ci: add process exec codeql security shard

Limit sessions_send active-run queue delivery to run-scoped targets, keep stranded cron-run fallback for valid cron run keys, and report unsafe queue rejections without rerouting through durable sessions. Fixes #91420.

.github/codeql/codeql-process-exec-boundary-critical-security.yml

@@ -0,0 +1,61 @@
+name: openclaw-codeql-process-exec-boundary-critical-security
+
+disable-default-queries: true
+
+queries:
+  - uses: security-extended
+
+query-filters:
+  - include:
+      precision:
+        - high
+        - very-high
+      tags contain: security
+      security-severity: /([7-9]|10)\.(\d)+/
+
+paths:
+  - src/process
+  - src/tui/tui-local-shell.ts
+  - src/tui/tui.ts
+  - src/plugin-sdk/windows-spawn.ts
+  - packages/agent-core/src/harness/env
+  - packages/memory-host-sdk/src/host
+  - extensions/acpx/src
+  - extensions/bonjour/src/advertiser.ts
+  - extensions/browser/src/browser/chrome-mcp.ts
+  - extensions/browser/src/browser/chrome.executables.ts
+  - extensions/browser/src/browser/chrome.ts
+  - extensions/codex/src/app-server/sandbox-exec-server
+  - extensions/codex/src/app-server/transport-stdio.ts
+  - extensions/codex/src/node-cli-sessions.ts
+  - extensions/codex-supervisor/src/json-rpc-client.ts
+  - extensions/file-transfer/src
+  - extensions/google-meet/src
+  - extensions/imessage/src
+  - extensions/memory-core/src/memory/qmd-manager.ts
+  - extensions/memory-wiki/src/obsidian.ts
+  - extensions/microsoft-foundry/cli.ts
+  - extensions/ollama/src/wsl2-crash-loop-check.ts
+  - extensions/qa-lab/src
+  - extensions/signal/src/daemon.ts
+  - extensions/tts-local-cli/speech-provider.ts
+  - extensions/voice-call/src
+  - scripts
+
+paths-ignore:
+  - "**/node_modules"
+  - "**/coverage"
+  - "**/*.generated.ts"
+  - "**/*.bundle.js"
+  - "**/*-runtime.js"
+  - "**/*.test.ts"
+  - "**/*.test.tsx"
+  - "**/*.spec.ts"
+  - "**/*.spec.tsx"
+  - "**/*.e2e.test.ts"
+  - "**/*.e2e.test.tsx"
+  - "**/*test-support*"
+  - "**/*test-helper*"
+  - "**/*mock*"
+  - "**/*fixture*"
+  - "**/*bench*"

.github/workflows/codeql.yml

@@ -17,7 +17,28 @@ on:
       - ".github/actions/**"
       - ".github/codeql/**"
       - ".github/workflows/**"
+      - "extensions/acpx/src/**"
+      - "extensions/bonjour/src/advertiser.ts"
+      - "extensions/browser/src/browser/chrome-mcp.ts"
+      - "extensions/browser/src/browser/chrome.executables.ts"
+      - "extensions/browser/src/browser/chrome.ts"
+      - "extensions/codex/src/app-server/sandbox-exec-server/**"
+      - "extensions/codex/src/app-server/transport-stdio.ts"
+      - "extensions/codex/src/node-cli-sessions.ts"
+      - "extensions/codex-supervisor/src/json-rpc-client.ts"
+      - "extensions/file-transfer/src/**"
+      - "extensions/google-meet/src/**"
+      - "extensions/imessage/src/**"
+      - "extensions/memory-core/src/memory/qmd-manager.ts"
+      - "extensions/memory-wiki/src/obsidian.ts"
+      - "extensions/microsoft-foundry/cli.ts"
+      - "extensions/ollama/src/wsl2-crash-loop-check.ts"
+      - "extensions/qa-lab/src/**"
+      - "extensions/signal/src/daemon.ts"
+      - "extensions/tts-local-cli/speech-provider.ts"
+      - "extensions/voice-call/src/**"
       - "packages/**"
+      - "scripts/**"
       - "src/**"
   push:
     branches:
@@ -26,7 +47,28 @@ on:
       - ".github/actions/**"
       - ".github/codeql/**"
       - ".github/workflows/**"
+      - "extensions/acpx/src/**"
+      - "extensions/bonjour/src/advertiser.ts"
+      - "extensions/browser/src/browser/chrome-mcp.ts"
+      - "extensions/browser/src/browser/chrome.executables.ts"
+      - "extensions/browser/src/browser/chrome.ts"
+      - "extensions/codex/src/app-server/sandbox-exec-server/**"
+      - "extensions/codex/src/app-server/transport-stdio.ts"
+      - "extensions/codex/src/node-cli-sessions.ts"
+      - "extensions/codex-supervisor/src/json-rpc-client.ts"
+      - "extensions/file-transfer/src/**"
+      - "extensions/google-meet/src/**"
+      - "extensions/imessage/src/**"
+      - "extensions/memory-core/src/memory/qmd-manager.ts"
+      - "extensions/memory-wiki/src/obsidian.ts"
+      - "extensions/microsoft-foundry/cli.ts"
+      - "extensions/ollama/src/wsl2-crash-loop-check.ts"
+      - "extensions/qa-lab/src/**"
+      - "extensions/signal/src/daemon.ts"
+      - "extensions/tts-local-cli/speech-provider.ts"
+      - "extensions/voice-call/src/**"
       - "packages/**"
+      - "scripts/**"
       - "src/**"
   schedule:
     - cron: "0 6 * * *"
@@ -73,6 +115,11 @@ jobs:
             runs_on: blacksmith-4vcpu-ubuntu-2404
             timeout_minutes: 25
             config_file: ./.github/codeql/codeql-mcp-process-tool-boundary-critical-security.yml
+          - language: javascript-typescript
+            category: process-exec-boundary
+            runs_on: blacksmith-4vcpu-ubuntu-2404
+            timeout_minutes: 25
+            config_file: ./.github/codeql/codeql-process-exec-boundary-critical-security.yml
           - language: javascript-typescript
             category: plugin-trust-boundary
             runs_on: blacksmith-4vcpu-ubuntu-2404

