Skip to content

🦞 OpenClaw Ecosystem Digest 2026-05-02 #2

Open
Open
🦞 OpenClaw Ecosystem Digest 2026-05-02#2
Labels
openclaw-en
@bkutasi

Description

@bkutasi
bkutasi
opened on May 1, 2026

OpenClaw Ecosystem Digest 2026-05-02

Issues: 251 | PRs: 500 | Projects covered: 12 | Generated: 2026-05-01 18:46 UTC

OpenClaw Deep Dive

OpenClaw Project Digest — 2026-05-02

1. Today's Overview

OpenClaw enters a high-turbulence phase following the v2026.4.29 release, with 251 issues and 500 PRs updated in the last 24 hours. While the new release delivers substantial messaging improvements (active-run steering, subagent routing metadata, heartbeat reminders), the update has surfaced critical regressions in plugin loading, channel stability, and embedded agent latency. The development team is responding with a major architectural refactor of the plugin dependency system to address the root causes of these runtime failures. The sheer volume of activity — 485 open PRs — demonstrates a massive, highly engaged contributor base, though it also highlights a growing bottleneck in the review pipeline.

2. Releases

Two releases published: v2026.4.29 (stable) and v2026.4.29-beta.4 (identical changelog).

Changelog Highlights (v2026.4.29)

  • Messaging & Automation:
    • Active-run steering enabled by default
    • Visible-reply enforcement for messaging channels
    • Spawned subagents now carry routing metadata
    • Opt-in follow-up commitments for heartbeat-delivered reminders
  • Memory improvements (full log truncated in source data)
  • Acknowledgements: @vincentkoc, @scoootscooob, @samzong, @vignesh07

Implicit Migration Notes (from community reports)

No formal migration guide was published. Users have identified several breaking edge cases:

  • #75720: Auto-onboarding plugin presets unconditionally overwrite user-set agents.defaults.model.primary
  • #75502: Downgrading from 4.29 fails due to stale file-transfer entry in ~/.openclaw/plugins/installs.json
  • #74271: OPENCLAW_GATEWAY_TOKEN in .env silently overrides gateway.auth.token in local mode

3. Project Progress

Merged/Closed PRs (15 total updated):

  • #75765 (CLOSED) — Structured Heartbeat Responses: Added structured heartbeat and Codex tool reply handling, significantly improving background agent reliability.
  • #75775 (CLOSED) — Docs Fix: Aligned memory search cache defaults documentation with actual runtime configuration.
  • #75205 (CLOSED) — Codex Hardening: Maintainer tracking issue resolved for app-server terminal notification stabilization.
  • #74044 (CLOSED) — Discord Flapping: Regression fix for Discord provider on arm64 platforms.

Active Advances in Open PRs:

  • Plugin System Overhaul: #75721 (XL) — massive refactor to simplify plugin dependency handling, eliminating the error-prone bundled runtime dep staging cycle
  • Config Flexibility: #75511 — adds plugins.installBundledRuntimeDeps: false opt-out knob
  • Plugin SDK Evolution (series from @100yenadmin):
    • #75609 — Project session extension slots
    • #75581 — Host-mediated session attachments
    • #75588 — Scheduled session turns
    • #75605 — Derived tool target paths for hooks
  • Observability: #74783 — Gateway health connection telemetry (WebSocket ping/pong RTT)
  • Webchat Reliability: #75776 (XL) — Hardening main webchat against duplicates and paste bugs

4. Community Hot Topics

Most Discussed Issues

Issue Title Comments Reactions
#73323 Gateway runtime degradation (pricing, RPC, Telegram timeouts) 14 1 👍
#53628 ${XDG_CONFIG_HOME} not processed in skill install 12 0 👍
#73303 Gateway restart hangs ~3-4 min on macOS 12 2 👍
#75412 Active-memory embedded runs incur 16-18s overhead 8 2 👍
#75650 v2026.4.29 embedded agent latency 40-47s 8 2 👍

Most Supported (Reactions)

Issue Title 👍 Comments
#75623 Slack/Telegram crash: json5 missing in v2026.4.29 5 4
#75687 Windows Telegram broken .24 through .29 2 2
#75501 Skills Watcher EMFILE (too many open files) 2 2
#75340 openclaw status CLI missing bundled runtime deps 2 2

Underlying Needs Analysis

The community is unified in a single message: Stability over velocity. The rapid release cadence has created widespread adoption pain. Users consistently demand:

  1. Root-cause fixes for plugin loading (the cache-key mismatch, staging overhead, dependency resolution issues)
  2. Platform parity (Windows/Telegram users report feeling abandoned)
  3. Reliable embedded/memory agent performance (the 40s+ latency cluster is a P0 blocking multi-plugin users)

5. Bugs & Stability (Ranked by Severity)

P0 / Critical (Blocks usage, causes data loss, or drives cost spikes)

Issue Title Impact
#75520 Cache-key mismatch: full plugin reload on every embedded message 20-70s per turn
#75650 v2026.4.29 embedded agent latency 40-47s Active cluster with #75412 / #75520
#75501 Skills Watcher EMFILE crash Process crash on startup
#75687 Windows Telegram broken .24 through .29 Platform abandonment
#74907 Multi-tool turn replay orphaned blocks Anthropic API 400 errors
#73182 Reasoning default silently flipped to ON Doubled costs for Claude users
#75357 Zero token usage logged for streaming endpoints Data analytics broken

High / Regressions

Issue Title Impact
#75623 Slack/Telegram json5 missing in v2026.4.29 Channel crash-loop
#74209 Default bundled plugins block gateway startup Linux usability
#73323 Multi-subsystem network/timer degradation Chronic Windows issue
#75137 TUI consumes 89-99% CPU at idle Resource exhaustion
#71992 Webchat duplicates every assistant reply UX regression
#74286 Sub-agent completion floods parent without context Logic errors

Fix PRs in Flight

  • #75773: Fix WhatsApp HTTP 428 crash-loop
  • #75779: Fix agent NO_REPLY prompting in tool turns
  • #75511: installBundledRuntimeDeps: false escape hatch
  • #75721: Comprehensive plugin dep architecture refactor

6. Feature Requests & Roadmap Signals

Predictions for v2026.5.x (Next Release)

  1. Plugin System Architecture Redesign

  2. Plugin SDK v2

    • @100yenadmin's coordinated series (session extensions, attachments, scheduled turns, tool paths) signals a major SDK upgrade aimed at enterprise integrations.

