of Opus 4.6.

Back to Blog

Free plain-English PDF

Get the free DIY VPS checklist

Before you host an AI assistant yourself, learn the 10 common mistakes that cause downtime, lost keys, missed alerts, and painful recovery work.

Send me the free PDF

We will send the plain-English PDF on the 10 costly mistakes people make when hosting an AI assistant themselves, plus short follow-up tips. Unsubscribe anytime.