OpenClaw just shipped its most significant update of 2026. Version 2026.4.5 does not just add features—it fixes critical security vulnerabilities, expands AI provider support, and transforms how agents handle media. If you are running an AI assistant across multiple platforms, this release changes what your agent can do and how safely it can do it.
What OpenClaw Is (And Why This Update Matters)
OpenClaw is a multi-channel AI gateway that lets you run personal AI assistants across Telegram, Discord, Slack, WhatsApp, and dozens of other platforms. Think of it as the infrastructure layer between you and the AI models—handling authentication, message routing, tool execution, and now, media generation.
The 2026.4.5 release is substantial. It adds native video and music generation tools, hardens security against agent escape attacks, expands provider support to include Chinese models like Qwen and StepFun, and fixes the pairing required errors that broke local execution for many users after the March 31 update.
Native Video Generation: AI Agents Can Now Produce Video
The headline feature is built-in video generation. OpenClaw now includes a video_generate tool that lets agents create videos directly through configured providers, with results delivered automatically as attachments.
Bundled providers include:
- xAI (Grok) — Elon Musk’s video generation model
- Alibaba Model Studio Wan — Chinese video generation via Wan 2.1
- Runway — The established video generation platform
This is not a plugin workaround or external API call. It is a first-class tool with async task tracking, reference image support (up to 5 images), and automatic delivery when generation completes. Agents can now produce video content as seamlessly as they generate images or text.
Why this matters: Video has been the missing media type in agent workflows. With this release, OpenClaw agents can now create tutorials, demonstrations, visual explanations, and social content without leaving the conversation context.
Native Music Generation: Audio Becomes a Core Capability
Alongside video, OpenClaw 2026.4.5 adds a music_generate tool with bundled support for Google Lyria, MiniMax, and ComfyUI workflows.
The implementation includes async task tracking with follow-up delivery, duration hints (where providers support it), and instrumental-only output options. Generated tracks are saved under OpenClaw-managed media storage and delivered automatically.
Why this matters: Background music, sound effects, and audio branding can now be generated on-demand by agents. For content creators and automation workflows, this removes another external tool from the chain.
Security Hardening: Closing Agent Escape Vectors
The 2026.4.5 release includes significant security improvements—some addressing vulnerabilities that could allow malicious agents to escape sandbox constraints.
Critical fixes include:
Credential path binding blocked: Agents can no longer bind-mount sensitive credential directories like ~/.aws, ~/.config/gcloud, or ~/.kube into sandboxed environments. This prevents agents from exfiltrating cloud credentials through file reads.
Proxy and TLS override restrictions: Agents can no longer manipulate HTTP_PROXY, NODE_TLS_REJECT_UNAUTHORIZED, or SSL_CERT_FILE to redirect traffic through attacker-controlled endpoints or disable certificate validation.
Python package index protection: The PIP_INDEX_URL environment variable is now restricted, preventing agents from installing packages from malicious PyPI mirrors.
Claude CLI security: OpenClaw-launched Claude CLI sessions now clear inherited environment variables that could redirect to alternate config directories, proxy endpoints, or managed auth contexts. This prevents backdoor sessions from silently using different credentials or hooks.
Why this matters: As AI agents gain more capabilities, they become more attractive targets for exploitation. These hardening measures close escape vectors that could allow a compromised agent to access cloud infrastructure, exfiltrate data, or persist access across sessions.
Provider Expansion: More Models, Less Configuration
OpenClaw 2026.4.5 adds several new bundled providers: Qwen (Alibaba), Fireworks AI, StepFun, MiniMax TTS, and Ollama Web Search.
Amazon Bedrock improvements: The release adds Mantle support with inference-profile discovery and automatic request-region injection. Bedrock-hosted Claude, GPT-OSS, Qwen, Kimi, GLM, and similar models now work with less manual setup.
Why this matters: More providers mean more model options without API key management overhead. The Bedrock improvements are particularly significant for enterprise users who want to leverage AWS-managed AI services.
Bug Fixes: The Pairing Required Problem Is Solved
The March 31 update (2026.3.31) introduced a regression that broke local execution for many users. After that update, local exec and node clients started failing with pairing required errors—even for previously working setups.
Version 2026.4.5 restores legacy-role fallback for empty paired-device token maps and allows silent local role upgrades. Local exec and node clients now work again without requiring re-pairing.
Additional fixes include:
- Subagent gateway calls no longer fail with pairing required errors
- Invalid exec-approvals.json values are now normalized instead of corrupting runtime policy
- Gateway lock files now detect PID recycling on Windows and macOS, preventing stale lock issues
Memory and Dreaming Improvements
The experimental dreaming feature—background memory promotion—gets significant upgrades:
- Weighted short-term recall promotion — Recent memories get appropriate weighting
- Three-phase dreaming — Light, deep, and REM phases with independent schedules
- Configurable aging controls — Operators can tune recencyHalfLifeDays and maxAgeDays
- Dream Diary surface — New UI for reviewing memory promotion decisions
Why this matters: Long-term memory has been a challenge for AI assistants. These improvements make memory promotion more predictable and tunable without manual setup.
Multilingual Control UI
The Control UI now supports 12 additional languages: Simplified Chinese, Traditional Chinese, Brazilian Portuguese, German, Spanish, Japanese, Korean, French, Turkish, Indonesian, Polish, and Ukrainian.
This makes OpenClaw accessible to a significantly broader global audience.
What This Means for Users
If you are running OpenClaw, you should update to 2026.4.5 immediately. The security fixes alone justify the upgrade—especially if you run agents with tool access or sandboxed execution.
The new media generation capabilities (video and music) open up new use cases: content creation workflows, automated social media management, educational and tutorial content, and audio branding and sound design.
The expanded provider support means you can experiment with more models without additional configuration overhead.
The Bottom Line
OpenClaw 2026.4.5 is a milestone release. It transforms agents from text-and-image generators into full multimedia producers while closing security gaps that could have allowed credential theft and sandbox escapes.
For a project that launched as Clawdbot in November 2025, the pace of development is remarkable. The lobster is growing claws—and they are sharper than ever.
Sources
- OpenClaw GitHub Releases — Official release notes for 2026.4.5
- OpenClaw Changelog — Detailed change history
- OpenClaw Documentation — Official documentation
- OpenClaw npm Package — Version 2026.4.1
- Reddit r/openclaw Discussion — Community reactions to 2026.4.5