CHANGELOG.md

@@ -2,30 +2,6 @@
 
 Docs: https://docs.openclaw.ai
 
-## 2026.6.7
-
-### Highlights
-
-- Channel delivery is tighter across Slack, Telegram, outbound media, silent replies, progress drafts, and paged action results: same-channel Slack finals persist in transcripts, top-level `image` message-tool sends attach media, expandable Telegram blockquotes and spooled replay survive delivery, explicit silent assistant replies stay silent, progress draft startup failures are reported, and channel action result pages can be fetched incrementally. (#92498, #92407, #92416, #92281, #92073, #92083, #88993) Thanks @TurboTheTurtle, @ichirokyoto, @xydigit-sj, @joshavant, @sallyom, @hansraj316, and @fuller-stack-dev.
-- Provider and model handling is more resilient: Kimi K2.7 Code is available, Kimi native tool-call ids and replayed `reasoning_content` are repaired, Mistral skips unreadable tool schemas, Fireworks catalog parameters come from manifests, DeepSeek keeps configured static transport, provider fallbacks resolve correctly, Anthropic thinking replay is repaired, and Anthropic Vertex stops re-marking transport-budgeted cache control. (#92554, #92396, #90242, #90326, #92265, #92293, #92286, #92387) Thanks @xialonglee, @vincentkoc, @obuchowski, @joshavant, and @openperf.
-- User-visible context and auth boundaries are safer: Feishu no longer leaks prompt-preface runtime context into replies, WebSocket payload handling is hardened, CLI-backed `/btw` fallback fails closed, local setup trust is hardened, and Skill Workshop symlink writes are gated and validated before rollback metadata is written. (#92589, #92593, #92226, #92175) Thanks @jovi2014-cyber, @zhangqueping, and @joshavant.
-- Agent, memory, Codex, cron, and update recovery paths preserve the useful failure now: invalid plugin model catalogs are isolated, QMD startup failures survive fallback errors, Codex memory prompts remain registered, source message tool replies no longer stop agent progress, structured unsupported-model errors are classified, heartbeat/cron terminal state is preserved, Linux service updates hand off cleanly, and cron status reports the SQLite store path. (#92564, #92218, #92618, #92350, #92343, #92280, #92231, #92225, #92144) Thanks @tangtaizong666, @zhbcher, @mushuiyu886, @rubencu, @joshavant, and @liuhao1024.
-- UI, docs, QA, Docker, and release proof are easier to trust: accessibility contrast/focus/font fixes landed, empty Workboard columns can hide, the design-system docs are documented, uptime monitors are pointed at `/health`, Windows Hub docs pin the verified stable installer links, QA evidence and scorecard taxonomy artifacts are produced, QA Lab is bundled into Docker images, and lifecycle timeout cleanup survives leader exit. (#89822, #89615, #89827, #55768, #92608, #92605, #91484, #91500, #92087, #92566) Thanks @BunsDev, @faahim, @liuhao1024, @lzyyzznl, @RomneyDa, and @jesse-merhi.
-
-### Changes
-
-- QA and release validation now emit scorecard taxonomy and evidence artifacts, split plugin ClawHub publishing paths, use trusted plugin npm publishing, keep plugin publish checks authoritative, and align the root package, publishable plugin manifests, generated baselines, and native app versions for the 2026.6.7 beta train. (#91484, #91500) Thanks @RomneyDa.
-- Docs and operator guidance now cover Gateway uptime monitoring, design-system guidance, Windows Hub stable download pins, removed stale ClawHub navigation, WhatsApp inbound compatibility, and doctor/update progress behavior. (#55768, #92608, #89827, #92605) Thanks @faahim, @liuhao1024, @BunsDev, and @lzyyzznl.
-- Matrix plugin release metadata is aligned with the core beta train and records the version-alignment changelog entry for package publication.
-
-### Fixes
-
-- Channels and outbound flows preserve user intent across Slack transcript mirrors, Telegram polling conflicts and transient draft-preview failures, outbound image sends, explicit silent assistant replies, progress-draft startup errors, paged action results, WhatsApp inbound aliases, local setup trust, and heartbeat commitment delivery. (#92498, #92281, #92407, #92416, #92073, #92083, #88993, #92175, #92231) Thanks @TurboTheTurtle, @joshavant, @ichirokyoto, @xydigit-sj, @sallyom, @hansraj316, and @fuller-stack-dev.
-- Provider, model, and tool replay fixes cover unreadable Mistral schemas, Fireworks manifest model parameters, Kimi K2.7 Code/tool-call/reasoning replay, DeepSeek transport inheritance, managed SecretRef auth, static model fallbacks, rejected Anthropic thinking replay, Anthropic Vertex cache control, and OTLP trace correlation. (#90242, #90326, #92554, #92396, #92265, #92235, #92293, #92286, #92387, #92276) Thanks @vincentkoc, @obuchowski, @xialonglee, @joshavant, and @openperf.
-- Agent/runtime recovery now isolates invalid plugin model catalogs, preserves Codex memory prompt registration, continues after source message tool replies, classifies structured unsupported-model errors, reports QMD startup failures beside fallback errors, preserves cron timeout/cancel state, keeps disabled heartbeat one-shot retries working, and keeps Linux service auto-updates readable and handed off. (#92564, #92350, #92343, #92280, #92218, #92618, #92225, #92282, #92144) Thanks @tangtaizong666, @rubencu, @joshavant, @zhbcher, @mushuiyu886, and @liuhao1024.
-- Install, sandbox, doctor, and security surfaces render CLI skill prompts from materialized paths, fail closed for CLI-backed `/btw`, resolve doctor SecretRef previews, diagnose blocked external channel plugins, validate and gate Skill Workshop symlink writes, stop after failed Node package installs, and keep unsupported daemon service status readable. (#92508, #92226, #92229, #86629) Thanks @brokemac79, @joshavant, and @brokemac79.
-- Release, CI, E2E, Docker, and dependency gates keep lifecycle timeout cleanup alive, bundle QA Lab runtime in Docker images, update the esbuild audit pin, harden Docker process cleanup, keep plugin publish checks authoritative, and remove noisy redundant proof scripts so release failures stay bounded. (#92566, #92087, #92540) Thanks @RomneyDa and @jesse-merhi.
-
 ## 2026.6.6
 
 ### Highlights

apps/android/app/build.gradle.kts

@@ -65,8 +65,8 @@ android {
     applicationId = "ai.openclaw.app"
     minSdk = 31
     targetSdk = 36
-    versionCode = 2026060701
-    versionName = "2026.6.7"
+    versionCode = 2026060201
+    versionName = "2026.6.2"
     ndk {
       // Support all major ABIs — native libs are tiny (~47 KB per ABI)
       abiFilters += listOf("armeabi-v7a", "arm64-v8a", "x86", "x86_64")

apps/ios/CHANGELOG.md

@@ -1,9 +1,5 @@
 # OpenClaw iOS Changelog
 
-## 2026.6.7 - 2026-06-13
-
-Maintenance update for the current OpenClaw beta release.
-
 ## 2026.6.2 - 2026-06-02
 
 OpenClaw is now available on iPhone.

apps/ios/Config/Version.xcconfig

@@ -2,8 +2,8 @@
 // Source of truth: apps/ios/version.json
 // Generated by scripts/ios-sync-versioning.ts.
 
-OPENCLAW_IOS_VERSION = 2026.6.7
-OPENCLAW_MARKETING_VERSION = 2026.6.7
+OPENCLAW_IOS_VERSION = 2026.6.2
+OPENCLAW_MARKETING_VERSION = 2026.6.2
 OPENCLAW_BUILD_VERSION = 1
 
 #include? "../build/Version.xcconfig"

apps/ios/fastlane/metadata/en-US/release_notes.txt

@@ -1 +1,3 @@
-Maintenance update for the current OpenClaw beta release.
+OpenClaw is now available on iPhone.
+
+Connect to your OpenClaw Gateway to chat with your assistant, use realtime Talk mode, review approvals, share content from iOS, and bring device capabilities like camera, location, screen, and notifications into your private automation workflows.

