By rssfeeds-admin 
This update addresses multiple vulnerabilities and introduces features like Claude Opus 4.6 support, making it a timely boost for privacy-focused users deploying AI gateways locally across macOS, Windows, and Linux.
A key highlight is the addition of optional HTTP security headers, including Strict-Transport-Security for direct HTTPS deployments, complete with validation, tests, and documentation to mitigate man-in-the-middle risks.
Developers also hardened session maintenance via “openclaw sessions cleanup,” introducing disk-budget controls and safer transcript handling to prevent storage overflows and data leaks.
Notably, a breaking change shifts the browser SSRF policy to “trusted-network” mode by default, requiring explicit configuration for private network users can migrate legacy settings with “openclaw doctor –fix.”
Several fixes target configuration and execution risks. Sensitive dynamic keys like env.* are now redacted in config snapshots, preserving restore behavior while blocking exposure.
Obfuscated commands trigger explicit approval before execution, and ACP client permissions demand trusted tool IDs with scoped read approvals to thwart unauthorized file access.
Skills packaging rejects symlink escapes and XSS-vulnerable prompts in image galleries, while OTEL diagnostics redact API keys from logs before export.
These measures collectively fortify OpenClaw against prompt injection, SSRF, stored XSS, and credential leaks in production environments.
| Security Fix | Description | Impact |
|---|---|---|
| SSRF Policy | Defaults to trusted-network; migrates legacy allowPrivateNetwork | Prevents unauthorized internal requests |
| Config Redaction | Hides env.* and skills.env.* in snapshots | Stops sensitive key exposure |
| Exec Security | Detects/blocks obfuscated commands | Mitigates injection attacks |
| Skills XSS | Escapes user inputs in HTML output | Blocks stored cross-site scripting |
| OTEL Redaction | Scrubs keys from diagnostics | Protects telemetry in observability |
AI Enhancements and Fixes
On the AI front, Providers gain first-class Kilo Gateway support with kilocode/anthropic/claude-opus-4.6 as default, including auth, onboarding, and cache handling.
Vercel AI Gateway now normalizes shorthand Claude refs, while tools/web_search adds Moonshot “kimi” provider with improved citation extraction.
Media understanding expands with native Moonshot video support and refactored execution for better URL/header precedence.
Agents benefit from per-agent params overrides for cacheRetention and bootstrap caching to minimize prompt invalidations.
Fixes extend context pruning to Moonshot/Kimi, resolve model resolution for defaults, and enhance overflow detection for better failover on 502/503 errors.[query] Prompt caching docs clarify retention behaviors across Bedrock/OpenRouter, aiding optimized deployments.
This release of OpenClaw v2026.2.23, tagged just hours ago by steipete, includes contributions from dozens of developers and underscores OpenClaw’s rapid evolution as a secure, multi-model AI hub for messaging apps like WhatsApp and Telegram
With fixes for Telegram polling, WhatsApp group policies, and provider-specific quirks (e.g., Anthropic OAuth betas), it ensures stable operations amid growing ecosystem demands.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post OpenClaw Releases 2026.2.23 Released With Security Updates and New AI features appeared first on Cyber Security News.
Discover more from RSS Feeds Cloud
Subscribe to get the latest posts sent to your email.