OpenClaw Upgrades Its AI Arsenal And Closes Security Gaps In Latest Release

by
Alisa Davidson

Revealed: March 23, 2026 at 10:30 am Up to date: March 23, 2026 at 9:52 am

by Anastasiia O

Edited and fact-checked:
March 23, 2026 at 10:30 am

To enhance your local-language expertise, typically we make use of an auto-translation plugin. Please be aware auto-translation is probably not correct, so learn original article for exact data.

Open-source, self-hosted AI agent platform OpenClaw launched its newest launch, model 2026.3.22, bringing a wave of enhancements throughout plugin administration, AI integrations, and platform safety.

This replace provides the ClawHub plugin market and expands mannequin assist to incorporate MiniMax M2.7, GPT-5.4-mini/nano fashions, and per-agent reasoning capabilities. Moreover, the discharge incorporates integration with OpenShell and SSH sandbox environments, alongside connectivity to exterior search instruments comparable to Exa, Tavily, and Firecrawl. 

In response to the GitHub doc, one of many headline adjustments is a revamped plugin set up move. When working openclaw plugins set up, the system now prioritizes OpenClaw’s personal market — ClawHub — earlier than falling again to npm. This implies customers get curated, verified packages by default, with npm nonetheless obtainable as a security internet. Updating plugins has additionally been improved: builders can now goal particular variations or distribution tags on npm-tracked installs with out shedding their recorded package deal specs.

OpenClaw is doubling down on AI integrations. The default OpenAI mannequin has been upgraded to GPT-5.4, with Codex following swimsuit. All OpenAI companies — chat, picture technology, text-to-speech, transcription, and embeddings — now draw from a single shared configuration module, making setup cleaner and extra constant.

Maybe most notably, this launch introduces a local Anthropic Claude supplier by way of Google Vertex AI, full with full GCP authentication and discovery. Groups already working on Google Cloud infrastructure can now entry Claude fashions straight by way of OpenClaw with out extra middleware.

Rounding out the AI information, this launch provides assist for locating and putting in Codex, Claude, and Cursor bundles, with their abilities routinely mapped into the OpenClaw ability system.

New Replace Enhances Safety 

Notably, this launch addresses a number of significant safety issues. Proxy spoofing safety has been improved by guaranteeing that loopback hops in trusted forwarding chains at the moment are ignored, whereas units are restricted from requesting permissions past what their session permits. Admin scope lockdown has been strengthened in order that proxy-authenticated classes can not self-declare admin or secrets-level entry with no verified gadget id. As well as, malicious obtain safety has been enhanced by making use of the identical dimension limits and timeouts to error responses from distant media sources as these used for profitable downloads, thereby closing a possible vector for unbounded reminiscence assaults.

Customers can now set up straight from GitHub’s major department by way of openclaw replace –tag major, helpful for groups monitoring bleeding-edge builds. A repair has additionally landed for plugin callback routing, guaranteeing that interactive buttons — comparable to Telegram’s Codex picker — not unintentionally fall by way of to normal message handlers.

A beta construct of v2026.3.22 is offered on npm. macOS customers ought to be aware that the desktop app stays on the earlier secure launch, with no new macOS binary hooked up to this beta.

Alisa, a devoted journalist on the MPost, makes a speciality of cryptocurrency, zero-knowledge proofs, investments, and the expansive realm of Web3. With a eager eye for rising tendencies and applied sciences, she delivers complete protection to tell and have interaction readers within the ever-evolving panorama of digital finance.

• 
  
  
  

More articles