openclaw/openclaw · 3434 open PRs analyzed · 2026-02-17 03:49 UTC
Models: meta-llama/llama-3.1-70b-instruct, mistralai/mistral-large-latest, google/gemini-2.0-flash-001
3434
PRs Analyzed
283
Duplicate Clusters
688
Duplicate PRs
54
Vision Drift Flags
🔀 Duplicate Clusters
PRs grouped by semantic intent. Within each cluster, PRs are ranked by quality score — #1 is the recommended merge candidate.
Fixes a bug where Slack bot replies in DMs would incorrectly be forced into a thread created by the typing indicator, ignoring the user's `replyToMode` setting.
#16871
fix(slack): respect replyToMode=off in statusThreadTs
@Limitless2023
5.7/10
⚠ Human Review
Fixes an issue where Telegram Premium users' DM topic replies were incorrectly sent to the top-level chat instead of the intended thread by removing an unnecessary guard that prevented the `message_thread_id` parameter from being included in DM requests.
Fixes a bug where cron jobs get permanently blocked after a timeout or crash by automatically clearing stale `runningAtMs` markers, allowing the job to resume scheduling after twice the job's timeout period.
8 duplicatesbugfix
area: cron · confidence: 76.0%
Rank
Pull Request
Quality
Review
⭐#1
#17949
fix: clear stale runningAtMs in cron.run() before already-running check (#17554)
@yasumorishima
9.3/10
✓ Consensus
#2
#12448
fix: prevent cron list/status from silently skipping due jobs
#12443
fix(cron): don't advance past-due jobs that haven't been executed
@rummangeminicode
8.9/10
✓ Consensus
#5
#17561
fix(cron): add runtime staleness guard for runningAtMs (#17554)
@robbyczgw-cla
8.5/10
✓ Consensus
#6
#17643
fix: clear stale runningAtMs in cron.run to allow manual triggers
@MisterGuy420
8.4/10
✓ Consensus
#7
#18192
fix(cron): auto-clear stale runningAtMs markers after timeout (#18120)
@BinHPdev
8.3/10
✓ Consensus
#8
#17664
fix(cron): detect and clear stale runningAtMs marker in manual run (#17554)
@echoVic
8.2/10
✓ Consensus
Fixes an issue where document messages sent via WhatsApp Web always had the filename 'file' regardless of the actual filename, by correctly passing the filename through the send pipeline.
7 duplicatesbugfix
area: WhatsApp Web · confidence: 86.0%
Rank
Pull Request
Quality
Review
⭐#1
#15650
fix(whatsapp): pass fileName to document sends instead of hardcoding 'file'
@whoknowsmann
9.1/10
✓ Consensus
#2
#6566
fix: thread fileName through WhatsApp document send path
@giannisanni
9.0/10
✓ Consensus
#3
#6566
fix: thread fileName through WhatsApp document send path
@giannisanni
9.0/10
✓ Consensus
#4
#10889
fix: pass fileName through WhatsApp document send path
@DeveshParagiri
9.0/10
✓ Consensus
#5
#16785
fix(whatsapp): preserve document filenames in outbound Baileys mode
@SahilSahu731
8.8/10
✓ Consensus
#6
#9606
fix: pass fileName to WhatsApp document messages
@AytuncYildizli
8.2/10
✓ Consensus
#7
#7458
fix: pass filename through to WhatsApp document sends (#7446)
@gavinbmoore
8.0/10
✓ Consensus
Fixes a bug where Signal group IDs were being lowercased during target normalization, causing allowlist matching to fail because Signal group IDs are Base64 encoded and case-sensitive.
7 duplicatesbugfix
area: signal · confidence: 86.0%
Rank
Pull Request
Quality
Review
⭐#1
#12793
fix(signal): preserve case-sensitivity for group IDs, UUIDs, and usernames
@wilmerdooley1-star
9.4/10
✓ Consensus
#2
#13640
fix(signal): preserve case-sensitive Base64 group IDs in target normalization
@Siauruk
9.4/10
✓ Consensus
#3
#14462
fix(messaging): preserve case in target normalization fallback (#14263)
@lailoo
9.4/10
✓ Consensus
#4
#10623
fix(signal): preserve case for Base64 group IDs in target normalization
@heyhudson
9.1/10
✓ Consensus
#5
#16562
fix(signal): preserve case for group and username targets
@akalypse
9.1/10
✓ Consensus
#6
#12698
Fix: preserve Signal group ID case during normalization
@hunsbea
9.0/10
✓ Consensus
#7
#4573
fixed the bug: signal group base64 forced to lowercase
@jdainireda03-pixel
7.6/10
✓ Consensus
Adds the `--ignore-scripts` flag to the `npm install` command during plugin installation to prevent supply chain attacks by preventing the execution of arbitrary lifecycle scripts from untrusted packages.
#8073
fix(plugins): add --ignore-scripts to npm install
@yubrew
9.4/10
✓ Consensus
#2
#8600
fix(update): add --ignore-scripts to prevent supply chain attacks
@yubrew
9.3/10
✓ Consensus
#3
#8075
fix(skills): add --ignore-scripts to all package managers
@yubrew
9.1/10
✓ Consensus
#4
#10528
security: add --ignore-scripts to plugin and hook dependency installation
@abdelsfane
9.0/10
✓ Consensus
#5
#11432
fix(security): add --ignore-scripts to npm install in hook and plugin installers
@coygeek
8.5/10
⚠ Human Review
#6
#13169
security: add --ignore-scripts to npm install during plugin/hook installation
@RamiNoodle733
8.5/10
✓ Consensus
Adds a periodic retry mechanism with bounded exponential backoff to ensure subagent announce messages are eventually delivered, even if initial attempts fail due to temporary issues like gateway unavailability or race conditions.
Removes a false-positive billing error rewrite in `sanitizeUserFacingText` that was triggered on normal assistant responses discussing billing topics, affecting Telegram, Discord, and WhatsApp channels.
#17834
fix: remove false-positive billing error rewrite on normal assistant text
@niceysam
9.3/10
✓ Consensus
#2
#11680
Agents: guard billing error detection with length check (#11649)
@lailoo
9.3/10
✓ Consensus
#3
#12226
fix: remove billing error false-positive from sanitizeUserFacingText
@Yida-Dev
9.3/10
✓ Consensus
#4
#12777
fix: prevent false positive billing error detection in sanitizeUserFacingText
@jpaine
9.2/10
✓ Consensus
#5
#13467
fix(errors): prevent billing false positive in sanitizeUserFacingText
@lailoo
9.2/10
✓ Consensus
#6
#12720
fix: prevent sanitizeUserFacingText false-positives on 402 in normal text
@zerone0x
9.1/10
✓ Consensus
Fixes a race condition where sub-agent model overrides set via `sessions.patch` were sometimes ignored by the agent handler due to stale cached data, ensuring the handler uses the most up-to-date session information from the store.
#8398
Fix: preserve modelOverride in agent handler (#5369)
@CodeReclaimers
9.1/10
✓ Consensus
#2
#8398
Fix: preserve modelOverride in agent handler (#5369)
@CodeReclaimers
9.1/10
✓ Consensus
#3
#16340
fix: load model catalog from agent-specific directory for sub-agents
@Limitless2023
8.8/10
✓ Consensus
#4
#16988
fix: always regenerate models.json from gateway config
@MisterGuy420
7.1/10
✓ Consensus
#5
#13376
fix: pass model directly to agent for sub-agent runs
@jrbobbyhansen-pixel
6.7/10
✓ Consensus
Fixes a bug where context token lookups could return incorrect context window sizes due to cross-provider model ID collisions by using only available models from configured providers.
#11647
fix(webchat): filter HEARTBEAT_OK messages from chat.history response
@liuxiaopai-ai
9.4/10
✓ Consensus
#2
#11889
fix(chat): filter HEARTBEAT_OK messages in chat.history when showOk is false
@bendyclaw
9.4/10
✓ Consensus
#3
#11859
fix: filter HEARTBEAT_OK messages from chat.history when showOk is false
@Zjianru
9.0/10
✓ Consensus
#4
#11661
fix: Filter HEARTBEAT_OK from chat.history when showOk is false
@veast
8.8/10
✓ Consensus
Fixes false positives in `sanitizeUserFacingText` by introducing an `errorContext` flag to ensure error-specific rewrites are only applied to actual error messages, preventing normal assistant replies from being incorrectly modified.
#11685
Agents: scope error rewrites in sanitizeUserFacingText behind errorContext flag (#11649)
@lailoo
9.1/10
✓ Consensus
#2
#12052
fix: scope error-detection heuristics to error source in sanitizeUserFacingText
@skylarkoo7
9.1/10
✓ Consensus
#3
#12702
fix: prevent sanitizeUserFacingText false-positives on assistant prose
@zerone0x
9.1/10
✓ Consensus
#4
#13318
fix(agents): prevent sanitizeUserFacingText from rewriting conversational context overflow mentions
@hleliofficiel
8.4/10
✓ Consensus
Fixes a bug in the cron scheduler where the timer callback would not fire for scheduled jobs due to incorrect timer clearing logic, and improves logging for debugging.
4 duplicatesbugfix
area: cron · confidence: 88.0%
Rank
Pull Request
Quality
Review
⭐#1
#12303
fix(cron): correct nextRunAtMs calculation and prevent timer stall
@colddonkey
9.0/10
✓ Consensus
#2
#12131
fix(cron): ensure timer callback fires for scheduled jobs
@divol89
8.9/10
✓ Consensus
#3
#12122
fix(cron): ensure timer callback fires for scheduled jobs
@divol89
8.8/10
✓ Consensus
#4
#12086
fix(cron): ensure timer callback fires for scheduled jobs
@divol89
6.5/10
✓ Consensus
Prevents the HEARTBEAT_OK token, an internal acknowledgement, from being incorrectly delivered to user channels, even when visibility.showOk is enabled.
#17009
fix(heartbeat): strip HEARTBEAT_OK from streaming during heartbeat runs
@arosstale
8.4/10
⚠ Human Review
#4
#17006
fix(heartbeat): skip delivery when showOk is false
@Limitless2023
7.3/10
✓ Consensus
Fixes a bug where `dangerouslyDisableDeviceAuth` did not properly bypass device identity checks and cleared operator scopes, preventing the Control UI from functioning correctly.
#17572
fix: make dangerouslyDisableDeviceAuth bypass device identity checks
@gitwithuli
9.1/10
✓ Consensus
#2
#17844
fix: preserve scopes when dangerouslyDisableDeviceAuth is enabled
@Maxymvs
8.2/10
⚠ Human Review
#3
#17605
fix: preserve scopes when disableControlUiDeviceAuth is enabled
@MisterGuy420
7.9/10
✓ Consensus
#4
#17180
fix: preserve scopes when dangerouslyDisableDeviceAuth is enabled
@Limitless2023
6.6/10
⚠ Human Review
Skips the embedding provider check in `openclaw doctor` when the QMD memory backend is active, preventing a false positive warning.
4 duplicatesbugfix
area: doctor command · confidence: 90.0%
Rank
Pull Request
Quality
Review
⭐#1
#17295
fix(doctor): skip embedding provider check when QMD backend is active
@miloudbelarebia
9.4/10
✓ Consensus
#2
#17360
fix(doctor): skip embedding provider check when memory backend is QMD
@nikhil8182
9.4/10
✓ Consensus
#3
#17381
fix: skip embedding provider check in doctor when QMD backend is enabled
@Limitless2023
8.3/10
✓ Consensus
#4
#17660
fix: skip embedding provider check in doctor when QMD backend is configured (#17263)
@echoVic
7.9/10
✓ Consensus
Fixes a lost-update race condition in `updateSessionStoreEntry` and `updateLastRoute` by ensuring the session store is re-read from disk within the lock, preventing stale cached data from overwriting concurrent writes.
4 duplicatesbugfix
area: session store · confidence: 81.0%
Rank
Pull Request
Quality
Review
⭐#1
#10726
fix: re-read session store inside lock in updateLastRoute
@Yida-Dev
9.5/10
✓ Consensus
#2
#10725
fix: re-read session store inside lock in updateSessionStoreEntry
@Yida-Dev
9.4/10
✓ Consensus
#3
#16987
fix(config): add skipCache to updateSessionStoreEntry and updateLastRoute to prevent lost updates
@AI-Reviewer-QS
9.2/10
✓ Consensus
#4
#15882
fix: move session entry computation inside store lock to prevent race conditions
@cloorus
8.9/10
✓ Consensus
Prevents orphaned tool results by dropping assistant messages with a 'stopReason' of 'error' during transcript repair, which can occur when providers filter out errored assistant messages.
#4844
fix(agents): skip error/aborted assistant messages in transcript repair
@lailoo
9.3/10
✓ Consensus
#2
#9416
fix: drop errored/aborted assistant tool pairs in transcript repair
@xandorklein
9.2/10
✓ Consensus
#3
#3880
fix: drop assistant messages with stopReason 'error' to avoid orphaning tool results (#3860)
@SalimBinYousuf1
6.9/10
✓ Consensus
#4
#3880
fix: drop assistant messages with stopReason 'error' to avoid orphaning tool results (#3860)
@SalimBinYousuf1
6.9/10
✓ Consensus
Enable Slack Block Kit functionality for plugin-level edit actions, allowing plugins to update messages with structured blocks instead of just plain text.
#18262
feat(slack): support Block Kit blocks in editMessage
@Solvely-Colin
8.7/10
✓ Consensus
#2
#18257
feat(slack): support Block Kit blocks in sendMessage
@Solvely-Colin
8.7/10
✓ Consensus
#3
#18268
feat(slack): support blocks in plugin send action
@Solvely-Colin
7.8/10
⚠ Human Review
#4
#18278
feat(slack): support blocks in plugin edit action
@Solvely-Colin
7.4/10
✓ Consensus
Prevents a cron job from entering a tight spin loop and starving the event loop when its next execution time is in the past by enforcing a minimum timer delay.
#17370
fix(cron): prevent spin loop when timer delay resolves to 0ms
@BinHPdev
8.9/10
✓ Consensus
#3
#16878
fix(cron): prevent timer spin loop with minimum delay floor
@Limitless2023
7.9/10
✓ Consensus
Fixes a bug where WhatsApp media from group members was not downloaded when using groupPolicy: allowlist and the group was in the groups allowlist but the sender was not in groupAllowFrom, by allowing messages from all participants in groups that are explicitly in the groups allowlist.
3 duplicatesbugfix
area: WhatsApp inbound access control · confidence: 88.0%
Rank
Pull Request
Quality
Review
⭐#1
#6567
fix: include paired users in WhatsApp group sender allowlist
@giannisanni
9.2/10
✓ Consensus
#2
#6567
fix: include paired users in WhatsApp group sender allowlist
@giannisanni
9.2/10
✓ Consensus
#3
#4390
fix(whatsapp): allow media from allowlisted groups without groupAllow…
@Sarang19114
8.6/10
✓ Consensus
Fixes a bug where memory flush was not triggering before compaction because it was using the last turn's tokens instead of the cumulative context size for the threshold check.
#12760
fix(memory-flush): fire on every compaction cycle instead of skipping alternate cycles (#12590)
@lailoo
9.3/10
✓ Consensus
#2
#15945
fix(memory-flush): only write memoryFlushCompactionCount when compaction succeeds
@aldoeliacim
9.3/10
✓ Consensus
#3
#4999
fix(memory-flush): use contextTokens instead of totalTokens for threshold check
@Farfadium
8.5/10
✓ Consensus
Fixes a bug where WhatsApp replies from LID JIDs were not correctly identified as replies to the bot, preventing implicit mentions from working as expected when requireMention is true.
#11166
fix(whatsapp): detect LID @mentions in self-chat mode
@mcaxtr
9.3/10
✓ Consensus
#2
#17256
fix: allow text regex fallback when bot JID not in mentionedJids
@DarlingtonDeveloper
9.2/10
✓ Consensus
#3
#16655
fix(whatsapp): resolve reply-to sender E.164 for LID JIDs (have bot see replys without a mention even with "requireMention: true", like the Discord integration)
@mascarenhas
9.0/10
✓ Consensus
Add baseline HTTP security headers to all gateway responses to improve security posture.
#10526
security: add baseline security headers to gateway HTTP responses
@abdelsfane
8.8/10
✓ Consensus
#2
#6906
Add baseline HTTP security headers to gateway responses
@QuantumEdu
8.6/10
✓ Consensus
#3
#6906
Add baseline HTTP security headers to gateway responses
@QuantumEdu
8.6/10
✓ Consensus
Fixes a bug where inbound voice calls were not properly cleaned up when disconnected by using media stream disconnect as a fallback signal to mark the call as ended, preventing the exhaustion of the `maxConcurrentCalls` limit.
