AI Agent Changelog

/rewind can now restore conversation state from before a /clear was run, and hooks configured with a comma-separated matcher like "Bash,PowerShell" — which had been silently never firing — work again. Stopping a background agent from the tasks panel is now permanent (no more resurrecting), and hosts you allow with "Yes" in the sandbox network dialog are remembered for the session. Also improves MCP capability-discovery reliability, plus Windows Terminal /login URL wrap, Ghostty Cmd+click, and managed-settings MDM-refresh fixes. (v2.1.190 was bug-fixes only.)

Full entry → Affects: /openclaw/, /openclaw/configuration/, /openclaw/security/, /claude-cowork/

v0.0.67 switches the DGX Spark express install to configure managed local vLLM by default instead of Ollama, and hardens onboarding recovery: an install interrupted before the sandbox was created now starts fresh instead of dead-ending on a forced --resume. LangChain Deep Agents Code is branded as its own product (no longer printing the OpenClaw name during onboarding), channels add is rejected up front on agents that declare no messaging support (before any destructive rebuild), and a doubled nvidia/nvidia/ model-namespace bug is fixed.

Full entry → Affects: /nemoclaw/, /nemoclaw/setup/, /nemoclaw/local-gpu/

OpenAI updated the chat-latest snapshot, which points to the latest Instant model currently used in ChatGPT, so API callers can test the newest chat-side improvements. OpenAI still recommends GPT-5.5 for production API usage — chat-latest is a moving target for experimentation, not a pin. Minor, but worth noting if you pin model snapshots.

Full entry → Affects: /chatgpt/, /chatgpt/pricing/, /chatgpt/api-vs-chat/

Adds a sandbox.credentials setting that blocks sandboxed commands from reading credential files and secret environment variables, and surfaces org-configured model restrictions across the model picker, --model, /model, and ANTHROPIC_MODEL. Remote MCP tool calls that used to hang for 5 minutes now abort with an error (CLAUDE_CODE_MCP_TOOL_IDLE_TIMEOUT). Fixes structured output (--json-schema / workflow agent({schema})) so the model can't re-call StructuredOutput indefinitely, plus pasted CJK mojibake, stuck background jobs, and dropped channel connections.

Full entry → Affects: /openclaw/, /openclaw/security/, /openclaw/configuration/, /claude-cowork/

v0.0.66 retires the generated docs-to-skills pipeline and the per-topic nemoclaw-user-* skill trees in favor of a single compact nemoclaw-user-guide skill that routes AI agents to canonical docs via the docs MCP server, llms.txt, and variant Markdown pages (the old llms-full.txt path is deprecated). Also fixes the Discord per-account proxy (drops a non-loopback proxy OpenClaw rejects, falling back to the managed proxy so the gateway reaches READY) and adds an integration: dcode routing label for LangChain Deep Code work.

Full entry → Affects: /nemoclaw/, /nemoclaw/skills/, /nemoclaw/policy/

Adds claude mcp login <name> / claude mcp logout <name> to authenticate MCP servers from the CLI (with a --no-browser stdin path for completing over SSH). Behavior change: ! bash commands now make Claude respond to the output automatically — set "respondToBashCommands": false to keep the old context-only behavior. Also: status filtering (f) in /workflows, a Skills section in /plugin, and teammateMode: "iterm2". Fixes post-sleep "Content block not found" streaming errors and enforces Agent() deny rules for named subagent spawns.

Full entry → Affects: /openclaw/, /openclaw/configuration/, /openclaw/skills-guide/, /claude-cowork/

v7.3.53 restores bounded text-file reads and stops zero-limit pagination and Unicode truncation from producing unusable tool output — reading files behaves correctly again after a recent regression. v7.3.54 has no notable changes. (The larger opencode v1.15.13 upstream sync landed in v7.3.52, covered on the 22nd.)

Full entry → Affects: /kilocode/, /kilocode/setup/

No new release, but an experimental LangChain "Deep Agents Code" harness (#5197) — a terminal-oriented agent NemoClaw can onboard, status-check, log, and snapshot without an in-sandbox gateway. Also: a realigned DGX Spark Qwen3.6 vLLM recipe (#5612) and a sandbox gateway serving watchdog. The rest of the day was a large internal sweep migrating shell E2E tests to live Vitest coverage.

Full entry → Affects: /nemoclaw/, /nemoclaw/local-gpu/, /nemoclaw/skills/

A new monorepo package, ironclaw_skill_learning, gets its first 0.1.0 tag — an initial skill-learning module within the IronClaw repo. The core ironclaw CLI stays at v0.29.1. Release notes are minimal; worth watching as the capability matures, nothing to act on yet.

Full entry → Affects: /ironclaw/, /ironclaw/skill-allowlisting/

A large opencode upstream sync (v1.15.9 → v1.15.13). Adds a configurable provider headerTimeout (10s default for stock OpenAI), poll-free background agents, partial modalities config, and upward config loading so directory-specific settings apply more predictably in nested projects. Sessions can now store custom metadata via the API/SDK, plus opt-in WebSocket transport for OpenAI responses. Bugfixes: dynamically-added MCP servers disconnect cleanly when removed; DigitalOcean inference uses your OAuth token directly. (v7.3.51 had no notable changes.)

Full entry → Affects: /kilocode/, /kilocode/models/, /kilocode/orchestrator/, /kilocode/setup/

No new release, but a worthwhile onboarding fix: nemoclaw onboard now shows a numbered agent-selection picker (OpenClaw default, then Hermes, etc.) instead of silently configuring OpenClaw (#5469). Onboarding also auto-detects resume from an interrupted session (#5487), and exec --workdir now validates the directory exists with a friendly error (#5499). Rest of the day was internal: advisor tooling, an inventory refactor, and more Vitest E2E migrations.

Full entry → Affects: /nemoclaw/, /nemoclaw/setup/, /nemoclaw/switching-providers/

A one-line UX fix: when a response is slow to start streaming, Claude Code now shows "Waiting for API response · will retry in …" instead of the alarming "No response from API · Retrying in …", and only after 20 seconds of silence rather than 10. Fewer false-alarm "retrying" flashes on a healthy connection; no config or behavior change beyond the wording and timing.

Full entry → Affects: /openclaw/, /openclaw/troubleshooting/, /claude-cowork/

No new release (still v0.0.65). The last 24h on main were internal-only: more live end-to-end tests migrated from shell to typed Vitest (Kimi, Hermes inference switch, Brave search, device-auth health, stale-sandbox upgrade), CI that auto-retries flaky live E2E runs (#5549), and ongoing onboarding/registry nullability cleanup. The PR Review Advisor now labels findings by urgency (#5567). No user-visible change.

Full entry → Affects: /nemoclaw/

Hermes extends its reach: a new iMessage channel via Photon's managed line pool (no Mac relay, no BlueBubbles bridge — the explicit BlueBubbles successor), the Raft agent network, background subagents, image editing, and Cursor's Composer model via an xAI Grok subscription. The web dashboard gained a profile builder and secure login, the Skills Hub browser was rehauled, the memory tool got a major upgrade, and the curator stopped burning aux-model budget on every routine run. ~1,475 commits and 300+ issues closed since v0.16.0, plus a security round.

Full entry → Affects: /hermes/, /hermes/setup/, /hermes/telegram/, /hermes/dashboard/, /hermes/memory/, /hermes/free-models/

Kilo Gateway models that can run on an enabled personal or organization provider key now show a BYOK badge. Custom providers are described independently of their selected API protocol, reverted provider errors are hidden so Redo controls stay visible after rewinding a session, diff highlighting keeps changed identifiers intact, and completion sounds are limited to parent agent sessions. A polish release atop the v7.3.48–49 custom-provider work.

Full entry → Affects: /kilocode/, /kilocode/models/, /kilocode/orchestrator/

Claude Fable 5 launched June 9 (a Mythos-class model made safe for general use). On June 12, access to Fable 5 and Mythos 5 was temporarily suspended with restoration underway; both are selectable again now. If a Cowork or Claude Code workflow pinned Fable 5 during that window and hit model-unavailable errors, that's the cause — no action needed for anyone on default models.

Full entry → Affects: /claude-cowork/, /claude-cowork/system-prompts/

No new release (still v0.0.65). The last 24h on main were internal-only: onboarding flow-context refactors, live-scenario test migrations to Vitest, a CI guardrail blocking net-new if branching in changed test files, and CLI test-timeout fixes. One contributor-facing note: NemoClaw moved its release workflow from PR-based to tag-based (#5545). No user-visible change.

Full entry → Affects: /nemoclaw/

Auto mode now blocks destructive commands you didn't ask for: git reset --hard, git checkout -- ., git clean -fd, git stash drop, an unowned git commit --amend, and terraform/pulumi/cdk destroy unless you named the stack. Scheduled-task and webhook deliveries can no longer approve a pending action (they're now task notifications, not keyboard input), and MCP auth-stub tools no longer leak to the model in headless/SDK mode. Adds attribution.sessionUrl and /config --help; fixes WebSearch in subagents and Windows Terminal TUI corruption.

