OpenClaw v2026.3.22: What Broke, What’s New, and What to Actually Use

OpenClaw v2026.3.22 isn’t a “nice little update.” If you’ve been running a real OpenClaw setup for a while, especially one with custom plugins, browser automation, or older environment conventions, you need to audit your stack before you celebrate anything.

I run OpenClaw on bare metal Ubuntu 24.04 with Discord as the primary interface, Claude Opus 4.6 as the orchestrator, GPT 5.4 for code work, Ollama Cloud models (MiniMax M2.7, DeepSeek V3.2, GLM-5) for budget tasks, and Ollama local for embeddings. Not a toy install. From that angle, v2026.3.22 looks less like a routine monthly release and more like a cleanup pass that forces some overdue migrations while also shipping a few features I actually want to adopt immediately.

Here’s what matters.

What Can Break Today

Three changes deserve immediate attention before anything else.

The Legacy Browser Extension Relay Is Gone

This is the biggest one for my setup because we had been using the Chrome extension relay path for browser automation. That path is removed. Not deprecated. Removed.

If your config still references driver: "extension" or browser.relayBindHost, you’re on dead configuration. The replacement is the existing-session or user profile model. OpenClaw wants to attach to a real Chromium session instead of hopping through the old relay mechanism.

Good long-term change. The legacy extension path was always a little awkward. But in practical terms, this is the kind of breaking change that quietly wipes out browser-dependent workflows if you upgrade first and inspect later.

What to do immediately:

  • Run openclaw doctor --fix
  • Search config for driver: "extension" and relayBindHost
  • Verify browser automation against the new existing-session or user flow
  • If you use Brave or Edge, consider setting userDataDir explicitly (new in this release)

The good news: the replacement path got better in the same release. OpenClaw now supports userDataDir for browser profiles, which means attaching to non-Chrome Chromium variants is much cleaner. Something broke, but the migration target is actually better than what we had.

The Plugin SDK Changed With No Compatibility Shim

openclaw/extension-api is gone. The public SDK surface is now openclaw/plugin-sdk/*, and there’s explicitly no compatibility shim. Older plugin code doesn’t get a grace period. It gets a migration project.

If you only install bundled plugins, this is mostly someone else’s problem. If you maintain custom plugins, message adapters, or internal integrations, this should be at the top of your upgrade checklist. Old imports will fail, plugin discovery code may need updates, and shared message tool discovery now expects describeMessageTool(...).

For teams with even a small private plugin ecosystem: stage the release, run plugin smoke tests, and look specifically at host-side operations that used older SDK assumptions before touching production.

Legacy Env Names Are Finally Dead

OpenClaw removed the old CLAWDBOT_* and MOLTBOT_* compatibility environment variables. You have to use OPENCLAW_* now.

Sounds minor until you remember where old env names hide: shell profiles, PM2 ecosystem files, install scripts, cron wrappers, and ancient one-off migration notes that became infrastructure by accident.

Grep across .bashrc, .profile, PM2 configs, deployment scripts, cron wrappers, and any .env files. Related: the old ~/.moltbot fallback for state and config auto-detection is also gone. Move anything still under that path to ~/.openclaw or set OPENCLAW_STATE_DIR and OPENCLAW_CONFIG_PATH explicitly.

Security and Stability Hardening

The changelog is full of features, but I think the security work is more important than most of the shiny stuff.

Exec sandbox hardening. OpenClaw now blocks dangerous environment variables in the exec sandbox: JVM injection paths (MAVEN_OPTS, SBT_OPTS, GRADLE_OPTS, ANT_OPTS), GLIBC_TUNABLES, and .NET dependency hijack paths. If you let agents execute tools on a machine that matters, this is exactly the kind of default you want. Net win with almost no downside.

Voice webhook pre-auth tightening. Missing signature headers get rejected before body reads. Pre-auth request size capped to 64KB/5s. Concurrent pre-auth requests limited per IP. If you expose voice or webhook endpoints to the public internet, this matters.

Discord command deployment. Switched to Carbon reconcile by default. Fewer slash command churn issues on restarts. If you run Discord as your primary channel, this is the operational polish you want. Less “why did the bot just re-register everything again?” energy.

Usage tracking fixed. Rotated and deleted archived sessions are now included in usage totals correctly. Previous numbers were undercounting. If you use usage reporting to make cost decisions, your real numbers may be higher than the old dashboard implied.