apps/ios/version.json

@@ -1,3 +1,3 @@
 {
-  "version": "2026.6.7"
+  "version": "2026.6.2"
 }

apps/macos/Sources/OpenClaw/Resources/Info.plist

@@ -15,9 +15,9 @@
     <key>CFBundlePackageType</key>
     <string>APPL</string>
     <key>CFBundleShortVersionString</key>
-    <string>2026.6.7</string>
+    <string>2026.6.2</string>
     <key>CFBundleVersion</key>
-    <string>2026060700</string>
+    <string>2026060200</string>
     <key>CFBundleIconFile</key>
     <string>OpenClaw</string>
     <key>CFBundleURLTypes</key>

docs/.generated/config-baseline.sha256

@@ -1,4 +1,4 @@
-325e16b4b72af24ba1f3f0fe47de9f1ef33b519ec9c3c397d36ca32a0f5d30fe  config-baseline.json
-98d89baead00fad00143fbc7361d16b824d077e4c52cc00c2e6fc9c5f9e27237  config-baseline.core.json
-7641a0edd1f7ddb904d394381017cb645d2c2c1a86d875df30e9bf11f8dd012e  config-baseline.channel.json
-b0dec5acfe60557e728e5ad03cc36d19d2432d51f755656c97846afa7fbe374a  config-baseline.plugin.json
+37b56008790612b8293930b6a29d74490e98daa90f954fca9d133fcc28645c4c  config-baseline.json
+75b64c2ea081369ba4306493313a8a4cd48b784145f92fed995e6b77a5df350d  config-baseline.core.json
+17d64c9799dfa239a49493413f1100bdd9237e9b67aaeae331a4604dbc227023  config-baseline.channel.json
+f9d1f50bfa8403891e76cd99dc1357cdece4a71e8ae18a39b190c2a14e6f97b0  config-baseline.plugin.json

docs/.generated/plugin-sdk-api-baseline.sha256

@@ -1,2 +1,2 @@
-71fc42f55453e3a28e135afe87db1fff55f3c1cfa3d6f5edba137f65ba91d1d0  plugin-sdk-api-baseline.json
-e572926ea66060e142ea93c3d26352b74b13e24e26c6df02e0b9e5145f9c9dec  plugin-sdk-api-baseline.jsonl
+2c783beea6b3cda3d79060739a923f9f39e7e8b5942123dd6b08a09143a587ca  plugin-sdk-api-baseline.json
+0b33af2cffb42abb46682fb71c8f214da220793f13d10a34d332e75ff99e8ce9  plugin-sdk-api-baseline.jsonl

docs/ci.md

@@ -452,7 +452,7 @@ For normal PRs, follow scoped CI/check evidence instead of treating parity as a
 
 The `CodeQL` workflow is intentionally a narrow first-pass security scanner, not the full repository sweep. Daily, manual, and non-draft pull request guard runs scan Actions workflow code plus the highest-risk JavaScript/TypeScript surfaces with high-confidence security queries filtered to high/critical `security-severity`.
 
-The pull request guard stays light: it only starts for changes under `.github/actions`, `.github/codeql`, `.github/workflows`, `packages`, or `src`, and it runs the same high-confidence security matrix as the scheduled workflow. Android and macOS CodeQL stay out of PR defaults.
+The pull request guard stays light: it only starts for changes under `.github/actions`, `.github/codeql`, `.github/workflows`, `packages`, `scripts`, `src`, or process-owning bundled plugin runtime paths, and it runs the same high-confidence security matrix as the scheduled workflow. Android and macOS CodeQL stay out of PR defaults.
 
 ### Security categories
 
@@ -462,6 +462,7 @@ The pull request guard stays light: it only starts for changes under `.github/ac
 | `/codeql-security-high/channel-runtime-boundary`  | Core channel implementation contracts plus the channel plugin runtime, gateway, Plugin SDK, secrets, audit touchpoints              |
 | `/codeql-security-high/network-ssrf-boundary`     | Core SSRF, IP parsing, network guard, web-fetch, and Plugin SDK SSRF policy surfaces                                                |
 | `/codeql-security-high/mcp-process-tool-boundary` | MCP servers, process execution helpers, outbound delivery, and agent tool-execution gates                                           |
+| `/codeql-security-high/process-exec-boundary`     | Local shell, process spawn helpers, subprocess-owning bundled plugin runtimes, and workflow script glue                             |
 | `/codeql-security-high/plugin-trust-boundary`     | Plugin install, loader, manifest, registry, package-manager install, source-loading, and Plugin SDK package contract trust surfaces |
 
 ### Platform-specific security shards

docs/cli/wiki.md

@@ -35,6 +35,7 @@ openclaw wiki status
 openclaw wiki doctor
 openclaw wiki init
 openclaw wiki ingest ./notes/alpha.md
+openclaw wiki okf import ./knowledge-catalog/okf/bundles/ga4
 openclaw wiki compile
 openclaw wiki lint
 openclaw wiki search "alpha"
@@ -104,6 +105,31 @@ Notes:
 - imported source pages keep provenance in frontmatter
 - auto-compile can run after ingest when enabled
 
+### `wiki okf import <path>`
+
+Import an unpacked Open Knowledge Format bundle into wiki concept pages.
+
+The importer reads every non-reserved `.md` concept document in the OKF
+directory tree, requires a non-empty `type` field, and treats unknown OKF
+`type` values as generic concepts. Reserved OKF `index.md` and `log.md` files
+are not imported as concepts.
+
+Imported pages are flattened under `concepts/` so existing wiki compile,
+search, get, digest, and dashboard flows see them immediately. The original OKF
+concept ID, `type`, `resource`, `tags`, timestamp, source path, and full
+frontmatter are preserved in the page frontmatter. Internal OKF markdown links
+are rewritten to the generated wiki pages; broken or external links are left
+unchanged.
+
+Examples:
+
+```bash
+openclaw wiki okf import ./bundles/ga4
+openclaw wiki okf import ./bundles/ga4 --json
+openclaw wiki search "BigQuery Table" --mode source-evidence --json
+openclaw wiki get <path-from-json-result>
+```
+
 ### `wiki compile`
 
 Rebuild indexes, related blocks, dashboards, and compiled digests.
@@ -233,6 +259,8 @@ These require the official `obsidian` CLI on `PATH` when
 - Use `wiki lint` before trusting contradictory or low-confidence content.
 - Use `wiki compile` after bulk imports or source changes when you want fresh
   dashboards and compiled digests immediately.
+- Use `wiki okf import` when a data catalog, documentation export, or agent
+  enrichment pipeline already emits OKF markdown bundles.
 - Use `wiki bridge import` when bridge mode depends on newly exported memory
   artifacts.
 

docs/concepts/usage-tracking.md

@@ -30,6 +30,23 @@ title: "Usage tracking"
 - CLI: `openclaw channels list` prints the same usage snapshot alongside provider config (use `--no-usage` to skip).
 - macOS menu bar: "Usage" section under Context (only if available).
 
+## Custom `/usage full` footer
+
+Set `messages.usageTemplate` to customize the per-response `/usage full`
+footer. The value can be an inline template object or a JSON file path:
+
+```json
+{
+  "messages": {
+    "usageTemplate": "~/.openclaw/usage-footer.json"
+  }
+}
+```
+
+Templates read the `openclaw.usageLine.v1` contract and can use `scales`,
+`aliases`, and `output.surfaces` to render channel-specific footers. Missing,
+unreadable, invalid, or empty templates fall back to the built-in usage line.
+
 ## Providers + credentials
 
 - **Anthropic (Claude)**: OAuth tokens in auth profiles.

docs/gateway/openai-http-api.md

@@ -75,6 +75,7 @@ Auth matrix:
   - honor `x-openclaw-scopes` when the header is present
   - fall back to the normal operator default scope set when the header is absent
   - only lose owner semantics when the caller explicitly narrows scopes and omits `operator.admin`
+  - require `operator.admin` for owner-level request controls such as `x-openclaw-model`
 
 See [Security](/gateway/security) and [Remote access](/gateway/remote).
 