  3. Performance Fast-Path (Potential v2026.4.30 Hotfix)

    • The P0 latency cluster (#75412, #75520, #75650) will likely force an immediate patch implementing a cache-hash fix or explicit fastPath mechanism.

  4. High-Demand Channel Features

    • #54531 (Force Reply to Channel): Partially addressed in 4.29; community wants full official parity.
    • #74759 (Secret Broker Plugin): High demand for Bitwarden/Keychain/1Password integration.
    • #73699 (Discord Voice I/O Bridge): Aiming to bridge voice channels to text sessions.

7. User Feedback Summary

Pain Points

  • Windows & WSL2 Neglect: "Every OpenClaw release from 2026.4.24 through 2026.4.29 is broken on Windows" (#75687). User feels the platform has been abandoned for multiple release cycles.
  • Plugin Loading Fragility: "It takes 40-70s per turn just in prep stages" (#75520). Common sentiment: plugin system is the project's weakest link.
  • Configuration Surprises: Users express frustration at overwritten settings (#75720), blocking upgrades (#75502), and mandatory config bloat (#74115).
  • Update Regret: Multiple users report attempting to downgrade and being blocked by stale migration artifacts.

Satisfaction Signals

  • Contributors named in release notes fosters community goodwill.
  • The rapid iteration on user-requested features (Force Reply, Secret Broker concept, Slack tools) shows the team is listening.
  • The 500 PRs in flight demonstrate a healthy, if chaotic, developer ecosystem.

Overall Sentiment

Strongly engaged but stability-fatigued. The v2026.4.x cycle has been the most turbulent in recent memory. Users appreciate the pace of innovation but uniformly request a "stability release" to consolidate gains.

8. Backlog Watch

Issues Needing Maintainer Attention

Issue Created Title Comments Why It Matters
#53628 2026-03-24 ${XDG_CONFIG_HOME} not expanded for skill install 12 Critical Docker/environment bug, unaddressed >30 days
#54435 2026-03-25 sessions_list API only returns main session 4 Core API broken, blocks dashboard development
#53548 2026-03-24 Decouple mode="session" from thread binding 4 Architectural limitation creating workarounds

PRs Waiting for Review

PR Created Title Size Why It Matters
#60860 2026-04-04 Google Vertex AI Provider XL Enterprise feature, needs maintainer guidance
#43404 2026-03-11 Fix cron isolated jobs in reminder guard S Clean fix for known bug, stale 2 months
#43411 2026-03-11 Fix user redactPatterns additive merging S Clean fix, high value, stale 2 months
#54392 2026-03-25 Fix compaction max_tokens model limit S Direct fix for #54383, unaddressed

Bottom Line: The 485 open PRs strongly suggest a maintainer review bottleneck. The project may benefit from a dedicated "patch review day" or additional core code owners to clear the backlog of simple, containerized fixes and retain contributor morale.

Cross-Ecosystem Comparison

Cross-Project Comparison Report: AI Agent Open-Source Ecosystem

Reporting Date: 2026-05-02

1. Ecosystem Overview

The personal AI agent open-source ecosystem is undergoing a decisive transition from experimental novelty to production-grade infrastructure. This digest captures a landscape marked by frenetic development velocity, community demand for operational stability, and a strategic convergence around multi-agent orchestration, persistent memory, and security primitives. While OpenClaw remains the authoritative reference point with an order-of-magnitude larger community, a new tier of specialized alternatives (Moltis, ZeroClaw, NanoBot, IronClaw) are carving distinct niches through architectural rigor, platform depth, or extraordinary community responsiveness. Critically, a deep architectural consolidation wave is underway—multiple flagship projects are undertaking foundational rewrites (OpenClaw plugin system, ZeroClaw schema v3, NanoClaw V2, IronClaw Reborn) to handle the scaling demands of real-world agent workloads.

2. Activity Comparison

Project Issues (24h, Active/Closed) PRs (24h, Updated/Merged) Recent Release Velocity Signal
OpenClaw 251 / – 500 / 15 v2026.4.29 (stable) Massive engagement, critical regressions
NanoBot 9 / 8 32 / 24 Rapid maturation sprint
ZeroClaw 3 / 0 50 / 4 v0.7.4 Heavy architectural pipeline, review bottleneck
PicoClaw 11 / 1 (issue) 14 / 0 v0.2.8-nightly Fix supply exceeded by regression demand
NanoClaw 43 / 34 – (V2 branch) Effective consolidation
IronClaw 27 / 2 50 / High volume v0.26.0 (Apr 21) Foundational architecture merging
LobsterAI 0 / 0 9 / 9 Stable maintenance cycle
Moltis 8 / 6 17 / 15 – (imminent) Exceptional sprint execution
CoPaw 7 / 1 3 / 1 High-signal features, critical bugs stalled
TinyClaw / ZeptoClaw / EasyClaw 0 / 0 0 / 0 Inactive

3. OpenClaw's Position

Advantages: OpenClaw commands a community ecosystem an order of magnitude larger than any peer (500 PRs, 251 issues in 24h), defining the feature frontier for the entire ecosystem. Its technical lead is evident in areas like active-run steering, sub-agent routing metadata, and an evolving Plugin SDK (session extensions, mediated attachments, scheduled turns). It is the de facto reference implementation that other projects measure themselves against.

Technical Approach vs Peers: OpenClaw follows a monolithic-plus-heavy-plugins architecture, integrating features aggressively. Peers like IronClaw and ZeroClaw are adopting more modular, sandboxed, and security-first designs (Reborn architecture, schema v3, SSRF primitives). Moltis demonstrates that a smaller, disciplined team can match OpenClaw's feature pace with significantly higher stability.

Community Size & Engagement vs Peers:

Metric OpenClaw Nearest Peer
24h PR Activity 500 ~50 (ZeroClaw)
Open PR Backlog 485 ~46 (ZeroClaw)
Issue Tracker Activity 251 ~27 (IronClaw)
Weakness Signal Review bottleneck, critical regressions Responsive fixes (NanoBot, Moltis)

Current Risk Profile: OpenClaw's velocity has created a growing credibility gap. The review pipeline (485 open PRs) threatens contributor morale, while critical regressions in plugin loading, embedded latency (40-47s), and platform parity (Windows/Telegram abandonment) generate "stability over velocity" fatigue. The Plugin System Refactor (#75721) is the explicit response, but it underscores that the project's largest liability is its own growth rate.