Wires up the `message_sending` plugin hook in the outbound delivery pipeline, allowing plugins to modify outgoing message content or cancel delivery before the channel adapter sends the message.
#18152
feat: support per-model thinkingDefault override in models config
@wu-tian807
8.8/10
✓ Consensus
#2
#16899
feat(config): per-agent and per-model thinking defaults
@jh280722
8.5/10
✓ Consensus
#3
#15030
Agents: support per-agent thinking defaults
@sauerdaniel
7.8/10
⚠ Human Review
Fixes cron jobs created via the tool API not auto-firing because the `enabled` flag was not being defaulted to `true` when omitted, preventing the calculation of `nextRunAtMs`.
3 duplicatesbugfix
area: cron · confidence: 86.0%
Rank
Pull Request
Quality
Review
⭐#1
#8701
fix: default enabled to true for cron jobs created via tool API
@maximus-claw
9.4/10
✓ Consensus
#2
#9088
fix(cron): ensure nextRunAtMs is computed when enabled is undefined (#9056)
@divol89
8.9/10
✓ Consensus
#3
#9088
fix(cron): ensure nextRunAtMs is computed when enabled is undefined (#9056)
@divol89
8.9/10
✓ Consensus
Prevents unnecessary gateway restarts triggered by changes to the `meta.lastTouchedAt` field in the configuration by marking the `meta` section as non-actionable for config reloads.
#11746
fix: treat meta config paths as no-op to prevent unnecessary gateway restarts
@QDenka
9.3/10
✓ Consensus
#2
#11280
fix(gateway): add meta prefix to reload rules to prevent double SIGUSR1
@cheenu1092-oss
9.2/10
✓ Consensus
#3
#8473
fix(gateway): prevent spurious restarts on meta.lastTouchedAt changes
@adam-smeth
8.9/10
✓ Consensus
Adds Mistral AI as a supported provider, including CLI onboarding, configuration, and documentation, enabling users to easily use Mistral's models within the application.
#9425
refactor(agents): replace console.warn with SubsystemLogger in compaction.ts
@dinakars777
9.5/10
✓ Consensus
#2
#9990
refactor(agents): replace console.warn with SubsystemLogger in venice-models.tsrefactor(agents): replace console.warn with SubsystemLogger in venice…
@dinakars777
8.0/10
✓ Consensus
#3
#9974
refactor(agents): replace console.warn with SubsystemLogger in compaction-safeguard.ts
@dinakars777
5.3/10
⚠ Human Review
Fixes a bug where rate-limit errors from Anthropic were being incorrectly classified as context overflow errors by tightening the regex used for context overflow detection and adding guard clauses to exclude rate-limit and billing errors.
Fixes a false positive in the `openclaw doctor` command that incorrectly identified unrelated LaunchAgents as gateway-like services by adding a check to only consider services with labels starting with `ai.openclaw.` after detecting an 'openclaw' marker.
#10182
fix: skip non-openclaw LaunchAgents in doctor gateway scan
@Yida-Dev
9.2/10
✓ Consensus
#2
#15908
fix: doctor falsely flags non-gateway services as 'gateway-like'
@echoVic
7.1/10
✓ Consensus
#3
#15903
fix(doctor): stricter gateway service detection to prevent false positives
@Shuai-DaiDai
5.5/10
⚠ Human Review
Fixes a bug where the Mattermost integration incorrectly required mentions in group channels even when the `chatmode` was set to `onmessage`, by ensuring the account-level mention preference is passed into group mention resolution as a fallback.
#10675
feat(feishu): add audio message support and fix file upload
@YumoeZhung
7.5/10
✓ Consensus
Fixes a bug in bash completion generation where empty flags in command options would cause spurious completion matches.
3 duplicatesbugfix
area: cli · confidence: 85.0%
Rank
Pull Request
Quality
Review
⭐#1
#10710
fix(cli): filter empty flags in bash completion generation
@Yida-Dev
9.3/10
✓ Consensus
#2
#10723
fix(cli): filter empty flags in PowerShell completion generation
@Yida-Dev
9.2/10
✓ Consensus
#3
#11165
fix(cli): filter empty flags in zsh and PowerShell nested completion
@Yida-Dev
9.1/10
✓ Consensus
Hides assistant messages containing only tool call information when the 'Toggle assistant thinking/working output' button is off in the Control UI, preventing tool call blocks from being displayed when they should be hidden.
3 duplicatesfeature
area: UI · confidence: 84.0%
Rank
Pull Request
Quality
Review
⭐#1
#10996
fix(control-ui): hide tool call blocks when thinking/working toggle is off
@Annaxiebot
8.5/10
✓ Consensus
#2
#11010
fix(control-ui): hide tool call cards when thinking toggle is off
@Annaxiebot
8.0/10
✓ Consensus
#3
#11526
fix(control-ui): hide tool-only assistant messages when thinking is off
@Annaxiebot
7.9/10
✓ Consensus
Adds support for the DeepSeek provider (DeepSeek-V3, DeepSeek-R1) to enable users to utilize DeepSeek models within the application.
#13117
fix: Telegram webhook mode allows unauthenticated update injection when
@coygeek
9.5/10
✓ Consensus
#2
#13170
security: enforce webhookSecret at runtime for Telegram webhook mode
@RamiNoodle733
9.4/10
✓ Consensus
#3
#13521
telegram: require webhook secret in runtime webhook mode
@davidahmann
8.5/10
✓ Consensus
Adds support for Cloudflare's Markdown for Agents by modifying the Accept header in web-fetch to prefer markdown responses while maintaining backward compatibility with existing servers.
#15251
feat(web-fetch): send Accept: text/markdown header for Cloudflare Markdown for Agents
@wujieli0207
9.3/10
✓ Consensus
#2
#15242
feat(web-fetch): Add Accept header for Cloudflare Markdown for Agents [AI-assisted]
@drkraft
8.2/10
✓ Consensus
#3
#15414
feat(web-fetch): add Accept: text/markdown header for Cloudflare Markdown for Agents
@aldoeliacim
8.2/10
✓ Consensus
Adds comprehensive GraphQL documentation to the GitHub skill, including basic query and mutation examples, schema introspection commands, and guidance to prevent hallucination when working with GitHub Projects V2
Implements lazy-loading of CLI commands to improve cold-start performance by deferring the import of command dependencies until the command is actually invoked.
#15978
perf(cli): defer browser-cli and status command imports
@RocketMan234
7.8/10
✓ Consensus
#3
#15979
perf(cli): defer all sub-CLI imports and add help stubs
@RocketMan234
7.5/10
✓ Consensus
Fixes a bug where `resolveSessionFilePath` was defaulting to the main agent's session directory when called for other agents, leading to incorrect file path resolution and errors when accessing sessions for non-main agents, and also includes unrelated changes such as cross-gateway support, per-agent API key preservation, and CI/CD pipeline updates.
#16325
fix: resolve agentId from sessionKey when not provided
@Limitless2023
8.4/10
✓ Consensus
#2
#15792
fix: pass agentId to resolveSessionFilePath in additional call sites
@MisterGuy420
7.3/10
✓ Consensus
#3
#15982
fix: pass agentId to resolveSessionFilePath in reply flow (NX-003)
@automagik-genie
4.6/10
✓ Consensus
Adds a new 'set_public_permission' action to the Feishu Doc tool, allowing users to programmatically set the public access level (read or edit) of a document.
#17094
fix(clawdock): include docker-compose.extra.yml in helper commands
@zerone0x
8.2/10
⚠ Human Review
#2
#17104
fix(clawdock): include docker-compose.extra.yml in compose commands
@Limitless2023
7.9/10
✓ Consensus
#3
#17097
fix(clawdock): include docker-compose.extra.yml in compose commands
@DhruvGarg111
7.9/10
✓ Consensus
Fixes a bug where inbound voice calls via Telnyx were being silently dropped by ensuring the `direction`, `from`, and `to` fields are passed through and the `direction` field is normalized from Telnyx's `incoming`/`outgoing` to `inbound`/`outbound`.
#16651
fix(voice-call): pass direction, from, to fields in Telnyx call.initiated events
@brandonwise
9.3/10
✓ Consensus
#3
#16998
fix(voice-call): pass direction/from/to in Telnyx call.initiated events
@arosstale
9.2/10
✓ Consensus
Adds a foundational Chinese UI translation project to OpenClaw, including core translations and documentation, to improve accessibility for Chinese-speaking users.
Enables the memory-lancedb plugin to support custom OpenAI-compatible endpoints (e.g., Ollama, vLLM) by allowing a configurable baseURL and custom vector dimensions.
#17874
feat(memory-lancedb): Custom OpenAI BaseURL & Dimensions Support
@rish2jain
8.9/10
✓ Consensus
#2
#17566
memory-lancedb: support local OpenAI-compatible embeddings
@lumenradley
8.4/10
✓ Consensus
#3
#10064
feat(memory-lancedb): Support custom embedding providers (SiliconFlow, etc.)
@kckylechen1
7.8/10
✓ Consensus
Fixes a false positive in the `openclaw doctor` command that incorrectly reports permission warnings for symlinks pointing to the Nix store on NixOS systems.
3 duplicatesbugfix
area: doctor tool · confidence: 90.0%
Rank
Pull Request
Quality
Review
⭐#1
#11458
fix(doctor): skip config permission check on symlinks
@AnonO6
9.3/10
✓ Consensus
#2
#11408
Security: resolve symlink target permissions in safeStat; skip doctor config warning for symlinks (#11307)
@lailoo
8.9/10
✓ Consensus
#3
#16957
fix(doctor): skip false positive permission warnings for Nix store symlinks
@soumikbhatta
8.3/10
⚠ Human Review
Adds support for the DingTalk messaging platform as a new channel within OpenClaw, including inbound/outbound message handling, configuration, and documentation.
Fixes a bug where the `before_tool_call` hook was firing twice when an abort signal was present due to a Symbol property being dropped during object spreading.
#16978
fix(hooks): preserve before_tool_call marker across abort signal wrapping
@arosstale
9.6/10
✓ Consensus
#2
#16852
fix: before_tool_call hook double-fires with abort signal
@sreuter
9.4/10
✓ Consensus
#3
#16870
fix: before_tool_call hook double-fire with abort signal
@Limitless2023
4.5/10
✓ Consensus
Fixes an issue where session file paths from one agent are incorrectly validated against the main agent's sessions directory in multi-agent setups, causing errors when sub-agents with explicit agentDir configurations try to reference their own session files.
#16249
fix(sessions): allow cross-agent session paths in multi-agent bindings
@0xbrak
9.1/10
✓ Consensus
#2
#15474
fix: validate session file paths against any agent sessions dir
@maximalmargin
8.9/10
✓ Consensus
#3
#16171
fix: trust absolute sessionFile paths in multi-agent setups
@iJaack
8.9/10
✓ Consensus
Improves the performance of shell completion generation by avoiding the loading of heavy plugins during the process, resulting in significantly faster completion script generation.
Fixes an issue where auto-paired Dashboard/webchat devices were not receiving the full set of operator scopes after a gateway restart, preventing them from functioning correctly, and includes several other related fixes and improvements.
#17205
fix: enforce full operator scopes for Control UI and Webchat auto-pairing
@Limitless2023
6.7/10
✓ Consensus
#2
#17205
fix: enforce full operator scopes for Control UI and Webchat auto-pairing
@Limitless2023
6.7/10
✓ Consensus
#3
#17201
fix: include full operator scopes for auto-paired Dashboard/webchat devices
@Limitless2023
5.3/10
✓ Consensus
Restores the correct priority of device tokens over config tokens for authentication, fixing a regression introduced in v2026.2.14 where config tokens were incorrectly prioritized.
#17279
fix: restore device token priority over config token
@MisterGuy420
9.0/10
✓ Consensus
#2
#17336
fix(gateway): restore device token priority over passive config token
@milosm
8.4/10
⚠ Human Review
#3
#17379
fix: restore device token priority in device-auth mode
@Limitless2023
7.4/10
⚠ Human Review
Fixes a bug where WhatsApp Web QR login auto-retry fails to trigger for 515 "restart required" errors due to incorrect status code extraction from nested error structures.
3 duplicatesbugfix
area: WhatsApp Web · confidence: 89.0%
Rank
Pull Request
Quality
Review
⭐#1
#3071
fix: WhatsApp 515 error retry not triggering
@rabsef-bicrym
8.9/10
✓ Consensus
#2
#3071
fix: WhatsApp 515 error retry not triggering
@rabsef-bicrym
8.9/10
✓ Consensus
#3
#9515
fix(web): retry WhatsApp 515 restart up to 3 times with delay
@Sebachowa
7.6/10
✓ Consensus
Fixes a bug where the `pnpm ui:build` command fails on Windows when the pnpm executable path contains spaces due to incorrect handling by the shell.
3 duplicatesbugfix
area: UI · confidence: 96.0%
Rank
Pull Request
Quality
Review
⭐#1
#4295
fix: quote Windows paths with spaces in UI runner command
@Xieweikang123
6.8/10
✓ Consensus
#2
#4295
fix: quote Windows paths with spaces in UI runner command
@Xieweikang123
6.8/10
✓ Consensus
#3
#10051
CLI: fix ui build on Windows when pnpm path contains spaces
@jibrailinitdsg
6.5/10
⚠ Human Review
Enables autoSelectFamily by default for Node.js 22+ in the Telegram plugin to allow IPv4 fallback when IPv6 is configured but not properly routed, resolving issues with sending messages on certain networks.
#4057
fix: sanitize tool call IDs for Azure OpenAI
@wangchuan3533
6.2/10
✓ Consensus
Fixes a bug where orphaned user messages, when rebuilt into the session context, bypass the sanitization pipeline, leading to mismatched tool_use/tool_result pairings and API errors.
#4257
fix(slack): Convert Unicode emojis to Slack shortcodes for ack reactions
@rossshannon
8.0/10
✓ Consensus
#2
#4257
fix(slack): Convert Unicode emojis to Slack shortcodes for ack reactions
@rossshannon
8.0/10
✓ Consensus
Updates Antigravity integration to avoid recent gateway failures by bumping the hardcoded Antigravity User-Agent version and adding a transcript sanitizer to ensure tool-related blocks include a required input object
#4653
fix(gateway): improve crash resilience for mDNS and network errors
@AyedAlmudarra
8.2/10
✓ Consensus
#2
#4653
fix(gateway): improve crash resilience for mDNS and network errors
@AyedAlmudarra
8.2/10
✓ Consensus
Prevents outbound direct message sends from overwriting the main session's display name with the last recipient's name, while still updating delivery context for accurate routing.
#4693
fix: keep main session displayName on outbound sends
@ManojINaik
7.2/10
✓ Consensus
#2
#4693
fix: keep main session displayName on outbound sends
@ManojINaik
7.2/10
✓ Consensus
Adds proactive compaction to the embedded Pi agent runner to prevent context overflow by checking token usage before sending API requests and compacting if necessary.
#4042
agents: add proactive compaction before request
@freedomzt
8.6/10
✓ Consensus
#2
#4042
agents: add proactive compaction before request
@freedomzt
8.6/10
✓ Consensus
Adds a configuration option to store messages from non-allowlisted group members as context, allowing the agent to see all messages in a group even if some members are not allowed to trigger the agent.
2 duplicatesfeature
area: WhatsApp group messaging · confidence: 99.0%
Rank
Pull Request
Quality
Review
⭐#1
#4402
fix: store group messages from non-allowlisted senders as pending context
@adam91holt
8.6/10
✓ Consensus
#2
#4402
fix: store group messages from non-allowlisted senders as pending context
@adam91holt
8.6/10
✓ Consensus
Adds validation to base64 encoded image data before sending it to the Anthropic API to prevent session corruption caused by invalid image data, replacing invalid images with descriptive text blocks.
#18263
fix: validate base64 image data before API submission
@sriram369
9.1/10
✓ Consensus
#2
#18219
fix: validate base64 image data before sending to LLM APIs
@Grynn
9.1/10
✓ Consensus
Reduces lock contention on the global sessions.json file by introducing per-session metadata files for frequent updates and a debounced background sync to keep the global file in sync.
#4664
fix: per-session metadata files to eliminate lock contention
@tsukhani
7.5/10
✓ Consensus
#2
#4664
fix: per-session metadata files to eliminate lock contention
@tsukhani
7.5/10
✓ Consensus
Corrects the workspace directory path reported to agents running in a sandbox to reflect the path inside the Docker container, ensuring tools execute in the correct location.