Full entry → Affects: /openclaw/, /openclaw/security/, /openclaw/configuration/, /openclaw/setup/

The Claude API retired claude-sonnet-4-20250514 and claude-opus-4-20250514 — requests to either now return an error instead of routing elsewhere. Anything pinning those -20250514 snapshots (SOUL.md, agent frontmatter, SDK calls, CI) breaks until migrated; Anthropic recommends upgrading to Claude Sonnet 4.6 and Claude Opus 4.8. Cowork/Claude Code users on the latest defaults are unaffected.

Full entry → Affects: /claude-cowork/, /claude-cowork/vs-api/, /claude-cowork/pricing/

A documentation-only commit adds nemoclaw-contributor-onboard-messaging-channel — a guided workflow for adding a new messaging channel through NemoClaw's manifest-first messaging architecture — plus a src/lib/messaging/AGENTS.md documenting package boundaries and channel extension points. Contributor-facing only, no user-visible change. Still on v0.0.65.

Full entry → Affects: /nemoclaw/skills/

You can now set any setting straight from the prompt with /config key=value (e.g. /config thinking=false) in interactive, -p, and Remote Control modes. A new CLAUDE_CLIENT_PRESENCE_FILE mutes mobile push while you're at the machine; the bundled Bun runtime moves to 1.4; long paragraphs stream line-by-line; and fixes land for prompt caching on custom base URLs/Foundry and 0-byte writes on network/cloud-synced drives.

Full entry → Affects: /openclaw/, /openclaw/configuration/, /openclaw/cost-optimisation/, /openclaw/setup/

A one-click "Import Sessions from Roo Code" button migrates an existing Roo Code installation's conversation history. Custom providers gain much richer support — multiple provider APIs, adaptive thinking, split reasoning, and output-effort variants. Plus opt-in attention sounds when sessions finish/error/need input, Agent Manager tab management, and an open-PR shortcut (Cmd/Ctrl+Shift+R). Both pre-release.

Full entry → Affects: /kilocode/, /kilocode/setup/, /kilocode/models/, /kilocode/orchestrator/

A new OpenClaw-only TELEGRAM_GROUP_POLICY (open/allowlist/disabled, default open) controls group-chat access, with declarable messaging-config defaults; Hermes has no equivalent. The Hermes env-file secret boundary is now enforced on the recover probe path (an injected TELEGRAM_BOT_TOKEN no longer survives recovery). Three bug fixes: non-interactive build-credential reuse, Local Ollama first-turn compaction budget, and host-path resolution for sandbox download/upload. Still on v0.0.65.

Full entry → Affects: /nemoclaw/, /nemoclaw/setup/, /nemoclaw/switching-providers/

v2.1.178 adds Tool(param:value) permission rules that match a tool's input parameters (e.g. Agent(model:opus) to block Opus subagents), loads skills from nested .claude/skills directories, and runs auto-mode subagent spawns through the classifier before launch. v2.1.176 hardens availableModels enforcement so ANTHROPIC_DEFAULT_*_MODEL env vars and /fast can't escape the allowlist, and generates session titles in your conversation's language. v2.1.179 preserves partial responses on mid-stream drops and fixes WSL2 mouse-wheel scrolling.

Full entry → Affects: /openclaw/, /openclaw/security/, /openclaw/configuration/, /openclaw/skills-guide/

Semantic-search indexing now uses an embedded LanceDB vector store by default, so it works without a separate Qdrant server (Qdrant still selectable via indexing.vectorStore). VS Code onboarding gains an agent-autonomy preset and Kilo Gateway catalog-model deep links; task subagents support model-specific reasoning overrides; and reverted sessions restore on the first Redo click.

Full entry → Affects: /kilocode/, /kilocode/setup/, /kilocode/models/, /kilocode/orchestrator/

v0.0.65 release notes published. Beneath the usual test-migration and complexity-refactor churn, three user-facing changes: insecure temporary-file creation is hardened (private mkdtemp dirs + atomic rename for SSH config and /tmp writes); contributor PRs now require a PR-body DCO declaration and GitHub-verified commit signatures before creation; and a new enterprise-readiness reference plus clarified sub-agent setup prerequisites land in the docs.

Full entry → Affects: /nemoclaw/, /nemoclaw/setup/, /nemoclaw/skills/

Anthropic's Claude apps and API release-notes pages both changed. The monitor detected the updates; the pages render entries client-side and expose no machine-readable content, so check the apps and API pages directly.

Full entry → Affects: /claude-cowork/, /claude-cowork/pricing/

v2.1.175 adds the enforceAvailableModels managed setting: the availableModels allowlist now also constrains the Default model (a disallowed Default falls back to the first allowed model), and user/project settings can no longer widen a managed list. v2.1.174 lands a broad fix batch — the /model picker now shows the family Default resolves to, background sessions no longer inherit another session's ANTHROPIC_* provider env, Bedrock GovCloud (us-gov-*) inference profiles resolve correctly, skill hot-reload re-announces only changed skills, and VSCode /usage gains a usage-attribution breakdown.

Full entry → Affects: /openclaw/, /openclaw/setup/, /openclaw/configuration/, /openclaw/security/, /claude-cowork/

github dropped from the Hermes policy baseline — Hermes sandboxes no longer get unscoped github.com / api.github.com access by default; it now ships only via an opt-in preset (a least-privilege tightening, matching OpenClaw). Also: the Hermes WhatsApp bridge deps are preinstalled so hermes whatsapp starts cleanly, Docker Desktop WSL GPU onboarding errors are classified with actionable recovery hints, stale Hermes Discord rebuild plans are refreshed, and the managed-vLLM model catalog is updated. The rest of the batch is test migrations and onboard.ts refactors with no user-facing change.

Full entry → Affects: /nemoclaw/, /nemoclaw/policy/, /nemoclaw/local-gpu/, /nemoclaw/skills/, /hermes/

Anthropic's Claude apps release notes page changed again. The monitor detected the update; the page exposes no machine-readable entries, so check the official page for specifics.

Full entry → Affects: /claude-cowork/, /claude-cowork/projects/

v2.1.172 ships recursive sub-agent spawning up to 5 levels deep, auto-compaction for stuck 1M-context sessions, Amazon Bedrock region auto-detection from ~/.aws/config, a plugin-marketplace search bar, and a slate of background-agent and model-picker fixes. v2.1.173 normalizes Fable 5 model names (strips the redundant [1m] suffix) and suppresses a spurious Windows sandbox warning.

Full entry → Affects: /openclaw/, /openclaw/setup/, /openclaw/configuration/, /openclaw/cost-optimisation/, /claude-cowork/

OpenClaw scope-upgrade approval recovery: same-device replacement requests that include operator.admin are now handled correctly instead of failing. Gateway healthcheck fix: Docker-driver containers no longer show (unhealthy) on fresh onboard. Plus WSL/macOS CLI dispatch stability and a security-docs correction (four → five protection layers). Remaining commits are internal refactors.

Full entry → Affects: /nemoclaw/, /nemoclaw/setup/, /nemoclaw/policy/, /nemoclaw/local-gpu/

Adds a Fork Session button on completed Agent Manager sessions. Task timelines now stay pinned while reviewing history and resume auto-scroll at the bottom. JetBrains reasoning blocks stream live, auto-collapse when done, hide when empty, and merge adjacent blocks. Chat auto-scroll pauses when the user scrolls up through nested tool output.

Full entry → Affects: /kilocode/, /kilocode/setup/, /kilocode/models/, /kilocode/orchestrator/

Sandbox auto-recovery post-reboot: nemoclaw status now walks Docker labels to restart stopped containers (or rename backup containers) and returns a live sandbox without manual intervention. CDI GPU fix: On Ubuntu 24.04+/26.04 hosts with NVIDIA CDI, onboarding now correctly prefers --device nvidia.com/gpu=all over --gpus all, preventing the supervisor reconnect failure that caused onboard to abort on those hosts. Remaining commits are internal test-infrastructure refactors with no user-facing changes.

Full entry → Affects: /nemoclaw/, /nemoclaw/setup/, /nemoclaw/local-gpu/

v2.1.170 ships Claude Fable 5 — a Mythos-class model Anthropic describes as the most capable they have ever made generally available. Update via npm update -g @anthropic-ai/claude-code to unlock it. Also fixes transcript saving for sessions launched from the VS Code integrated terminal (those sessions were silently missing from --resume).

v2.1.169 adds three operator/developer features: --safe-mode flag (CLAUDE_CODE_SAFE_MODE) disables all customizations for clean troubleshooting; /cd command changes working directory mid-session without breaking the prompt cache; disableBundledSkills setting hides all built-in slash commands and skills for locked-down deployments. Bug fixes include: multi-line Up/Down arrow navigation, enterprise MCP policy enforcement on reconnect, 30–50ms macOS startup stall, Windows claude -p slowness, Remote Control OAuth reconnect, Windows Git Credential Manager popup, custom statusline footer hints, stale remote session prompts, and claude agents --json omissions.