4. Shared Technical Focus Areas

The ecosystem is converging on a common set of hard architectural problems:

Focus Area Projects Involved Specific Needs
Multi-Agent Orchestration OpenClaw, NanoBot (#2072), ZeroClaw (#5423), Moltis (#949), IronClaw (#3169) Sub-agent routing, spawn_agent tools, provider failover, namespaced memory
Provider Ecosystem Hardening All active projects Focus shifting from adding providers to surviving API changes, proxy architectures, authentication resilience
Extensibility & Plugin SDKs OpenClaw (Plugin V2), NanoBot (HookCenter), ZeroClaw (tool introspection), LobsterAI Building robust third-party developer ecosystems with lifecycle hooks
Security as Architectural Primitive OpenClaw (Secrets), NanoBot (SSRF), ZeroClaw (SSRF config), NanoClaw (/harden), IronClaw (Reborn), Moltis (Sandboxes) Secret management, SSRF guardrails, audit logs, network policies, sandboxed execution
Memory Lifecycle Management OpenClaw (Heartbeat/Memory Cache), CoPaw (#3995), ZeroClaw (Namespaced), NanoBot (Session Focus) Moving from context windows to archiving, conflict detection, and long-term retrieval
Performance / Cost Efficiency OpenClaw (40-47s latency), NanoBot (Token estimation fix), ZeroClaw (Concurrency), CoPaw (Latency) Plugin caching, streaming stability, tool-loop guardrails, token waste reduction
Channel Reliability & Platform Parity All active projects Telegram, Discord, Slack, WeChat, Matrix, QQ, WhatsApp bug fixes; platform-specific feature support

5. Differentiation Analysis

Project Core Strategy Target User Architectural Differentiator
OpenClaw Generalist Frontrunner Power users / Developers Maximum feature surface, largest ecosystem, highest tolerance for churn
NanoBot Community Responsiveness Broad consumer deployment Fastest bug-fix cycle, best cross-platform UX (QQ, Matrix, Feishu)
ZeroClaw Orchestration Architect Complex workflows / Multi-agent Deepest investment in workspace-defined agents and schema control
NanoClaw Pragmatic Migrator V1 user base / Production Strongest focus on migration paths and operational security (/harden)
Moltis Cloud-Native Platform Developer-first / Enterprise Best sprint discipline, data portability, sandbox diversity, SDK foundations
IronClaw Security Sentinel High-assurance / Regulated Deepest security model: resource ceilings, network policies, durable audit
LobsterAI Regional Workflow Specialist Chinese market / IM users Deepest WeChat/Cowork integration, regional platform stability
PicoClaw Edge Agent Hardware / IoT / SiPEED ecosystem Hardware interface focus (UART/Serial), small device deployment
CoPaw Knowledge Integrator Knowledge workers Strongest memory lifecycle proposals, knowledge base ingestion

6. Community Momentum & Maturity

Tier 1 — Defining the Frontier

  • OpenClaw: High turbulence, massive engagement, defining the roadmap for everyone else.
  • Moltis: Best-in-class execution speed combined with high stability.
  • ZeroClaw: Heavy architectural lifting; momentum is strong but gated by review cycles.

Tier 2 — Scaling with Focus

  • NanoBot: Rapid maturation; excellent bug responsiveness and growing platform coverage.
  • NanoClaw: Effective consolidation toward a V2 milestone; reducing technical debt.
  • IronClaw: Deep foundational work with a clear architectural vision (Reborn); user-facing turbulence is low.

Tier 3 — Stabilizing & Niches

  • LobsterAI: Healthy, predictable maintenance cycle; strong regional user base.
  • PicoClaw: High contributor velocity is fighting critical regressions; needs maintainer bandwidth.
  • CoPaw: Strong feature signal and community ideas, but critical core bugs (execution halt, context loss) are stalling trust.

Tier 4 — Dormant

  • TinyClaw, ZeptoClaw, EasyClaw: No activity in the reporting period.

7. Trend Signals

1. Multi-Agent is the Default Architecture, Not an Experiment
The ecosystem has moved past whether to support multi-agent systems. Sub-agent routing (OpenClaw), spawn_agent tools (ZeroClaw, Moltis), and provider failover for agent pipelines are now core requirements. Lack of native support is a competitive disadvantage.

2. The Market Demands Stability Over Velocity
The strongest sentiment signal from the ecosystem is stability fatigue. OpenClaw's turbulence has generated explicit user backlash. Projects that prioritize reliable bug fix turnaround (NanoBot, Moltis) are building disproportionate trust.

3. Security is Moving from Configuration to Architecture
Security is no longer a bolt-on. SSRF guardrails, sandboxed code execution, secret management, and audit trails are being designed as core runtime primitives (IronClaw Reborn, NanoClaw /harden, Moltis sandboxes, ZeroClaw SSRF config).

4. Memory Systems Must Solve Lifecycle, Not Just Context
The community recognizes that simple context windows are insufficient. Requirements for auto-archiving, conflict detection, namespaced memory, and long-term RAG retrieval (CoPaw #3995, OpenClaw, ZeroClaw, NanoBot) signal a shift toward full memory lifecycle management.

5. Cloud-Native Deployment is a Baseline Expectation
Portability, graceful shutdown, Docker-less sandbox support, and standardized backup/restore (Moltis, NanoClaw, IronClaw) are required for serious production deployment, not simply nice-to-haves.

6. The Cost of Agent Execution is the Next Optimization Frontier
Token estimation fixes (NanoBot), embedded latency crises (OpenClaw), tool-loop guardrails for local models (ZeroClaw), and streaming stability are all user-facing pain points demanding efficiency improvements.

7. Platform Specialization is Accelerating
The ecosystem is fragmenting productively. Instead of one tool for everything, IronClaw owns security, PicoClaw owns edge devices, LobsterAI owns regional platforms, and NanoBot owns broad consumer reliability. OpenClaw remains the generalist umbrella, but the days of a single dominant architecture are ending.

