Good morning, shrimp farmers! Lobster has updated again and again!
Nine days later, Shrimp Father Peter brings the brand new version 2026.3.22-beta.1.
The update is so rich it’s arguably the largest in history—you’ll need to scroll with your trackpad and mouse wheel for a while just to finish reading.
First, let’s tell you the most critical point: Lobster can now update itself.
Returning to the update highlights, here is an overview:
- Plugin Upgrade: The legacy
openclaw/extension-apihas been completely removed with no compatibility shims provided. All plugins now uniformly use the newopenclaw/plugin-sdk/*. Installation priority is ClawHub; only if not found there should you turn to npm. - Model Updates: New additions include MiniMax M2.7, GPT-5.4-mini/nano, and default modes for agent “Thinking/Reasoning/Fast.”
- Interaction Optimization: Added
/btwfor quick Q&A, supporting instant questions without tool calls, which does not affect future sessions; the terminal UI can be disabled, allowing BTW replies to display on external channels. - Security: Core SSH sandbox is now live, supporting key/certificate/known_hosts verification, while OpenShell focuses on sandbox lifecycle management.
Additionally, Lobster has optimized security, UI, Android mobile support, and social media integration. Let’s take a closer look.
Plugin Updates
To enhance plugin distribution security and development standards, OpenClaw has made significant optimizations to the plugin installation mechanism and development interfaces:
Beyond unifying plugins under ClawHub and removing the old openclaw/extension-api, bundled plugins must now perform host-side operations through injected runtimes (e.g., api.runtime.agent.runEmbeddedPiAgent).
All direct imports must point to the streamlined openclaw/plugin-sdk/* subpaths; full imports from the monolithic SDK root directory are prohibited.
Furthermore, the new Matrix plugin is now directly supported by the official matrix-js-sdk, bringing more reliable protocol compatibility and encryption performance.
Security Updates
In this update, Lobster has further strengthened identity verification and execution auditing.
The new version adds native SSH sandbox support, meaning you can now use keys, certificates, and known_hosts for fine-grained authentication.
The original shared remote execution and file system tools have been formally moved into the Core Library, while OpenShell focuses more on sandbox lifecycle management and optional Mirror mode.
In the exec approval process, the system can now automatically identify scheduling wrappers like time. When executing a time … command, the approval logic penetrates the path to bind directly to the internal executable.
Architecturally, the new version introduces a pluggable backend design. The sandbox runtime officially supports pluggable backends, allowing seamless switching between mirror mode and remote workspace mode.
In terms of deployment, the config set command now supports SecretRef (secret references), JSON batch assignment, and provides a structured output --dry-run validation mode, making configuration deployment safer and more intuitive.
Notably, the new version of Lobster will refuse to install remote plugin manifests that attempt to operate outside the official clone market repository (such as external Git, HTTP, or absolute paths).
Interaction and Efficiency
In the new version of Lobster, when a complete prompt exceeds the maxSkillsPromptChars limit, the system no longer discards it violently. Instead, it prioritizes the Compact Directory Fallback strategy to maximize the retention of registered skill entries.
When an Agent triggers automatic compaction, the system notifies the user. However, to ensure interaction experience, these notifications do not enter text-to-speech (TTS) and do not disrupt the original thread relationships of the assistant’s replies.
Plugins can now dynamically adjust context formats during the assembly phase based on the incoming modelId, ensuring that models of different sizes receive the most suitable input.
For room messages that are “Mention-only” or discarded, the system no longer refreshes focus thread bindings prematurely.
This improvement ensures that in rooms with lower interaction frequencies, idle ACP (Agent Control Plane) and session bindings expire as expected, effectively saving server resources.
To handle potential message storms caused by gateway restarts, the new version introduces inbound room event persistence deduplication.
Even during gateway restarts, the system can accurately identify processed messages, ensuring old messages are not replayed as new ones, while guaranteeing that unseen events are correctly resent after the restart.
Model Updates
As with previous updates, this release deeply synchronizes mainstream model libraries:
The system adds native forward-compatible support for gpt-5.4-mini and gpt-5.4-nano.
