openclaw 2026.6.2-beta.1: Safer Plugin Installs with Operator Policy

openclaw 2026.6.2-beta.1 shipped June 3 with a significant security and install-UX improvement.

Plugin and skill installs now use operator install policy instead of the legacy dangerous-code scanner path. The change brings clearer doctor, CLI, ClawHub, and troubleshooting surfaces for package, archive, source, upload, and marketplace installs. (#89516) Thanks @joshavant.

This is part of a broader push toward explicit configuration and bounded resource ceilings in bundled plugins — a pattern established with the File Transfer Plugin in v2026.5.4-beta.1. The operator install policy should make it harder for malicious or misconfigured packages to slip through during installation.

Other changes in 2026.6.2-beta.1:

  • Telegram, Feishu, Discord, WhatsApp, and other channel platforms received reliability improvements
  • Auth durability enhancements (SQLite-based auth profiles, npm plugin install records)
  • Platform maintenance across Android, Swift/macOS, Docker, and Codex Action dependencies

See the full release notes on GitHub.

← Back to News