Full entry → Affects: /openclaw/, /openclaw/setup/, /openclaw/configuration/, /openclaw/security/, /claude-cowork/

Shows Terminal Bench completion scores and per-attempt costs in supported model details. Restores cloud session filesystem changes from synced session diffs when importing forked sessions. Patch: fixes agent-manager model sync on config change; adds pointer cursor for clickable Kilo webview controls.

Full entry → Affects: /kilocode/, /kilocode/models/

New nemoclaw <name> agents list CLI command completes the host-side agent lifecycle surface (add/delete shipped earlier). Major reliability fixes: Ollama onboarding now works on Windows and minimal Linux distros lacking nc (netcat); WhatsApp pairing QR now renders compact and scannable; CUDA properly initializes on Jetson Tegra via device-node group grant; tmux PTY allocation fixed inside OpenClaw sandbox; GPU local inference routing corrected for host-network setups. Security: dashboard port 8642 (reserved for Hermes API) now rejected host-side before sandbox creation. Config permissions restored after raw openclaw doctor --fix. Hermes config.yaml now shows upstream provider and model.

Full entry → Affects: /nemoclaw/, /nemoclaw/setup/, /nemoclaw/local-gpu/, /nemoclaw/switching-providers/

No new user-facing CLI features today. NemoClaw's June 7–8 batch fixes broken session resume snapshots (#4938): completed onboarding sessions reopened for rebuild now have machine state repaired before the record-only replay, and messaging provider verification no longer emits a misleading "missing provider" warning. The onboarding FSM was also refactored to support returning result sequences from handlers — enabling multi-step provider/inference retry flows without stale context. Triage policy taxonomy docs were tightened for integration routing (Hermes, OpenClaw, Windows ARM). CI Docker Hub auth now retries transient timeouts and falls back to anonymous pulls.

Full entry → Affects: /nemoclaw/, /nemoclaw/setup/, /nemoclaw/policy/

v2.1.166 adds a fallbackModel setting (up to three fallback models tried in order when the primary is overloaded) and an auto-retry behavior for unexpected non-retryable API errors. Security hardening: SendMessage relays from other Claude sessions no longer carry user authority, closing a privilege-escalation path in multi-agent setups. Glob patterns now work in deny rule tool-name positions; MAX_THINKING_TOKENS=0 reliably disables thinking on models that think by default. Bug fixes: unprocessable-image token inflation fixed, JetBrains terminal flicker fixed, Kitty keyboard protocol Shift+non-ASCII input fixed, Windows PowerShell validation hang fixed. v2.1.167 and v2.1.168 are reliability follow-ons.

Full entry →  ·  v2.1.166 → Affects: /openclaw/, /openclaw/setup/, /openclaw/configuration/, /openclaw/security/, /claude-cowork/

Hermes v0.16.0 is the project's largest release: a native desktop app for macOS, Windows, and Linux (no browser required); a full web-based admin panel at localhost:9119; Quick Setup for first-run configuration; and an /undo command for reversing the last agent action. The desktop app bundles the Hermes daemon so installation is a single download.

Full entry → Release notes → Affects: /hermes/, /hermes/setup/, /hermes/dashboard/

v7.3.40 ships three chat auto-scroll stability fixes addressing cases where the conversation view would drift or jump during active streaming. v7.3.39 was an internal build iteration.

Full entry → Release notes → Affects: /kilocode/

The ENOTCACHED error blocking "Add MCP" and skill installers when NPM_CONFIG_OFFLINE=true is fixed. The vLLM inference container now launches with --restart unless-stopped so it survives host reboots without re-running onboard. macOS + Colima users with an HTTP_PROXY set no longer see streaming completions stall for up to 120 s. nemoclaw doctor can now verify a local openshell-gateway process when Docker inspection is unavailable.

Full entry → Commit log → Affects: /nemoclaw/, /nemoclaw/setup/, /nemoclaw/local-gpu/

Org admins can now pin Claude Code to an approved version range via requiredMinimumVersion and requiredMaximumVersion managed settings — Claude Code refuses to start outside the range and directs users to an approved build. New /plugin list command shows installed plugins with --enabled/--disabled filters. The /btw panel gains a "c to copy" shortcut for raw-markdown clipboard export.

Hooks gain power: Stop and SubagentStop hooks can return hookSpecificOutput.additionalContext to feed Claude feedback without triggering a hook error state. Skills pick up a \$ escape for literal dollar signs before digits in command bodies. stdio MCP servers now receive CLAUDE_CODE_SESSION_ID on --resume. Bug fixes: claude -p no longer hangs after its final result; Bedrock/Vertex/Foundry CI no longer fails with "ANTHROPIC_API_KEY required"; the v2.1.154 $TMPDIR regression that broke bazel/EDR Go workflows is fixed; Windows OneDrive/read-only session-env path errors resolved; org-managed permission rules now apply for the full session from startup. v2.1.165 follows with additional reliability fixes.

v2.1.163 →  ·  v2.1.165 → Affects: /openclaw/, /openclaw/setup/, /openclaw/configuration/, /openclaw/security/, /openclaw/cost-optimisation/, /openclaw/skills-guide/, /claude-cowork/, /claude-cowork/setup/

Fixes a macOS Apple Silicon startup crash caused by malformed bundled exports in the CLI. Users on M-series Macs who found the CLI failing to launch should update immediately. Versions v7.3.30–v7.3.32 were internal build-process iterations with no user-facing changes.

Release notes → Affects: /kilocode/, /kilocode/setup/

v0.0.59 release notes published. Two new egress presets ship: weather (public geocoding/weather APIs) joins the balanced tier by default; public-reference joins the open tier. Nemotron 3 Ultra 550B-A55B (550B total / 55B active, 1M context) is now selectable as a second curated NVIDIA Endpoints model.

Runtime fix: NemoClaw's internal <nemoclaw-runtime> sandbox policy block no longer leaks into the visible chat UI on the third turn — now correctly injected into the system prompt. Inference routing fixed: nemoclaw inference set now correctly resolves Anthropic Messages API routes after provider switch, preventing the 403 connection not allowed by policy regression. GPU patch hardening: Docker GPU reconnect window extended from ~10 s to ~30 s; automatic rollback to backup container on reconnect failure. DGX Spark now uses stable NGC vLLM 26.05.post1 instead of upstream nightly.

Commit log → Affects: /nemoclaw/, /nemoclaw/setup/, /nemoclaw/policy/, /nemoclaw/local-gpu/, /nemoclaw/switching-providers/

omni-moderation-latest now returns moderation scores directly in Responses API and Chat Completions API responses. Pass a moderation object in a generation request to receive input and output moderation results in a single call, eliminating the need for a separate moderation API round-trip.

Platform changelog → Affects: /chatgpt/, /chatgpt/tips/

claude agents --json now includes a waitingFor field showing exactly what a waiting session is blocked on (e.g. a pending permission prompt), making multi-agent pipelines easier to monitor and script. Slash-command autocomplete changes: clicking a command now fills it into your prompt instead of running it immediately — press Enter to confirm. /effort now confirms when your chosen level persists as the default for new sessions. Remote Control moves from a startup banner to a persistent footer pill with a direct session link.

Two IDE fixes: explicitly listing Grep/Glob in --tools now correctly activates the dedicated search tools on native builds (previously silently ignored); Windsurf is renamed to Devin Desktop in /ide, /terminal-setup, and /scroll-speed. Key bug fixes: startup no longer hangs when the config dir is read-only — Claude Code falls back to in-memory config and surfaces the error; WebFetch explicit deny/ask/allow rules now take precedence over the preapproved-host auto-allow; Windows path permission rules now match backslash-spelled and case-variant paths; Esc at the start of a turn is no longer silently dropped in stream-json/SDK sessions; MCP per-server timeouts below 1000 ms are no longer floored to a 1-second watchdog.

Release notes → Affects: /openclaw/, /openclaw/setup/, /openclaw/configuration/, /openclaw/security/, /openclaw/cost-optimisation/, /claude-cowork/, /claude-cowork/setup/

Temperature is now plumbed through the Responses API on the IronClaw web interface. A bug where v1 conversation history was not correctly scoped for channel conversations is fixed — this could previously cause context bleeding between channels. WeCom is added as a new release distribution target.

Release notes → Affects: /ironclaw/, /ironclaw/setup/, /ironclaw/configuration/

v7.3.28: free models that may use prompts for training are now marked with a brain-circuit icon in the model picker. Marketplace skill installation is resilient to missing project directories and concurrent installs. Post-compaction tool calls appear in the correct order in CLI and VS Code. Cloud Agent session transcripts are restored in VS Code previews and stalled cloud session loading no longer hangs.

v7.3.29 (JetBrains focus): hidden session UIs are disposed after a configurable timeout to reduce memory use; session stability improved by keeping subscription state on the UI thread; markdown code blocks now render as full-height multiline boxed editors; streaming performance improved by retaining existing views while responses stream. JetBrains rc.6 ensures the model picker highlights training-eligible models.