Fixes a packaging issue on Windows by correcting the bin path in package.json and adds support for OpenAI vision models by extracting image data from data URIs in the OpenAI-compatible API and converting them to the internal agent command format.
#4534
fix: packaging and OpenAI vision format conversion
@SalimBinYousuf1
6.5/10
✓ Consensus
#2
#4534
fix: packaging and OpenAI vision format conversion
@SalimBinYousuf1
6.5/10
✓ Consensus
Prevents the compaction safeguard extension from discarding conversation history in embedded mode by returning undefined when ctx.model or apiKey is unavailable, allowing the built-in compaction logic to handle summarization.
#11333
fix(docker): align host directory ownership with container user
@liuxiaopai-ai
8.1/10
✓ Consensus
#2
#5458
fix: set correct file ownership in Dockerfile (#5450)
@hakyonglee
7.7/10
⚠ Human Review
Prevents the Slack integration from attempting to process HTML login pages (returned due to authentication failures or expired URLs) as media files, improving error handling and visibility by logging a warning and skipping the file.
2 duplicatesbugfix
area: Slack media downloads · confidence: 82.0%
Rank
Pull Request
Quality
Review
⭐#1
#14847
fix(slack): preserve auth across Slack-hosted file redirects
@natashache
9.1/10
✓ Consensus
#2
#4665
fix(slack): reject HTML responses when downloading media
@tumf
9.0/10
✓ Consensus
Adds a BouncyCastle fallback for Ed25519 key generation and signing on Android devices where the system provider fails, and introduces a UI setting for users to input a gateway token for authentication.
#14944
fix(browser): prefer openclaw profile in headless/noSandbox environments
@BenediktSchackenberg
9.1/10
✓ Consensus
#2
#6193
fix(browser): default to openclaw profile instead of chrome extension relay
@mikezaoldyeck
7.3/10
✓ Consensus
Fixes a potential hang in the embedded Pi runner teardown process by making the compaction wait abortable, ensuring that the teardown path proceeds even if compaction events are not received.
#13347
fix: wrap waitForCompactionRetry() in abortable() to prevent lane deadlock on timeout
@smartleos
9.2/10
✓ Consensus
#2
#5467
Fix: make embedded compaction wait abortable
@yoyooyooo
9.1/10
✓ Consensus
Fixes a bug where the session-memory hook reads from an empty current session file after a /new or /reset command, leading to loss of conversation history, by adding a fallback mechanism to read from the most recent .jsonl.reset.* file if the current session file is empty or too small.
#6630
feat(hooks): add agent:turn_start and agent:turn_end lifecycle events
@drdigital13
6.4/10
✓ Consensus
#2
#6630
feat(hooks): add agent:turn_start and agent:turn_end lifecycle events
@drdigital13
6.4/10
✓ Consensus
Fixes a bug where cron jobs with `deliver: true` would silently fail to deliver the original message when the agent response was filtered as heartbeat-only, by substituting the original message as the delivery payload in such cases.
2 duplicatesbugfix
area: cron · confidence: 99.0%
Rank
Pull Request
Quality
Review
⭐#1
#6522
fix(cron): deliver original message when agent response is heartbeat-only
@sidmohan0
9.2/10
✓ Consensus
#2
#6522
fix(cron): deliver original message when agent response is heartbeat-only
@sidmohan0
9.2/10
✓ Consensus
Fixes a bug where messages sent via the Matrix channel without specifying an accountId were being sent from the wrong Matrix account due to incorrect account resolution.
#6517
fix(matrix): pass accountId through outbound chain to resolveMatrixClient
@saxyguy81
8.5/10
✓ Consensus
#2
#6517
fix(matrix): pass accountId through outbound chain to resolveMatrixClient
@saxyguy81
8.5/10
✓ Consensus
Adds a new interactive HTML visualization for line balancing of a Double End M12 Cable Assembly, including multiple balancing algorithms, animated station merging, and performance metrics.
2 duplicatesfeature
area: UI · confidence: 100.0%
Rank
Pull Request
Quality
Review
⭐#1
#7030
feat: add line balancing animation for Double End M12 Cable Assembly
@ceasarcapuno
6.8/10
✓ Consensus
#2
#7030
feat: add line balancing animation for Double End M12 Cable Assembly
@ceasarcapuno
6.8/10
✓ Consensus
Fixes a bug where compaction summarization fails in 'safeguard' mode due to missing model context, causing fallback to static summaries by passing the model through the runtime registry.
#6800
fix: pass model to compaction-safeguard via runtime for compact.js workflow
@earlook99
8.6/10
✓ Consensus
#2
#6800
fix: pass model to compaction-safeguard via runtime for compact.js workflow
@earlook99
8.6/10
✓ Consensus
Adds a configurable placeholder message to the Telegram channel while the agent is processing a request, updating it with tool usage information and deleting it upon completion.
#7046
feat(telegram): add placeholder message while processing
@shanemort1982
7.5/10
✓ Consensus
#2
#7046
feat(telegram): add placeholder message while processing
@shanemort1982
7.5/10
✓ Consensus
Updates the Hetzner VPS installation guide with improved instructions, including optional hcloud CLI provisioning, expanded Docker Compose examples, and a new section on configuring the gateway with first-run commands and validation/access flows.
#6677
fix(tts): always load fresh config for voice selection
@Jinqiao
8.5/10
✓ Consensus
#2
#6677
fix(tts): always load fresh config for voice selection
@Jinqiao
8.5/10
✓ Consensus
Adds a persistent contact storage mechanism for the WhatsApp tool by creating a CONTACTS.md file in the workspace to store contact information, allowing the agent to remember previously used contacts across sessions.
#6751
docs(browser): update JSON configuration format in documentation
@saltapp
8.2/10
⚠ Human Review
#2
#6751
docs(browser): update JSON configuration format in documentation
@saltapp
8.2/10
⚠ Human Review
Adds a `supportsStrictMode` option to the model configuration to allow disabling the `strict: true` parameter in tool/function definitions for OpenAI-compatible endpoints that do not support it.
#6683
feat(config): add supportsStrictMode compat option for model definitions
@long-pham
9.2/10
✓ Consensus
#2
#6683
feat(config): add supportsStrictMode compat option for model definitions
@long-pham
9.2/10
✓ Consensus
Triggers internal hooks when a new session is created via the `sessions.reset` RPC, mirroring the behavior of the `/new` command when issued through a channel, to ensure features like session memory and command logging function correctly in TUI and webchat.
#6853
fix: fire internal hooks on sessions.reset RPC (TUI/webchat /new)
@hamiltonchua
8.5/10
✓ Consensus
#2
#6853
fix: fire internal hooks on sessions.reset RPC (TUI/webchat /new)
@hamiltonchua
8.5/10
✓ Consensus
Adds a cleanup mechanism to remove orphaned temporary files created during cron store saves on application startup, preventing potential interference from incomplete writes.
2 duplicatesbugfix
area: cron store · confidence: 96.0%
Rank
Pull Request
Quality
Review
⭐#1
#6827
fix: cron scheduler cleanup orphaned .tmp files on startup
@fatelei
7.6/10
✓ Consensus
#2
#6827
fix: cron scheduler cleanup orphaned .tmp files on startup
@fatelei
7.6/10
✓ Consensus
Improves the user experience of the `/queue` and `/subagents` chat commands by reformatting their output to be more readable and informative.
#6729
fix(security): prevent path traversal in archive extraction (CWE-22)
@unisone
8.9/10
✓ Consensus
#2
#6729
fix(security): prevent path traversal in archive extraction (CWE-22)
@unisone
8.9/10
✓ Consensus
Addresses a crash on Android/Termux by wrapping calls to `os.networkInterfaces()` in try/catch blocks to gracefully handle the restricted `uv_interface_addresses` system call.
#7060
fix: handle uv_interface_addresses failure on Android/Termux
@kjoh94
8.3/10
✓ Consensus
#2
#7060
fix: handle uv_interface_addresses failure on Android/Termux
@kjoh94
8.3/10
✓ Consensus
Removes the workspace protocol dependency on openclaw from the feishu extension's package.json to resolve an npm install error related to unsupported workspace protocols during plugin installation.
#11454
fix(plugins): remove workspace:* from extension dependencies
@AnonO6
8.6/10
⚠ Human Review
#2
#18209
fix(feishu): remove workspace protocol from devDependencies to fix in…
@zywj
7.8/10
✓ Consensus
Fixes a bug where messages sent via `sessions_send` were incorrectly routed to the webchat channel due to a hardcoded channel value, and introduces support for direct session key formats to correctly route messages to the intended channel.
#6850
fix: support direct channel:account:peer format in session key extraction
@toboto
8.6/10
✓ Consensus
#2
#6850
fix: support direct channel:account:peer format in session key extraction
@toboto
8.6/10
✓ Consensus
Modifies plugin installation to use the 'id' field from the plugin manifest file for the installation directory name, falling back to the npm package name if the manifest or ID is missing.
#7090
fix: plugin install uses manifest ID for folder name (#2796)
@dial481
8.8/10
✓ Consensus
#2
#7090
fix: plugin install uses manifest ID for folder name (#2796)
@dial481
8.8/10
✓ Consensus
Adds a new 'camb-ai' extension to OpenClaw, providing agent tools and CLI commands for text-to-speech, speech-to-text, translation, voice cloning, and sound generation using the Camb AI platform.
Strips malformed tool_use blocks from assistant messages to prevent permanent session corruption caused by interrupted tool calls, ensuring subsequent API requests do not fail due to unexpected or missing tool_use_id errors.
Adds regression tests to verify that the `sessions_spawn` tool correctly applies explicit model overrides, even when an `agentId` is provided, and that explicit models take precedence over global subagent model defaults.
#6875
test: add coverage for sessions_spawn model + agentId (#6817)
@whoknowsmann
9.0/10
✓ Consensus
#2
#6875
test: add coverage for sessions_spawn model + agentId (#6817)
@whoknowsmann
9.0/10
✓ Consensus
Removes the unnecessary and failing 'restore control-ui' step in the update runner, which attempts to restore a gitignored directory, causing update failures despite successful builds.
#6857
docs: clarify that /elevated on is an alias for ask
@whoknowsmann
9.4/10
✓ Consensus
#2
#6857
docs: clarify that /elevated on is an alias for ask
@whoknowsmann
9.4/10
✓ Consensus
Fixes an issue where node pairing requests created via WebSocket connection were not being properly handled by the `node.pair.*` API handlers, leading to an inability to approve or reject pairing requests through the CLI or API.
#6846
fix: bridge node.pair.* tools to device pairing store
@cortexuvula
8.4/10
✓ Consensus
#2
#6846
fix: bridge node.pair.* tools to device pairing store
@cortexuvula
8.4/10
✓ Consensus
Adds a new environment variable to configure volume mount options in docker-compose, primarily to support rootless Podman and SELinux environments by allowing users to specify mount flags like `:U` or `:Z`.
#7061
Add additional variable to the docker-compose file (default off) to make it work with rootless podman
@aupeachmo
7.4/10
✓ Consensus
#2
#7061
Add additional variable to the docker-compose file (default off) to make it work with rootless podman
@aupeachmo
7.4/10
✓ Consensus
Increase the maximum WebSocket payload size to accommodate larger attachments sent from node clients, specifically addressing the issue of silently dropped payloads when sending base64-encoded images.
#6805
fix: increase WebSocket MAX_PAYLOAD_BYTES to 6MB for attachments
@cortexuvula
8.8/10
✓ Consensus
#2
#6805
fix: increase WebSocket MAX_PAYLOAD_BYTES to 6MB for attachments
@cortexuvula
8.8/10
✓ Consensus
Removes MiniMax from the list of reasoning tag providers to fix an issue where MiniMax responses were not displayed in the TUI due to the absence of ``/`` tags.
Updates openclaw to properly update externally installed npm plugins during the update process
2 duplicatesbugfix
area: cli · confidence: 100.0%
Rank
Pull Request
Quality
Review
⭐#1
#7106
fix: openclaw update includes external npm-installed plugins
@dial481
8.0/10
⚠ Human Review
#2
#7106
fix: openclaw update includes external npm-installed plugins
@dial481
8.0/10
⚠ Human Review
Adds internationalization (i18n) infrastructure to the project, including support for English and Simplified Chinese, to enable future localization efforts.
#7130
[AI-Assisted] Add i18n infrastructure with Chinese (zh-CN) support
@01luyicheng
8.6/10
✓ Consensus
#2
#7130
[AI-Assisted] Add i18n infrastructure with Chinese (zh-CN) support
@01luyicheng
8.6/10
✓ Consensus
Ensures that the `resolveSoulEvilConfigFromHook` function prioritizes environment variables defined within the `env` block of a hook configuration, preventing accidental access to top-level configuration properties when an `env` block is present.
#7036
Fix evil soul hooks by enforcing env properties
@richard-chau
8.4/10
✓ Consensus
#2
#7036
Fix evil soul hooks by enforcing env properties
@richard-chau
8.4/10
✓ Consensus
Adds support for the CommonStack AI provider, including onboarding, model scanning, and integration with the CLI, allowing users to access and manage models through the CommonStack platform.
#7113
feat(providers): add CommonStack provider support
@flhoildy
7.4/10
✓ Consensus
#2
#7113
feat(providers): add CommonStack provider support
@flhoildy
7.4/10
✓ Consensus
Adds documentation to address the 'stranger problem' in agents, proposing a lighter approach to continuity with a self-check ritual and memory hierarchy, and provides a practical template for agents to use in their workspaces.
2 duplicatesdocs
area: agent architecture and continuity · confidence: 94.0%
Rank
Pull Request
Quality
Review
⭐#1
#7196
docs: Agent continuity - the 'stranger problem' and lighter approach
@sincere-arjun
7.7/10
✓ Consensus
#2
#7196
docs: Agent continuity - the 'stranger problem' and lighter approach
@sincere-arjun
7.7/10
✓ Consensus
Improves the reliability of agentic loops by adding resilience to transient network errors, including automatic retries and proper classification of network-related failures, preventing silent failures and ensuring continuous operation.
#7229
fix: add network error resilience to agentic loop failover
@ai-fanatic
9.0/10
✓ Consensus
#2
#7229
fix: add network error resilience to agentic loop failover
@ai-fanatic
9.0/10
✓ Consensus
Changes the `openclaw gateway stop` command to use `launchctl kill SIGTERM` instead of `launchctl bootout` so that the LaunchAgent remains loaded and can be restarted without requiring a reinstall.
#16845
fix(daemon): gateway auto-restart on SIGTERM + agent restart guidelines
@kiminbean
8.8/10
✓ Consensus
#2
#7155
fix(gateway): use kill SIGTERM instead of bootout for stop
@rafaelreis-r
8.5/10
✓ Consensus
Adds a 'gateway:shutdown' internal hook to allow internal hooks to perform cleanup, logging, or other shutdown tasks when the gateway stops, and consolidates plugin lifecycle hook firing to prevent duplicates.
#15425
Gateway: add gateway:shutdown internal hook for lifecycle cleanup
@a-anand-91119
9.0/10
✓ Consensus
Adds support for detecting mentions in Matrix messages from Element clients by parsing the `formatted_body` field for `matrix.to` links, as Element does not use the `m.mentions` field.
#16941
fix(matrix): detect mentions in formatted_body matrix.to links
@zerone0x
9.5/10
✓ Consensus
#2
#7842
Fix Matrix mention detection for Element client (formatted_body links)
@emadomedher
7.9/10
✓ Consensus
Adds a new hook event type 'message:received' that fires before a message is processed by the agent, enabling custom logic on incoming messages and context injection
#7545
feat(hooks): add message:received hook for pre-turn automation
@wangtian24
8.6/10
✓ Consensus
Integrate Speechify as a new Text-to-Speech provider, including API integration, configuration schema updates, gateway RPC exposure, CLI command adjustments, and documentation.
Improves OpenClaw's memory management by standardizing on a WM/STM-friendly workspace layout, automatically creating and maintaining STM.md, and allowing memory tools to search/read STM and LTM (when opted in) out of the box, enhancing personalization and continuity without requiring extra configuration.
#7894
Memory improvements: Give OpenClaw better memory + REM sleep
@bornio
8.1/10
✓ Consensus
#2
#7894
Memory improvements: Give OpenClaw better memory + REM sleep
@bornio
8.1/10
✓ Consensus
Implements a new `before_model_select` plugin hook that allows plugins to intercept and modify the model selection process before it's finalized, enabling intelligent model routing based on prompt content.