Peer Project Reports

NanoBotHKUDS/nanobot

Here is the NanoBot project digest for 2026-05-02, based on the provided activity data.

1. Today's Overview

NanoBot is experiencing an extraordinary peak in development velocity. Over the last 24 hours, 32 pull requests were updated and 9 issues saw activity, culminating in 24 PRs merged or closed and 8 out of 9 issues resolved. This concentrated burst of patches demonstrates a strong maintainer sprint focused on stability, platform security, and bridging critical user-experience gaps. The project is in a highly responsive and maturation-oriented state.

2. Releases

No new versions were tagged in the observed period.

3. Project Progress

The core team executed a major merge session that advanced the project across multiple dimensions:

  • Critical Stability & LLM Integration: Fixed a crashing NameError in the token estimation fallback (#3582). Introduced automatic streaming fallback for Anthropic long-running requests (#3579). Resolved a premature termination bug in the OpenAI-compatible SSE streaming endpoint during tool-backed calls (#3555).
  • Channel & Connectivity: Merged the highly anticipated NapCatQQ channel for full group chat and image support (#2337, #2379). Patched a Matrix sync loop that flooded servers with auth errors (#3578).
  • Context & Identity: Merged support for injecting sender_id into the LLM context, solving the "who am I talking to?" problem in group channels (#3549).
  • Security & Hygiene: A Server-Side Request Forgery (SSRF) vulnerability in the DingTalk media fetcher was patched (#3569). Output streaming was sanitized to strip partial control tags (#3577). URLs passed to WebFetchTool are now sanitized of markdown formatting artifacts (#3528).
  • Platform Specifics: Fixed the DeepSeek reasoning mode detection logic (#3560). Added origin_message_id support for better subagent tracking and outbound deduplication (#3561). Added the LongCat provider (#3114).

4. Community Hot Topics

The community's most engaged discussions reveal a clear appetite for higher-level agent intelligence:

  • Native Multi-Agent Routing (#2072): Receiving 8 comments and a 👍, this issue requested a native equivalent to OpenClaw's multi-agent routing. The user's manual workaround shows a strong latent demand for native orchestration capabilities.
  • Session-Level Focus Tool (#3292): With 4 comments, this open feature request calls for a persistent "mental task board" to help LLMs maintain attention on primary goals across interruptions. It highlights a deep community need for agent reliability in prolonged, real-world flows.

5. Bugs & Stability

Stability was the single largest theme of today's patch cycle, with fix PRs already in place for nearly all high-severity items.

  • CRITICAL: Token estimation crash (NameError: name 'estimated' is not defined) blocking memory consolidation (#3581). Status: FIXED (#3582).
  • HIGH: Anthropic non-streaming calls failing hard on long requests (#2709). Status: FIXED (#3579).
  • HIGH: Matrix channel spamming servers indefinitely due to unhandled auth tokens (#1851). Status: FIXED (#3578).
  • HIGH: Tool-backed requests breaking the OpenAI-compatible streaming connection entirely (#3551). Status: FIXED (#3555).
  • MEDIUM: ReadFileTool caching stale empty stubs across different agent sessions (#3571). Status: UNRESOLVED.
  • MEDIUM: Matrix channel re-reading and replaying old messages on restart (#3553). Status: UNRESOLVED.

6. Feature Requests & Roadmap Signals

Several open PRs and issues in the data point toward the next set of major capabilities:

  • Model Presets (#3358): An open PR adding ModelPresetConfig. This strongly suggests imminent support for easily swapping between providers/models with single configurations, a major Quality-of-Life win.
  • Tool-Loop Guardrails (#3580): Actively proposed to prevent small/local models from burning tokens on infinite retry loops. Predicts a stronger push toward robust local model support.
  • Event-Driven Hook Plugin System (#3564): The HookCenter PR proposes a massive refactor to allow 3rd party plugins. If merged, this completely changes the extensibility story of NanoBot.
  • Persistent Task Awareness (#3292): Open feature request. Given the community interest and the general AI agent trend, this is a strong candidate for a future "Focus" or "Memory" enhancement.

7. User Feedback Summary

User feedback paints a picture of intense engagement balanced by specific stability frustrations.

  • Pain Points: The most acute pains revolve around LLM integration fragility (Anthropic streaming limits, token estimation crashes) and the lack of multi-user identity in group channels. Users also reported confusion around unintuitive tool caching behavior across sessions (#3571).
  • Use Cases: Users are actively deploying NanoBot in family group chats (Discord, Feishu, QQ, Matrix), validating the multi-channel strategy. Demands for multi-agent routing and session focus indicate advanced users are moving beyond simple chat into complex, persistent workflows.
  • Satisfaction: The rapid turnaround—where 8 out of 9 issues were closed within the reporting period—is a strong indicator of maintainer responsiveness and user trust in the project's trajectory.

8. Backlog Watch

Despite the heavy merge activity, some critical items remain open and require attention:

  • MCP Tool Lazy Loading (#1759): Open since March 9. Aims to reduce context window bloat from MCP tools. High impact, no recent review signal.
  • Model Presets (#3358): Open since April 21. A highly waited feature that is ripe for expedited review to target the next release cycle.
  • Matrix Old Messages on Restart (#3553): Clean bug report, no fix PR yet. Significant UX bug for Matrix users.
  • ReadFileTool Session Stub (#3571): No fix PR yet. Directly impacts user trust in the agent's memory and tool execution across sessions.
Zeroclawzeroclaw-labs/zeroclaw

ZeroClaw Project Digest — 2026-05-02

1. Today’s Overview

Zeroclaw is in an exceptionally high-velocity development phase, with 50 pull requests updated in the past 24 hours and the immediate release of v0.7.4. While only 3 issues were updated and none closed, the project pipeline is heavily loaded with advanced architectural changes. The new release focuses on internal rewrites (Matrix protocol, CLI/TUI, i18n) while the open PR queue signals a major push toward multi-agent orchestration, channel scalability, and provider-hardening. Overall project health is robust in contributor activity, but fragile in review velocity—almost all high-impact PRs are flagged needs-author-action.