Release notes → Affects: /kilocode/, /kilocode/setup/, /kilocode/models/, /kilocode/security/

v0.0.58 release documentation is now published. Hermes chat completions broken by an incorrect method-binding patch are fixed — the messaging response normalizer was converting an instance method to a staticmethod, causing a missing content argument error on Bedrock-compatible backends. HTTP_PROXY, HTTPS_PROXY, and NO_PROXY are now forwarded into the sandbox during nemoclaw onboard. WSL2 + Docker Desktop GPU support on ARM (N1X) is improved with the correct aarch64 CUDA proof image; nemoclaw status now reports actual CUDA proof results instead of treating any configured GPU as healthy. Hermes startup clears stale Tirith download_failed markers before command dispatch; Docker-unreachable errors now produce immediate platform-specific recovery guidance instead of waiting several minutes.

Commit log → Affects: /nemoclaw/, /nemoclaw/setup/, /nemoclaw/local-gpu/, /nemoclaw/policy/

OpenAI announced the deprecation of reusable prompt objects, the Evals platform, and Agent Builder. Shutdown timelines and migration guidance are on the OpenAI deprecations page. Teams using the Evals platform for evaluation pipelines or Agent Builder for automations should review migration paths before shutdown.

Release notes → Affects: /chatgpt/, /chatgpt/pricing/, /chatgpt/custom-gpts/, /chatgpt/tips/

Critical enterprise fix: forceLoginOrgUUID and forceLoginMethod managed-settings policies were incorrectly blocking third-party provider sessions (Bedrock, Vertex, Foundry, Mantle) when used alongside an org pin — a regression introduced in v2.1.146. Enterprises on those providers should update immediately. Beyond the fix, v2.1.161 adds OTEL dimension slicing: OTEL_RESOURCE_ATTRIBUTES values are now included as labels on metric datapoints so teams can slice usage metrics by custom dimensions like team or repo. The claude agents view shows done/total progress when work is fanned out, and /mcp collapses claude.ai connectors you've never signed in to behind a "Show unused connectors" row. Parallel tool calls are more resilient: a failed Bash command no longer cancels other calls in the same batch. Linux fullscreen clipboard now uses wl-copy/xclip/xsel and copies to both clipboard and PRIMARY selection for middle-click paste. Additional fixes: /effort dialog and animations now honor "Reduce motion"; claude -p stdout no longer corrupted by background subagent output; /autofix-pr handles git worktrees correctly; Windows bash hooks no longer fail with "command not found."

Release notes → Affects: /openclaw/, /openclaw/setup/, /openclaw/skills-guide/, /openclaw/configuration/, /openclaw/security/, /openclaw/cost-optimisation/, /claude-cowork/, /claude-cowork/setup/

The v0.0.57 release notes are now fully published, covering host-side sessions and agents commands, managed vLLM progress, DGX Spark model defaults, UFW auto-remediation, Slack channel validation, and installer tag pinning. Inference improvements: vLLM local sandboxes now auto-detect the real context window from /v1/models.max_model_len during onboard, so generated OpenClaw config reflects the actual server limit. DeepSeek V4 Pro and Kimi K2.6 now work with fetch-based OpenAI-compatible requests, fixing broken Discord and WeChat channel traffic. A long-standing silent behavior is fixed: nemoclaw connect used to silently revert model-route changes; it now prints a loud warning naming the mismatch even in --probe-only mode. Installer docs corrected: NEMOCLAW_INSTALL_TAG must precede curl, not bash; missing refs now fail with a clear error instead of silently falling back to lkg. Managed vLLM downloads now stream native Hugging Face progress output.

Commit log → Affects: /nemoclaw/, /nemoclaw/setup/, /nemoclaw/policy/, /nemoclaw/local-gpu/, /nemoclaw/switching-providers/, /nemoclaw/skills/

Starting June 2, 2026, OpenAI container sessions are billed per-minute with a 5-minute minimum, replacing the previous flat 20-minute session rate. The underlying per-minute rate is unchanged — this is a billing granularity improvement. Short-lived container tasks now cost proportionally less: a 6-minute session that previously billed as 20 minutes now bills for 6. No changes to the API, SDKs, or non-container workloads.

Release notes → Affects: /chatgpt/, /chatgpt/pricing/, /chatgpt/tips/

Security-focused patch with multiple hardening improvements. Claude Code now prompts before writing to shell startup files (.zshenv, .zlogin, .bash_login, ~/.config/git/) — changes that could otherwise execute silently in every new shell session. In acceptEdits mode, build-tool config files that grant code execution (.npmrc, .yarnrc*, bunfig.toml, .bazelrc, .pre-commit-config.yaml, .devcontainer/) also require a prompt before write. Workflow improvement: single-file grep/egrep/fgrep output now satisfies the read-before-edit check, removing a redundant Read step. Several background-session bugs fixed: sessions no longer drop chat history on resume from claude agents, claude --bg no longer fails with "socket missing" on cold-start under load, and keyboard unresponsiveness on Windows during heavy CPU load is resolved. Windows clipboard copy-on-select now uses PowerShell interop instead of OSC 52, fixing the issue in MobaXterm and similar terminals.

Release notes → Affects: /openclaw/, /openclaw/setup/, /openclaw/security/, /openclaw/configuration/, /claude-cowork/, /claude-cowork/setup/

Major batch of sandbox lifecycle fixes and features. NEMOCLAW_EXTRA_AGENTS_JSON lets operators bake secondary agents (with explicit tool-allow/deny policies and spawn limits) into the sandbox at onboard time — the primary main agent always remains first and cannot be displaced as default. A new nemoclaw <name> sessions / agents subcommand group adds CLI-level session and agent management (list, reset, delete; add, delete) without editing state files directly. Key bug fixes: Slack credentials now normalize from their openshell:resolve:env:* placeholder form before OpenClaw starts, preventing token-shape rejection at boot; policy preset selections now survive re-onboard and recreate without silently reverting to Balanced tier defaults; cancelling nemoclaw onboard at the policy preset step no longer leaves an orphaned registered-but-unconfigured sandbox. Docker-driver nemoclaw doctor no longer reports a false Gateway failure for the legacy k3s container. Per-agent documentation variants (OpenClaw and Hermes) are now live on the NemoClaw docs site, and the hidden internal:* command family is now documented in the CLI reference.

Commit log → Affects: /nemoclaw/, /nemoclaw/setup/, /nemoclaw/policy/, /nemoclaw/local-gpu/, /nemoclaw/switching-providers/, /nemoclaw/skills/

Stable release with incremental improvements from the v7.3.20 pre-release. An experimental kilo console command now opens the Kilo Console UI directly from the local daemon — no manual browser navigation required. Background-process port discovery is now limited to TUI startup, stopping unnecessary Bun subprocess polling mid-session. The VS Code extension now shows a retryable connection error (with unsent prompts preserved) when the background CLI process exits unexpectedly. The Changes review pane scroll position is preserved while agents are writing files.

Release notes → Affects: /kilocode/, /kilocode/setup/, /kilocode/orchestrator/

OpenAI's GPT-5.4 and GPT-5.5 models are now available in Amazon Bedrock via an OpenAI-compatible Responses API endpoint. AWS teams can call these models without a separate OpenAI API key or SDK — standard Bedrock credentials work. Supported models and feature coverage vary by AWS Region, so check the Bedrock docs for your region before building. No changes to existing OpenAI API consumers.

Release notes → Affects: /chatgpt/, /chatgpt/pricing/, /chatgpt/custom-gpts/

Two infrastructure fixes land in NemoClaw. Plugin version pinning is now enforced for messaging plugins: NemoClaw passes exact npm specs (npm:@openclaw/whatsapp@${OPENCLAW_VERSION}) plus the --pin flag at build time, preventing a known edge case where a newer plugin could be installed into an older OpenClaw runtime and silently fail peer-dependency checks — most relevant if you run pinned sandbox images. The second fix resolves a device-scope approval deadlock in the sandbox proxy: the openclaw devices approve subshell previously unset only OPENCLAW_GATEWAY_URL, leaving OPENCLAW_GATEWAY_PORT and OPENCLAW_GATEWAY_TOKEN in the environment; OpenClaw then fell back to the port-based gateway and errored with GatewayClientRequestError: scope upgrade pending approval. Both env vars are now cleared alongside the URL. No user-facing config changes required for either fix.