@@ -96,7 +97,7 @@ OpenClaw treats the OpenAI `model` field as an **agent target**, not a raw provi
 
 Optional request headers:
 
-- `x-openclaw-model: <provider/model-or-bare-id>` overrides the backend model for the selected agent.
+- `x-openclaw-model: <provider/model-or-bare-id>` overrides the backend model for the selected agent. Shared-secret bearer callers can use this header. Identity-bearing callers, such as trusted-proxy or private no-auth ingress requests with `x-openclaw-scopes`, need `operator.admin`; write-only callers get `403 missing scope: operator.admin`.
 - `x-openclaw-agent-id: <agentId>` remains supported as a compatibility override.
 - `x-openclaw-session-key: <sessionKey>` fully controls session routing.
 - `x-openclaw-message-channel: <channel>` sets the synthetic ingress channel context for channel-aware prompts and policies.
@@ -178,7 +179,7 @@ This is the highest-leverage compatibility set for self-hosted frontends and too
 
   </Accordion>
   <Accordion title="How do I override the backend model?">
-    Use `x-openclaw-model`.
+    Use `x-openclaw-model`. This is an owner-level override: it works with the Gateway shared-secret bearer token/password path, and it requires `operator.admin` on identity-bearing HTTP paths such as trusted proxy auth.
 
     Examples:
     `x-openclaw-model: openai/gpt-5.4`
@@ -191,7 +192,7 @@ This is the highest-leverage compatibility set for self-hosted frontends and too
     `/v1/embeddings` uses the same agent-target `model` ids.
 
     Use `model: "openclaw/default"` or `model: "openclaw/<agentId>"`.
-    When you need a specific embedding model, send it in `x-openclaw-model`.
+    When you need a specific embedding model, send it in `x-openclaw-model` from a shared-secret caller or an identity-bearing caller with `operator.admin`.
     Without that header, the request passes through to the selected agent's normal embedding setup.
 
   </Accordion>
@@ -285,7 +286,7 @@ Expected behavior:
 
 - `GET /v1/models` should list `openclaw/default`
 - Open WebUI should use `openclaw/default` as the chat model id
-- If you want a specific backend provider/model for that agent, set the agent's normal default model or send `x-openclaw-model`
+- If you want a specific backend provider/model for that agent, set the agent's normal default model or send `x-openclaw-model` from a shared-secret caller or an identity-bearing caller with `operator.admin`
 
 Quick smoke:
 
@@ -370,7 +371,7 @@ Notes:
 
 - `/v1/models` returns OpenClaw agent targets, not raw provider catalogs.
 - `openclaw/default` is always present so one stable id works across environments.
-- Backend provider/model overrides belong in `x-openclaw-model`, not the OpenAI `model` field.
+- Backend provider/model overrides belong in `x-openclaw-model`, not the OpenAI `model` field. On identity-bearing HTTP auth paths, this header requires `operator.admin`.
 - `/v1/embeddings` supports `input` as a string or array of strings.
 
 ## Related

docs/gateway/security/index.md

@@ -951,7 +951,7 @@ Important boundary note:
 - Treat credentials that can call `/v1/chat/completions`, `/v1/responses`, plugin routes such as `/api/v1/admin/rpc`, or `/api/channels/*` as full-access operator secrets for that gateway.
 - On the OpenAI-compatible HTTP surface, shared-secret bearer auth restores the full default operator scopes (`operator.admin`, `operator.approvals`, `operator.pairing`, `operator.read`, `operator.talk.secrets`, `operator.write`) and owner semantics for agent turns; narrower `x-openclaw-scopes` values do not reduce that shared-secret path.
 - Per-request scope semantics on HTTP only apply when the request comes from an identity-bearing mode such as trusted proxy auth, or from an explicitly no-auth private ingress.
-- In those identity-bearing modes, omitting `x-openclaw-scopes` falls back to the normal operator default scope set; send the header explicitly when you want a narrower scope set.
+- In those identity-bearing modes, omitting `x-openclaw-scopes` falls back to the normal operator default scope set; send the header explicitly when you want a narrower scope set. Owner-level OpenAI-compatible headers such as `x-openclaw-model` require `operator.admin` when scopes are narrowed.
 - `/tools/invoke` and HTTP session history endpoints follow the same shared-secret rule: token/password bearer auth is treated as full operator access there too, while identity-bearing modes still honor declared scopes.
 - Do not share these credentials with untrusted callers; prefer separate gateways per trust boundary.
 

docs/plugins/hooks.md

@@ -425,6 +425,10 @@ even when the channel payload has no visible text/caption. Rewriting that
 `content` updates the hook-visible transcript only; it is not rendered as a
 media caption.
 
+`reply_payload_sending` events may include `usageState`, a best-effort live
+per-turn model/usage/context snapshot. Durable delivery, recovered replay, and
+replies without exact run correlation omit it.
+
 Message hook contexts expose stable correlation fields when available:
 `ctx.sessionKey`, `ctx.runId`, `ctx.messageId`, `ctx.senderId`, `ctx.trace`,
 `ctx.traceId`, `ctx.spanId`, `ctx.parentSpanId`, and `ctx.callDepth`. Inbound

docs/plugins/memory-wiki.md

@@ -25,6 +25,7 @@ less like a pile of Markdown files.
 - Page-level provenance, confidence, contradictions, and open questions
 - Compiled digests for agent/runtime consumers
 - Wiki-native search/get/apply/lint tools
+- Open Knowledge Format imports into compiled wiki concepts
 - Optional bridge mode that imports public artifacts from the active memory plugin
 - Optional Obsidian-friendly render mode and CLI integration
 
@@ -135,6 +136,34 @@ The main page groups are:
 - `syntheses/` for compiled summaries and maintained rollups
 - `reports/` for generated dashboards
 
+## Open Knowledge Format imports
+
+`memory-wiki` can import unpacked Open Knowledge Format bundles with:
+
+```bash
+openclaw wiki okf import ./bundles/ga4
+```
+
+This is the cleanest fit when a data catalog, documentation crawler, or
+enrichment agent already produces OKF: keep OKF as the portable exchange
+artifact, then let `memory-wiki` turn it into OpenClaw-native concept pages and
+compiled digests.
+
+The importer follows the OKF v0.1 shape:
+
+- non-reserved `.md` files are concept documents
+- each imported concept needs a non-empty `type` frontmatter field
+- unknown OKF `type` values are accepted
+- reserved `index.md` and `log.md` files are not imported as concepts
+- broken or external markdown links are preserved
+
+Imported concept pages are flattened under `concepts/` so the existing compile,
+search, get, dashboard, and prompt-digest paths see them without adding a second
+wiki tree. Each page keeps the original OKF concept ID, source path, `type`,
+`resource`, `tags`, timestamp, and full producer frontmatter. Internal OKF links
+are rewritten to the generated wiki concept pages and also emitted as structured
+`relationships` entries with `kind: okf-link`.
+
 ## Structured claims and evidence
 
 Pages can carry structured `claims` frontmatter, not just freeform text.