2. Releases

v0.7.4 (Changelog: v0.7.3 → v0.7.4)
A foundation patch release on top of the v0.7.x workspace:

  • Matrix Bridge Rewrite: Clean-room reimplementation of the entire Matrix protocol channel.
  • Internationalization: Mozilla Fluent i18n pipeline merged with multi-locale documentation support.
  • CLI/TUI Overhaul: Ground-up rewrite of the onboarding flow for new users.
  • Channel Recovery: The WeChat iLink Bot channel has been reactivated.

Migration Notes: No specific breaking migration steps are noted in the changelog, though users should be aware that the next major release (v0.8.0) is blocked on an explicit schema v3 migration (#5947).

3. Project Progress (Merged/Closed PRs)

4 PRs merged or closed in the last 24 hours. The two identifiable in the top 20 by activity are:

  • #5416 (CLOSED)Codex Runner Parity
    A substantial enhancement (size: L, risk: high) adding a codex_runner tool to match the existing claude_code_runner flow. Closes a major parity gap between Codex and Claude Code execution environments.

  • #5141 (CLOSED)Webhook Routing Fix
    fix: route webhook requests through tool loop. Routes webhook requests through the tool-enabled chat path, aligning webhook behavior with interactive tool execution.

Two additional PRs were closed/merged but are not captured in the top 20 by comment count.

4. Community Hot Topics

Most Active Issues:

  • #5862 [Bug]: zeroclaw does not know it can add cron (Open, 8 comments)
    A fundamental usability gap: the agent fails to map user scheduling requests to its native zeroclaw cron tool. The community is discussing underlying tool-awareness logic.

  • #4710 [Feature]: A better LOGO of Zeroclaw (Open, 8 comments, 2 👍)
    A long-running design discussion around the project's visual identity, now in an accepted/priority-p2 state.

  • #5947 [Feature]: schema v3 — batch breaking field migrations (Open, 6 comments)
    A critical roadmap items acting as a "Merge blocker": no partial landings allowed until all checklist items are complete for v0.8.0.

Active PR Themes (46 open):

  • Multi-Agent Systems (#5423 — workspace agent definitions, #5530 — namespaced sub-agent memory)
  • Channel/Provider Expansion (#5418 — configurable concurrency, #5539 — Gemini fix, #5303 — Bedrock SigV4 fix)
  • Web Tooling Hardening (#4924, #5164, #5136 — allowed_private_hosts and SSRF control)

Note: Despite the "top 20 by comment count" label, comments were not enumerated in the source data for PRs.

5. Bugs & Stability

High Severity:

  • #5539Gemini loadCodeAssist breakage: Google renamed cloudaicompanionProject in April 2026. Fix PR open, size S, medium risk.
  • #5458UTF-8 Panic: Direct byte-index slicing panics on CJK/emoji/box-drawing characters. Fix introduces floor_char_boundary truncation across all major channels and tools.
  • #5303Bedrock Auth Conflict: Generic API_KEY/ZEROCLAW_API_KEY overrides AWS SigV4. Fix PR open.

Medium Severity:

  • #5257Provider History Ordering: Zhipu GLM and similar providers reject history starting with assistant/tool messages. Fix aligns trim to user boundary.
  • #5540Memory/Session Recall Harden: Multiple bug fixes (size: M, risk: high) queued for memory recall and session resume stability.
  • #5161WebSocket Steering: Complex fix (size: XL, risk: high) to keep steering additive and persist streamed output correctly.

6. Feature Requests & Roadmap Signals

In Progress / Queued:

  • Multi-Agent Orchestration (#5423): The largest feature signal—workspace-defined agents, spawn_agent tools, hot-reload via file watcher, per-agent model routing. Relates to issue #3502.
  • Channel Concurrency (#5418): Adds max_concurrent_per_channel and skips reply-intent precheck for DMs to save LLM round-trips. Targets deployments with limited backend slots (e.g., llama.cpp --parallel).
  • SSRF Tooling Upgrade (##4924, #5164, #5136): Coordinated push to introduce allowed_private_hosts, blocked_domains denylists, and DNS-resolution-aware validation for web_fetch and http_request tools.

Predictions for v0.8.0:

  • The schema v3 migration (#5947) is the defined blocker. It implies breaking configuration changes.
  • The multi-agent workspace system (#5423) and Codex runner parity (#5416) (already merged) are highly likely to land.
  • Given the i18n pipeline landing in v0.7.4, multi-locale support will be a first-class citizen moving forward.

7. User Feedback Summary

Inferred from issue and PR data:

  • Satisfaction Drivers: The rapid release cycle (v0.7.4 immediately following the v0.7.x foundation) and the prompt merging of feature-request parity items (Codex runner, Matrix rewrite) show strong responsiveness to community needs.

  • Pain Points:

    1. Agent Self-Awareness (#5862): The agent’s inability to recognize its own built-in tools (e.g., cron) points to a core architectural limitation in tool introspection.
    2. Provider Fragility: Multiple bugs triggered by upstream API changes (Gemini #5539, Bedrock #5303) or strict provider requirements (Zhipu GLM #5257) create recurring churn for users on non-OpenAI backends.
    3. Review Bottleneck: The overwhelming volume of PRs with needs-author-action suggests contributors are hitting a ceiling waiting for review cycles or test fixes.

8. Backlog Watch

  • Issue #5862 — Cron Awareness (Open since Apr 18)
    Labeled r:needs-repro. This S3 minor issue is the community's most commented-on topic. Progress depends on a submitted test case.

  • Issue #4710 — Logo Redesign (Open since Mar 25)
    Status accepted, priority p2. Low urgency, but the 8 comments and 2 👍 indicate sustained community interest.

  • PR #4924 — SSRF Config (Opened Mar 28)
    The oldest large size: XL, risk: high PR still open. High complexity likely the bottleneck.

  • PR #5423 — Multi-Agent System (Opened Apr 6)
    The defining feature for the next major cycle. Its review progress will signal the timeline for v0.8.0. Currently labeled needs-author-action.

PicoClawsipeed/picoclaw

Here is the structured project digest for PicoClaw, based on the supplied GitHub data.

PicoClaw Project Digest — 2026-05-02

1. Today's Overview

PicoClaw is currently in an intensive “break-fix” cycle following the v0.2.8 release. Community engagement is exceptionally high, with 14 pull requests submitted and 11 issues updated in the last 24 hours. While no PRs were merged today, the volume of incoming fixes strongly suggests a major stabilisation patch is imminent. The primary risk to user satisfaction is the gap between the immediate report of three critical regressions and the lack of merged resolutions, placing pressure on maintainer review bandwidth.

