OpenClaw v2026.2.19 lands with a surprise consumer feature — an Apple Watch companion app — alongside one of the most extensive security hardening passes in the project’s history.
Apple Watch Companion MVP
The new Apple Watch app provides an inbox UI and notification relay, letting users read and respond to agent messages from their wrist. APNs-based wake functionality reduces invoke failures when the paired iOS app is backgrounded, and new device pairing hygiene commands make it easy to manage connected devices.
Security Overhaul
This release addresses over 30 security items across multiple subsystems:
- Gateway authorization — Rate-limited control-plane write RPCs, removed implicit admin scopes from agent tool calls, and centralized method-scope authorization.
- Plugin containment — Enforced runtime and package path containment with realpath checks, blocked unsafe plugin discovery paths, and added optional --pin for npm plugin installs.
- SSRF hardening — Enforced strict IPv4 dotted-decimal literals, blocked NAT64/6to4/Teredo IPv6 transition addresses, and guarded cron webhook delivery.
- Channel security — Hardened Feishu/Zalo webhook ingress, Discord moderation authorization, and remote attachment SSH/SCP with strict host-key verification.
Other Improvements
Agent streaming gets better with improved reasoning signal deduplication, and several Telegram fixes improve channel post handling and cron delivery. OpenClaw Launch instances will receive the update automatically.