Commit log → Affects: /nemoclaw/, /nemoclaw/setup/, /nemoclaw/policy/, /nemoclaw/local-gpu/, /nemoclaw/switching-providers/, /nemoclaw/skills/

NemoClaw graduates from Alpha to Active development — the alpha banner and status badge are removed from all docs and the README. New nemoclaw <sandbox> skill remove <skill> command cleanly uninstalls skills from a running sandbox. Discord bridge now auto-enables when Discord is configured during nemoclaw onboard — previously required manually setting plugins.entries.discord.enabled. sandbox connect now validates NEMOCLAW_VLLM_MODEL up front and exits with a clear, actionable error for unknown slugs or gated models missing HF_TOKEN, instead of silently failing. Additional fixes: non-interactive curl | bash installer now self-re-execs via sg(1) to complete Docker group activation in one pass; bare inference set redirects gracefully to openshell instead of throwing an oclif error; nemoclaw debug --sandbox <unknown> exits non-zero and leaves no partial tarball; loopback gateway targets stay local and off the managed proxy.

Commit log → Affects: /nemoclaw/, /nemoclaw/setup/, /nemoclaw/policy/, /nemoclaw/local-gpu/, /nemoclaw/skills/

Internal infrastructure improvements only — no user-facing changes. Safe to update; no configuration or workflow changes required.

Release notes → Affects: /openclaw/, /openclaw/setup/, /claude-cowork/

Auto mode — which lets Claude dynamically choose its own thinking level — is now available on Bedrock, Vertex, and Foundry for Opus 4.7 and Opus 4.8. Enable it by setting CLAUDE_CODE_ENABLE_AUTO_MODE=1; no code changes required. Enterprise users on these three cloud providers now get the same performance envelope as direct-API users.

Release notes → Affects: /openclaw/, /openclaw/setup/, /openclaw/configuration/, /claude-cowork/, /claude-cowork/setup/

Major plugin and agent release. Plugins in .claude/skills now auto-load without a marketplace listing — claude plugin init <name> scaffolds a local plugin instantly. claude agents honors the agent field in settings.json, autocompletes skill names, and EnterWorktree can now switch between Claude-managed worktrees mid-session. Several bug fixes including background sessions losing the correct date after sleep/wake and orphaned worktrees after job retention sweeps.

Release notes → Affects: /openclaw/, /openclaw/setup/, /openclaw/skills-guide/, /openclaw/configuration/, /openclaw/security/, /claude-cowork/, /claude-cowork/skills-guide/

Minor pre-release patch: DeepSeek replaces GitHub Copilot in the Popular Providers list, and chat error styling gets a visual polish in the VS Code extension. No behavior or API changes — safe to install if you want the updated provider list.

Release notes → Affects: /kilocode/, /kilocode/setup/, /kilocode/models/

Big security and reliability patch wave. shields up now seals locked files with SHA-256 and shields status detects content tampering; the OpenClaw gateway auth token rotates on every rebuild — both are security fixes with no config change required. nemoclaw uninstall now preserves rebuild-backups and sandboxes.json by default (full purge still available via NEMOCLAW_UNINSTALL_DESTROY_USER_DATA=1). New nemoclaw <sandbox> channels status command surfaces WhatsApp QR/session state and connection health; Telegram DM allowlist aliases (TELEGRAM_AUTHORIZED_CHAT_IDS, TELEGRAM_CHAT_ID) now work correctly alongside the canonical TELEGRAM_ALLOWED_IDS. Hermes is officially no longer labeled experimental in NemoClaw docs — both OpenClaw and Hermes are now first-class agents.

Commit log → Affects: /nemoclaw/, /nemoclaw/setup/, /nemoclaw/policy/, /nemoclaw/local-gpu/

Extended prompt caching is now on by default for most API users. For organizations without Zero Data Retention (ZDR) enabled, prompt_cache_retention now defaults to 24h instead of in_memory across v1/responses, v1/chat/completions, and v1/batch. No code change required — existing calls automatically benefit from longer cache windows and lower latency on repeated prompts.

Release notes → Affects: /chatgpt/, /chatgpt/pricing/, /chatgpt/tips/

OpenAI updated chat-latest to point to the latest Instant model currently used in ChatGPT. For production API usage, GPT-5.5 remains the recommended model; chat-latest is intended for testing the latest chat improvements. The underlying snapshot will be regularly updated.

Release notes → Affects: /chatgpt/, /chatgpt/pricing/, /chatgpt/tips/

Hotfix for Opus 4.8 users: Claude Code was corrupting thinking blocks during responses, causing API errors. Anyone hitting cryptic API errors after upgrading to Opus 4.8 should update immediately. No other changes.

Release notes → Affects: /openclaw/, /openclaw/setup/, /claude-cowork/

Two same-day hotfixes for v0.15.0. The critical fix is the dashboard infinite-reload loop in loopback/Docker mode — v0.15.0 treated every 401 from the identity probe as a stale session token and full-page-reloaded forever (Firefox: "Navigated to /sessions" storm; Chrome: React re-render storm). v0.15.2 fixes packaging: bundled plugin.yaml manifests are now shipped in wheel and sdist, so pip installs get complete plugin metadata.

Release notes → Affects: /hermes/, /hermes/setup/, /hermes/tasks/

Cosmetic/UX patch: DeepSeek replaces GitHub Copilot in the Popular Providers list, and chat error styling gets a visual polish in the VS Code extension. No behavior changes or breaking API updates — safe to install if you want the cleaner error display.

Release notes → Affects: /kilocode/, /kilocode/setup/, /kilocode/models/

Opus 4.8 launches as the new default high-effort model — /effort xhigh selects it and it defaults to high effort. Dynamic workflows let Claude orchestrate tens to hundreds of background agents; run /workflows to view active runs. Fast mode on Opus 4.8 now costs 2× standard rate for 2.5× speed (dramatically cheaper than before). The lean system prompt is now the default for all models except Haiku, Sonnet, and Opus 4.7 and earlier. /simplify is reworked as a cleanup-only pass (reuse, simplification, efficiency) that applies fixes directly. claude agents gains ! <command> to run shell commands as detachable background sessions. Plugins can now declare defaultEnabled: false in their manifest.

Release notes → Affects: /openclaw/, /openclaw/setup/, /openclaw/skills-guide/, /openclaw/configuration/, /openclaw/cost-optimisation/, /claude-cowork/, /claude-cowork/setup/, /claude-cowork/system-prompts/, /claude-cowork/pricing/

GitHub/git plugin gains a skipLfs option to skip Git LFS downloads during clone and update — useful for repos with large binary assets you don't need. Claude now shows a one-time notice when the npm global install can't auto-update, with /doctor listing fixes. claude agents dispatch autocomplete now suggests native slash commands and bundled skills alongside project skills. Fixed: stateful MCP servers reconnect-looping on tools/list (regression from v2.1.147), Windows PowerShell installer falsely reporting success on failure, custom API gateway receiving the user's OAuth credential instead of the gateway token.

Release notes → Affects: /openclaw/, /openclaw/setup/, /openclaw/configuration/, /openclaw/security/, /claude-cowork/, /claude-cowork/setup/

The biggest Hermes release yet. run_agent.py — the 16,083-line agent conversation loop — is now 3,821 lines (-76%), split across 14 cohesive modules. Kanban grew into a real multi-agent platform over 104 PRs: orchestrator auto-decomposition, swarm topology, scheduled tasks, worktree-per-task, and per-task model overrides. Session search is 4,500× faster and now free. Promptware defense lands against Brainworm-class prompt injection attacks. Bitwarden Secrets Manager replaces per-provider API keys with one bootstrap token. Two new image_gen providers (Krea 2 Medium/Large, FAL ported to plugin). ntfy as the 23rd messaging platform. Deep xAI integration: Web Search plugin, xAI-OAuth proxy, retired-model detection + hermes migrate xai, and Grok execution guidance. 15 P0 + 65 P1 issues closed; 321 contributors.

Release notes → Affects: /hermes/, /hermes/setup/, /hermes/tasks/, /hermes/memory/, /hermes/mcp-tools/

DeepSeek now appears in the Popular Providers list instead of GitHub Copilot, reflecting actual user preference signals. Chat error messages in the VS Code extension get improved styling for readability.

Release notes → Affects: /kilocode/, /kilocode/setup/, /kilocode/models/

Mercury Next Edit ships as an opt-in autocomplete mode: predicts multi-line edits beyond the cursor (including off-cursor and pure-insertion edits) with Tab-to-jump / Tab-to-apply affordance. Available via Inception API key or via Kilo Gateway with no separate key required. Autocomplete model picker also gets a "Not set (use server default)" option that auto-tracks the recommended default — users previously pinned to the default are migrated automatically.

Release notes → Affects: /kilocode/, /kilocode/setup/, /kilocode/models/

An optional Hermes web dashboard is now exposed on port 9119 (separate from the API on port 8642) — enable with NEMOCLAW_HERMES_DASHBOARD=true. OpenClaw scope-upgrade approvals no longer route through the gateway proxy, fixing the stuck-approval bug (#4462). The /nemoclaw slash command now correctly registers at startup (regression with newer lazy-activation behavior). Telegram and Discord channels are now baked into generated openclaw.json at install time, fixing silent "no bridge" failures since OpenClaw 2026.5.22. Windows-host Ollama in WSL fails fast with an actionable message instead of a confusing install failure when Docker Desktop WSL integration isn't present. Five skills signing batches landed, publishing the NemoClaw official skills catalog with comprehensive docs and eval datasets.