extensions/acpx/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/acpx",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/acpx",
-      "version": "2026.6.7-beta.1",
+      "version": "2026.6.2",
       "dependencies": {
         "@agentclientprotocol/claude-agent-acp": "0.39.0",
         "@zed-industries/codex-acp": "0.15.0",

extensions/acpx/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/acpx",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "description": "OpenClaw ACP runtime backend with plugin-owned session and transport management.",
   "repository": {
     "type": "git",
@@ -26,10 +26,10 @@
       "minHostVersion": ">=2026.4.25"
     },
     "compat": {
-      "pluginApi": ">=2026.6.7-beta.1"
+      "pluginApi": ">=2026.6.2"
     },
     "build": {
-      "openclawVersion": "2026.6.7-beta.1",
+      "openclawVersion": "2026.6.2",
       "staticAssets": [
         {
           "source": "./src/runtime-internals/mcp-proxy.mjs",

extensions/admin-http-rpc/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/admin-http-rpc",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw admin HTTP RPC endpoint",
   "type": "module",

extensions/alibaba/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/alibaba-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw Alibaba Model Studio video provider plugin",
   "type": "module",

extensions/amazon-bedrock-mantle/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/amazon-bedrock-mantle-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/amazon-bedrock-mantle-provider",
-      "version": "2026.6.7-beta.1",
+      "version": "2026.6.2",
       "dependencies": {
         "@anthropic-ai/sdk": "0.100.1",
         "@aws/bedrock-token-generator": "1.1.0"

extensions/amazon-bedrock-mantle/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/amazon-bedrock-mantle-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "description": "OpenClaw Amazon Bedrock Mantle provider plugin for OpenAI-compatible model routing.",
   "repository": {
     "type": "git",
@@ -24,10 +24,10 @@
       "minHostVersion": ">=2026.5.12-beta.1"
     },
     "compat": {
-      "pluginApi": ">=2026.6.7-beta.1"
+      "pluginApi": ">=2026.6.2"
     },
     "build": {
-      "openclawVersion": "2026.6.7-beta.1",
+      "openclawVersion": "2026.6.2",
       "bundledDist": false
     },
     "release": {

extensions/amazon-bedrock/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/amazon-bedrock-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/amazon-bedrock-provider",
-      "version": "2026.6.7-beta.1",
+      "version": "2026.6.2",
       "dependencies": {
         "@aws-sdk/client-bedrock": "3.1056.0",
         "@aws-sdk/client-bedrock-runtime": "3.1056.0",

extensions/amazon-bedrock/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/amazon-bedrock-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "description": "OpenClaw Amazon Bedrock provider plugin with model discovery, embeddings, and guardrail support.",
   "repository": {
     "type": "git",
@@ -28,10 +28,10 @@
       "minHostVersion": ">=2026.5.12-beta.1"
     },
     "compat": {
-      "pluginApi": ">=2026.6.7-beta.1"
+      "pluginApi": ">=2026.6.2"
     },
     "build": {
-      "openclawVersion": "2026.6.7-beta.1",
+      "openclawVersion": "2026.6.2",
       "bundledDist": false
     },
     "release": {

extensions/anthropic-vertex/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/anthropic-vertex-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/anthropic-vertex-provider",
-      "version": "2026.6.7-beta.1",
+      "version": "2026.6.2",
       "dependencies": {
         "@anthropic-ai/vertex-sdk": "0.16.1"
       }

extensions/anthropic-vertex/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/anthropic-vertex-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "description": "OpenClaw Anthropic Vertex provider plugin for Claude models on Google Vertex AI.",
   "repository": {
     "type": "git",
@@ -23,10 +23,10 @@
       "minHostVersion": ">=2026.5.12-beta.1"
     },
     "compat": {
-      "pluginApi": ">=2026.6.7-beta.1"
+      "pluginApi": ">=2026.6.2"
     },
     "build": {
-      "openclawVersion": "2026.6.7-beta.1",
+      "openclawVersion": "2026.6.2",
       "bundledDist": false
     },
     "release": {

extensions/anthropic/openclaw.plugin.json

@@ -101,6 +101,28 @@
             "contextWindow": 200000,
             "maxTokens": 64000
           },
+          {
+            "id": "claude-haiku-4-5",
+            "name": "Claude Haiku 4.5",
+            "reasoning": true,
+            "input": ["text", "image"],
+            "mediaInput": {
+              "image": { "maxSidePx": 1568, "preferredSidePx": 1568, "tokenMode": "provider" }
+            },
+            "contextWindow": 200000,
+            "maxTokens": 64000
+          },
+          {
+            "id": "claude-haiku-4-5-20251001",
+            "name": "Claude Haiku 4.5",
+            "reasoning": true,
+            "input": ["text", "image"],
+            "mediaInput": {
+              "image": { "maxSidePx": 1568, "preferredSidePx": 1568, "tokenMode": "provider" }
+            },
+            "contextWindow": 200000,
+            "maxTokens": 64000
+          },
           {
             "id": "claude-sonnet-4-6",
             "name": "Claude Sonnet 4.6",

extensions/anthropic/openclaw.plugin.test.ts

@@ -0,0 +1,57 @@
+// Anthropic tests cover provider manifest model catalog behavior.
+import { readFileSync } from "node:fs";
+import { describe, expect, it } from "vitest";
+
+type AnthropicManifest = {
+  modelCatalog?: {
+    providers?: {
+      anthropic?: {
+        models?: Array<{
+          id?: string;
+          name?: string;
+          reasoning?: boolean;
+          input?: string[];
+          mediaInput?: {
+            image?: {
+              maxSidePx?: number;
+              preferredSidePx?: number;
+              tokenMode?: string;
+            };
+          };
+          contextWindow?: number;
+          maxTokens?: number;
+        }>;
+      };
+    };
+    discovery?: Record<string, string>;
+  };
+};
+
+const manifest = JSON.parse(
+  readFileSync(new URL("./openclaw.plugin.json", import.meta.url), "utf8"),
+) as AnthropicManifest;
+
+describe("Anthropic plugin manifest", () => {
+  it("resolves both official Claude Haiku 4.5 API identifiers from the static catalog", () => {
+    expect(manifest.modelCatalog?.discovery?.anthropic).toBe("static");
+
+    const models = manifest.modelCatalog?.providers?.anthropic?.models ?? [];
+    for (const id of ["claude-haiku-4-5", "claude-haiku-4-5-20251001"]) {
+      expect(models.find((model) => model.id === id)).toEqual({
+        id,
+        name: "Claude Haiku 4.5",
+        reasoning: true,
+        input: ["text", "image"],
+        mediaInput: {
+          image: {
+            maxSidePx: 1568,
+            preferredSidePx: 1568,
+            tokenMode: "provider",
+          },
+        },
+        contextWindow: 200000,
+        maxTokens: 64000,
+      });
+    }
+  });
+});

extensions/anthropic/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/anthropic-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw Anthropic provider plugin",
   "type": "module",

extensions/arcee/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/arcee-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw Arcee provider plugin",
   "type": "module",

extensions/azure-speech/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/azure-speech",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw Azure Speech plugin",
   "type": "module",

extensions/bonjour/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/bonjour",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "description": "OpenClaw Bonjour/mDNS gateway discovery",
   "type": "module",
   "dependencies": {

extensions/brave/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/brave-plugin",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/brave-plugin",
-      "version": "2026.6.7-beta.1"
+      "version": "2026.6.2"
     }
   }
 }

extensions/brave/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/brave-plugin",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "description": "OpenClaw Brave Search provider plugin for web search.",
   "repository": {
     "type": "git",
@@ -21,10 +21,10 @@
       "allowInvalidConfigRecovery": true
     },
     "compat": {
-      "pluginApi": ">=2026.6.7-beta.1"
+      "pluginApi": ">=2026.6.2"
     },
     "build": {
-      "openclawVersion": "2026.6.7-beta.1"
+      "openclawVersion": "2026.6.2"
     },
     "release": {
       "publishToClawHub": true,

