OpenClaw v2026.2.26 ships today with external secrets management, a new agent runtime model, and expanded CLI tooling — the most feature-rich release this month from 48 contributors.
External Secrets Management
The headline feature is a complete openclaw secrets workflow with four new commands: audit, configure, apply, and reload. This enables runtime snapshot activation, allowing users to manage API keys and credentials without restarting the gateway — a major improvement for production deployments where uptime matters.
ACP Thread-Bound Agents
ACP (Agent Communication Protocol) agents are now first-class runtimes for thread sessions. This means agents can be bound to specific conversation threads with full dispatch integration and lifecycle controls, enabling more sophisticated multi-agent workflows where different agents handle different parts of a conversation.
Agent Routing CLI
New CLI commands — openclaw agents bindings, bind, and unbind — give users account-scoped route management. This makes it easier to assign agents to specific channels or contexts without editing configuration files directly.
Android Device Capabilities
Android gains a new device capability with status and info node commands, plus a notifications listing feature. This brings the Android app closer to feature parity with the desktop experience.
Security Fixes
Multiple critical security improvements landed in this release:
- Node execution approval enforcement — prevents unauthorized code execution.
- Gateway authentication path validation — closes auth bypass vectors.
- Device pairing metadata pinning — hardens the trust model.
- Workspace boundary symlink validation — blocks path traversal attacks.
- Teams media fetch SSRF guarding — prevents server-side request forgery.
- Twilio webhook replay protection — blocks message replay attacks.
Other Improvements
Codex WebSocket transport is now the default (with SSE fallback), delivery queue recovery fixes address retry starvation, and a new plugin onboarding system adds interactive configuration flows. The Telegram DM policy also gains enforced allowlist inheritance across accounts.
OpenClaw Launch instances will receive this update automatically.