Commit log → Affects: /nemoclaw/, /nemoclaw/setup/, /nemoclaw/policy/, /nemoclaw/local-gpu/, /nemoclaw/skills/, /nemoclaw/switching-providers/

/code-review --fix now applies review findings to your working tree after the review — reuse, simplification, and efficiency suggestions applied in one step. Skills and slash commands can now set disallowed-tools in frontmatter to block specific tools while the skill is active. New /reload-skills command rescans skill directories without restarting. SessionStart hooks can now set the session title via hookSpecificOutput.sessionTitle and return reloadSkills: true. A new MessageDisplay hook lets plugins transform or hide assistant message text as it displays. Auto mode no longer requires opt-in consent. Vim mode: / in NORMAL mode now opens reverse history search.

Release notes → Affects: /openclaw/, /openclaw/setup/, /openclaw/skills-guide/, /openclaw/configuration/, /openclaw/security/, /claude-cowork/, /claude-cowork/skills-guide/, /claude-cowork/system-prompts/

Adds WeCom (WeChat Work) as a new messaging channel. The Responses API now supports externally-provided tools. A logs download button lands in the gateway web UI, and Ctrl-S log download is available in the TUI Logs tab. A new IRONCLAW_DISABLE_CODEACT environment variable lets you revert to the classic CodeAct v1 engine if v2 causes issues. Fixed: Slack angle-link markdown emphasis rendering, NEAR AI API Key and model fetch in the configure UI.

Release notes → Affects: /ironclaw/, /ironclaw/setup/, /ironclaw/configuration/, /ironclaw/security/, /ironclaw/skill-allowlisting/

Per-agent model and variant overrides are now selectable from dropdowns in the orchestrator. Voice transcription auto-activates for Kilo provider users. Configure a default task subagent model and reasoning effort that safely inherits the parent model when the override is unavailable. Inline subagent streaming stays responsive during tool-heavy sessions. Explicit Mistral and Inception autocomplete options added. From v7.3.9 (pre-release): tracked background processes let agents start long-running dev servers with full lifecycle management, status, and logs across session changes — detected ports shown in the TUI sidebar.

Release notes → Affects: /kilocode/, /kilocode/setup/, /kilocode/models/, /kilocode/orchestrator/

/usage now shows a per-category breakdown of what's driving your limits — skills, subagents, plugins, and per-MCP-server cost. /diff detail view is now keyboard-scrollable (arrows, j/k, PgUp/PgDn, Home/End). GFM task list checkboxes (- [ ] / - [x]) now render as real checkboxes instead of bullets. Security fix: PowerShell built-in cd variants (cd.., cd~, drive letters) could silently change the working directory outside the approved workspace — now blocked. Also in v2.1.148: hotfix for the Bash tool returning exit code 127 on every command for some users (regression from v2.1.147).

Release notes → Affects: /openclaw/, /openclaw/setup/, /openclaw/security/, /openclaw/cost-optimisation/, /openclaw/configuration/, /claude-cowork/, /claude-cowork/setup/

Pinned background sessions (Ctrl+T in claude agents) now stay alive when idle and are restarted in-place for updates — shed under memory pressure only after non-pinned sessions. /simplify is renamed to /code-review with configurable effort levels (e.g. /code-review high); pass --comment to post findings as inline GitHub PR comments. Auto-updater gains retry logic for transient network failures and better OS-level error reporting. Prompt history no longer records consecutive duplicates.

Release notes → Affects: /openclaw/, /openclaw/setup/, /openclaw/skills-guide/, /openclaw/configuration/, /claude-cowork/, /claude-cowork/setup/

/simplify is renamed to /code-review with an optional effort level (e.g. /code-review high). The Windows PowerShell "command line is invalid" regression from v2.1.124 is fixed. MCP servers no longer drop paginated resources past page 1 on resources/list, resources/templates/list, and prompts/list. Background sessions stop re-prompting for tool permissions you already granted with "don't ask again," and CLAUDE_CODE_SUBAGENT_MODEL is now forwarded to child processes in multi-agent sessions. Windows Terminal full-screen strobing in attached background sessions is also resolved.

Release notes → Affects: /openclaw/, /openclaw/setup/, /openclaw/skills-guide/, /openclaw/configuration/, /openclaw/security/, /claude-cowork/, /claude-cowork/setup/, /claude-cowork/skills-guide/

Five pre-release patches shipped today (v7.3.2–v7.3.6). The headline: file @-mentions now render as styled chips with click-to-open in both the chat input and sent messages — atomic backspace removal and arrow-key skipping included. Session history search auto-focuses when the panel opens. VS Code local CLI reconnect flapping while the event stream is unavailable is fixed, and Agent Manager diff previews stuck on "Loading…" are resolved. Tree-sitter WASM resources are now resolved correctly in packaged CLI and VS Code builds.

Release notes → Affects: /kilocode/, /kilocode/setup/, /kilocode/models/, /kilocode/orchestrator/

Homebrew is now pre-installed in the sandbox base image — the brew policy preset finally works end-to-end without any manual bootstrap step (#3913). python now resolves to python3 in the sandbox, fixing bare python agent tool calls. Discord traffic is routed through a loopback proxy for correct Gateway/WebSocket handling. A new dashboard-url command prints the authenticated dashboard URL on demand. Managed vLLM is now shown by default on DGX Spark and DGX Station hardware. Hermes rc rewrites after capability drop are fixed.

Commit log → Affects: /nemoclaw/, /nemoclaw/setup/, /nemoclaw/local-gpu/, /nemoclaw/policy/, /nemoclaw/skills/

claude agents --json now lists all live sessions as JSON, making it scriptable for tmux-resurrect, status bars, and session pickers. The /plugin Discover and Browse screens show a plugin's full manifest — commands, agents, skills, hooks, MCP/LSP servers — before you install. Security fix: bare variable assignments to non-allowlisted env vars in Bash commands were being auto-approved; that bypass is now closed. Also fixed: spinner/timer freezing after terminal resize, cross-project resume hint on Windows PowerShell 5.1, voice push-to-talk in agent view, and task lists rendering in random order.

Release notes → Affects: /openclaw/, /openclaw/setup/, /openclaw/security/, /openclaw/configuration/, /claude-cowork/, /claude-cowork/setup/, /claude-cowork/skills-guide/

/resume now includes background sessions started via claude --bg or agent view, shown with a bg label. /model now applies to the current session only — press d in the picker to set a default for new sessions. Startup hang of up to 75s when api.anthropic.com is unreachable (captive portal, firewall, VPN) is fixed — side-channel API calls now time out after 15s. "Extra usage" has been renamed to "usage credits" everywhere; /usage-credits replaces /extra-usage (old slash command still works). The /plugin browse pane now shows when a plugin was last updated.

Release notes → Affects: /openclaw/, /openclaw/setup/, /openclaw/configuration/, /openclaw/cost-optimisation/, /claude-cowork/, /claude-cowork/setup/, /claude-cowork/pricing/

Model picker sections (Favorites, Recommended, and per-provider groups like Kilo Gateway) are now collapsible — click any section header to hide its models; state resets each time the picker opens. Speech-to-text voice input is now supported in Agent Manager inline review comments. You can now export full VS Code session transcripts as Markdown files via the new export action.

Release notes → Affects: /kilocode/, /kilocode/setup/, /kilocode/models/

Windows WSL express install now supported: the installer routes WSL users to Windows-host Ollama setup, matching the guided non-interactive path on DGX platforms. AWS Bedrock Runtime custom endpoints are now auto-detected through the existing "Anthropic-compatible endpoint" flow — no new provider selection needed. Network policy docs clarified: TUI approvals are session-only and do not persist across sandbox restarts; persistent policy guidance is now linked prominently. A new PR Review Advisor workflow was added for NemoClaw-aware code review signals.

Commit log → Affects: /nemoclaw/, /nemoclaw/setup/, /nemoclaw/local-gpu/, /nemoclaw/switching-providers/, /nemoclaw/policy/

The Foundation Release. pip install hermes-agent now works from PyPI — Hermes installs and runs anywhere. xAI Grok lands as a SuperGrok OAuth provider with grok-4.3 at a 1M context window. A new OpenAI-compatible local proxy lets Codex, Aider, Cline, and Continue hit any OAuth-authed Hermes provider (Claude Pro, ChatGPT Pro, SuperGrok) without API keys. X (Twitter) search is now a first-class tool. Microsoft Teams is wired end-to-end. Cold start cut by ~19 seconds; browser CDP calls are 180× faster. LINE and SimpleX Chat bring the total messaging platform count to 22. Cross-session 1-hour Claude prompt caching and native Windows beta also ship in this release.