2. Releases

A new Nightly Build was published:

  • Release: v0.2.8-nightly.20260501.6e1fab80
  • Note: This is an automated build of the main branch and is explicitly labelled as potentially unstable.
  • Changelog: Full Changelog: v0.2.8...main
  • Migration Advice: Users experiencing the severe regressions in the stable v0.2.8 (see Bugs section) should evaluate this nightly with caution, as it may contain fixes but has not been formally qualified.

3. Project Progress

  • Merged/Closed PRs: No pull requests were merged or closed today.
  • Issue Closed: A long-standing bug (#1533) regarding hyphens in skill names being incorrectly converted to underscores (causing “Tool not found” errors) was closed.
  • Highlights from the Pending Queue: Significant code contributions await maintainer review:
    • DeepSeek Stack Fixes: @cjkihl submitted three targeted PRs fixing DeepSeek reasoning tokens, proxy detection, and Telegram formatting (#2740, #2743, #2739).
    • Core Stability: @loafoe contributed fixes for a config parsing panic (#2270) and tool JSON schema validation (#2128).
    • New Capabilities: @webhtb added native audio input for multimodal LLMs (#2626), and @loafoe built a Slack webhook channel (#2719).

4. Community Hot Topics

The ecosystem is rallying around two main themes: regression recovery and provider expansion.

  • Top Bugs by Engagement:
    • The long-running channel cron bug (#1757) has accumulated 6 comments and remains the top complaint for agent scheduling reliability.
    • A mobile UX pain point (#2376) regarding the Enter key sending messages instead of creating new lines has strong community support.
  • Provider Deep-Dive: The cluster of DeepSeek compatibility PRs represents the most concerted community effort. Users are actively using DeepSeek through various proxy endpoints, forcing the project to adapt beyond simple provider name checks.
  • Underlying Needs:
    • Reliable agent task scheduling (cron).
    • Mobile-first UI refinements.
    • Broad LLM provider compatibility (OpenAI, DeepSeek, OpenRouter, Tencent).
    • Hardware interface expansion (UART/Serial tools complementing I2C/SPI).

5. Bugs & Stability

The stability of the v0.2.8 release is the dominant health concern today. Issues are ranked by severity:

  • Critical (v0.2.8 Regressions, no fix PR linked yet):
    • Image recognition is broken after upgrading to v0.2.8. (#2738)
    • The gateway fails to start with configured channels on v0.2.8. (#2742)
    • The Android build of v0.2.8 cannot access data from UI tabs. (#2744)
  • High (Open Issues):
    • OAuth authentication is failing for OpenAI and Antigravity providers. (#2602)
    • User-defined cron tasks fail with channel errors. (#1757)
  • Moderate (Community Fix PR Exists):
    • DeepSeek streaming drops reasoning_content (#2740).
    • Failure to detect DeepSeek behind third-party proxies (#2743).
    • Config parsing panic on non-addressable SecureStrings (#2270).
    • Telegram MarkdownV2 garbling pipe tables (#2739).

6. Feature Requests & Roadmap Signals

The dataset strongly indicates what features are imminent vs. what is still in the wishlist phase.

  • Likely for v0.2.9 (PR Exists):
    • Native Audio Input for Gemini-style multimodal LLMs. (#2626)
    • Slack Webhook output channel for team notifications. (#2719)
    • Provider Metadata Management overhaul for the Web UI. (#2701)
    • Brazilian Portuguese (PT-BR) locale (all 534 strings translated). (#2037)
  • Community Wishlist (Requires Implementation):
    • Support for the GitHub Copilot provider. (#2652)
    • Built-in UART/Serial Port tools for embedded work. (#2649)
    • Config option for streaming HTTP requests to the backend. (#2404)

7. User Feedback Summary

  • Dissatisfaction / Pain Points:
    • Trust in Stable Releases: The v0.2.8 upgrade has been a frustrating experience for users, as it introduced multiple blockers (no images, no channels, broken Android UI).
    • Provider Friction: OAuth bugs (#2602) prevent standard use of major providers.
    • Mobile UX: Android users are specifically requesting an alternative to the “Enter to send” default. (#2376)
    • Build Friction: Lack of clear Windows build instructions limits the contributor base. (#2651)
  • Satisfaction / Indicators of Health:
    • High Contributor Velocity: The submission of 14 PRs in a single day shows a deeply invested community that is “eating its own dog food” and actively fixing issues.
    • Quick Iteration: The existence of a nightly build the day after the stable release allows power users to test fixes immediately.
    • Global Reach: The pending Portuguese locale PR confirms the user base extends beyond English-speaking regions.

8. Backlog Watch

Several important items have stagnated in the backlog despite having active community interest or ready code.

  • Issues Lacking Maintainer Response:
    • #1757Channel Cron Bug (Open since Mar 18, tagged stale). Core automation feature is unreliable.
    • #2602OAuth Errors (Open since Apr 20, tagged stale). Blocks core login flows for major providers.
    • #2376Enter Key Feature (Open since Apr 6, tagged stale). A simple config toggle with high community demand.
  • PRs Waiting for Merge:
    • #2037Portuguese Locale (Open since Mar 26). A complete i18n submission with no comments.
    • #2128Tool JSON Schema Fix (Open since Mar 28, tagged stale). Necessary for strict API compatibility (LM Studio).
    • #2270Config Panic Fix (Open since Apr 2). Addresses a crash bug in configuration handling.

These items represent the most significant drag on project velocity, as they involve core features (scheduling, authentication, internationalisation) and have pending code solutions.

NanoClawqwibitai/nanoclaw

NanoClaw Project Digest — 2026-05-02

1. Today's Overview

NanoClaw is in a phase of extremely high development velocity, with 43 pull requests updated in the 24-hour reporting period, of which 34 were merged or closed. This represents a major cleanup and stabilization sprint, particularly around the OpenCode provider and critical infrastructure bugs. Community engagement is intense, driven by the ongoing V1→V2 migration and a swift response to high-severity context-loss bugs. While no new releases were cut, the volume of merged fixes suggests the project is consolidating toward a significant V2 milestone. Healthy activity is tempered by deep architectural discussions around session continuity, operational contract preservation, and the need for production-grade observability.