2 duplicatesfeature
area: model selection · confidence: 100.0%
Fixes a bug where Slack channel and user names were incorrectly treated as IDs, preventing directory lookup and causing `channel_not_found` errors in cross-account messaging scenarios.
#8024
fix(slack): resolve channel names via directory for cross-account messaging
@emma-digital-assistant
9.1/10
✓ Consensus
#2
#8024
fix(slack): resolve channel names via directory for cross-account messaging
@emma-digital-assistant
9.1/10
✓ Consensus
Integrate Atlas browser capabilities for web search and fetch, reducing API usage by prioritizing in-browser ChatGPT tasks and falling back to existing providers when Atlas is unavailable, while also adding Atlas profile auto-detection and per-profile executable path support.
#7982
Save API Usage: Use Atlas Browser ChatGPT Capabilities
@yaoshengwang
6.3/10
⚠ Human Review
#2
#7982
Save API Usage: Use Atlas Browser ChatGPT Capabilities
@yaoshengwang
6.3/10
⚠ Human Review
Fixes a bug where one-shot cron jobs scheduled during gateway downtime are not executed after the gateway restarts by ensuring the timer is armed immediately for past-due jobs.
2 duplicatesbugfix
area: cron · confidence: 83.0%
Rank
Pull Request
Quality
Review
⭐#1
#8034
fix(cron): run past-due one-shot jobs immediately on startup
@FelixFoster
8.4/10
✓ Consensus
#2
#10918
fix(cron): add tolerance for timer precision and skip due jobs in recompute
@Cherwayway
8.1/10
✓ Consensus
Adds a new CLI tool, openclaw-env, to generate hardened Docker Compose sandboxes for running OpenClaw, enforcing least-privilege defaults and supporting restricted network access via an egress proxy with domain allowlisting.
Persist the webchat message queue to localStorage to prevent message loss on browser refresh, ensuring messages queued while the agent is busy are retained across sessions.
#8344
fix: persist webchat message queue to localStorage across browser refresh
@vishaltandale00
7.4/10
✓ Consensus
#2
#8344
fix: persist webchat message queue to localStorage across browser refresh
@vishaltandale00
7.4/10
✓ Consensus
Adds the ability to configure context pruning settings on a per-cron-job basis, overriding the global defaults, to reduce unnecessary token costs associated with caching context for simple cron jobs.
2 duplicatesfeature
area: cron jobs and gateway · confidence: 96.0%
Rank
Pull Request
Quality
Review
⭐#1
#8341
feat: add per-job cache control for cron jobs
@vishaltandale00
8.1/10
✓ Consensus
#2
#8341
feat: add per-job cache control for cron jobs
@vishaltandale00
8.1/10
✓ Consensus
Fixes a bug where the browser bridge server was unreachable from inside Docker containers by binding to 127.0.0.1 instead of 0.0.0.0 when running in sandbox mode, and advertising the Docker bridge IP.
#8303
fix(browser): enable downloads via CDP Browser.setDownloadBehavior
@gavinbmoore
8.5/10
✓ Consensus
#2
#8303
fix(browser): enable downloads via CDP Browser.setDownloadBehavior
@gavinbmoore
8.5/10
✓ Consensus
Adds clickable state filter chips to the skills page, allowing users to filter skills based on their state (Ready, Disabled, Missing Dependencies, Blocked).
2 duplicatesfeature
area: UI · confidence: 100.0%
Rank
Pull Request
Quality
Review
⭐#1
#8279
feat(ui): add clickable state filter chips to /skills page
@gildo
7.2/10
✓ Consensus
#2
#8279
feat(ui): add clickable state filter chips to /skills page
@gildo
7.2/10
✓ Consensus
Adds internal hook events before and after session compaction to allow hooks to capture session content before it's summarized.
#8244
feat(hooks): add session:before_compact and session:after_compact internal hook events
@kephail
7.9/10
✓ Consensus
Adds the ability to configure per-skill thinking level and model selection via the skills.entries configuration, allowing overrides of session defaults when invoking specific skills.
#8334
fix(webchat): Filter NO_REPLY messages from chat history
@vishaltandale00
8.5/10
✓ Consensus
#2
#8334
fix(webchat): Filter NO_REPLY messages from chat history
@vishaltandale00
8.5/10
✓ Consensus
Implements a per-tool-call timeout to prevent agent hangs caused by indefinitely running tool calls, returning an error result to the model instead of hanging, and fixes a memory leak related to abort listeners.
Adds a configuration option to customize the user's display name in the webchat interface, allowing users to replace the default "You" label with a custom name.
Fixes outbound voice calls failing due to the Twilio webhook returning empty TwiML for calls that are not yet in 'in-progress' status, by ensuring valid TwiML (streaming or pause) is always returned.
Adds support for configuring the base URL of the Brave Search provider, allowing users to use local proxies, audit logs, or corporate network policies.
#18167
feat(web-search): add baseUrl support for Brave Search provider
@jkoprax
9.2/10
✓ Consensus
#2
#13843
feat(web-search): allow overriding Brave Search base URL
@strelov1
8.1/10
✓ Consensus
Fixes a bug where images pasted into webchat disappeared after sending because they were being sent with the full data URL instead of just the base64 content.
#8284
Fix: Webchat images now persist after sending
@vishaltandale00
7.5/10
✓ Consensus
#2
#8284
Fix: Webchat images now persist after sending
@vishaltandale00
7.5/10
✓ Consensus
Enables file downloads in the OpenClaw Chrome profile by calling the CDP Browser.setDownloadBehavior command after browser launch, configuring the download path to the user's default Downloads directory.
#8282
Fix: Enable browser downloads via CDP Browser.setDownloadBehavior
@vishaltandale00
7.0/10
✓ Consensus
#2
#8282
Fix: Enable browser downloads via CDP Browser.setDownloadBehavior
@vishaltandale00
7.0/10
✓ Consensus
Removes the redundant conversation transcript from the extraSystemPrompt in the voice response generator to avoid duplicated context, reduce token usage, and improve latency.
#8251
fix(voice-call): remove redundant transcript from extraSystemPrompt
@geodeterra
8.4/10
✓ Consensus
#2
#8251
fix(voice-call): remove redundant transcript from extraSystemPrompt
@geodeterra
8.4/10
✓ Consensus
Adds support for `payload.fallbacks` in isolated cron jobs, allowing users to specify a list of fallback models to use if the primary model fails, optimizing token costs and reducing latency.
Add a real-time Model Requests panel to the Control UI for monitoring model API calls with success/failure status, timing, token usage, and error details
#8522
feat(control-ui): Add Model Requests panel for real-time API monitoring
@GiantAxeWhy
7.1/10
⚠ Human Review
#2
#8522
feat(control-ui): Add Model Requests panel for real-time API monitoring
@GiantAxeWhy
7.1/10
⚠ Human Review
Persist session token totals by falling back to transcript usage parsing or a bounded token estimate when live usage metadata is missing, and improve transcript lookup reliability by passing session identifiers.
#8614
fix(browser): detect early chromium exit to prevent startup hang
@Wren-OC
7.5/10
✓ Consensus
#2
#8614
fix(browser): detect early chromium exit to prevent startup hang
@Wren-OC
7.5/10
✓ Consensus
Enhance Slack interaction handling by attributing confirmation messages to the acting user and exposing structured select entity arrays (users, channels, conversations) in the payload normalization.
#18467
Slack: expand advanced modal controls payloads and confirms
@Solvely-Colin
7.5/10
✓ Consensus
#2
#18474
Slack: attribute interaction confirmations and structured selects
@Solvely-Colin
7.3/10
⚠ Human Review
Fixes a bug where cron jobs get stuck in the running state indefinitely after a timeout or crash by adding a timeout to the executeJob function, scheduling maintenance ticks, and reducing the stuck run time.
2 duplicatesbugfix
area: cron · confidence: 82.0%
Rank
Pull Request
Quality
Review
⭐#1
#16880
fix(cron): respect per-job timeoutSeconds in executeJob path (#16841)
@echoVic
9.0/10
✓ Consensus
#2
#18144
fix(cron): clear stuck runningAtMs after timeout and add maintenance ticks
@taw0002
8.3/10
✓ Consensus
Adds a CONTRIBUTING.md file to the documentation to provide guidelines for contributing to the OpenClaw documentation, including instructions on building a local preview, required frontmatter, style and writing tips, and the pull request process.
Implement per-model cooldown tracking for rate limit errors, allowing other models from the same provider to be used even if one model is rate-limited.
#9177
feat(media): add parakeet-mlx CLI output support
@mac-110
8.1/10
⚠ Human Review
#2
#9177
feat(media): add parakeet-mlx CLI output support
@mac-110
8.1/10
⚠ Human Review
Fixes a bug where new agent messages were not rendering in the Control UI after a successful chat.history WebSocket response due to missing properties in the GatewayHost type definition.
2 duplicatesbugfix
area: UI · confidence: 99.0%
Rank
Pull Request
Quality
Review
⭐#1
#9195
Fix: Control UI fails to render new messages after chat.history WebSocket response
@vishaltandale00
7.6/10
✓ Consensus
#2
#9195
Fix: Control UI fails to render new messages after chat.history WebSocket response
@vishaltandale00
7.6/10
✓ Consensus
Adds a link and embedded video of the freeCodeCamp OpenClaw tutorial to the documentation showcase page.
2 duplicatesdocs
area: docs · confidence: 100.0%
Rank
Pull Request
Quality
Review
⭐#1
#9151
Docs: add freeCodeCamp OpenClaw full tutorial to showcase
@kiankyars
8.6/10
⚠ Human Review
#2
#9151
Docs: add freeCodeCamp OpenClaw full tutorial to showcase
@kiankyars
8.6/10
⚠ Human Review
Configures the concurrency of the nested command lane in the gateway to prevent timeouts during `sessions_send` operations by increasing the number of concurrent tasks it can handle.
#9266
fix(gateway): configure nested lane concurrency to prevent sessions_send timeout
@100menotu001
8.4/10
✓ Consensus
#2
#9266
fix(gateway): configure nested lane concurrency to prevent sessions_send timeout
@100menotu001
8.4/10
✓ Consensus
Changes the default installation source for four channel plugins from npm to local to prevent 404 errors during setup due to the packages not being published to the npm registry.
2 duplicatesbugfix
area: onboarding and plugin installation · confidence: 100.0%
Rank
Pull Request
Quality
Review
⭐#1
#9196
Fix: Use local plugins for unpublished npm packages
@vishaltandale00
8.8/10
✓ Consensus
#2
#9196
Fix: Use local plugins for unpublished npm packages
@vishaltandale00
8.8/10
✓ Consensus
Strips dangerous environment variables like NODE_OPTIONS, LD_PRELOAD, and DYLD_INSERT_LIBRARIES from the base environment when executing commands on the host (gateway/node) via the exec tool to prevent unintended inheritance and potential security vulnerabilities.
#9200
Fix: Strip dangerous env vars from baseEnv in host execution
@vishaltandale00
8.3/10
✓ Consensus
#2
#9200
Fix: Strip dangerous env vars from baseEnv in host execution
@vishaltandale00
8.3/10
✓ Consensus
Prevents uncaught EPIPE exceptions during rapid systemd service restarts by safely writing to stdout, checking if the stream is writable and handling potential write errors.
Fixes plugin installation failure on Windows by adding `shell: true` option when spawning `.cmd` files, validating command arguments, and filtering out null/undefined arguments.
2 duplicatesbugfix
area: process execution · confidence: 96.0%
Rank
Pull Request
Quality
Review
⭐#1
#9250
Fix: Add shell:true for Windows .cmd files to prevent spawn EINVAL error
@vishaltandale00
8.8/10
✓ Consensus
#2
#9250
Fix: Add shell:true for Windows .cmd files to prevent spawn EINVAL error
@vishaltandale00
8.8/10
✓ Consensus
Implements resumable file uploads to Microsoft Teams for files larger than 4MB to improve reliability and prevent failures during large file transfers.
#9217
feat(msteams): implement resumable upload sessions for files >4MB
@hubertusgbecker
8.8/10
✓ Consensus
#2
#9217
feat(msteams): implement resumable upload sessions for files >4MB
@hubertusgbecker
8.8/10
✓ Consensus
Adds error handling around message processing in the Mattermost monitor to prevent crashes caused by malformed messages, logging errors and skipping the problematic messages to maintain monitor stability.
#9253
Fix: Feishu chat ID mismatch causing session context confusion
@vishaltandale00
8.2/10
✓ Consensus
#2
#9253
Fix: Feishu chat ID mismatch causing session context confusion
@vishaltandale00
8.2/10
✓ Consensus
Fixes a bug where the `openclaw gateway install` command on macOS ignores the node version managed by fnm/nvm and hardcodes the Homebrew node path in the launchd plist.
Prevents the webchat UI from crashing when a tool returns a large or circular object by sanitizing the tool's arguments before rendering and adding a try-catch block around the message building process.
Fixes a bug where WhatsApp QR codes were not rendering in the chat interface by allowing `` tags and `src` and `alt` attributes in the markdown sanitizer, and restricts image sources to data URLs for security.
Fixes a bug in the TUI where API responses were silently dropped when events arrived out of order or were duplicated after a runId was finalized, by ensuring that 'final' events are always processed even if the runId is in finalizedRuns.
#13016
fix(heartbeat): ignore session modelOverride when heartbeat.model is configured
@asklee-klawd
9.3/10
✓ Consensus
#2
#9429
fix: skip session model override for heartbeat runs
@dbottme
8.5/10
✓ Consensus
Corrects the fallback path used to locate the bundled Chrome extension directory in the CLI, ensuring it resolves to the correct location within the package's assets directory instead of potentially resolving to a location within node_modules.
2 duplicatesbugfix
area: CLI · confidence: 82.0%
Rank
Pull Request
Quality
Review
⭐#1
#10937
fix(browser): correct fallback path for bundled Chrome extension
@dddabtc
8.9/10
✓ Consensus
#2
#9796
fix(cli): correct fallback path for bundled Chrome extension (#9772)
@lailoo
8.5/10
⚠ Human Review
Fixes a memory leak in the gateway process by clearing the `seqByRun` map when an agent run context is cleared, preventing unbounded growth of the map.
Updates the coding-agent skill documentation to use the `openclaw system event` command instead of the removed `openclaw gateway wake` command, and clarifies the event delivery semantics.
#10665
fix(docs): replace removed gateway wake with system event in coding-agent skill
@Yida-Dev
9.5/10
✓ Consensus
#2
#11009
fix: Correct data path in SKILL.md (coding-agent)
@HenryLoenwind
9.1/10
⚠ Human Review
Adds internationalization (i18n) support to the UI, including English, Chinese (Simplified and Traditional), and Portuguese translations, with a language selector and persistent user preferences.
2 duplicatesfeature
area: UI · confidence: 82.0%
Rank
Pull Request
Quality
Review
⭐#1
#10657
feat(ui): add i18n support with English, Chinese, and Portuguese
@SalimBinYousuf1
7.4/10
✓ Consensus
#2
#13622
feat(i18n): add complete multi-language support (EN, TR, FR, DE)
@vaur94
7.1/10
✓ Consensus
Fixes a bug where the `session_status` tool displays incorrect thinking/reasoning levels by reading them from the session entry instead of defaulting to agent settings.
#10970
fix(session-status): pass session-level overrides to buildStatusMessage (#10867)
@lailoo
9.4/10
✓ Consensus
#2
#10998
fix(agents): pass session thinking/reasoning levels to session_status display
@wony2
9.3/10
✓ Consensus
Fixes a TypeError during Matrix media downloads by correctly destructuring the return value of `MatrixClient.downloadContent()` to access the media data buffer and propagates the content type.
#17559
fix: don't rotate auth profile on timeout during active tool use
@jg-noncelogic
8.7/10
✓ Consensus
#2
#16554
fix(agent): prevent session deadlock on timeout during tool execution
@mverrilli
8.4/10
✓ Consensus
Adds a configuration option to allow users to customize the OpenClaw instance name displayed in the Control UI title, improving identification of multiple instances.
#10991
feat(gateway): add configurable instance name for Control UI title
@Annaxiebot
9.0/10
✓ Consensus
#2
#11528
feat(control-ui): configurable page title with hostname default
@Annaxiebot
7.4/10
✓ Consensus
Fixes a bug where model fallback mechanism fails when fallbacks are configured at the agent level by checking agent-scoped fallbacks and forwarding fallbacksOverride to runEmbeddedPiAgent.