Release notes → Affects: /hermes/, /hermes/setup/, /hermes/tasks/, /hermes/memory/, /hermes/mcp-tools/

A collapsible sidebar lands in Agent Manager — the toggle button sits left of the tab title, collapsed state persists across reloads, and starting a new session automatically reopens it. Auto-compaction threshold is now configurable as a percentage so long sessions compact before the context window fills. Shell command output now gets syntax highlighting via Shiki, with labeled Command/Output sections, per-section copy buttons, and "Open in Editor" for full untruncated output. Experimental speech-to-text voice input in VS Code prompt fields via Kilo Gateway also ships.

Release notes → Affects: /kilocode/, /kilocode/setup/, /kilocode/orchestrator/

Fixes a regression where chat-driven tool_install was double-invoking with an auto-approve footgun — the extension install flow is now restored to correct behavior. Provider-specific auth, model fetch, and embeddings config are now hidden behind clean facades, reducing surface area for misconfiguration. Two auth-matrix E2E tests are unxfailed now that the contract matches.

Release notes → Affects: /ironclaw/, /ironclaw/skill-allowlisting/, /ironclaw/configuration/

The Tenacity Release. Multi-agent Kanban ships: spin up a durable board, drop tasks on it, and let multiple Hermes workers pick them up with heartbeats, reclaim, zombie detection, retry budgets, and a hallucination gate. /goal keeps the agent locked on a target across turns (Ralph loop). Security wave closes 8 P0s: redaction is now ON by default, Discord role-allowlists are guild-scoped, WhatsApp rejects strangers by default, and TOCTOU windows close across auth.json and MCP OAuth. Google Chat becomes the 20th supported messaging platform. Seven i18n locales ship.

Release notes → Affects: /hermes/, /hermes/setup/, /hermes/tasks/, /hermes/memory/

The Reborn integration substrate lands on main — a major architectural overhaul introducing host foundation crates, a capability host, runtime dispatcher, process lifecycle management, and structured boundaries for filesystem, secrets, network, and extension manifest registry. A WIT-compatible WASM tool runtime is added. Host-controlled trust-class policy engine introduced. All extension and skill interactions now route through structured capability contracts, significantly hardening the security model.

Release notes → Affects: /ironclaw/, /ironclaw/setup/, /ironclaw/security/, /ironclaw/skill-allowlisting/, /ironclaw/vs-openclaw/

Plugin dependency enforcement gets smarter: claude plugin disable refuses if another enabled plugin depends on the target and shows a copy-pasteable disable-chain hint; claude plugin enable now auto-enables transitive dependencies. The /plugin marketplace browse pane adds projected context cost (per-turn and per-invocation token estimates). New worktree.bgIsolation: "none" setting lets background sessions edit the working copy directly without creating a worktree. PowerShell now passes -ExecutionPolicy Bypass by default — opt out with CLAUDE_CODE_POWERSHELL_RESPECT_EXECUTION_POLICY=1. Key fixes: stop hooks that blocked repeatedly no longer loop forever (capped at 8 blocks with a warning); right-click paste in claude agents on Windows Terminal and WSL restored; agent view no longer spawns repeated PowerShell processes on Windows; /goal evaluator no longer fires while background shells or subagents are still running.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/, /claude-cowork/skills-guide/, /claude-cowork/system-prompts/, /claude-cowork/pricing/

claude agents gains 8 new flags (--add-dir, --settings, --mcp-config, --plugin-dir, --permission-mode, --model, --effort, --dangerously-skip-permissions) so you can fully configure dispatched background sessions from the command line. Fast mode now defaults to Opus 4.7 (previously 4.6); set CLAUDE_CODE_OPUS_4_6_FAST_MODE_OVERRIDE=1 to pin back. Key fixes: MCP_TOOL_TIMEOUT now correctly raises the per-request fetch timeout (was hard-capped at 60 s regardless of config); background sessions can find pre-existing git worktrees again; daemon no longer crash-loops after macOS sleep/wake or after a binary upgrade.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/, /claude-cowork/skills-guide/, /claude-cowork/system-prompts/, /claude-cowork/pricing/

Hooks gain a new terminalSequence field to emit desktop notifications, window titles, and bells even without a controlling terminal. CLAUDE_CODE_PLUGIN_PREFER_HTTPS env var added for HTTPS plugin cloning in environments without a GitHub SSH key. The Rewind menu adds "Summarize up to here" to compress earlier context while keeping recent turns. Background agents launched via /bg or ←← now preserve the current permission mode instead of reverting to default. /feedback can now include sessions from the last 24 h or 7 days for cross-session issues.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/, /claude-cowork/skills-guide/, /claude-cowork/system-prompts/, /claude-cowork/pricing/

Agent tool subagent_type matching is now case- and separator-insensitive — "Code Reviewer" resolves to code-reviewer automatically. /goal no longer silently hangs when hooks are restricted; it now shows a clear message instead of an unresolvable indicator. Fixes: symlinked settings files no longer cause spurious ConfigChange hooks; claude --bg no longer fails with "connection dropped mid-request" when the background service was about to idle-exit; Windows event-loop stall from missing executables (e.g. gh) resolved.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/, /claude-cowork/skills-guide/, /claude-cowork/system-prompts/, /claude-cowork/pricing/

Adds Agent View (claude agents) — a unified list of every Claude Code session across running, blocked, and done states. Introduces /goal for autonomous multi-turn execution until a condition is met, hook continueOnBlock so PostToolUse rejections feed back to the model instead of halting, and exec-form args: string[] for path-safe hook spawning without a shell. MCP stdio servers now receive CLAUDE_PROJECT_DIR matching hooks; /mcp Reconnect picks up .mcp.json edits without a restart.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/, /claude-cowork/skills-guide/, /claude-cowork/system-prompts/, /claude-cowork/pricing/

Internal fixes only — no user-facing changes. Safe to upgrade; nothing to review or reconfigure.

Release notes → Affects: /claude-cowork/

Hotfix — resolves the VS Code extension failing to activate on Windows. Upgrade immediately if you are on Windows and the extension stopped loading.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/

Large stability release with 15+ fixes. MCP servers no longer silently disappear after /clear in VS Code, JetBrains, and the Agent SDK. Concurrent OAuth token refresh is now race-safe, ending the daily re-authentication loop for users with multiple remote MCP servers. WSL2 users can now paste images from the Windows clipboard via a PowerShell fallback. New settings.autoMode.hard_deny lets admins set unconditional classifier blocks regardless of user intent, and CLAUDE_CODE_ENABLE_FEEDBACK_SURVEY_FOR_OTEL re-enables session quality surveys for enterprise OpenTelemetry setups.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/, /claude-cowork/skills-guide/, /claude-cowork/system-prompts/, /claude-cowork/pricing/

Adds worktree.baseRef (fresh | head) to control whether new worktrees branch from origin/<default> or local HEAD. Note: the default fresh reverts EnterWorktree behavior introduced in 2.1.128 — set worktree.baseRef: "head" to keep unpushed commits in new worktrees. Hooks now receive the active effort level via effort.level JSON and $CLAUDE_EFFORT. The new parentSettingsBehavior admin key (first-wins | merge) lets admins opt managed settings into the policy merge. Multiple credential race conditions and MCP proxy fixes included.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/, /claude-cowork/skills-guide/, /claude-cowork/system-prompts/

Adds CLAUDE_CODE_SESSION_ID to Bash tool subprocess environments (now matches the session_id passed to hooks) and CLAUDE_CODE_DISABLE_ALTERNATE_SCREEN=1 to opt out of the fullscreen renderer and keep output in the terminal's native scrollback. External SIGINT (IDE stop button, kill -INT) now triggers graceful shutdown — terminal modes are restored and --resume is printed instead of an abrupt exit. Fixes --permission-mode being ignored on -p --resume, blank fullscreen after sleep/wake, and --resume crashing on sessions containing split emoji.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/, /claude-cowork/skills-guide/

Hotfix — resolves two regressions: VS Code extension failing to activate on Windows (hardcoded createRequire polyfill path in the bundled SDK), and Mantle endpoint authentication failing with a missing x-api-key header. Upgrade immediately if either issue affects you.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/

Adds --plugin-url <url> to fetch a plugin .zip archive from a URL for the current session. The Ctrl+R history picker returns to pre-2.1.124 behavior: searches all projects by default, with Ctrl+S to narrow to the current project. Gateway /v1/models discovery is now opt-in via CLAUDE_CODE_ENABLE_GATEWAY_MODEL_DISCOVERY=1. The skillOverrides setting is now active — off, user-invocable-only, and name-only modes work as documented. Third-party deployments (Bedrock, Vertex, Foundry) no longer see Anthropic-only spinner tips.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/, /claude-cowork/skills-guide/, /claude-cowork/system-prompts/