extensions/browser/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/browser-plugin",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw browser tool plugin",
   "type": "module",

extensions/byteplus/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/byteplus-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw BytePlus provider plugin",
   "type": "module",

extensions/canvas/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/canvas-plugin",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw Canvas plugin",
   "type": "module",

extensions/cerebras/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/cerebras-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw Cerebras provider plugin",
   "type": "module",

extensions/chutes/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/chutes-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw Chutes.ai provider plugin",
   "type": "module",

extensions/clickclack/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/clickclack",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw ClickClack channel plugin",
   "type": "module",
@@ -18,7 +18,7 @@
     "openclaw": "2026.5.28"
   },
   "peerDependencies": {
-    "openclaw": ">=2026.6.7-beta.1"
+    "openclaw": ">=2026.6.2"
   },
   "peerDependenciesMeta": {
     "openclaw": {

extensions/cloudflare-ai-gateway/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/cloudflare-ai-gateway-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw Cloudflare AI Gateway provider plugin",
   "type": "module",

extensions/codex-supervisor/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/codex-supervisor",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw Codex app-server fleet supervision plugin.",
   "type": "module",

extensions/codex/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/codex",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/codex",
-      "version": "2026.6.7-beta.1",
+      "version": "2026.6.2",
       "dependencies": {
         "@openai/codex": "0.139.0",
         "typebox": "1.1.39",

extensions/codex/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/codex",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "description": "OpenClaw Codex app-server harness and model provider plugin with a Codex-managed GPT catalog.",
   "repository": {
     "type": "git",
@@ -26,10 +26,10 @@
       "minHostVersion": ">=2026.5.1-beta.1"
     },
     "compat": {
-      "pluginApi": ">=2026.6.7-beta.1"
+      "pluginApi": ">=2026.6.2"
     },
     "build": {
-      "openclawVersion": "2026.6.7-beta.1"
+      "openclawVersion": "2026.6.2"
     },
     "release": {
       "publishToClawHub": true,

extensions/comfy/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/comfy-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw ComfyUI provider plugin",
   "type": "module",

extensions/copilot-proxy/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/copilot-proxy",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw Copilot Proxy provider plugin",
   "type": "module",

extensions/copilot/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/copilot",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/copilot",
-      "version": "2026.6.7-beta.1",
+      "version": "2026.6.2",
       "dependencies": {
         "@github/copilot-sdk": "1.0.0-beta.9"
       }

extensions/copilot/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/copilot",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "description": "OpenClaw GitHub Copilot agent runtime plugin (registers a `github-copilot` AgentHarness backed by @github/copilot-sdk over JSON-RPC to the GitHub Copilot CLI)",
   "repository": {
     "type": "git",
@@ -25,10 +25,10 @@
       "minHostVersion": ">=2026.5.28"
     },
     "compat": {
-      "pluginApi": ">=2026.6.7-beta.1"
+      "pluginApi": ">=2026.6.2"
     },
     "build": {
-      "openclawVersion": "2026.6.7-beta.1",
+      "openclawVersion": "2026.6.2",
       "bundledDist": false
     },
     "release": {

extensions/deepgram/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/deepgram-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw Deepgram media-understanding provider",
   "type": "module",

extensions/deepinfra/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/deepinfra-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw DeepInfra provider plugin",
   "type": "module",

extensions/deepseek/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/deepseek-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw DeepSeek provider plugin",
   "type": "module",

extensions/diagnostics-otel/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/diagnostics-otel",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/diagnostics-otel",
-      "version": "2026.6.7-beta.1",
+      "version": "2026.6.2",
       "dependencies": {
         "@opentelemetry/api": "1.9.1",
         "@opentelemetry/api-logs": "0.218.0",

extensions/diagnostics-otel/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/diagnostics-otel",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "description": "OpenClaw diagnostics OpenTelemetry exporter for metrics and traces.",
   "repository": {
     "type": "git",
@@ -34,10 +34,10 @@
       "minHostVersion": ">=2026.4.25"
     },
     "compat": {
-      "pluginApi": ">=2026.6.7-beta.1"
+      "pluginApi": ">=2026.6.2"
     },
     "build": {
-      "openclawVersion": "2026.6.7-beta.1"
+      "openclawVersion": "2026.6.2"
     },
     "release": {
       "publishToClawHub": true,

extensions/diagnostics-prometheus/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/diagnostics-prometheus",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/diagnostics-prometheus",
-      "version": "2026.6.7-beta.1"
+      "version": "2026.6.2"
     }
   }
 }

extensions/diagnostics-prometheus/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/diagnostics-prometheus",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "description": "OpenClaw diagnostics Prometheus exporter for runtime metrics.",
   "repository": {
     "type": "git",
@@ -21,10 +21,10 @@
       "minHostVersion": ">=2026.4.25"
     },
     "compat": {
-      "pluginApi": ">=2026.6.7-beta.1"
+      "pluginApi": ">=2026.6.2"
     },
     "build": {
-      "openclawVersion": "2026.6.7-beta.1"
+      "openclawVersion": "2026.6.2"
     },
     "release": {
       "publishToClawHub": true,

extensions/diffs-language-pack/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/diffs-language-pack",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/diffs-language-pack",
-      "version": "2026.6.7-beta.1"
+      "version": "2026.6.2"
     }
   }
 }

extensions/diffs-language-pack/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/diffs-language-pack",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "description": "OpenClaw diffs viewer syntax highlighting language pack",
   "repository": {
     "type": "git",
@@ -22,13 +22,13 @@
       "minHostVersion": ">=2026.5.27"
     },
     "compat": {
-      "pluginApi": ">=2026.6.7-beta.1"
+      "pluginApi": ">=2026.6.2"
     },
     "assetScripts": {
       "build": "node ../../scripts/build-diffs-viewer-runtime.mjs full"
     },
     "build": {
-      "openclawVersion": "2026.6.7-beta.1",
+      "openclawVersion": "2026.6.2",
       "staticAssets": [
         {
           "source": "./assets/viewer-runtime.js",

extensions/diffs/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/diffs",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/diffs",
-      "version": "2026.6.7-beta.1",
+      "version": "2026.6.2",
       "dependencies": {
         "@pierre/diffs": "1.2.4",
         "@pierre/theme": "1.0.3",

extensions/diffs/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/diffs",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "description": "OpenClaw read-only diff viewer plugin and file renderer for agents.",
   "repository": {
     "type": "git",
@@ -29,13 +29,13 @@
       "minHostVersion": ">=2026.4.30"
     },
     "compat": {
-      "pluginApi": ">=2026.6.7-beta.1"
+      "pluginApi": ">=2026.6.2"
     },
     "assetScripts": {
       "build": "node ../../scripts/build-diffs-viewer-runtime.mjs curated"
     },
     "build": {
-      "openclawVersion": "2026.6.7-beta.1",
+      "openclawVersion": "2026.6.2",
       "staticAssets": [
         {
           "source": "./assets/viewer-runtime.js",

extensions/discord/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/discord",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/discord",
-      "version": "2026.6.7-beta.1",
+      "version": "2026.6.2",
       "dependencies": {
         "@discordjs/voice": "0.19.2",
         "discord-api-types": "0.38.48",
@@ -16,7 +16,7 @@
         "ws": "8.21.0"
       },
       "peerDependencies": {
-        "openclaw": ">=2026.6.7-beta.1"
+        "openclaw": ">=2026.6.2"
       },
       "peerDependenciesMeta": {
         "openclaw": {

extensions/discord/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/discord",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "description": "OpenClaw Discord channel plugin for channels, DMs, commands, and app events.",
   "repository": {
     "type": "git",
@@ -20,7 +20,7 @@
     "openclaw": "2026.5.28"
   },
   "peerDependencies": {
-    "openclaw": ">=2026.6.7-beta.1"
+    "openclaw": ">=2026.6.2"
   },
   "peerDependenciesMeta": {
     "openclaw": {
@@ -67,10 +67,10 @@
       "allowInvalidConfigRecovery": true
     },
     "compat": {
-      "pluginApi": ">=2026.6.7-beta.1"
+      "pluginApi": ">=2026.6.2"
     },
     "build": {
-      "openclawVersion": "2026.6.7-beta.1"
+      "openclawVersion": "2026.6.2"
     },
     "release": {
       "publishToClawHub": true,

extensions/document-extract/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/document-extract-plugin",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw local document extraction plugin",
   "type": "module",

extensions/duckduckgo/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/duckduckgo-plugin",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw DuckDuckGo plugin",
   "type": "module",

extensions/elevenlabs/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/elevenlabs-speech",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw ElevenLabs speech plugin",
   "type": "module",

extensions/exa/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/exa-plugin",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw Exa plugin",
   "type": "module",

extensions/fal/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/fal-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw fal provider plugin",
   "type": "module",

extensions/feishu/npm-shrinkwrap.json

@@ -1,19 +1,19 @@
 {
   "name": "@openclaw/feishu",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/feishu",
-      "version": "2026.6.7-beta.1",
+      "version": "2026.6.2",
       "dependencies": {
         "@larksuiteoapi/node-sdk": "1.66.0",
         "typebox": "1.1.39",
         "zod": "4.4.3"
       },
       "peerDependencies": {
-        "openclaw": ">=2026.6.7-beta.1"
+        "openclaw": ">=2026.6.2"
       },
       "peerDependenciesMeta": {
         "openclaw": {

extensions/feishu/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/feishu",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "description": "OpenClaw Feishu/Lark channel plugin for chats and workplace tools (community maintained by @m1heng).",
   "repository": {
     "type": "git",
@@ -17,7 +17,7 @@
     "openclaw": "2026.5.28"
   },
   "peerDependencies": {
-    "openclaw": ">=2026.6.7-beta.1"
+    "openclaw": ">=2026.6.2"
   },
   "peerDependenciesMeta": {
     "openclaw": {
@@ -51,10 +51,10 @@
       "minHostVersion": ">=2026.5.29"
     },
     "compat": {
-      "pluginApi": ">=2026.6.7-beta.1"
+      "pluginApi": ">=2026.6.2"
     },
     "build": {
-      "openclawVersion": "2026.6.7-beta.1"
+      "openclawVersion": "2026.6.2"
     },
     "release": {
       "publishToClawHub": true,

extensions/file-transfer/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/file-transfer",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "description": "OpenClaw file transfer plugin (file_fetch, dir_list, dir_fetch, file_write)",
   "type": "module",
   "dependencies": {

extensions/firecrawl/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/firecrawl-plugin",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw Firecrawl plugin",
   "type": "module",

extensions/fireworks/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/fireworks-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw Fireworks provider plugin",
   "type": "module",

extensions/github-copilot/model-metadata.ts

@@ -56,6 +56,10 @@ function isCopilotGeminiModelId(modelId: string): boolean {
   return /(?:^|[-_.])gemini(?:$|[-_.])/.test(modelId);
 }
 
+function isCopilotClaude45ModelId(modelId: string): boolean {
+  return /^claude-(?:haiku|opus|sonnet)-4[.-]5(?:$|[-.])/.test(modelId);
+}
+
 export function resolveCopilotTransportApi(modelId: string): CopilotRuntimeApi {
   const normalized = normalizeOptionalLowercaseString(modelId) ?? "";
   if (normalized.includes("claude")) {
@@ -71,7 +75,15 @@ export function resolveCopilotModelCompat(
   modelId: string,
 ): ModelDefinitionConfig["compat"] | undefined {
   const normalized = normalizeOptionalLowercaseString(modelId) ?? "";
-  return isCopilotGeminiModelId(normalized) ? { ...COPILOT_CHAT_COMPLETIONS_COMPAT } : undefined;
+  if (isCopilotGeminiModelId(normalized)) {
+    return { ...COPILOT_CHAT_COMPLETIONS_COMPAT };
+  }
+  // Copilot's Claude 4.5 endpoints reject Anthropic's eager tool extension,
+  // while current Claude 4.6+ endpoints accept it.
+  if (isCopilotClaude45ModelId(normalized)) {
+    return { supportsEagerToolInputStreaming: false };
+  }
+  return undefined;
 }
 
 function compatSupportsEffort(

extensions/github-copilot/models.test.ts

@@ -90,8 +90,18 @@ describe("github-copilot model defaults", () => {
       const def = buildCopilotModelDefinition("claude-sonnet-4.6");
       expect(def.id).toBe("claude-sonnet-4.6");
       expect(def.api).toBe("anthropic-messages");
+      expect(def.compat).toBeUndefined();
     });
 
+    it.each(["claude-haiku-4.5", "claude-sonnet-4-5"])(
+      "disables eager tool streaming for Copilot Claude 4.5 model %s",
+      (modelId) => {
+        expect(buildCopilotModelDefinition(modelId).compat).toEqual({
+          supportsEagerToolInputStreaming: false,
+        });
+      },
+    );
+
     it("uses static metadata overrides for gpt-5.5 fallback rows", () => {
       const def = buildCopilotModelDefinition("gpt-5.5");
       expect(def).toEqual({
@@ -243,6 +253,12 @@ describe("resolveCopilotForwardCompatModel", () => {
     expect((result as unknown as Record<string, unknown>).input).toEqual(["text", "image"]);
   });
 
+  it("disables eager tool streaming for synthetic Copilot Claude 4.5 models", () => {
+    const result = requireResolvedModel(createMockCtx("claude-haiku-4.5"));
+    expect(result.api).toBe("anthropic-messages");
+    expect(result.compat).toEqual({ supportsEagerToolInputStreaming: false });
+  });
+
   it("creates synthetic Gemini models with Chat Completions compatibility", () => {
     const result = requireResolvedModel(createMockCtx("gemini-3.1-pro-preview"));
     expect((result as unknown as Record<string, unknown>).api).toBe("openai-completions");
@@ -620,6 +636,7 @@ describe("fetchCopilotModelCatalog", () => {
     const opus45 = out.find((m) => m.id === "claude-opus-4-5");
     expect(opus45?.thinkingLevelMap).toEqual({ xhigh: null, max: null });
     expect(opus45?.compat).toEqual({
+      supportsEagerToolInputStreaming: false,
       supportedReasoningEfforts: ["low", "medium", "high", "max"],
     });
   });

extensions/github-copilot/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/github-copilot-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw GitHub Copilot provider plugin",
   "type": "module",

extensions/gmi/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/gmi-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw GMI Cloud provider plugin",
   "type": "module",

extensions/google-meet/npm-shrinkwrap.json

@@ -1,18 +1,18 @@
 {
   "name": "@openclaw/google-meet",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/google-meet",
-      "version": "2026.6.7-beta.1",
+      "version": "2026.6.2",
       "dependencies": {
         "commander": "14.0.3",
         "typebox": "1.1.39"
       },
       "peerDependencies": {
-        "openclaw": ">=2026.6.7-beta.1"
+        "openclaw": ">=2026.6.2"
       },
       "peerDependenciesMeta": {
         "openclaw": {

extensions/google-meet/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/google-meet",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "description": "OpenClaw Google Meet participant plugin for joining calls through Chrome or Twilio transports.",
   "repository": {
     "type": "git",
@@ -16,7 +16,7 @@
     "openclaw": "2026.5.28"
   },
   "peerDependencies": {
-    "openclaw": ">=2026.6.7-beta.1"
+    "openclaw": ">=2026.6.2"
   },
   "peerDependenciesMeta": {
     "openclaw": {
@@ -33,10 +33,10 @@
       "minHostVersion": ">=2026.4.20"
     },
     "compat": {
-      "pluginApi": ">=2026.6.7-beta.1"
+      "pluginApi": ">=2026.6.2"
     },
     "build": {
-      "openclawVersion": "2026.6.7-beta.1"
+      "openclawVersion": "2026.6.2"
     },
     "release": {
       "publishToClawHub": true,

extensions/google/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/google-plugin",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw Google plugin",
   "type": "module",

extensions/googlechat/npm-shrinkwrap.json

@@ -1,19 +1,19 @@
 {
   "name": "@openclaw/googlechat",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/googlechat",
-      "version": "2026.6.7-beta.1",
+      "version": "2026.6.2",
       "dependencies": {
         "gaxios": "7.1.4",
         "google-auth-library": "10.6.2",
         "zod": "4.4.3"
       },
       "peerDependencies": {
-        "openclaw": ">=2026.6.7-beta.1"
+        "openclaw": ">=2026.6.2"
       },
       "peerDependenciesMeta": {
         "openclaw": {

extensions/googlechat/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/googlechat",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "description": "OpenClaw Google Chat channel plugin for spaces and direct messages.",
   "repository": {
     "type": "git",
@@ -17,7 +17,7 @@
     "openclaw": "2026.5.28"
   },
   "peerDependencies": {
-    "openclaw": ">=2026.6.7-beta.1"
+    "openclaw": ">=2026.6.2"
   },
   "peerDependenciesMeta": {
     "openclaw": {
@@ -75,10 +75,10 @@
       "minHostVersion": ">=2026.4.10"
     },
     "compat": {
-      "pluginApi": ">=2026.6.7-beta.1"
+      "pluginApi": ">=2026.6.2"
     },
     "build": {
-      "openclawVersion": "2026.6.7-beta.1"
+      "openclawVersion": "2026.6.2"
     },
     "release": {
       "publishToClawHub": true,

extensions/gradium/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/gradium-speech",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw Gradium speech plugin",
   "type": "module",

extensions/groq/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/groq-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw Groq media-understanding provider",
   "type": "module",

extensions/huggingface/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/huggingface-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw Hugging Face provider plugin",
   "type": "module",

extensions/image-generation-core/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/image-generation-core",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw image generation runtime package",
   "type": "module",

extensions/imessage/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/imessage",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw iMessage channel plugin using imsg on a signed-in Mac",
   "type": "module",
@@ -43,10 +43,10 @@
       ]
     },
     "compat": {
-      "pluginApi": ">=2026.6.7-beta.1"
+      "pluginApi": ">=2026.6.2"
     },
     "build": {
-      "openclawVersion": "2026.6.7-beta.1"
+      "openclawVersion": "2026.6.2"
     }
   },
   "pluginInspector": {

extensions/inworld/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/inworld-speech",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw Inworld speech plugin",
   "type": "module",

extensions/irc/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/irc",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "description": "OpenClaw IRC channel plugin",
   "type": "module",
   "devDependencies": {

extensions/kilocode/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/kilocode-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw Kilo Gateway provider plugin",
   "type": "module",

extensions/kimi-coding/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/kimi-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw Kimi provider plugin",
   "type": "module",

extensions/line/npm-shrinkwrap.json

@@ -1,18 +1,18 @@
 {
   "name": "@openclaw/line",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/line",
-      "version": "2026.6.7-beta.1",
+      "version": "2026.6.2",
       "dependencies": {
         "@line/bot-sdk": "11.0.1",
         "zod": "4.4.3"
       },
       "peerDependencies": {
-        "openclaw": ">=2026.6.7-beta.1"
+        "openclaw": ">=2026.6.2"
       },
       "peerDependenciesMeta": {
         "openclaw": {

extensions/line/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/line",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "description": "OpenClaw LINE channel plugin for LINE Bot API chats.",
   "repository": {
     "type": "git",
@@ -16,7 +16,7 @@
     "openclaw": "2026.5.28"
   },
   "peerDependencies": {
-    "openclaw": ">=2026.6.7-beta.1"
+    "openclaw": ">=2026.6.2"
   },
   "peerDependenciesMeta": {
     "openclaw": {
@@ -46,10 +46,10 @@
       "minHostVersion": ">=2026.4.10"
     },
     "compat": {
-      "pluginApi": ">=2026.6.7-beta.1"
+      "pluginApi": ">=2026.6.2"
     },
     "build": {
-      "openclawVersion": "2026.6.7-beta.1"
+      "openclawVersion": "2026.6.2"
     },
     "release": {
       "publishToClawHub": true,

extensions/litellm/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/litellm-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw LiteLLM provider plugin",
   "type": "module",

extensions/llama-cpp/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/llama-cpp-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/llama-cpp-provider",
-      "version": "2026.6.7-beta.1",
+      "version": "2026.6.2",
       "dependencies": {
         "node-llama-cpp": "3.18.1"
       }

extensions/llama-cpp/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/llama-cpp-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "description": "OpenClaw llama.cpp embedding provider plugin",
   "repository": {
     "type": "git",
@@ -23,10 +23,10 @@
       "minHostVersion": ">=2026.6.2"
     },
     "compat": {
-      "pluginApi": ">=2026.6.7-beta.1"
+      "pluginApi": ">=2026.6.2"
     },
     "build": {
-      "openclawVersion": "2026.6.7-beta.1"
+      "openclawVersion": "2026.6.2"
     },
     "release": {
       "bundleRuntimeDependencies": false,

extensions/llm-task/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/llm-task",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw JSON-only LLM task plugin",
   "type": "module",

extensions/lmstudio/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/lmstudio-provider",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "private": true,
   "description": "OpenClaw LM Studio provider plugin",
   "type": "module",

extensions/lobster/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/lobster",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/lobster",
-      "version": "2026.6.7-beta.1",
+      "version": "2026.6.2",
       "dependencies": {
         "@clawdbot/lobster": "2026.5.22",
         "typebox": "1.1.39"

extensions/lobster/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/lobster",
-  "version": "2026.6.7-beta.1",
+  "version": "2026.6.2",
   "description": "Lobster workflow tool plugin for typed pipelines and resumable approvals.",
   "repository": {
     "type": "git",
@@ -24,10 +24,10 @@
       "minHostVersion": ">=2026.4.25"
     },
     "compat": {
-      "pluginApi": ">=2026.6.7-beta.1"
+      "pluginApi": ">=2026.6.2"
     },
     "build": {
-      "openclawVersion": "2026.6.7-beta.1"
+      "openclawVersion": "2026.6.2"
     },
     "release": {
       "publishToClawHub": true,