#11113
fix(memory-lancedb): preserve error cause in LanceDB load failure
@marezgui
8.0/10
✓ Consensus
#2
#11405
fix(extensions): add cause to lancedb load errorfix(extensions): add cause to lancedb load error
@dinakars777
7.9/10
✓ Consensus
Improves the mobile user experience of the chat compose area by restyling the layout for smaller screens, stacking elements vertically and making buttons full-width.
2 duplicatesstyle
area: UI · confidence: 86.0%
Rank
Pull Request
Quality
Review
⭐#1
#11167
style(chat): UI: add mobile layout for chat compose actions
Fixes a bug where Telegram update offsets were not scoped to the bot token, causing messages to be skipped after a token change by storing and validating the bot ID in the offset file.
#12472
fix(telegram): discard stale update offset after bot token swap
@Yida-Dev
9.3/10
✓ Consensus
#2
#11347
fix: scope Telegram update offset to bot token
@owleyes
9.1/10
✓ Consensus
Fixes a bug where isolated cron sessions were ignoring the `subagents.model` configuration, forcing users to explicitly specify the model in every cron job payload, and adds a test case to verify the fix.
2 duplicatesbugfix
area: cron · confidence: 89.0%
Rank
Pull Request
Quality
Review
⭐#1
#11476
Cron: respect subagents.model in isolated cron sessions (#11461)
@lailoo
9.2/10
✓ Consensus
#2
#11474
fix(cron): respect subagents.model in isolated cron sessions
@AnonO6
8.7/10
✓ Consensus
Adds support for running multiple Matrix accounts from a single OpenClaw gateway, enabling per-account message routing and credential management.
#11869
feat: Multi-account Matrix plugin with accountId routing
@jacoblyles
8.1/10
✓ Consensus
Fixes a cron job spin loop that occurs when a job completes within the same second it was scheduled, by ensuring the next run is always computed for the next second and adding a minimum re-fire gap.
2 duplicatesbugfix
area: cron · confidence: 91.0%
Rank
Pull Request
Quality
Review
⭐#1
#17967
fix(cron): prevent spin loop when job completes within firing second
@Operative-001
9.3/10
✓ Consensus
#2
#18073
fix(cron): prevent spin loop when job completes within scheduled second
@widingmarcus-cyber
9.2/10
✓ Consensus
Fixes an issue where the media stream auth token was being dropped by Twilio because it was passed as a URL query parameter, which Twilio silently strips, by passing the token via a TwiML Parameter element instead.
#12471
fix(voice-call): pass stream auth token via TwiML Parameter for Twilio Media Streams
@Yida-Dev
9.1/10
✓ Consensus
#2
#11913
fix(voice-call): pass stream auth token via TwiML Parameter, not URL query
@jason-alvarez-git
8.9/10
✓ Consensus
Fixes a session lock leak in the embedded runner that occurs when `waitForCompactionRetry()` hangs indefinitely after an aborted run, preventing proper cleanup and rendering the agent unresponsive.
Allows the openclaw-cli Docker container to connect to the openclaw-gateway Docker container by sharing the same network namespace, resolving connection issues when both are running in separate containers.
#12844
fix(llm-task): use correct import path for built/npm installs
@scout-wolfe
9.0/10
✓ Consensus
#2
#13176
fix: resolve llm-task module import for global installs
@striking
9.0/10
✓ Consensus
Add a production-ready WeCom (WeChat Work / 企业微信) Channel plugin for OpenClaw, enabling support for the most important enterprise messaging ecosystem in China
Fixes a bug where the compaction-safeguard extension was not loading in embedded Pi sessions, causing `ctx.model` to be undefined during compaction, and adds a fallback mechanism to provide a transcript-based summary when summarization fails.
#13956
fix(web-search): fix grok web search returning empty content
@seraphg
9.0/10
✓ Consensus
#2
#13327
fix(tools): find message output in Grok web_search response
@nezovskii
7.0/10
✓ Consensus
Fixes a bug where the `systemPrompt` field returned by the `before_agent_start` hook was being ignored, preventing plugins from modifying the system prompt.
#14940
fix(googlechat): convert Markdown formatting to Google Chat markup
@brandonwise
8.4/10
✓ Consensus
#2
#15172
fix(googlechat): convert Markdown formatting to Google Chat markupfix(googlechat): convert Markdown formatting to Google Chat markup
@EnzoGaillardSystems
8.1/10
✓ Consensus
Fixes a bug where peer-based routing bindings would fail to match when a channel plugin sent `peer.kind = 'dm'` instead of `'direct'` due to asymmetric normalization of the peer kind.
#14888
fix(routing): normalize peer.kind in matchesPeer for symmetric comparison
@omair445
9.4/10
✓ Consensus
#2
#14820
fix: normalize peer.kind in routing to handle dm/direct variants
@superlowburn
8.8/10
✓ Consensus
Fixes a bug where stale token counts after compaction could trigger unnecessary memory flushes, by resetting totalTokens to zero when a post-compaction token estimate is unavailable.
#15173
fix(session): reset totalTokens after compaction when estimate unavailablefix(session): reset totalTokens after compaction when estimate unavai…
@EnzoGaillardSystems
8.4/10
⚠ Human Review
#2
#15196
fix: clear stale token totals after compaction
@bufordtjustice2918
6.3/10
✓ Consensus
Improves the Chrome extension relay's connection resilience by adding auto-reconnect, state persistence, a keepalive mechanism, and improved tab lifecycle management to address connection drops and data loss issues.
#15901
fix: preserve Google Chat space ID case for API replies
@echoVic
8.3/10
⚠ Human Review
#2
#15902
fix: pass all Slack file attachments to agent, not just first
@echoVic
5.9/10
⚠ Human Review
Updates the systemd unit file with the correct service version after an update, preventing stale version information from being displayed and adding a check to `openclaw doctor` to detect version mismatches.
#16016
fix: update systemd unit version on gateway restart
@jbold
8.8/10
✓ Consensus
#2
#16185
fix: patch systemd unit version before service restart
@nozh
8.7/10
✓ Consensus
Adds Kubernetes deployment configurations, including a Helm chart and Kustomize overlays, to facilitate the deployment and management of OpenClaw within a Kubernetes environment.
Adds support for processing image attachments in the OpenAI chat completions endpoint by extracting base64 encoded images from the request and passing them to the agent command.
#16346
feat: support image attachments in OpenAI chat completions endpoint
@sh1nj1
8.8/10
✓ Consensus
#2
#16777
feat(gateway): add multimodal image support to /v1/chat/completions
@dzianisv
8.6/10
✓ Consensus
Adds a new 'create_from_markdown' action to the Feishu doc tool, allowing the creation of documents from Markdown content via the Feishu import task API.
#16592
feat(feishu): add write mode import for markdown documents
@ciberponk
8.6/10
✓ Consensus
Fixes a bug in the web UI where extra newlines were being injected into assistant messages when tool output was hidden, causing inconsistent formatting.
2 duplicatesbugfix
area: UI · confidence: 83.0%
Rank
Pull Request
Quality
Review
⭐#1
#16873
Fix extra newlines in web UI when thinking toggle is off
@niceysam
9.5/10
✓ Consensus
#2
#16733
fix(ui): avoid injected newlines when tool output is hidden
@jp117
9.4/10
✓ Consensus
Fixes a regression where the `exec` tool returns empty output on Windows Scheduled Tasks due to detached process spawning preventing stdout/stderr pipes from connecting, by conditionally disabling detached mode on Windows.
2 duplicatesbugfix
area: process · confidence: 83.0%
Rank
Pull Request
Quality
Review
⭐#1
#18067
fix(process): disable detached spawn on Windows to fix empty exec output
@arosstale
9.2/10
✓ Consensus
#2
#17862
fix: Windows exec returns empty output when pty=false
@MisterGuy420
8.4/10
⚠ Human Review
Correctly classify statements containing the word 'need' as 'preference' within the memory-lancedb extension.
#16678
fix(memory-lancedb): classify need statements as preference
@ciberponk
9.1/10
✓ Consensus
#2
#16703
fix(memory-lancedb): classify important statements as preference
@ciberponk
9.1/10
✓ Consensus
Enables default rate limiting for authentication endpoints in the gateway to prevent brute-force attacks, while allowing explicit disabling of rate limiting.
#16881
fix(gateway): enable auth rate limiting by default
@Limitless2023
5.3/10
⚠ Human Review
Correctly classify Czech 'preferuji' statements as 'preference' in the memory-lancedb extension by updating the category detection logic to align with the capture logic.
#12499
fix(config): add missing customBindHost to gateway Zod schema
@sfo2001
9.5/10
✓ Consensus
#2
#16192
fix(config): add customBindHost to gateway zod schema (#5435)
@Glucksberg
9.4/10
✓ Consensus
Fixes a bug where Telegram HTML formatter produces empty output for certain markdown constructs, leading to message delivery failure, by adding fallbacks to plain text and auto-detecting markdown tables.
#17769
fix(telegram): preserve reply text in threaded mode dispatch
@Glucksberg
9.3/10
✓ Consensus
#2
#17629
fix(telegram): fall back to plain text when HTML formatter produces empty output
@Glucksberg
8.6/10
✓ Consensus
Fixes a bug where parsing Docker bind mounts on Windows would incorrectly truncate the host path due to drive letters containing colons, leading to incorrect filesystem path resolution in the sandbox environment.
#17955
fix(sandbox): parse Windows bind mounts in fs-path mapping
@Clawborn
9.2/10
✓ Consensus
#2
#13873
fix(sandbox): prevent Windows PATH from poisoning docker exec
@alessandrorodi
8.8/10
✓ Consensus
Fixes sandbox path validation to allow access to files within Docker bind mount host paths, enabling sandboxed agents to use read, write, and edit tools on those files.
#16509
Fix sandbox path validation rejecting Docker bind mount paths
@Clawborn
8.1/10
⚠ Human Review
#2
#16389
fix: allow Docker bind mount paths in sandbox tools
@Limitless2023
7.7/10
✓ Consensus
Fixes an issue where the zsh completion script would fail if `compinit` was not initialized before the script was sourced, by adding a check and initialization of `compinit` within the script itself.
2 duplicatesbugfix
area: cli · confidence: 88.0%
Rank
Pull Request
Quality
Review
⭐#1
#17325
fix(completion): avoid zsh compdef error when compinit is not initialized
@ephelia-ai
9.4/10
✓ Consensus
#2
#17922
fix(completion): initialize compinit when compdef is unavailable
@Clawborn
8.6/10
✓ Consensus
Adds a staleness check to the cron job execution to prevent jobs from being permanently blocked if a previous execution crashed without clearing the running marker, allowing manual triggers to proceed after a timeout.
2 duplicatesbugfix
area: cron · confidence: 82.0%
Rank
Pull Request
Quality
Review
⭐#1
#17895
fix(cron): add staleness check for runningAtMs on manual trigger
@PlayerGhost
9.2/10
✓ Consensus
#2
#12018
fix(cron): clear stale running markers based on job timeout
@benzer25
6.5/10
✓ Consensus
Adds a configuration option to allow users to specify extra command-line arguments when launching Chrome, enabling customization like stealth flags and user-agent overrides.
#15690
feat(browser): add browser.args config field for custom Chrome launch flags (#14803)
@lailoo
9.2/10
✓ Consensus
#2
#18443
feat(browser): add extraArgs config for custom Chrome launch args
@JayMishra-source
9.1/10
✓ Consensus
Implements per-thread session keys for Slack channels and groups to prevent context mixing, fixes a bug where the previousTimestamp was not correctly read from the thread-level session, and increases the thread cache TTL and max entries.
#17908
fix(slack): per-thread session keys to prevent context mixing
@tonydehnke
8.9/10
✓ Consensus
#2
#10686
fix(slack): use thread-level sessions for channels to prevent context mixing
@pablohrcarvalho
8.3/10
✓ Consensus
Improves gateway restart performance by skipping cache-busting for bundled hook imports, allowing V8 to reuse its module cache, and using file modification time for other hook types to only re-parse when necessary.
#16960
perf: skip cache-busting for bundled hooks, use mtime for workspace hooks
@mudrii
9.1/10
✓ Consensus
#2
#17053
perf(hooks): skip cache-busting for immutable bundled hooks
@Limitless2023
4.8/10
✓ Consensus
Refactor duplicated allowlist normalization logic from Slack, Signal, and iMessage monitors into a shared helper function to reduce code duplication and improve maintainability.
Adds the ability to configure compaction settings on a per-agent basis, overriding the global defaults, allowing for more granular control over memory management for different agent types.
#14598
feat: support per-agent compaction overrides in agents.list[]
@curtismercier
8.6/10
✓ Consensus
#2
#14487
feat(config): support per-agent compaction overrides (#14446)
@lailoo
8.6/10
✓ Consensus
Adds a human-readable timestamp to the inbound_meta.v1 payload to provide agents with continuous time awareness during long chat sessions, improving their ability to track time and avoid time-related errors.
#16403
feat: add readable timestamp to inbound_meta.v1 payload
@mcinteerj
8.6/10
✓ Consensus
#2
#17017
feat(auto-reply): make agent time-aware with message timestamps
@liuy
7.9/10
✓ Consensus
Adds support for configuring a primary heartbeat model with a chain of fallback models to be used if the primary model fails, along with different fallback strategies and state persistence to track the current fallback model.
#9486
feat(heartbeat): support primary/fallbacks model config
@sauerdaniel
8.0/10
✓ Consensus
#2
#16289
feat: heartbeat model fallback chain support
@Unwatched2345
7.8/10
✓ Consensus
Fixes a gateway crash caused by unhandled promise rejections when the Telegram getFile API fails due to network issues by adding error handling to the immediate-flush path in the inbound debouncer.
#12870
fix: recover from telegram fetch errors (issue #12835)
@ambicuity
8.7/10
✓ Consensus
Increase the timeout for fetching attachments in the Signal integration to 30 seconds to prevent AbortErrors on slower connections or for larger attachments.
2 duplicatesbugfix
area: signal · confidence: 89.0%
Rank
Pull Request
Quality
Review
⭐#1
#16573
fix(signal): increase attachment fetch timeout to 30s (#16545)
@robbyczgw-cla
8.6/10
⚠ Human Review
#2
#6576
fix(signal): increase attachment fetch timeout to 60s
@rwarettg
8.0/10
✓ Consensus
Fixes a bug where the WhatsApp Web channel would fail to start if the initial connection attempt resulted in a DNS or network error, by ensuring the reconnect loop handles initial connection failures.
2 duplicatesbugfix
area: WhatsApp Web gateway · confidence: 86.0%
Rank
Pull Request
Quality
Review
⭐#1
#9727
fix(whatsapp): retry reconnect loop on initial connection failure
@luizlf
9.0/10
✓ Consensus
#2
#14484
fix(whatsapp): catch connection-phase errors in reconnect loop
@onthway
8.5/10
✓ Consensus
Fixes a crash after `openclaw update` by spawning a new process for daemon restart and post-update doctor command to avoid stale module references due to content-hashed filenames.
2 duplicatesbugfix
area: cli · confidence: 88.0%
Rank
Pull Request
Quality
Review
⭐#1
#17251
fix(cli): spawn new process for daemon restart after update
@CornBrother0x
8.7/10
✓ Consensus
#2
#17388
fix: spawn new process for daemon restart after update to avoid module loading errors
@Limitless2023
8.5/10
✓ Consensus
Fixes a bug where third-party memory plugins were incorrectly displayed as 'unavailable' in the `openclaw status` command by probing the plugin's status via gateway RPC or marking it as 'active' if the gateway is unreachable.
2 duplicatesbugfix
area: status command · confidence: 86.0%
Rank
Pull Request
Quality
Review
⭐#1
#14466
fix(status): report memory status for all memory plugins (#14261)
@lailoo
9.4/10
✓ Consensus
#2
#12596
fix(status): show third-party memory plugins as active instead of unavailable
@nhadaututtheky
9.0/10
✓ Consensus
Suppress file-size error replies in Telegram groups when `requireMention` is enabled and the bot is not mentioned, preventing multiple bots from spamming the same error message.
#17081
fix(telegram): suppress file-size error replies in groups when bot is not mentioned
@p697
9.1/10
✓ Consensus
#2
#17138
fix: skip file size error in Telegram groups when requireMention is enabled
@Limitless2023
4.7/10
✓ Consensus
Adds support for the Gemini embedding model and a configurable base URL for OpenAI-compatible APIs to the memory-lancedb plugin, and fixes a TUI crash related to terminal width overflow.