Bare /color now picks a random session color; /mcp shows per-server tool counts and flags servers that connected with 0 tools. --plugin-dir now accepts .zip archives. Breaking: workspace is now a reserved MCP server name — rename any existing server that uses it. EnterWorktree is fixed to branch from local HEAD as documented (unpushed commits no longer dropped). OTEL_* env vars no longer leak into Bash, hook, MCP, or LSP subprocesses.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/, /claude-cowork/skills-guide/, /claude-cowork/system-prompts/, /claude-cowork/pricing/

Substantial release with major Windows and auth improvements. /model picker now lists models from a gateway's /v1/models endpoint when using ANTHROPIC_BASE_URL. New claude project purge [path] deletes all project state (transcripts, tasks, file history) with --dry-run, -y, and --all flags. claude auth login now accepts an OAuth code pasted directly in the terminal — key fix for WSL2, SSH, and container environments. Windows: PowerShell 7 is now detected from MS Store, MSI, and .NET tool installs, and is treated as the primary shell when the PowerShell tool is enabled. Auto mode spinner turns red when a permission check stalls. Security: allowManagedDomainsOnly bypass fixed.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/, /claude-cowork/skills-guide/, /claude-cowork/system-prompts/, /claude-cowork/pricing/

Hotfix — resolves OAuth authentication failing with a 401 retry loop when CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS=1 is set. Patch-only; safe to upgrade immediately.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/

Bedrock users gain a new ANTHROPIC_BEDROCK_SERVICE_TIER env var (default, flex, or priority) to control service tier. /resume now finds the session that created a PR when you paste a GitHub, GitLab, or Bitbucket PR URL into the search box. /mcp surfaces claude.ai connectors previously hidden by a manually-added server with the same URL. Key bug fixes: /branch fork failures from rewound timelines, /model Effort option missing for Bedrock ARNs, Vertex AI 400 errors on count_tokens behind proxy gateways, and ToolSearch missing MCP tools that connected after session start.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/, /claude-cowork/skills-guide/, /claude-cowork/system-prompts/

New alwaysLoad option on MCP server config bypasses tool-search deferral so all tools from that server are always available without a ToolSearch call. claude plugin prune removes orphaned auto-installed plugin dependencies. /skills gains a type-to-filter search box. PostToolUse hooks can now replace tool output for any tool (previously MCP-only). Fullscreen scroll no longer jumps to the bottom when typing after scrolling up; overflow dialogs are now keyboard-scrollable. MCP servers that error on startup auto-retry up to 3 times. /terminal-setup now enables iTerm2 clipboard access so /copy works from tmux.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/, /claude-cowork/skills-guide/, /claude-cowork/system-prompts/

Maintenance patch — changelog housekeeping only, no user-facing changes. Safe to upgrade; no action required.

Release notes → Affects: /claude-cowork/

Major release. /config settings (theme, editor mode, verbose, etc.) now persist to ~/.claude/settings.json and participate in project/local/policy override precedence — a behavioral shift for anyone relying on ephemeral config. --from-pr now accepts GitLab MRs, Bitbucket PRs, and GitHub Enterprise URLs. PostToolUse hooks now include duration_ms, PowerShell commands can be auto-approved like Bash, and --print mode now honors agent frontmatter tools:/disallowedTools:. Slash command UI improved: descriptions wrap instead of truncating, matched characters highlight.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/, /claude-cowork/skills-guide/, /claude-cowork/system-prompts/, /claude-cowork/pricing/

Vim visual mode (v/V) lands with full selection, operators, and visual feedback. /cost and /stats are merged into /usage (both still work as shortcuts). Custom themes are now editable JSON files in ~/.claude/themes/, createable via /theme; plugins can ship themes too. Hooks gain the ability to invoke MCP tools directly via type: "mcp_tool". New DISABLE_UPDATES env var blocks all update paths — stricter than the existing DISABLE_AUTOUPDATER. WSL users can inherit Windows-side managed settings via wslInheritsWindowsSettings.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/, /claude-cowork/skills-guide/, /claude-cowork/system-prompts/

/resume now offers to summarize large stale sessions before reloading — saves context on bloated histories. Concurrent MCP server connect is now the default (was opt-in). Plugin installs now auto-resolve missing dependencies from configured marketplaces, and managed-settings blockedMarketplaces/strictKnownMarketplaces are enforced across install, update, refresh, and autoupdate. Agent frontmatter mcpServers now loads for main-thread --agent sessions.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/, /claude-cowork/skills-guide/, /claude-cowork/system-prompts/

Large session /resume is up to 67% faster on 40 MB+ histories. MCP startup time reduced — resources/templates/list is now deferred to the first @-mention. /terminal-setup now configures scroll sensitivity for VS Code, Cursor, and Windsurf for smoother fullscreen scrolling. The thinking spinner shows inline progress ("still thinking", "thinking more", "almost done"). Security fix: sandbox auto-allow no longer bypasses dangerous-path checks for rm/rmdir targeting /, $HOME, or other critical system directories.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/, /claude-cowork/skills-guide/, /claude-cowork/system-prompts/, /claude-cowork/pricing/

Patch release targeting multi-agent team setups. Fixes a crash in the permission dialog triggered when a teammate agent requested tool permission — affects anyone running agent teams with shared tool grants. Safe to upgrade immediately.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/

Substantial release. The CLI now launches a native per-platform binary instead of bundled JavaScript, improving startup performance. Security hardening: new sandbox.network.deniedDomains setting blocks specific domains even under wildcard allowlists; macOS /private/{etc,var,tmp,home} paths are now protected from wildcard rm rules; bash deny rules now catch commands wrapped in env/sudo/watch. Also: /loop Esc cancels pending wakeups, /extra-usage and @-file autocomplete now work from Remote Control clients, and subagents that stall mid-stream timeout cleanly after 10 minutes.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/, /claude-cowork/skills-guide/, /claude-cowork/system-prompts/, /claude-cowork/pricing/

Hotfix — resolves the "claude-opus-4-7 is temporarily unavailable" error that blocked auto-mode users on Opus 4.7. Patch-only release, no behavioral changes.

Release notes → Affects: /claude-cowork/

Feature-heavy release. Opus 4.7 gains an xhigh effort level (between high and max), and /effort now opens an interactive slider instead of requiring arguments. Auto mode is available to Max subscribers on Opus 4.7 without any flag. New /ultrareview command runs parallel multi-agent code review in the cloud — invoke with no args for the current branch or /ultrareview <PR#> for a specific PR. New /less-permission-prompts skill audits transcripts and proposes settings.json allowlist entries. Windows users get a progressive PowerShell tool rollout. Read-only bash commands and cd <project-dir> && prefixes no longer trigger permission prompts.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/, /claude-cowork/skills-guide/, /claude-cowork/system-prompts/, /claude-cowork/pricing/

Claude Code v2.1.110 ships a new /tui command for flicker-free fullscreen rendering and splits the Ctrl+O keybinding — focus view is now a separate /focus command. A push notification tool is added for Remote Control users, letting Claude send mobile alerts when configured. Quality-of-life improvements include better plugin management sorting, MCP multi-scope conflict detection in /doctor, and --resume/--continue now resurrecting unexpired scheduled tasks.

Release notes → Affects: /claude-cowork/, /claude-cowork/setup/, /claude-cowork/skills-guide/, /claude-cowork/system-prompts/, /claude-cowork/pricing/

Claude Code v2.1.109 introduces updates to the Claude Code CLI for AI agent development workflows. Review the official release notes for specific feature additions, bug fixes, and breaking changes. Developers using Claude Code should check compatibility requirements for their current projects before upgrading.

Release notes → Affects: /claude-cowork/

Claude Code 2.1.108 ships with improved hook reliability, faster skill loading, and a fix for long-running background tasks. Incremental release — safe upgrade.

Release notes → Affects: /claude-cowork/, /setup/, /skills-guide/

GPT-5.1 lands in the ChatGPT platform with expanded context window, tool-use improvements, and a new Structured Outputs mode. Pricing unchanged.

Changelog → Affects: /chatgpt/, /pricing/, /custom-gpts/

OpenClaw 2.3 introduces native MCP tool passthrough, an overhauled skill sandboxing model, and first-class Windows support without WSL. Major release — review setup and security guides.

Release notes → Affects: /openclaw/, /setup/, /skills-guide/, /security/, /configuration/

Hermes 1.2 adds persistent memory backends (SQLite, Postgres, Redis) and a revamped task scheduler. Existing memory migrations are handled automatically on first start.

Release notes → Affects: /hermes/, /memory/, /tasks/

IronClaw 0.9 lands the Rust-based TEE runtime in beta and tightens the skill allowlist model. Breaking config change for anyone on 0.8 — see migration notes.

Release notes → Affects: /ironclaw/, /setup/, /security/, /skill-allowlisting/

NemoClaw 1.8 adds one-click provider switching, improved local GPU detection, and an expanded policy DSL. Breaking change to the policy file schema — upgrade guide linked below.

Release notes → Affects: /nemoclaw/, /policy/, /switching-providers/, /local-gpu/