Features Worth Adopting Right Away

/btw: Side Questions Without Context Pollution

My favorite addition in the whole release. /btw lets you ask a side question about the current session without polluting future session context. Sometimes I want a quick clarification or throwaway check that shouldn’t become part of the long-running conversation state.

Cleaner context hygiene. Fewer digressions. Less accidental context bloat. For anyone running long sessions, this should become muscle memory fast.

Per-Agent Reasoning Defaults

OpenClaw now supports per-agent thinking, reasoning, and fast defaults, with auto-revert for disallowed model overrides back to the agent’s default selection.

This fits how I already think about model routing: judgment and orchestration on Opus, code production on GPT 5.4, budget triage and scanning on Ollama Cloud models like MiniMax M2.7 and DeepSeek V3.2. Before this, that policy lived partly in config, partly in habit, and partly in “please remember to use the right model.” Baking it into per-agent defaults is cleaner and much less brittle.

If you run sub-agent workflows, adopt this early. It turns your routing strategy into infrastructure instead of etiquette.

GPT 5.4 as Default OpenAI Model

Matches where I’d already landed operationally. For coding and drafting, 5.4 is simply where you want to be. The more interesting piece is forward compatibility for gpt-5.4-mini and gpt-5.4-nano, ready when those launch.

MiniMax M2.7 With Highspeed Variants

OpenClaw added M2.7 and bumped the default from M2.5 to M2.7. If you’re already routing budget tasks into MiniMax via Ollama Cloud, this is worth benchmarking immediately. The highspeed mapping for /fast gives you a cleaner “cheap and fast” lane without inventing another policy abstraction.

I wouldn’t blindly migrate every low-stakes path on day one, but I’d absolutely test M2.7 against the specific jobs where M2.5 was good enough but occasionally thin.

ClawHub as First-Class Package Source

openclaw plugins install now prefers ClawHub over npm for npm-safe package names. Native skills search, install, and update flows are built in.

This is both convenient and a behavior change. Installs may no longer resolve from the source you assumed. If you care about reproducibility, start being explicit about where things come from. If you care about discovering community add-ons faster, ClawHub just became a real part of the ecosystem.

Features Worth Adopting Selectively

SSH sandbox backend. Interesting if you want isolation on remote hosts without committing to Docker-style local sandboxing. I’d use this for controlled remote execution in split-trust environments, but it deserves careful rollout.

Bundled Exa, Tavily, and Firecrawl. Makes OpenClaw’s web tooling story more modular. Adopt based on task fit, not all at once.

Compaction notifications. Users get notified when auto-compaction starts and finishes. Sounds small, matters in long sessions. Silent compaction is efficient for machines and confusing for humans.

Memory plugin system prompt injection. Powerful, but raises the ceiling for prompt complexity. Useful. Also something to roll out carefully.

Anthropic Vertex and Chutes providers. Good expansions of provider optionality. OpenClaw keeps getting better at turning provider choice into configuration instead of custom engineering.

Image generation consolidation. The old nano-banana-pro skill wrapper is gone. If you used it, switch to agents.defaults.imageGenerationModel. We use Gemini Flash for imagegen, so this was a quick config check.

Post-Upgrade Checklist

If you’re upgrading an existing serious install:

  1. Run openclaw doctor --fix
  2. Migrate browser automation off the legacy extension relay
  3. Grep for CLAWDBOT_* and MOLTBOT_* across shell, PM2, cron, and scripts
  4. Confirm state and config paths are under ~/.openclaw
  5. Smoke test all custom plugins against openclaw/plugin-sdk/*
  6. Verify image generation config doesn’t depend on nano-banana-pro
  7. Re-test Discord command behavior after restart
  8. Review usage metrics (older numbers were undercounted)
  9. Enable per-agent defaults for reasoning and model routing
  10. Start using /btw immediately

Bottom Line

OpenClaw v2026.3.22 is a very good release, but it’s not a lazy upgrade.

The important story isn’t “look at all the new stuff.” It’s that OpenClaw is pruning legacy paths, tightening security boundaries, and getting more opinionated about the architecture it wants users to run. Most of those opinions are correct.

The browser relay removal will annoy people. The plugin SDK break will annoy plugin authors more. The env cleanup will catch a few old setups off guard. But the replacement direction is mostly better: cleaner browser attachment, clearer SDK boundaries, more explicit config, stronger sandboxing, calmer Discord command deployment, and better model-routing primitives.

Treat it like a migration release with bonuses. Fix what broke first. Then adopt /btw, per-agent defaults, ClawHub installs, and MiniMax M2.7 testing. Do that, and v2026.3.22 isn’t just survivable. It’s worth it.