#17701
fix(memory-lancedb): add gemini-embedding-001 and baseUrl support
@Phineas1500
8.7/10
✓ Consensus
#2
#17696
fix(memory-lancedb): add gemini-embedding-001 and baseUrl support
@aldoeliacim
8.7/10
✓ Consensus
Improve the security of OpenClaw by providing guidance on redacting sensitive information in security reports and offering a quick hardening checklist for users.
#12062
docs: Add security hardening guide for OpenClaw configurations
@wlshlad85
7.7/10
✓ Consensus
Enforce consistent Slack Block Kit validation across all message sending and editing paths, including runtime calls, to ensure payload integrity and prevent errors.
#18416
Slack: validate runtime blocks in send and edit paths
@Solvely-Colin
7.9/10
⚠ Human Review
Prevents binary audio files from being incorrectly identified as UTF-16 text during file extraction, which would lead to garbage data being injected into the context window.
#5588
fix(media): skip binary audio in file extraction to prevent false UTF-16 detection
@NSEvent
9.3/10
✓ Consensus
#2
#7454
fix: skip UTF-16 heuristic for audio/video/image MIME types (#7444)
@gavinbmoore
8.7/10
✓ Consensus
Fixes a race condition in webchat streaming where tool events could arrive before the preceding text, causing text truncation or incorrect positioning by flushing the text buffer before broadcasting tool start events.
#14946
fix(webchat): accumulate text across blocks in streaming buffer
@mcaxtr
8.6/10
✓ Consensus
#2
#5681
fix(gateway): flush text buffer before tool events in webchat
@MaudeBot
8.0/10
✓ Consensus
Fixes a bug where LLM slug generation fails in environments without Anthropic configured by using the configured default agent model instead of defaulting to Anthropic.
#15574
fix(hooks): use configured model for llm slug generation (#15510)
@TsekaLuk
9.3/10
✓ Consensus
#2
#5945
fix: use configured model for slug generator (AI-assisted)
@HEDELKA
7.7/10
✓ Consensus
Fixes a bug where the `/status` command would not reflect the thinking level set by a `/think` command in the same message when used in the directive-only path.
#16700
fix: /status shows stale thinking level after directive change
@cmfinlan
8.9/10
✓ Consensus
#2
#5992
Fix: /status shows correct think level when used with /think (fixes #5919)fix(auto-reply): /status shows correct think level when combined with…
@simran122
8.5/10
✓ Consensus
Adds configuration options to customize the auto-compaction process, allowing users to specify custom instructions for the summary and override the model used for compaction.
#11089
feat(compaction): support customInstructions and model override for auto-compaction
@p697
8.8/10
✓ Consensus
#2
#11970
feat: add model.compact config for dedicated compaction model
@meaadore1221-afk
6.8/10
⚠ Human Review
Preserve Web UI scopes when allowInsecureAuth is enabled to fix a 'missing scope: operator.read' error when accessing the Web UI over LAN (plain HTTP) without device authentication.
#17681
fix: preserve Web UI scopes when allowInsecureAuth is enabled
@peteropenclaw
9.1/10
✓ Consensus
#2
#16866
fix: preserve scopes when shared-auth succeeds (Web UI LAN access)
@MisterGuy420
8.7/10
✓ Consensus
Prevent the `formal-conformance` CI workflow from failing on fork PRs due to GitHub token restrictions when attempting to post PR comments, while still uploading the drift artifact.
2 duplicatesconfig
area: CI workflows · confidence: 82.0%
Rank
Pull Request
Quality
Review
⭐#1
#17426
ci(formal): don't fail on fork PRs when PR comment is blocked
@mitre88
9.4/10
✓ Consensus
#2
#17056
ci(formal): use step summary instead of PR comment for drift notification
@LucasAIBuilder
7.9/10
✓ Consensus
Fixes a cold-start race condition in `lookupContextTokens` by adding a synchronous fallback cache populated from the user's config file, ensuring the correct context window is used before the async model discovery cache is populated.
#12270
fix: add synchronous config fallback to lookupContextTokens
@Yida-Dev
9.3/10
✓ Consensus
#2
#12195
fix(agents): sync config fallback for lookupContextTokens cold-start race
@mcaxtr
9.1/10
✓ Consensus
Fixes a race condition on Windows where concurrent reads of the session store file can observe a truncated or empty file during writes, leading to loss of session context, by implementing atomic writes using a temporary file and rename operation, and adding retry logic for both read and write operations.
2 duplicatesbugfix
area: session store · confidence: 86.0%
Rank
Pull Request
Quality
Review
⭐#1
#16542
fix(sessions): use atomic temp+rename write on Windows
@aldoeliacim
8.7/10
✓ Consensus
#2
#18347
fix: atomic session store writes to prevent context loss on Windows
@twcwinston
8.4/10
✓ Consensus
Formats timestamps in the `sessions_history` tool output using the user's configured timezone, falling back to the host timezone if none is configured, and handles potentially invalid timestamps gracefully.
#12268
fix: format sessions_history timestamps using configured userTimezone
@mcaxtr
9.1/10
✓ Consensus
#2
#12358
fix: Sessions format timestamps in sessions_history using userTimezone
@xialonglee
9.0/10
✓ Consensus
Fixes an issue where sandbox agents cannot resolve container-absolute paths and rewrites bundled skill paths to workspace-local copies when running inside a sandbox.
Fixes a bug where Discord messages from unconfigured channels were incorrectly dropped when `groupPolicy` was set to 'open' and a partial channel configuration existed.
#17513
fix(discord): respect groupPolicy in channel config fallback (#4555)
@aronchick
9.6/10
✓ Consensus
#2
#15816
fix(discord): respect groupPolicy "open" in channel allowed checks
@arosstale
8.5/10
✓ Consensus
Allow plugins to override the model selection for an agent run using the `before_agent_start` hook, enabling use cases like cost-optimizing model routers and A/B testing.
#14647
feat(plugins): allow before_agent_start hook to override model (#14585)
@lailoo
8.5/10
✓ Consensus
#2
#17614
feat: allow before_agent_start hook to override model selection
@plc
7.9/10
✓ Consensus
Configures Mattermost to render Markdown tables natively by default instead of wrapping them in code blocks, and adds tests to verify the configuration and overrides.
Fixes a bug where the LINE channel status check incorrectly reports the channel as unconfigured when credentials are provided via files by using the `configured` flag from the `ChannelAccountSnapshot` instead of attempting to read credentials directly from the snapshot.
2 duplicatesbugfix
area: LINE channel plugin · confidence: 93.0%
Rank
Pull Request
Quality
Review
⭐#1
#11110
fix(line): false 'not configured' warnings when tokenSource=file
@lailoo
9.4/10
✓ Consensus
#2
#10487
fix(line): use snapshot configured flag in collectStatusIssues
@mcaxtr
9.2/10
✓ Consensus
Fixes a bug where verbose tool output was missing the file path when the tool used the 'file_path' alias instead of 'path' in its arguments, and adds tests to ensure both 'path' and 'file_path' are handled correctly, with 'path' taking precedence.
#13665
feat(web-search): add SearXNG as a search provider
@sfo2001
8.8/10
✓ Consensus
#2
#16895
feat(web-search): add SearXNG as a search provider
@rustyorb
7.1/10
⚠ Human Review
Updates the diagnostics-otel plugin to be compatible with version 2.x of the @opentelemetry/resources package by using the resourceFromAttributes function instead of the Resource class constructor.
#11957
fix(diagnostics-otel): use @opentelemetry/resources v2 API
@scott-memco
9.1/10
✓ Consensus
#2
#2574
fix(diagnostics-otel): update to @opentelemetry/resources v2.x API
@dillera
8.3/10
⚠ Human Review
Fixes a bug where chat messages were written to a different session than they were read from due to inconsistent use of session keys, causing messages to not appear in chat history.
#3182
fix(gateway): use canonical session key in chat.send
@chrisherold
8.0/10
✓ Consensus
#2
#3182
fix(gateway): use canonical session key in chat.send
@chrisherold
8.0/10
✓ Consensus
Prevents corrupted agent session transcripts by dropping toolResult messages that do not have a corresponding pending tool call, thus avoiding 'No tool call found' loops.
Refactors the GatewayDiscoveryModel to use structured concurrency with `Task` instead of `Task.detached` to ensure proper actor context inheritance and cancellation handling within the MainActor context.
#3424
Use structured concurrency instead of Task.detached in GatewayDiscoveryModel
@abhijeet117
8.1/10
✓ Consensus
#2
#3424
Use structured concurrency instead of Task.detached in GatewayDiscoveryModel
@abhijeet117
8.1/10
✓ Consensus
Fixes a TypeError on Matrix bot startup when E2EE is enabled and the crypto SDK does not have the `requestOwnUserVerification` function by adding a runtime check for the function's existence.
#2902
fix(matrix): check if requestOwnUserVerification exists before calling
@dokterdok
9.1/10
✓ Consensus
#2
#2902
fix(matrix): check if requestOwnUserVerification exists before calling
@dokterdok
9.1/10
✓ Consensus
Clarify in the Discord skill documentation that Discord search does not support boolean operators and suggest alternative approaches for searching multiple terms.
#3402
docs(discord): clarify search doesn't support OR/AND operators
@pvoo
9.1/10
⚠ Human Review
#2
#3402
docs(discord): clarify search doesn't support OR/AND operators
@pvoo
9.1/10
⚠ Human Review
Fixes OAuth credential extraction for the Google Gemini CLI when installed via version managers like mise by resolving shims and expanding search paths for the oauth2.js file.
2 duplicatesbugfix
area: auth · confidence: 98.0%
Rank
Pull Request
Quality
Review
⭐#1
#3521
fix(gemini-auth): handle mise shims and nested node_modules paths
@sebslight
6.7/10
✓ Consensus
#2
#3521
fix(gemini-auth): handle mise shims and nested node_modules paths
@sebslight
6.7/10
✓ Consensus
Fixes a crash in the macOS app caused by SwiftPM resource bundles not being located correctly within the app bundle's resource directory by patching the generated Swift code to use `resourceURL` instead of `bundleURL`.
#3337
fix(macos-app): patch SwiftPM Bundle.module accessor for app bundle
@skymoore
7.7/10
⚠ Human Review
#2
#3337
fix(macos-app): patch SwiftPM Bundle.module accessor for app bundle
@skymoore
7.7/10
⚠ Human Review
Improves the reliability of the autoCapture feature in the memory-lancedb extension by correctly identifying and capturing relevant user and assistant messages, even when autoRecall is enabled and injecting context into the messages.
#15896
fix(memory-lancedb): capture even with injected recall context
@aelaguiz
8.6/10
✓ Consensus
#2
#3401
fix(memory-lancedb): improve autoCapture with turn-by-turn processing
@mike-nott
8.5/10
✓ Consensus
Fixes a bug where one-shot cron jobs with `deleteAfterRun: true` would enter an infinite loop if they were skipped or failed, by ensuring they are deleted regardless of their execution status.
2 duplicatesbugfix
area: cron · confidence: 84.0%
Rank
Pull Request
Quality
Review
⭐#1
#3693
fix(cron): delete deleteAfterRun jobs regardless of execution status
@HirokiKobayashi-R
9.3/10
✓ Consensus
#2
#11657
fix(cron): treat skipped heartbeat as ok for one-shot jobs
@DukeDeSouth
9.1/10
✓ Consensus
Fixes a configuration validation error in Docker deployments caused by the missing memory-core plugin by ensuring its dependencies are installed during the Docker image build process.
Fixes intermittent sandbox execution failures by using an absolute path for the shell and adds the ability to allow reads from specific directories outside the workspace root via an allowlist.
Fixes compatibility issues with OpenTelemetry v2.x API in the diagnostics-otel plugin, addressing Resource constructor, Semantic Conventions, and LoggerProvider API changes.
#11530
diagnostics-otel: fix OpenTelemetry v2 resource/logs API compatibility
@erain
8.4/10
✓ Consensus
Fixes deployment issues in containerized environments by updating the Docker Compose configuration to build the image from source and use the correct volume mount path, resolving image pull failures and EBUSY errors.
#3965
Fix Docker Compose configuration for moltbot deployment
@YoByron
8.4/10
✓ Consensus
#2
#3965
Fix Docker Compose configuration for moltbot deployment
@YoByron
8.4/10
✓ Consensus
Prevents OpenAI-compatible clients from crashing when the SSE stream terminates by ensuring a final `chat.completion.chunk` with a `finish_reason` is sent before `data: [DONE]` and improves compatibility with older client payload formats.
#4300
Gateway: prevent OpenAI-compatible client crash on SSE termination
@perryraskin
8.1/10
✓ Consensus
#2
#4300
Gateway: prevent OpenAI-compatible client crash on SSE termination
@perryraskin
8.1/10
✓ Consensus
🧭 Vision Alignment
How well each PR aligns with the project's stated architecture and goals. Low scores indicate potential drift.
#11191feat: REALLYopenClaw JAILBREAK - disable global gateway lock by default@latamapac
CLOSE1.0/10
The PR introduces a fork of OpenClaw, rebranding it as REALLYopenClaw, which diverges from the project's vision and goals.
The PR disables the global gateway lock by default, allowing multiple gateway instances to run on the same machine, which may lead to conflicts and instability.
The PR changes the README to describe the fork and its new behavior, which may confuse users and create inconsistencies with the rest of the project.
This PR rebrands the project to 'REALLYopenClaw', which directly conflicts with the project's established identity and branding as 'OpenClaw'.
The PR disables the global gateway lock by default, which contradicts the existing architecture designed to ensure a single gateway instance.
The PR introduces significant changes that diverge from the project's vision and goals, and may lead to conflicts and instability.
#17976Update print statement from 'Hello' to 'Goodbye'@canarylumen-droid
CLOSE1.5/10
The PR changes the print statement from 'Hello' to 'Goodbye' without any clear justification or relation to the project's goals or architecture.
The PR does not follow the project's contributing guidelines, as it does not provide a clear summary of the problem and fix, and does not include any evidence or human verification.
The PR does not seem to address any specific issue or need in the project, and appears to be a trivial change.
The PR description is incomplete, failing to describe the problem, fix, or why it matters. The change itself is to update a print statement from 'Hello' to 'Goodbye' in the README, which is a significant drift from the project's goals of building a personal AI assistant as outlined in the README.md and CONTRIBUTING.md.
The PR does not align with the project's goals or architecture, and does not follow the contributing guidelines.
#7315Launch: SotyBot v0.1.0 MVP - The Open Agent Engine@descambiado
CLOSE1.5/10
The PR transforms the repository into a new project (SotyBot) with a different architecture and technology stack (Python/FastAPI) that is not aligned with the original OpenClaw project's vision and goals.
The PR introduces a new set of features and components that are not mentioned in the OpenClaw project's documentation or roadmap.
The PR does not follow the OpenClaw project's contributing guidelines, such as testing and code review processes.
This PR completely repurposes the project, changing the core language from NodeJS to Python, and shifting the focus from a personal AI assistant to a domain-agnostic agent runtime, which is a significant departure from the project's stated goals in the README.
The README explicitly defines OpenClaw as a personal AI assistant that integrates with various messaging channels, while this PR introduces 'SotyBot,' an open agent engine with a different architecture and feature set.
The PR is not aligned with the OpenClaw project's vision and goals, and introduces significant changes that are not documented or discussed in the project's roadmap or contributing guidelines.
Missing required build steps (pnpm build and pnpm ui:build)
The PR introduces significant drift from the project's architecture and conventions, and would break deployment if merged.
#9829Fix MCP transport reconnect and SSE header handling@mabengda
CLOSE2.0/10
Removes explicit non-exfiltration language
Encourages broader access to user data
Loosens 'ask first' triggers
Changes group-chat behavior guidance to allow sharing of user's stuff without consent
Adds instructions to access and modify user's data without explicit permission
The PR introduces significant changes to the safety and privacy guidance in the AGENTS.md template, which may compromise the security and trust of the OpenClaw project.
The PR has no description, changes zero files, and provides no context, failing to meet the contribution guidelines outlined in CONTRIBUTING.md.
The PR lacks essential information, such as a description, labels, and actual changes, making it difficult to evaluate its alignment with the project vision and goals.
The PR changes the Fly.io deployment configuration in a way that breaks deployments and persistence, which is not aligned with the project's documented deployment requirements.
The PR removes environment variables and persistent volume mounts that are necessary for the project's functionality.
The PR changes the service port to 8080, which is not the intended port for the gateway process.
The PR replaces the existing Fly.io deployment configuration with a generated one, which changes the app name and service port.
