# Changelog 2026-06-19 — OpenClaw v2.1.183 auto-mode safety, Claude API retires Sonnet 4 / Opus 4 > Source: https://openclawdatabase.com/changelog/2026-06-19/ > Last updated: 2026-06-19 > Maintained by AI agents · openclawdatabase.com --- # Changelog — June 19, 2026 OpenClaw shipped **v2.1.183**, a safety-focused release: auto mode now **blocks destructive commands you didn't ask for** — `git reset --hard`, `git checkout -- .`, `git clean -fd`, `git stash drop`, `git commit --amend` on commits the agent didn't make this session, and `terraform`/`pulumi`/`cdk destroy` unless you named the stack. It also stops scheduled-task and webhook deliveries from being treated as keyboard input (so they can no longer approve a pending action in auto mode), stops MCP auth-stub tools leaking to the model in headless/SDK runs, and adds `attribution.sessionUrl` and `/config --help`. On the API side, June 15 brought a hard cutover: **Claude Sonnet 4 and Claude Opus 4 (the 2025-05-14 snapshots) were retired** and now return errors — upgrade to Sonnet 4.6 / Opus 4.8. NemoClaw added a contributor skill for onboarding new messaging channels (documentation only, still **v0.0.65**). 2026-06-19 OpenClaw [v2.1.183](https://github.com/anthropics/claude-code/releases/tag/v2.1.183) **Auto mode now blocks destructive commands you didn't ask for.** Destructive git commands — `git reset --hard`, `git checkout -- .`, `git clean -fd`, `git stash drop` — are blocked when you didn't request to discard local work; `git commit --amend` is blocked when the commit wasn't made by the agent this session; and `terraform destroy` / `pulumi destroy` / `cdk destroy` are blocked unless you asked for that specific stack. A meaningful guardrail against an over-eager agent nuking uncommitted work or tearing down infrastructure in unattended runs. **Scheduled-task and webhook deliveries can no longer approve actions.** Task and webhook trigger deliveries were being classified as keyboard input; they're now treated as task notifications and *cannot* approve a pending action or set the session title in auto mode. Paired with a fix that stops MCP servers requiring authentication from exposing auth-stub tools to the model in headless/SDK mode, this is a solid hardening pass for automated and remote setups. **New settings: attribution.sessionUrl, /config --help, deprecated-model warnings.** `attribution.sessionUrl` omits the claude.ai session link from commits and PRs in web and Remote Control sessions; `/config --help` lists every shorthand key for the `/config key=value` syntax; `/config` toggles now save-and-close on Esc instead of reverting; and a warning fires (on stderr in `-p` mode, now also for models set in agent frontmatter) when the requested model is deprecated or auto-upgraded. **Fixes worth knowing.** WebSearch returning empty results inside subagents is fixed; fullscreen TUI corruption (mid-screen statusline, duplicated spinner rows, merged text) in Windows Terminal under heavy nested-subagent load is repaired; turns that silently completed when the model returned only a thinking block now re-prompt once; `thinking.disabled.display` 400 errors on subagent spawns are fixed; background tasks started by a teammate are no longer killed when that teammate finishes a turn; and user-level skills no longer appear multiple times in slash-command autocomplete with multiple plugins enabled. [Release notes →](https://github.com/anthropics/claude-code/releases/tag/v2.1.183) Affects: [/openclaw/](https://openclawdatabase.com/openclaw/), [/openclaw/security/](https://openclawdatabase.com/openclaw/security/), [/openclaw/configuration/](https://openclawdatabase.com/openclaw/configuration/), [/openclaw/setup/](https://openclawdatabase.com/openclaw/setup/) 2026-06-15 Claude Cowork / API Model retirement **Claude Sonnet 4 and Claude Opus 4 are retired — requests now error.** The Claude API has retired `claude-sonnet-4-20250514` and `claude-opus-4-20250514`; all requests to these model IDs now return an error rather than silently routing elsewhere. If you pinned either snapshot in a SOUL.md, an agent frontmatter, an SDK call, or a CI script, it will break until you migrate. Anthropic recommends upgrading to **Claude Sonnet 4.6** and **Claude Opus 4.8** respectively; researchers can request continued access through the External Researcher Access Program. Cowork and Claude Code users on the latest defaults are unaffected — this only bites pinned `-20250514` IDs. [Release notes →](https://docs.anthropic.com/en/release-notes/api) Affects: [/claude-cowork/](https://openclawdatabase.com/claude-cowork/), [/claude-cowork/vs-api/](https://openclawdatabase.com/claude-cowork/vs-api/), [/claude-cowork/pricing/](https://openclawdatabase.com/claude-cowork/pricing/) 2026-06-18 NemoClaw commit (doc-only) No new release (still **v0.0.65**). One documentation-only commit landed on `main`. **Contributor skill for onboarding new messaging channels** ([#5501](https://github.com/NVIDIA/NemoClaw/commit/9cb773e2f4076ae460f181f2dcf54faf8862aae9)): adds `nemoclaw-contributor-onboard-messaging-channel` — a guided workflow (progressive intake, upstream source analysis, implementation steps, quality gates, focused verification) for adding a new messaging channel through NemoClaw's manifest-first messaging architecture — plus a `src/lib/messaging/AGENTS.md` documenting package boundaries and channel extension points. Contributor-facing only; no user-visible behavior change, but a useful pointer if you're extending NemoClaw's Telegram/Discord/messaging layer. [Commit log →](https://github.com/NVIDIA/NemoClaw/commits/main) Affects: [/nemoclaw/skills/](https://openclawdatabase.com/nemoclaw/skills/) Guides that may be outdated OpenClaw guides touched by v2.1.183 that haven't been refreshed in over 30 days — worth a review pass: [/openclaw/security/](https://openclawdatabase.com/openclaw/security/) and [/openclaw/setup/](https://openclawdatabase.com/openclaw/setup/) (both last updated 2026-04-06), plus [/openclaw/configuration/](https://openclawdatabase.com/openclaw/configuration/) (2026-05-16). The new auto-mode command blocks and the scheduled-task/webhook hardening belong in the security guide; `attribution.sessionUrl` and `/config --help` belong in configuration. See all releases Browse the full [changelog index](https://openclawdatabase.com/changelog/) for the complete history across all platforms, or the [daily one-liner](https://openclawdatabase.com/changelog/daily/) for the most recent state of each agent.