2. Releases

No new releases. The project is currently operating in a pre-release "v2" branch consolidation phase, with no tags or published packages generated today.

3. Project Progress

Today's 34 merged/closed PRs represent substantial forward movement across multiple dimensions:

Provider Ecosystem:

  • OpenCode provider rehabilitated: PR #2153 and #2165 resolved the critical bug where CLAUDE.md fragments and base context were being sent as literal @./...md references instead of resolved content. PR #2152 added configurable IDLE_TIMEOUT_MS and process group management for OpenCode server lifecycle.

Infrastructure & Stability:

  • Claim-stuck loop eliminated: PR #2151 (fixing Issue #2147) clears orphan processing_ack rows on kill, preventing immediate SIGKILL on respawn.
  • Silent task failure surfacing: PR #2167 stops the agent-runner from acking scheduled tasks as completed when SDK calls silently fail.
  • Database hygiene: PR #2160 ensures inbound.db is opened fresh per message read cycle.
  • Tooling: PR #2171 switched the pre-commit hook to lint-staged, eliminating full-tree prettier runs on every commit.

New Features:

  • Bidirectional WhatsApp media: PR #2170 added inbound media download and outbound file sending over IPC for WhatsApp messaging groups.
  • Security Hardening: PR #2163 introduced PreToolUse hooks for agent-browser URL validation (blocking private IPs, cloud metadata endpoints, non-http schemes). This was extended by PR #2166 into an opt-in /harden skill.

Oldest Closures:

  • PR #701 (date-time context injection, created March 4) was finally closed.
  • PR #746 (WhatsApp restart hammering, created March 5) was closed.
  • PR #1076 (OAuth credential proxy, created March 14) was closed.

4. Community Hot Topics

Item Type Engagement Signal
V1→V2 Migration PR #1931 Open PR Highest activity over multiple days Community is heavily invested in the automated upgrade path; this is the focal point of project evolution.
OpenCode Context Fix Issue #2150 Priority High Bug 5 comments, resolved in <24h Community expressed strong concern over "silent context loss." Rapid resolution built trust.
V2 Operational Contracts Issue #2175 Architecture Discussion 0 comments (just opened) but high strategic weight @lazer-maker raises the critical question of preserving V1's operational safety (containment, delegation, permissions) in V2.
Interrupted-Run Observability Issue #2173 Feature/Bug 1 comment Underlying need for a persisted "processing started" marker to detect message batches lost during crashes.
Security Hardening PR #2163 + #2166 Merged PRs High immediate adoption Indicates strong user demand for enterprise/gateway-ready deployments.

5. Bugs & Stability

🔴 Critical — Resolved

  • OpenCode Provider: Silent Context Loss (Issue #2150). Agent operates without instructions because wrapPromptWithContext sends literal @./...md lines. Severity: high (silent context loss). Fix merged in PR #2165 and #2153.
  • Claim-Stuck Loop Persists (Issue #2147). Orphan processing_ack rows survive kill-ceiling, locking sessions out of processing. Severity: high (locks a session out). Fix merged in PR #2151.

🟡 Medium — Open

  • Interrupted-Run Detection & Recovery (Issue #2173, #2174): Dispatched messages without a durable bot response have no persisted marker. Recovery path is being designed. No fix PR yet.
  • macOS Case-Insensitive Filesystem (Issue #2172): container/build.sh and Node host compute different image slugs due to $PWD vs process.cwd() case mismatch on macOS. Blocks macOS development.

🟢 Low — Open

  • SC/Gmail Session Continuity (Issue #2176): Fresh session containment for Gmail breaks immediate task context for SC messages.
  • OneCLI PATH Propagation (Issue #1973, closed): "onecli not found" on fresh Linux installs. Workaround exists but UX friction remains. (Related fix PRs #2052, #2054 still open.)

6. Feature Requests & Roadmap Signals

The following signals point toward the likely contents of the next V2 release:

  • Multi-Provider Architecture: The Google Gemini provider PR (#2136) is actively open. Paired with the OpenCode investments, NanoClaw is clearly moving toward a native multi-provider platform.
  • Risk: V2 Migration Scripting: The massive migration PR (#1931) is the single most important pending item. Its design will dictate the upgrade experience for every existing V1 user.
  • Production Observability: The Usage Logging skill (#2012) and the Interrupted-Run detection issues (#2173) strongly suggest an admin dashboard layer is in early design.
  • Security as a Feature: The rapid acceptance of the /harden skill (#2166) indicates enterprise/gateway security will be a core selling point for V2.
  • Exploration Guide: PR #2169 adds an exploration guide, pointing to improved onboarding documentation.

Prediction: The next release will likely bundle multi-provider support, the V2 migration path, and the /harden security skill as headline features.

7. User Feedback Summary

Satisfaction Drivers:

  • Rapid bug resolution: The 24-hour turnaround on the OpenCode context loss bug (Issue #2150 → PR #2153/#2165) significantly boosts user confidence in maintainer responsiveness.
  • Community influence on architecture: The V2 operational contract discussion (Issue #2175) shows maintainers are listening to concerns about preserving safety behaviors.

Explicit Pain Points:

  • "Silent context loss; agent operates without instructions" — Issue #2150, now fixed, but users clearly expect 100% reliable context injection.
  • "Locks a session out of all message processing whenever a kill happens; recovery requires manual DB edit or service restart" — Issue #2147, now fixed, but highlighted a dangerous fragility in the processing pipeline.
  • "SC loses immediate task context" — Issue #2176, session containment trade-offs cause user confusion.
  • "Prefire setup hangs caused by sudo prompts being invisible inside spinner-driven steps" — PR #2054 identifies a significant first-run UX barrier.
  • "Mismatch between shell $PWD and Node process.cwd() on case-insensitive filesystem" — Issue #2172 blocks macOS developers from reliable local builds.

Use Cases Evidenced:

  • Heavy reliance on OpenCode as a primary provider.
  • WhatsApp integrated media workflows.
  • Production/enterprise deployments requiring URL guardrails and browser safety.
  • Complex multi-workspace setups migrating from V1.