OpenAI’s default setting models have officially switched to gpt-5.4. More importantly, all defaults—chat, image, voice, embeddings—are now centralized in a shared module, enabling “seamless switching” for future model upgrades.
MiniMax Family Full Upgrade: The default model has evolved from MiniMax M2.5 to MiniMax M2.7. New high-speed versions like MiniMax M2.7-highspeed have been added, and the /fast command is directly mapped to the high-speed mode of each generation.
Additionally, bundled API and OAuth plugins have been merged for simpler configuration.
Zhipu Synchronization: Full alignment with the GLM 4.5/4.6 model series, covering the latest multimodal entries and token billing standards.
The Grok directory has synchronized to the latest Pi support IDs, optimizing /fast mode routing. Mistral default metadata has also completed price synchronization, ensuring usage statistics are more transparent and accurate.
GitHub Copilot Dynamic Compatibility: Now supports forward compatibility for dynamic model IDs. This means you can call new models released by the official team without updating your code, maintaining business continuity.
Each agent can independently set “Thinking / Fast / Reasoning” modes; unsupported model overrides automatically fall back to the default optimal choice.
UI and Endpoint Optimizations
The UI interface adds a “Roundness” adjustment slider, allowing users to freely define visual styles from “hardcore right angles” to “rounded curves.” Additionally, chat bubbles now feature an “Expand to Canvas” function for handling complex tasks.
Furthermore, the usage overview style has been refactored, removing redundant placeholder cards for more responsive and intuitive information display.
Mobile devices fully support system-level dark mode. More importantly, Android nodes now possess SMS and call log search capabilities, with optimized TTS architecture that keeps keys on the gateway side, enhancing security while ensuring smoother playback.
Notably, Feishu (Lark) now supports deep operations such as viewing/editing messages, pinning messages, and viewing group members.
Telegram: Supports custom Bot API endpoints, auto-generates forum tags, and allows silent sending of error replies.
Matrix: Adds allowBots and allowPrivateNetwork options, supporting bot speech and internal server connections.
Documentation Updates: Added lists for community versions of DingTalk, QQbot (QQ Robot), and Wecom plugins. Updated the configuration guide for Zalo channels.
Important Fixes
Beyond new features, this update also fixes several critical security vulnerabilities.
This release addresses risks that could lead to Windows password leaks and command spoofing:
Malicious input is intercepted before Windows file path loading; issues with iOS pairing code abuse and macOS approval interface Unicode hiding vulnerabilities have been resolved.
In terms of performance, cold start times have dropped from minutes to seconds: code recompilation no longer repeats, plugins use lazy loading, and the main model warms up at startup, significantly improving experience.
Model and search compatibility has also strengthened; OpenAI and third-party large models no longer error out due to field or duplicate ID issues. OpenRouter can now properly handle vision models, and Exa search supports more content extraction and higher result limits.
Social channel experiences have seen obvious optimization: Telegram replies are stable and do not disappear when parent messages are deleted; Feishu bots support viewing/editing/pinning messages and group member management; WhatsApp does not reprocess old messages after reconnecting.
Mobile and console experiences are smoother as well: Android fixes memory leaks and dark mode adaptation issues, multi-gateway settings achieve isolation, making operations safer and more reliable.
One More Thing
Many netizens expressed satisfaction with this update. Especially regarding the plugin market, this release makes Lobster feel more like a true platform.
ClawHub and sandbox features are also highlights long awaited by users.
Some netizens found this release impressive, but the real difficulty lies not in the “volume of updates,” but in OpenClaw becoming easier to extend, easier to install, and easier to connect tools.
Of course, many users discovered after updating: “WhatsApp doesn’t work anymore?”
For domestic users, WeChat seems to have encountered issues as well.
Netizen Lin Yi LYi found that the ClawBot plugin for WeChat crashed directly after updating, and was prompted by OpenClaw officials with “WARNING: Dangerous Code Patterns.”
Does this mean Lobster’s official WeChat plugin only survived one weekend?