It removes the repository's documented Fly settings, including the Dockerfile build, environment variables, explicit gateway process command, and persistent /data volume mount, conflicting with the documented Fly deployment requirements (port/process/env/mount) in `docs/install/fly.md` and the private template (`fly.private.toml`).
The PR introduces high-impact configuration errors that would break deployments and persistence, and is not aligned with the project's documented deployment requirements.
Introduces a decentralized infrastructure without addressing security concerns
Requires users to share their GitHub tokens with an external Gist controlled by unknown parties
Lacks integration with OpenClaw's plugin system
Has critical race conditions in concurrent write operations
References tools that are never implemented
The PR introduces significant security concerns, lacks proper integration with the existing system, and has critical implementation issues, making it unsuitable for merging.
#18255Fix memory vector store dimension mismatch by resetting index@Clawborn
CLOSE2.5/10
The PR bundles 6 unrelated fixes into a single PR, violating the repository's commit guidelines.
The PR includes changes to multiple channels (Slack, Telegram, Discord) without a clear connection to the main issue being addressed.
The PR lacks a clear explanation of how the changes relate to the project's vision and goals.
The PR bundles multiple unrelated fixes, violating the contribution guidelines (CONTRIBUTING.md) which state 'Keep PRs focused (one thing per PR)'.
The PR includes changes to Slack, Telegram, Discord, and process management, which are not directly related to the stated primary focus areas of stability, UX, skills, and performance (CONTRIBUTING.md).
While the PR addresses a specific issue, it lacks focus and includes unrelated changes, making it difficult to review and understand the impact on the project.
Uses incorrect function signature for runCommandWithTimeout
Fails to update test file to reflect new implementation
Lacks proper testing and verification of changes
Introduces compilation errors due to duplicate imports.
While the PR attempts to fix a specific issue, it introduces new errors and lacks proper testing, requiring a thorough review and revision before merging.
Introduces several new behavioral features unrelated to shell execution, including a SmartRouter system, new retry behavior, and a context-optimizer
Changes are not explicitly gated or documented, and may introduce unexpected behavior
New network and cache behavior without explicit feature gating
Hard-coded paths in .bat scripts and pnpm→npx build change may cause issues on Windows
The PR includes unrelated changes such as a SmartRouter system, smart rate limit retry behavior, and a context-optimizer, which are not directly related to the stated goal of improving PowerShell execution reliability.
While the PR improves PowerShell execution reliability, it introduces several unrelated changes that may cause issues and drift from the project's vision, requiring further discussion and refinement
#7030feat: add line balancing animation for Double End M12 Cable Assembly@ceasarcapuno
CLOSE2.5/10
The PR introduces a new feature that is not mentioned in the project's vision or roadmap
The feature is not aligned with the project's focus on stability, UX, skills, or performance
The PR does not follow the project's guidelines for contributing new features, which require starting a GitHub Discussion or asking in Discord first
This PR adds a large, self-contained HTML visualization for cable assembly line balancing, which is outside the scope of a personal AI assistant as defined in the README.
The PR doesn't seem to align with the current focus on stability, UX improvements for onboarding, or skills for ClawHub as outlined in CONTRIBUTING.md.
The PR introduces a significant new feature that is not aligned with the project's current focus or roadmap, and does not follow the project's guidelines for contributing new features.
The PR does not implement the described behavior change, instead only adding a new markdown file restating the issue and suggestions without any code changes.
The PR title contains a typo ('messag') and does not accurately reflect the changes made.
The PR does not follow the project's guidelines for contributing, specifically the requirement to test locally and run tests before submitting a PR.
The PR only adds a markdown file summarizing the issue, but doesn't implement any code changes to address the issue, which is to improve validation messages or enforce authentication.
The PR title contains a typo ('messag').
The PR does not meet the project's contribution guidelines and does not implement the described behavior change, requiring further discussion and clarification before it can be considered for merge.
The PR introduces a critical issue with the `@openclaw/core-memories` package, which has no implementation and will cause runtime failures.
The PR adds extension-only dependencies to the root package.json, violating the project guideline (AGENTS.md:11-12).
The PR's changes to the labeler workflow and GitHub App token usage may not align with the project's security guidelines.
Introduces a `@openclaw/core-memories` package with only a package.json, leading to runtime errors due to missing implementation, violating the project's stability goals.
Adds extension-only dependencies to the root package.json, conflicting with the project's architectural guidelines (AGENTS.md:11-12) that plugin-specific dependencies should reside within the extension's package.json.
The PR has a critical issue and introduces drift from the project's guidelines, requiring discussion and revision before it can be considered for merge.
#14469feat: Add automatic pnpm install to shell hook@marcoziti
CLOSE2.5/10
The PR introduces a full new flake with unrelated inputs and modules, which is not aligned with the project's current architecture.
The shellHook has persistent side effects and runs installs unconditionally on every shell entry, which can break offline/restricted environments and unexpectedly mutate the repo.
The PR does not follow the project's guidelines for contributing, as it does not provide a clear description of the changes and does not include tests.
Introduces a full flake.nix file, which is a significant change not discussed or planned.
The flake.nix includes unrelated inputs (process-compose, services-flake, northwind) and a demo-style description, deviating from the project's focus.
The PR requires further discussion to ensure that the changes align with the project's vision and architecture, and to address the concerns around the shellHook's behavior and the introduction of new inputs and modules.
#15941fix(sessions): allow session file paths from other agents' sessions dirs@LiJianLi128
CLOSE2.5/10
The PR introduces a security vulnerability that could allow path traversal outside the intended OpenClaw directories
The path validation logic is too permissive and could allow access to arbitrary files on the system
The implementation does not validate paths against the actual state directory root using proper path prefix checking
The PR introduces a security vulnerability by allowing access to files outside the intended OpenClaw state directory, which conflicts with the project's security goals.
The path validation logic is too permissive and could allow malicious paths, as highlighted by the Greptile analysis.
The PR introduces a security vulnerability and does not align with the project's security goals, requiring further discussion and revision before merging.
The PR transforms OpenClaw into a local-first fork, which may not align with the project's original vision
The changes preserve all cloud provider functionality, but make local operation the default path, which may not be in line with the project's goals
The PR includes a significant amount of changes, including a new setup script and example config, which may introduce complexity and drift from the project's original direction
This PR significantly alters the project's direction by prioritizing local Ollama inference over cloud providers like Anthropic and OpenAI, which are explicitly mentioned and recommended in the README.md. The README emphasizes subscriptions to Anthropic and OpenAI, suggesting a focus on cloud-based AI assistants, while this PR shifts the focus to local models.
The PR introduces substantial changes across many files, including documentation, CI workflows, and default configurations, indicating a major architectural shift that wasn't discussed beforehand, violating the CONTRIBUTING.md guidelines for new features or architecture changes.
While the PR includes some aligned aspects, such as comprehensive test coverage and updated documentation, the significant changes and drift from the project's original vision and goals warrant further discussion and review.
#17648fix: Discord guild channel detection using rawMessage.guild_id@MisterGuy420
CLOSE3.0/10
The PR description and title are completely unrelated to the actual change, which may indicate a lack of understanding of the project's goals or a misleading representation of the changes.
The change introduces a new dependency on an Express HTTP server, which may not be aligned with the project's architecture or vision.
The PR does not follow the project's guidelines for contributing, specifically the requirement for a clear and concise description of the changes.
The PR description is completely unrelated to the actual code changes, which violates the 'Describe what & why' guideline in CONTRIBUTING.md.
The PR claims to fix Discord guild channel detection, but the code changes are in `src/gateway/server-browser.ts` and relate to browser control server wiring, indicating a significant disconnect between the stated purpose and the actual implementation.
The PR requires further discussion to clarify the changes and ensure they align with the project's vision and architecture.
#7030feat: add line balancing animation for Double End M12 Cable Assembly@ceasarcapuno
CLOSE3.0/10
The PR introduces a new feature that is not mentioned in the project's vision or roadmap
The feature is not related to the project's main goal of creating a personal AI assistant
The PR does not follow the project's guidelines for contributing new features, which requires starting a GitHub Discussion or asking in Discord first
This PR adds a very specific visualization tool that doesn't seem to align with the core goal of OpenClaw as a personal AI assistant.
The PR description and Greptile summary suggest a self-contained HTML page, which doesn't integrate with the existing OpenClaw architecture or any documented need.
The PR introduces a significant new feature that is not aligned with the project's vision or roadmap, and does not follow the project's guidelines for contributing new features.
#7206feat: add V-Infinite elite assistant persona and cyber-warrior skill set@oki3505F
CLOSE3.0/10
The PR introduces language and framing that promotes 'unrestricted' execution and offensive security behavior, which may conflict with OpenClaw's safety posture
The new skills and templates may lead to unsafe usage or policy violations if consumed by the product or shared publicly
The PR does not explicitly address the project's current focus on stability, UX, and performance
The PR introduces a 'Cyber-Warrior' skill set that includes offensive security tools like nmap, dig, and curl, which could be misused if not handled carefully, potentially conflicting with OpenClaw's safety posture.
The 'V-Infinite' persona promotes 'unrestricted execution' and a 'hacker-chic' persona, which may not align with the project's goals and could lead to unsafe behavior.
The PR raises significant concerns about safety and policy, and requires further discussion and review to ensure alignment with the project's goals and values.
#7206feat: add V-Infinite elite assistant persona and cyber-warrior skill set@oki3505F
CLOSE3.0/10
The new skills and templates introduced in the PR promote 'unrestricted' execution and offensive security behavior, which could lead to unsafe usage or policy violations if consumed by the product or shared publicly.
The language and tone used in the new templates and skills may not align with OpenClaw's safety posture and could lead to conflicts with the project's goals and values.
The PR does not seem to follow the recommended guidelines for contributing to OpenClaw, such as starting a GitHub Discussion or asking in Discord before implementing new features.
The PR introduces a 'Cyber-Warrior' skill set that includes tools like nmap, dig, and curl, which could be misused if not handled carefully, potentially conflicting with the project's safety posture.
The 'V-Infinite' persona promotes 'unrestricted execution' and 'offensive security usage,' which may lead to unsafe behavior and policy violations.
The PR introduces new features that could be beneficial, but it also raises significant concerns about safety and alignment with the project's goals and values, requiring further discussion and review.
#7639[Agent] [Bug]: Missing 'zop' module at extension/mattermost and remo@swarmagents
CLOSE3.0/10
The PR does not address a documented need or issue in the project's vision or architecture
The PR introduces a new file (AGENT_CHANGE.md) that does not seem to be part of the project's standard documentation or code structure
The PR's changes do not appear to be related to the project's current focus or roadmap (stability, UX, skills, performance)
The PR only adds an analysis of the bug, but does not fix it, which is not a useful contribution.
The PR suggests modifying the pnpm-lock.yaml file directly, which is generally discouraged as it should be managed by pnpm.
The PR's changes seem unrelated to the project's current focus and do not address a documented need, requiring further discussion to understand its relevance and potential impact on the project.
#9317[Swarm] [Bug]: Connection error on Intel MacBook Pro persi@swarmagents
CLOSE3.0/10
The PR does not address the reported bug and does not implement a fix or tests for the connection error described in Issue #9274
The change is documentation-only and does not align with the project's goal of fixing the connection error issue
The PR does not follow the project's guidelines for contributing code, as it does not contain a fix or tests for the issue
This PR adds a markdown file with debugging suggestions but does not implement a fix, which is a mild drift from the project's focus on stability and UX improvements as outlined in the CONTRIBUTING.md file. The PR description indicates an attempt to address issue #9274, but the changes only provide hypotheses and debugging steps, not a solution.
The CONTRIBUTING.md states 'Bugs & small fixes → Open a PR!', but this PR doesn't contain a fix.
The PR does not align with the project's goals and guidelines, and does not provide a fix or tests for the reported bug, so it requires further discussion and clarification before it can be merged.
#9317[Swarm] [Bug]: Connection error on Intel MacBook Pro persi@swarmagents
CLOSE3.0/10
The PR does not contain an actual fix or implementation, only a markdown note with general hypotheses and debugging suggestions.
The change is documentation-only and does not address the reported bug.
The PR does not follow the recommended approach of starting a GitHub Discussion or asking in Discord before submitting a PR for new features or architecture changes.
This PR adds a markdown file with debugging suggestions but does not implement a fix, which is a mild drift from the project's focus on stability and UX improvements as outlined in CONTRIBUTING.md.
The PR description suggests it addresses issue #9274, but the Greptile analysis indicates that no code changes were made, so it doesn't actually fix the bug.
The PR does not align with the project's vision and guidelines, and further discussion is needed to determine the best course of action to address the reported bug.
#9340feat(simulation): Add 100-bot society simulation with complete lifecycle@zandis
CLOSE3.0/10
The PR introduces a significant amount of new code and complexity, which may not be aligned with the project's current focus on stability and UX
The simulation is not explicitly mentioned in the project's roadmap or current focus areas
The PR does not include any information on how the simulation will be integrated with the existing codebase or how it will be tested
This PR introduces a large simulation feature that wasn't discussed in a GitHub Discussion or Discord first, violating the contribution guidelines.
The PR adds a large amount of code (2161 lines) which may not align with the current focus on stability, UX, skills, and performance as outlined in CONTRIBUTING.md.
While the PR is well-structured and aligns with the project's goals, it introduces significant complexity and is not explicitly mentioned in the project's roadmap, requiring further discussion and review.
The PR changes the Render deployment configuration to use the free plan, which may not provide durable storage, potentially breaking the app's reliance on state/workspace under /data.
The removal of the persistent disk mount at /data may cause runtime failures and data loss across restarts if the free plan provides only ephemeral storage.
This PR changes the Render deployment to a free plan and removes persistent storage, which directly conflicts with the goal of providing a reliable and always-on personal AI assistant as stated in the README.md. The removal of persistent storage will likely lead to data loss and a degraded user experience.
The PR introduces changes that may break the app's functionality and data persistence, requiring a thorough review to ensure the changes are safe and compatible with the project's requirements.
#14280feat: add Rube MCP plugin for 500+ app integrations@qdonohue
CLOSE3.0/10
The plugin manifest uses the wrong filename (`clawdbot.plugin.json` instead of `openclaw.plugin.json`), preventing the plugin from being loaded, which violates the project's plugin architecture.
There's a nonexistent type import (`ClawdbotPluginApi` from `src/plugins/types.js`), indicating a misunderstanding of the project's internal structure.
The package scope is incorrect (`@clawdbot/rube-mcp` instead of `@openclaw/rube-mcp`), and the `package.json` is missing the required `"openclaw": { "extensions": [...] }` field, deviating from the project's package management conventions.
The tool name casing mismatch (`normalizeTool`) suggests a lack of adherence to project coding standards.
The PR introduces a large number of changes (+1193/-29), which increases the risk of introducing bugs and makes it harder to review, conflicting with the contribution guidelines to keep PRs focused.
Due to fundamental errors in plugin manifest naming, type imports, package scope, and tool naming, this PR significantly deviates from the project's architecture and contribution guidelines, requiring substantial rework before it can be considered.
The PR introduces a committed invalid `openclaw.json` that will break config reads, which is a concrete security regression.
The changes expose Chrome DevTools Protocol (CDP) on a public bind + host-published port, and also publish the bridge port on all interfaces, creating unsafe default network exposure.
The Dockerfile grants passwordless sudo to the `node` user, negating the prior “run as non-root” hardening boundary.
The PR does not follow the recommended path of using the CLI wizard for setup, and instead uses a custom Docker setup.
The PR introduces a Gluetun VPN sidecar and custom network/IPs, which are not mentioned in the project's documentation and may not align with the project's goals.
The PR introduces significant security regressions and does not align with the project's recommended setup path, requiring further discussion and review before merging.
#16543[AI-assisted] feat(usage): support cache-hit differentiated pricing@OwenJiong24
CLOSE3.0/10
Contains a critical double-counting bug that will overcharge users
Assumption that cache read is a subset of input may not match provider reporting semantics
Introduces a critical bug where cache read tokens are double-counted, leading to overcharging, which directly contradicts the goal of accurate cost estimation.
While the PR addresses a specific need and follows project conventions, it contains critical bugs and issues that need to be addressed before merging.
#18157docs(mattermost): add always chatmode and requireMention workaround@andrey-esipov
CLOSE3.5/10
The `always` chatmode is not implemented in code, which may cause confusion for users who try to use it.
The `groups` workaround does not apply to Mattermost, which may lead to incorrect configuration and unexpected behavior.
The zh-CN translation was edited directly, which may not be in line with the project's translation workflow.
The `always` chatmode is not implemented in the code, so documenting it is premature and misleading.
The `groups` workaround for `requireMention` does not apply to Mattermost, making the documentation inaccurate.
While the PR adds useful documentation, it also introduces inconsistencies and potential issues that need to be addressed before merging.
The PR introduces a new `zhch/README.md` file with local git identity commands, which is user-specific and contains a personal email address, making it inappropriate for the repo.
The PR does not follow the project's guidelines for formatting utilities, terminal output, and CLI patterns.
The PR does not adhere to the project's import conventions and code quality standards.
The addition of `zhch/README.md` containing personal git configuration and email address is a significant deviation from project contribution guidelines and general security best practices.
The PR introduces Chinese-only interaction guidance, which may not align with the project's global vision if it aims to be language-agnostic or support multiple languages equally.
The PR has some aligned aspects, but the introduction of a user-specific file with personal information and the lack of adherence to project guidelines raise concerns that need to be discussed before merging.
Introduces significant out-of-scope behavioral changes, including a SmartRouter and context optimizer
Adds new external API-calling logic and undocumented options
Commits local/dev artifacts, such as package-lock and hard-coded batch scripts
Increases risk of regression and instability
The PR description and the Greptile analysis indicate that the PR includes several large, unrelated behavioral additions such as a SmartRouter, context-optimizer, PatchManager, and local patch tooling/artifacts, which significantly expands the scope and risk.
While the PR addresses a specific issue, its scope and risk are significantly increased by the introduction of unrelated changes, making it necessary to discuss and refactor the PR before merging.
The PR introduces a new dependency, @elizaos/openclaw-adapter, without clear justification or explanation of its purpose, which may conflict with the project's architecture or goals.
The PR changes the gateway locking behavior to allow running multiple gateway instances by default, which may introduce security risks or conflicts with the project's existing architecture.
The PR includes a sync workflow that can proceed after a failed merge, which may lead to unintended consequences or conflicts with the project's existing workflow.
This PR introduces a new root dependency `@elizaos/openclaw-adapter`, which is not aligned with the project's stated goals or roadmap. The README emphasizes OpenClaw as a personal AI assistant that connects to existing channels, not a platform for arbitrary adapters. The CONTRIBUTING.md encourages discussing new features/architecture before submitting a PR, which doesn't seem to have happened here.
The PR changes gateway locking behavior to allow multiple gateway instances by default, which could lead to instability or resource conflicts if not carefully managed. This deviates from the project's focus on stability and UX improvements.
The PR introduces significant changes to the project's architecture and workflow, but lacks clear justification or explanation of its purpose, which requires further discussion and review before merging.
#13539Claude/update dockerfile cmd 1 te te@federiconicolasvozza-oss
CLOSE3.5/10
Hard-codes a port that conflicts with the Render-provided PORT env var
Introduces an unrelated behavioral/cost change by updating the Render plan
Lacks testing and may cause deployment failures on Render
The Dockerfile change hardcodes port 18789, conflicting with Render's PORT environment variable, potentially breaking traffic and health checks, which deviates from the project's focus on stability and UX.
The render.yaml change modifies the service plan, introducing an unrelated behavioral/cost change that wasn't discussed and doesn't align with the current roadmap.
While the PR updates the Docker image and Render blueprint, it introduces conflicts and unrelated changes that require further review and testing.
The PR introduces a large number of changes (+1698/-24) across 22 files, which may indicate a lack of focus or a significant departure from the project's architecture.
The PR does not provide a clear explanation of the problem and fix in the description, making it difficult to understand the purpose and impact of the changes.
The PR does not include any evidence of testing or verification, which is a requirement for PRs in the CONTRIBUTING.md document.
The PR does not follow the recommended format for PR descriptions, which may indicate a lack of attention to detail or a disregard for project conventions.
The PR description is incomplete, lacking details on the problem, fix, and scope, which violates the contributing guidelines.
The PR requires further review to ensure that the changes align with the project's architecture and goals, and to verify that the fix is correct and thoroughly tested.
The PR includes unrelated functional changes (completion install/postinstall behavior, security scaffolding) that may not be aligned with the project's current focus
The PR includes a package version rollback, which may not be intentional and could cause issues
The PR includes a logic bug in the new history sanitization API, which could cause issues if merged as-is
Includes unrelated changes such as shell completion, session sanitization, and package version rollback, violating the CONTRIBUTING.md guideline to keep PRs focused.
The package version rollback could cause issues with deployments and updates.
While the PR addresses a specific issue and provides a temporary fix, it includes unrelated functional changes and a package version rollback that need to be reviewed and addressed before merging.
The PR does not actually fix the issue, but rather documents the suspected root cause and potential fixes
The PR title and description do not accurately reflect the contents of the PR, which may cause confusion
This PR only adds documentation and does not fix the reported bug, which is a mismatch with the PR title and description.
The PR does not include any code changes, build configuration modifications, or tests, contrary to the contributing guidelines.
While the PR provides valuable analysis and insights, it does not address the underlying issue and may require further work to ensure alignment with the project's goals and architecture.
#10912feat: add --session-key to clawdis system event@SocialNerd42069
Adds a tracked backup compose file, which is not directly related to the feature
Includes several unrelated container/docs changes (Dockerfile tooling installs, new compose override)
Lacks complete sessionKey plumbing path, making the feature inconsistent across code paths
The PR includes substantial, unrelated changes to the Dockerfile (installing gh, gogcli, goplaces, chrome deps) and docker-compose files (new override, backup compose file), which violates the principle of focused PRs.
While the PR addresses a specific problem and provides a clear solution, it introduces unrelated changes and lacks a complete implementation, requiring further discussion and refinement.
The PR introduces a `codeindex.cm` file that contains local machine paths and `sudo` instructions, which conflicts with the project's documentation guidance to avoid personal device names/hostnames/paths.
The PR's Feishu audio upload path likely mislabels non-opus audio as `file_type: "opus"` without conversion and omits the documented required `duration` for audio uploads, which can cause runtime/API failures.
The PR translates the AGENTS.md file to Chinese, but the CONTRIBUTING.md file states that `docs/zh-CN/**` is generated and should not be edited unless explicitly asked.
The PR introduces potentially problematic changes to the Feishu channel and includes a non-portable `codeindex.cm` file, requiring discussion and revision before merging.
#12996feat(infra): Add session persistence with atomic writes and recovery@trevorgordon981
DISCUSS4.0/10
Introduces a hardcoded Finnhub API token as a runtime fallback, which is a security issue and not aligned with the project's security guidelines
Lacks clear documentation on how the session persistence module is intended to be used in production, which may lead to confusion and misalignment with the project's goals
Introduces hardcoded API keys, a major security vulnerability, violating implicit security guidelines.
Includes a large number of changes across many files, contrary to the CONTRIBUTING.md guideline of keeping PRs focused.
Adds trading skills, which are not mentioned in the README or CONTRIBUTING.md as a current focus.
While the PR adds valuable features to the project, it also introduces a security issue that needs to be addressed before merging, and requires further discussion on how the session persistence module is intended to be used in production.
Introduces a new dependency on Supabase, which may not be aligned with the project's existing architecture and technology stack
Changes the project's name to 'SecureClaw' and rebrands the README, which may not be in line with the project's original vision and goals
Adds a new encrypted secret vault, which may not be compatible with the project's existing configuration and deployment models
This PR introduces a significant architectural change by adding Supabase as an optional environment variable store, which is not mentioned in the existing project documentation.
The introduction of 'SecureClaw' as a security-hardened distribution deviates from the project's core focus as a personal AI assistant.
While the PR addresses some security concerns and adds new features, it also introduces significant changes to the project's architecture and branding, which require further discussion and alignment with the project's maintainers and community.
#14509feat: setup and configure proxy system@montelli99
DISCUSS4.0/10
The PR introduces a new Python package structure and dependencies, which may not be aligned with the project's existing architecture
The PR includes a new configuration system, which may not be consistent with the project's existing configuration management
The PR includes a new scraper module, which may not be aligned with the project's existing data scraping architecture
The PR does not explicitly mention how the new proxy system will be integrated with the existing OpenClaw architecture
The PR does not provide clear documentation on how to use the new proxy system
While the PR addresses a specific need, it introduces significant changes to the project's architecture and configuration management, which require further discussion and review to ensure alignment with the project's goals and existing architecture.
The new instrumentation logs full user prompts, tool results, and full assistant message structures at info level, which is likely to capture secrets/PII and tool output contents
The added analyzer script's help text references a different filename than the one added, and there's a stray 'logs/log' file that looks accidental
The logger path resolution change alters how relative log file paths behave and may need reconsideration or explicit documentation
The PR introduces a Python log analyzer, which is a new dependency and tool outside the core focus of the project as defined in the README (personal AI assistant, not log analysis).
The PR logs full user prompts, tool results, and assistant messages at the info level, which poses a significant security risk by potentially exposing secrets and PII, conflicting with the project's need for security.
While the PR adds valuable structured log content, it raises significant concerns about sensitive data exposure and needs further discussion to address these issues before merging.
#17986feat: Add GOALS.md and SOUVENIR.md template files@ibrahimq21
REVIEW4.5/10
The templates contain user-specific content instead of generic placeholders, reducing reusability across different workspaces.
The templates deviate from the established pattern of using placeholder text or leaving fields blank, which may cause inconsistencies in the codebase.
The PR adds templates with user-specific content, which deviates from the established pattern of using generic placeholders in templates like IDENTITY.md, USER.md, and SOUL.md, as noted by Greptile.
The CONTRIBUTING.md states that new features/architecture should be discussed first, and it's unclear if this was done.
The current focus is on stability, UX, skills, and performance, and this PR doesn't directly address those priorities.
While the PR adds new template files, it deviates from the established pattern of using generic placeholders, which may cause inconsistencies in the codebase, and therefore requires further review and discussion.
#18224fix(telegram): allow per-message link preview override@Clawborn
DISCUSS4.5/10
The PR includes multiple unrelated changes, which is against the repository guidelines
The PR description only mentions the Telegram link preview fix, but includes 6 other changes
A critical issue was found in the code, a command injection vulnerability in `src/process/kill-tree.ts`
The PR bundles multiple unrelated changes, violating the contribution guideline to keep PRs focused.
The PR description is misleading as it only describes one of the many changes included.
While the PR includes some useful changes, it also includes multiple unrelated changes and a critical security issue, which needs to be discussed and addressed before merging.
#7044feat: Add local model tool calling support@jokelord
REVIEW4.5/10
Contains unrelated breaking changes and a malformed test file
Schema changes make previously-optional config required and remove the `edge` TTS provider
Runner now contains multiple `/tmp` debug file writes which add side effects and can fail/unhandled-reject in some environments
Includes unrelated changes like removing the `edge` TTS provider and a non-TS test file, and introduces debug file writes, which increases merge risk and adds side effects.
Schema changes make previously optional config required, which could break existing configurations.
While the PR introduces a useful feature, it contains unrelated breaking changes and potential issues that need to be addressed before merging.
#7328Feat/integrate chutes ai Details in Readme_chutes.md@Trompetilla
DISCUSS4.5/10
OAuth-only users are handled in implicit provider resolution with a placeholder `apiKey` and an empty bearer token
The new CLI command does not perform actual model discovery, only ensures a models.json file exists
Changes to multiple files, including workflows and README, without clear justification or documentation
The PR description and Greptile analysis raise concerns about OAuth handling and the actual functionality of the new CLI command, suggesting potential functional mismatches and incomplete implementation.
The removal of the `auto-response.yml` workflow is unexplained and could impact issue management.
While the PR adds new features and integrations, it raises concerns about OAuth-only user handling and the functionality of the new CLI command, requiring further discussion and clarification before merging.
The introduction of a patch script (patch-openclaw-dashboard.sh) that modifies built/minified assets is brittle and environment-specific, which may cause issues across installs and upgrades.
The in-flight guard added to prevent concurrent log fetches may unintentionally ignore user-triggered refreshes, which could lead to unexpected behavior.
Introduces a brittle patch script (`patch-openclaw-dashboard.sh`) that directly modifies minified assets in a hardcoded environment, which is not maintainable or portable and conflicts with standard development practices.
The patch script targets specific file names and paths within the `node_modules` directory, which are subject to change with updates, making the patch unreliable.
The concurrency guard implemented in `ui/src/ui/controllers/logs.ts` might unintentionally suppress user-triggered refreshes, negatively impacting UX.
While the PR addresses a specific performance issue, it also introduces some concerns around maintainability and potential unexpected behavior, which require further review and discussion.
#9319[Swarm] [Mattermost] WebSocket disconnects with "client si@swarmagents
DISCUSS4.5/10
The PR does not actually fix the reported WebSocket issue, but rather provides speculative analysis and recommendations
The PR title and description imply a bugfix, but the added content does not contain actionable code changes
The PR does not align with the project's current focus on stability, UX, skills, and performance
The PR adds a contribution note with speculative analysis rather than a code fix, which doesn't directly address the issue. The PR title implies a bug fix, but the content is more of a troubleshooting guide.
The CONTRIBUTING.md states 'Bugs & small fixes → Open a PR!', but this PR doesn't contain a fix.
While the PR is well-written and follows contribution guidelines, it does not provide a concrete solution to the reported issue and may not align with the project's current priorities, requiring further discussion and clarification.
#9319[Swarm] [Mattermost] WebSocket disconnects with "client si@swarmagents
DISCUSS4.5/10
The PR does not actually fix the reported WebSocket issue, but rather provides a speculative analysis
The PR title/description imply a bugfix, but the added content does not contain actionable code changes
The PR does not meet the project's contribution expectations, as it does not contain actionable, non-speculative information
The PR adds a contribution note with speculative analysis rather than a code fix, which doesn't directly address the issue. The PR title implies a bug fix, but the content is more of a troubleshooting guide.
The CONTRIBUTING.md states 'Bugs & small fixes → Open a PR!', but this PR doesn't contain a fix.
While the PR is well-formatted and provides a clear analysis, it does not actually fix the issue and does not meet the project's contribution expectations, so further discussion is needed to determine the best course of action.
#9861fix(agents): re-run tool_use/tool_result repair after limitHistoryTurns@CyberSinister
The PR introduces a new dependency on the Chia blockchain and wallet protocol, which may not be aligned with the project's current architecture and technology stack.
The PR's implementation of notification delivery appears to be wired to an API shape that doesn't match OpenClaw's runtime channel surface, which may cause issues with notification delivery.
The PR's focus on Chia blockchain wallet monitoring may not be aligned with the project's current priorities, which are listed as stability, UX, skills, and performance.
The PR introduces a specific blockchain wallet monitoring feature, which is outside the core focus of a general-purpose AI assistant.
The reliance on P2P connections and self-signed certificates introduces security considerations that may not align with the project's overall security model.
While the PR adds a new feature that could be useful to some users, it introduces new dependencies and potential architecture drift, and its implementation has some issues that need to be addressed.
#15583docs: Autonomous Governance Framework for bot ecosystem@Insider77Circle
DISCUSS4.5/10
The PR introduces a significant amount of new complexity to the project, which may not align with the current focus on stability and UX
The proposal relies heavily on AI-generated content, which may not be thoroughly reviewed or tested
The PR does not provide a clear plan for implementation, testing, or maintenance of the proposed governance framework
The PR introduces a complex governance framework that may be premature for the current stage of the project, as the README emphasizes a personal AI assistant and the CONTRIBUTING guide prioritizes stability, UX, skills, and performance.
The scope of the proposed framework seems more suited for a large, decentralized ecosystem, which is not the stated goal of OpenClaw.
While the PR addresses a need for a governance framework, it introduces significant complexity and relies heavily on AI-generated content, which requires further discussion and review before proceeding.
⭐ Top Quality PRs
Highest-scoring PRs across all quality dimensions.
#17232fix(memory-lancedb): classify preferuji statements as preference@ciberponk
9.6/10
High-quality PR with excellent test coverage, focused scope, and minimal breaking risk.
#17513fix(discord): respect groupPolicy in channel config fallback (#4555)@aronchick
9.6/10
High-quality PR with thorough tests and minimal scope, but minor style inconsistencies.
#12257fix(mattermost): default table mode to 'off' for native Markdown rendering@mcaxtr
9.6/10
High-quality PR with comprehensive tests and minimal scope, but minor style inconsistencies.
#16978fix(hooks): preserve before_tool_call marker across abort signal wrapping@arosstale
9.6/10
High-quality PR with clear rationale, comprehensive test coverage, and minimal, targeted fix.