8. Backlog Watch

Item Type Created Status Risk
V1→V2 Migration Open PR Apr 23 Pending Comprehensive Review Critical path for all existing users. High risk of regressions if rushed. Needs explicit maintainer sign-off and documentation.
OneCLI Auto-Bootstrap Fix Open PR Apr 27 Needs Review Blocks "first-successful run" for new Linux users. Silent backlog despite high impact.
Invisible Sudo Hangs Fix Open PR Apr 27 Needs Review Same as above; setup UX is arguably the highest-leverage improvement for growing the user base.
SC Task Continuity Open Issue May 1 Needs Triage Subtle daily-driver friction. Risk of user attrition if ignored.
Container Bridge IP Resolution Open PR May 1 Needs Review Fixes rootless Docker networking—important for containerized deployments.

The volume of activity today is a strong indicator of project health, but the backlog of setup-related PRs (since April 27) represents the highest-risk silence—new user onboarding friction can negate the good work done on the core agent platform.

IronClawnearai/ironclaw

IronClaw Project Digest — 2026-05-02

1. Today's Overview

IronClaw experienced a surge of integration activity on May 1st, with 27 issues and 50 pull requests updated in the reporting period as the project drives aggressively toward its "Reborn" architecture release. The core team merged a high volume of foundational PRs, including wired resource ceiling enforcement, network policy staging, host-level trust evaluation, and durable audit sinks. Concurrently, several high-severity user-facing bugs were resolved—most notably the routine creation "5 consecutive code errors" failure and the Linux installer breakage (with a fix PR now open). Despite zero new releases, the merge velocity signals that a significant Reborn-based release candidate is being assembled on the reborn-integration branch.

2. Releases

No new releases were published today. The most recent release remains v0.26.0 (2026-04-21).

3. Project Progress

A substantial set of Reborn substrate components moved from design into merged code today. Key merged/closed PRs include:

  • Resource Ceiling Enforcement: Obligation::EnforceResourceCeiling is now wired end-to-end through the Reborn host-runtime path. Two PRs (#3156, #3158) closed issue #3144, with a follow-up open PR (#3159) providing further refinement.
  • Background Process Lifecycle: The obligation reconciliation lifecycle for background process execution was defined and merged (PR #3161, closing #3145).
  • Secret & Network Boundaries: Staged runtime secrets are now consumed by the HTTP egress service (PR #3150), and staged network policies flow through HostHttpEgressService (PR #3149).
  • Trust & Audit: Host-level trust decisions are evaluated before every capability invocation (PR #3153, closing #3146), and built-in obligation audit records are wired to durable event/audit sinks (PR #3154).
  • Runtime Approval & Resumption: Added HostRuntime::resume_capability() facade and approval-resume coverage (PR #3160).
  • WASM & MCP Lanes: The WASM runtime lane was re-carved (#3086), and the MCP HTTP/SSE client was wired through the shared runtime egress path (#3137).
  • Bug Fix: The mission_* tool bridge was fixed to accept human-readable names instead of requiring UUIDs, resolving the routine creation bug (#2583) in PR #3155.
  • Testing Infrastructure: Script HTTP egress paths were guarded with test coverage (PR #3163), and network policy handoff was hardened (PRs #3164, #3165).

4. Community Hot Topics

The following issues generated the most discussion today, primarily revolving around the Reborn architecture's landing strategy and verification:

The underlying need across all these threads is the same: the community and core team are coalescing around the Reborn architecture's security, modularity, and correctness before cutting over from the legacy stack.

5. Bugs & Stability

High Severity:

  • Linux Installer Failure (#2818) — The v0.26.0 installer is broken on x86_64-unknown-linux-gnu due to a cargo-dist namespaced release tag regression. A fix PR (#3172) bumping to cargo-dist 0.31.0 is open. Critical user blockade for Linux deployments.
  • Routine Creation Failure (#2583)Resolved today. The root cause was mission_* handlers requiring UUIDs when LLMs naturally pass names. Fixed in PR #3155.

Medium Severity:

Low Severity:

6. Feature Requests & Roadmap Signals

Several feature requests and roadmap indicators emerged today:

  • Multi-Architecture Docker Images (#3168)@gcaguilar requested ARM64 support. Given the Rust toolchain and Cranelift already support aarch64, this is a likely near-term ops improvement as the project prepares for wider deployment.
  • Mission Auto-Resume After Auth Gates (#3166) — A direct follow-up to the Mission failure bug (#3133). This feature would allow missions paused by OAuth/approval gates to automatically resume once the gate is resolved, without user re-prompting. This is a high-impact UX improvement.
  • Standalone Durable Event/Audit Store (#3162) — An EPIC was opened for production-grade backends (JSONL, PostgreSQL, libSQL), and an implementation PR is already open (#3171). This is a high-priority Reborn architectural block.
  • Concurrent Background Fan-Out (#3169) — A design issue filed by @serrrfirat to move beyond single-scoped background process handoffs toward true concurrent multi-process fan-out. Points to scaling ambitions for the background execution model.

7. User Feedback Summary

Pain Points:

  • Deployment friction is the dominant user complaint. The simultaneous failure of the Linux installer (#2818) and the missing Docker Hub image (#2963) are preventing users from easily running the released version of IronClaw. This represents a critical distribution gap.
  • Workflow reliability remains uneven. The routine creation bug (#2583, now fixed) and the Mission Gmail failure (#3133) show that LLM-powered workflows still struggle with real-world auth flows and tool calling conventions. Users expect declarative commands like "send an email" or "create a routine" to work without specialized knowledge of the runtime internals.
  • Positive signal on responsiveness. The rapid resolution of #2583 (filed during Bug Bash 4/17, fixed in the current cycle) suggests the project is maintaining good hygiene on regressions caught by QA and automated testing.

Satisfaction Indicators:

  • High comment activity on the Reborn EPIC (#2987) and integration test plan (#3067) suggests the community is engaged and buying into the architectural direction.
  • Zero negative reactions or frustrated tone in the issue tracker; discussions remain constructive and technically focused.

8. Backlog Watch

The following open items warrant attention from maintainers:

⚠️ Content exceeds GitHub Issue limit. See the committed Markdown file for the full report.

Metadata

Metadata

Assignees

No one assigned

    Labels

    openclaw-en

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions