fix: preserve loopback ws cdp tab ops (#31085 ) (thanks @shrey150)

style(browser): fix oxfmt formatting in config.ts
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-06-23 07:22:03 +08:00 · 2026-03-08 18:47:48 +00:00 · 2026-03-08 18:41:49 +00:00 · 2026-03-08 18:41:49 +00:00 · 2026-03-08 18:41:49 +00:00 · 2026-03-08 18:41:49 +00:00
484 changed files with 13968 additions and 5445 deletions
--- a/.github/codeql/codeql-javascript-typescript.yml
+++ b/.github/codeql/codeql-javascript-typescript.yml
@@ -0,0 +1,18 @@
+name: openclaw-codeql-javascript-typescript
+
+paths:
+  - src
+  - extensions
+  - ui/src
+  - skills
+
+paths-ignore:
+  - apps
+  - dist
+  - docs
+  - "**/node_modules"
+  - "**/coverage"
+  - "**/*.test.ts"
+  - "**/*.test.tsx"
+  - "**/*.e2e.test.ts"
+  - "**/*.e2e.test.tsx"
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@@ -87,6 +87,13 @@ What you personally verified (not just CI), and how:
 - Edge cases checked:
 - What you did **not** verify:

+## Review Conversations
+
+- [ ] I replied to or resolved every bot review conversation I addressed in this PR.
+- [ ] I left unresolved only the conversations that still need reviewer or maintainer judgment.
+
+If a bot review conversation is addressed by this PR, resolve that conversation yourself. Do not leave bot review conversation cleanup for maintainers.
+
 ## Compatibility / Migration

 - Backward compatible? (`Yes/No`)
--- a/.github/workflows/auto-response.yml
+++ b/.github/workflows/auto-response.yml
@@ -261,6 +261,8 @@ jobs:
            };

            const triggerLabel = "trigger-response";
+            const activePrLimitLabel = "r: too-many-prs";
+            const activePrLimitOverrideLabel = "r: too-many-prs-override";
            const target = context.payload.issue ?? context.payload.pull_request;
            if (!target) {
              return;
@@ -448,6 +450,10 @@ jobs:
              return;
            }

+            if (pullRequest && labelSet.has(activePrLimitOverrideLabel)) {
+              labelSet.delete(activePrLimitLabel);
+            }
+
            const rule = rules.find((item) => labelSet.has(item.label));
            if (!rule) {
              return;
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -28,6 +28,7 @@ jobs:
            needs_swift_tools: false
            needs_manual_build: false
            needs_autobuild: false
+            config_file: ./.github/codeql/codeql-javascript-typescript.yml
          - language: actions
            runs_on: blacksmith-16vcpu-ubuntu-2404
            needs_node: false
@@ -36,6 +37,7 @@ jobs:
            needs_swift_tools: false
            needs_manual_build: false
            needs_autobuild: false
+            config_file: ""
          - language: python
            runs_on: blacksmith-16vcpu-ubuntu-2404
            needs_node: false
@@ -44,6 +46,7 @@ jobs:
            needs_swift_tools: false
            needs_manual_build: false
            needs_autobuild: false
+            config_file: ""
          - language: java-kotlin
            runs_on: blacksmith-16vcpu-ubuntu-2404
            needs_node: false
@@ -52,6 +55,7 @@ jobs:
            needs_swift_tools: false
            needs_manual_build: true
            needs_autobuild: false
+            config_file: ""
          - language: swift
            runs_on: macos-latest
            needs_node: false
@@ -60,6 +64,7 @@ jobs:
            needs_swift_tools: true
            needs_manual_build: true
            needs_autobuild: false
+            config_file: ""
    steps:
      - name: Checkout
        uses: actions/checkout@v4
@@ -95,6 +100,7 @@ jobs:
        with:
          languages: ${{ matrix.language }}
          queries: security-and-quality
+          config-file: ${{ matrix.config_file || '' }}

      - name: Autobuild
        if: matrix.needs_autobuild
--- a/.github/workflows/labeler.yml
+++ b/.github/workflows/labeler.yml
@@ -213,6 +213,7 @@ jobs:
            }

            const activePrLimitLabel = "r: too-many-prs";
+            const activePrLimitOverrideLabel = "r: too-many-prs-override";
            const activePrLimit = 10;
            const labelColor = "B60205";
            const labelDescription = `Author has more than ${activePrLimit} active PRs in this repo`;
@@ -221,12 +222,37 @@ jobs:
              return;
            }

+            const currentLabels = await github.paginate(github.rest.issues.listLabelsOnIssue, {
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              issue_number: pullRequest.number,
+              per_page: 100,
+            });
+
            const labelNames = new Set(
-              (pullRequest.labels ?? [])
+              currentLabels
                .map((label) => (typeof label === "string" ? label : label?.name))
                .filter((name) => typeof name === "string"),
            );

+            if (labelNames.has(activePrLimitOverrideLabel)) {
+              if (labelNames.has(activePrLimitLabel)) {
+                try {
+                  await github.rest.issues.removeLabel({
+                    owner: context.repo.owner,
+                    repo: context.repo.repo,
+                    issue_number: pullRequest.number,
+                    name: activePrLimitLabel,
+                  });
+                } catch (error) {
+                  if (error?.status !== 404) {
+                    throw error;
+                  }
+                }
+              }
+              return;
+            }
+
            const ensureLabelExists = async () => {
              try {
                await github.rest.issues.getLabel({
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -66,7 +66,7 @@ repos:
          - --exclude-lines
          - 'env: \{ MISTRAL_API_K[E]Y: "sk-\.\.\." \},'
          - --exclude-lines
-          - '"ap[i]Key": "xxxxx",'
+          - '"ap[i]Key": "xxxxx"(,)?'
          - --exclude-lines
          - 'ap[i]Key: "A[I]za\.\.\.",'
  # Shell script linting
--- a/.secrets.baseline
+++ b/.secrets.baseline
@@ -151,7 +151,7 @@
        "export CUSTOM_API_K[E]Y=\"your-key\"",
        "grep -q 'N[O]DE_COMPILE_CACHE=/var/tmp/openclaw-compile-cache' ~/.bashrc \\|\\| cat >> ~/.bashrc <<'EOF'",
        "env: \\{ MISTRAL_API_K[E]Y: \"sk-\\.\\.\\.\" \\},",
-        "\"ap[i]Key\": \"xxxxx\",",
+        "\"ap[i]Key\": \"xxxxx\"(,)?",
        "ap[i]Key: \"A[I]za\\.\\.\\.\","
      ]
    },
@@ -183,23 +183,23 @@
      {
        "type": "Base64 High Entropy String",
        "filename": "appcast.xml",
-        "hashed_secret": "abb0380989460de3f211d60628b439de7ebcd482",
+        "hashed_secret": "7afea670e53d801f1f881c99c40aa177e3395bfa",
        "is_verified": false,
-        "line_number": 364
+        "line_number": 365
      },
      {
        "type": "Base64 High Entropy String",
        "filename": "appcast.xml",
        "hashed_secret": "6e1ba26139ac4e73427e68a7eec2abf96bcf1fd4",
        "is_verified": false,
-        "line_number": 583
+        "line_number": 584
      },
      {
        "type": "Base64 High Entropy String",
        "filename": "appcast.xml",
        "hashed_secret": "c0baa9660a8d3b11874c63a535d8369f4a8fa8fa",
        "is_verified": false,
-        "line_number": 722
+        "line_number": 723
      }
    ],
    "apps/android/app/src/test/java/ai/openclaw/android/node/AppUpdateHandlerTest.kt": [
@@ -9619,14 +9619,14 @@
        "filename": "docs/channels/feishu.md",
        "hashed_secret": "b60d121b438a380c343d5ec3c2037564b82ffef3",
        "is_verified": false,
-        "line_number": 189
+        "line_number": 187
      },
      {
        "type": "Secret Keyword",
        "filename": "docs/channels/feishu.md",
        "hashed_secret": "186154712b2d5f6791d85b9a0987b98fa231779c",
        "is_verified": false,
-        "line_number": 501
+        "line_number": 499
      }
    ],
    "docs/channels/irc.md": [
@@ -9795,63 +9795,63 @@
        "filename": "docs/gateway/configuration-reference.md",
        "hashed_secret": "1188d5a8ed7edcff5144a9472af960243eacf12e",
        "is_verified": false,
-        "line_number": 1611
+        "line_number": 1612
      },
      {
        "type": "Secret Keyword",
        "filename": "docs/gateway/configuration-reference.md",
        "hashed_secret": "bde4db9b4c3be4049adc3b9a69851d7c35119770",
        "is_verified": false,
-        "line_number": 1627
+        "line_number": 1628
      },
      {
        "type": "Secret Keyword",
        "filename": "docs/gateway/configuration-reference.md",
        "hashed_secret": "7f8aaf142ce0552c260f2e546dda43ddd7c9aef3",
        "is_verified": false,
-        "line_number": 1812
+        "line_number": 1815
      },
      {
        "type": "Secret Keyword",
        "filename": "docs/gateway/configuration-reference.md",
        "hashed_secret": "22af290a1a3d5e941193a41a3d3a9e4ca8da5e27",
        "is_verified": false,
-        "line_number": 1985
+        "line_number": 1988
      },
      {
        "type": "Secret Keyword",
        "filename": "docs/gateway/configuration-reference.md",
        "hashed_secret": "ec3810e10fb78db55ce38b9c18d1c3eb1db739e0",
        "is_verified": false,
-        "line_number": 2041
+        "line_number": 2044
      },
      {
        "type": "Secret Keyword",
        "filename": "docs/gateway/configuration-reference.md",
        "hashed_secret": "c1e6ee547fd492df1441ac492e8bb294974712bd",
        "is_verified": false,
-        "line_number": 2273
+        "line_number": 2276
      },
      {
        "type": "Secret Keyword",
        "filename": "docs/gateway/configuration-reference.md",
        "hashed_secret": "45d676e7c6ab44cf4b8fa366ef2d8fccd3e6d6e6",
        "is_verified": false,
-        "line_number": 2401
+        "line_number": 2404
      },
      {
        "type": "Secret Keyword",
        "filename": "docs/gateway/configuration-reference.md",
        "hashed_secret": "a219d7693c25cd2d93313512e200ff3eb374d281",
        "is_verified": false,
-        "line_number": 2654
+        "line_number": 2657
      },
      {
        "type": "Secret Keyword",
        "filename": "docs/gateway/configuration-reference.md",
        "hashed_secret": "b6f56e5e92078ed7c078c46fbfeedcbe5719bc25",
        "is_verified": false,
-        "line_number": 2656
+        "line_number": 2659
      }
    ],
    "docs/gateway/configuration.md": [
@@ -9945,7 +9945,7 @@
        "filename": "docs/help/faq.md",
        "hashed_secret": "45d676e7c6ab44cf4b8fa366ef2d8fccd3e6d6e6",
        "is_verified": false,
-        "line_number": 2489
+        "line_number": 2490
      }
    ],
    "docs/install/macos-vm.md": [
@@ -9972,7 +9972,7 @@
        "filename": "docs/perplexity.md",
        "hashed_secret": "6b26c117c66a0c030e239eef595c1e18865132a8",
        "is_verified": false,
-        "line_number": 29
+        "line_number": 43
      }
    ],
    "docs/plugins/voice-call.md": [
@@ -10033,14 +10033,14 @@
        "filename": "docs/providers/minimax.md",
        "hashed_secret": "ec3810e10fb78db55ce38b9c18d1c3eb1db739e0",
        "is_verified": false,
-        "line_number": 70
+        "line_number": 69
      },
      {
        "type": "Secret Keyword",
        "filename": "docs/providers/minimax.md",
        "hashed_secret": "16c249e04e2be318050cb883c40137361c0c7209",
        "is_verified": false,
-        "line_number": 149
+        "line_number": 148
      }
    ],
    "docs/providers/moonshot.md": [
@@ -10198,21 +10198,21 @@
        "filename": "docs/tools/web.md",
        "hashed_secret": "6b26c117c66a0c030e239eef595c1e18865132a8",
        "is_verified": false,
-        "line_number": 90
+        "line_number": 135
      },
      {
        "type": "Secret Keyword",
        "filename": "docs/tools/web.md",
        "hashed_secret": "491d458f895b9213facb2ee9375b1b044eaea3ac",
        "is_verified": false,
-        "line_number": 179
+        "line_number": 228
      },
      {
        "type": "Secret Keyword",
        "filename": "docs/tools/web.md",
        "hashed_secret": "674397e2c0c2faaa85961c708d2a96a7cc7af217",
        "is_verified": false,
-        "line_number": 277
+        "line_number": 332
      }
    ],
    "docs/tts.md": [
@@ -10255,14 +10255,14 @@
        "filename": "docs/zh-CN/channels/feishu.md",
        "hashed_secret": "b60d121b438a380c343d5ec3c2037564b82ffef3",
        "is_verified": false,
-        "line_number": 195
+        "line_number": 191
      },
      {
        "type": "Secret Keyword",
        "filename": "docs/zh-CN/channels/feishu.md",
        "hashed_secret": "186154712b2d5f6791d85b9a0987b98fa231779c",
        "is_verified": false,
-        "line_number": 509
+        "line_number": 505
      }
    ],
    "docs/zh-CN/channels/line.md": [
@@ -11481,7 +11481,7 @@
        "filename": "src/agents/models-config.e2e-harness.ts",
        "hashed_secret": "7cf31e8b6cda49f70c31f1f25af05d46f924142d",
        "is_verified": false,
-        "line_number": 130
+        "line_number": 131
      }
    ],
    "src/agents/models-config.fills-missing-provider-apikey-from-env-var.e2e.test.ts": [
@@ -11680,7 +11680,7 @@
        "filename": "src/agents/tools/web-search.ts",
        "hashed_secret": "dfba7aade0868074c2861c98e2a9a92f3178a51b",
        "is_verified": false,
-        "line_number": 254
+        "line_number": 292
      }
    ],
    "src/agents/tools/web-tools.enabled-defaults.e2e.test.ts": [
@@ -12335,14 +12335,14 @@
        "filename": "src/config/schema.help.ts",
        "hashed_secret": "9f4cda226d3868676ac7f86f59e4190eb94bd208",
        "is_verified": false,
-        "line_number": 649
+        "line_number": 651
      },
      {
        "type": "Secret Keyword",
        "filename": "src/config/schema.help.ts",
        "hashed_secret": "01822c8bbf6a8b136944b14182cb885100ec2eae",
        "is_verified": false,
-        "line_number": 680
+        "line_number": 684
      }
    ],
    "src/config/schema.irc.ts": [
@@ -12388,7 +12388,7 @@
        "filename": "src/config/schema.labels.ts",
        "hashed_secret": "2eda7cd978f39eebec3bf03e4410a40e14167fff",
        "is_verified": false,
-        "line_number": 324
+        "line_number": 325
      }
    ],
    "src/config/slack-http-config.test.ts": [
@@ -13034,5 +13034,5 @@
      }
    ]
  },
-  "generated_at": "2026-03-08T05:05:36Z"
+  "generated_at": "2026-03-08T18:30:57Z"
 }
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -6,6 +6,7 @@
 - GitHub comment footgun: never use `gh issue/pr comment -b "..."` when body contains backticks or shell chars. Always use single-quoted heredoc (`-F - <<'EOF'`) so no command substitution/escaping corruption.
 - GitHub linking footgun: don’t wrap issue/PR refs like `#24643` in backticks when you want auto-linking. Use plain `#24643` (optionally add full URL).
 - PR landing comments: always make commit SHAs clickable with full commit links (both landed SHA + source SHA when present).
+- PR review conversations: if a bot leaves review conversations on your PR, address them and resolve those conversations yourself once fixed. Leave a conversation unresolved only when reviewer or maintainer judgment is still needed; do not leave bot-conversation cleanup to maintainers.
 - GitHub searching footgun: don't limit yourself to the first 500 issues or PRs when wanting to search all. Unless you're supposed to look at the most recent, keep going until you've reached the last page in the search
 - Security advisory analysis: before triage/severity decisions, read `SECURITY.md` to align with OpenClaw's trust model and design boundaries.

@@ -28,6 +29,7 @@
 - Docs are hosted on Mintlify (docs.openclaw.ai).
 - Internal doc links in `docs/**/*.md`: root-relative, no `.md`/`.mdx` (example: `[Config](/configuration)`).
 - When working with documentation, read the mintlify skill.
+- For docs, UI copy, and picker lists, order services/providers alphabetically unless the section is explicitly describing runtime behavior (for example auto-detection or execution order).
 - Section cross-references: use anchors on root-relative paths (example: `[Hooks](/configuration#hooks)`).
 - Doc headings and anchors: avoid em dashes and apostrophes in headings because they break Mintlify anchor links.
 - When Peter asks for links, reply with full `https://docs.openclaw.ai/...` URLs (not root-relative).
@@ -113,6 +115,7 @@

 **Full maintainer PR workflow (optional):** If you want the repo's end-to-end maintainer workflow (triage order, quality bar, rebase rules, commit/changelog conventions, co-contributor policy, and the `review-pr` > `prepare-pr` > `merge-pr` pipeline), see `.agents/skills/PR_WORKFLOW.md`. Maintainers may use other workflows; when a maintainer specifies a workflow, follow that. If no workflow is specified, default to PR_WORKFLOW.

+- `/landpr` lives in the global Codex prompts (`~/.codex/prompts/landpr.md`); when landing or merging any PR, always follow that `/landpr` process.
 - Create commits with `scripts/committer "<msg>" <file...>`; avoid manual `git add`/`git commit` so staging stays scoped.
 - Follow concise, action-oriented commit messages (e.g., `CLI: add verbose flag to send`).
 - Group related changes; avoid bundling unrelated refactors.
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,33 @@

 Docs: https://docs.openclaw.ai

+## 2026.3.8
+
+### Changes
+
+- TUI: infer the active agent from the current workspace when launched inside a configured agent workspace, while preserving explicit `agent:` session targets. (#39591) thanks @arceus77-7.
+- Tools/Brave web search: add opt-in `tools.web.search.brave.mode: "llm-context"` so `web_search` can call Brave's LLM Context endpoint and return extracted grounding snippets with source metadata, plus config/docs/test coverage. (#33383) Thanks @thirumaleshp.
+- Talk mode: add top-level `talk.silenceTimeoutMs` config so Talk waits a configurable amount of silence before auto-sending the current transcript, while keeping each platform's existing default pause window when unset. (#39607) Thanks @danodoesdesign. Fixes #17147.
+- CLI/install: include the short git commit hash in `openclaw --version` output when metadata is available, and keep installer version checks compatible with the decorated format. (#39712) thanks @sourman.
+- Docs/Web search: restore $5/month free-credit details, replace defunct "Data for Search"/"Data for AI" plan names with current "Search" plan, and note legacy subscription validity in Brave setup docs. Follows up on #26860. (#40111) Thanks @remusao.
+
+### Fixes
+
+- Plugins/channel onboarding: prefer bundled channel plugins over duplicate npm-installed copies during onboarding and release-channel sync, preventing bundled plugins from being shadowed by npm installs with the same plugin ID. (#40092)
+- macOS app/chat UI: route browser proxy through the local node browser service, preserve plain-text paste semantics, strip completed assistant trace/debug wrapper noise from transcripts, refresh permission state after returning from System Settings, and tolerate malformed cron rows in the macOS tab. (#39516) Thanks @Imhermes1.
+- Mattermost replies: keep `root_id` pinned to the existing thread root when an agent replies inside a thread, while still using reply-target threading for top-level posts. (#27744) thanks @hnykda.
+- Agents/failover: detect Amazon Bedrock `Too many tokens per day` quota errors as rate limits across fallback, cron retry, and memory embeddings while keeping context-window `too many tokens per request` errors out of the rate-limit lane. (#39377) Thanks @gambletan.
+- Android/Play distribution: remove self-update, background location, `screen.record`, and background mic capture from the Android app, narrow the foreground service to `dataSync` only, and clean up the legacy `location.enabledMode=always` preference migration. (#39660) Thanks @obviyus.
+- Telegram/DM partial streaming: keep DM preview lanes on real message edits instead of native draft materialization so final replies no longer flash a second duplicate copy before collapsing back to one.
+- macOS overlays: fix VoiceWake, Talk, and Notify overlay exclusivity crashes by removing shared `inout` visibility mutation from `OverlayPanelFactory.present`, and add a repeated Talk overlay smoke test. (#39275, #39321) Thanks @fellanH.
+- macOS Talk Mode: set the speech recognition request `taskHint` to `.dictation` for mic capture, and add regression coverage for the request defaults. (#38445) Thanks @dmiv.
+- macOS release packaging: default `scripts/package-mac-app.sh` to universal binaries for `BUILD_CONFIG=release`, and clarify that `scripts/package-mac-dist.sh` already produces the release zip + DMG. (#33891) Thanks @cgdusek.
+- Tools/web search: restore Perplexity OpenRouter/Sonar compatibility for legacy `OPENROUTER_API_KEY`, `sk-or-...`, and explicit `perplexity.baseUrl` / `model` setups while keeping direct Perplexity keys on the native Search API path. (#39937) Thanks @obviyus.
+- Hooks/session-memory: keep `/new` and `/reset` memory artifacts in the bound agent workspace and align saved reset session keys with that workspace when stale main-agent keys leak into the hook path. (#39875) thanks @rbutera.
+- Sessions/model switch: clear stale cached `contextTokens` when a session changes models so status and runtime paths recompute against the active model window. (#38044) thanks @yuweuii.
+- ACP/session history: persist transcripts for successful ACP child runs, preserve exact transcript text, record ACP spawned-session lineage, and keep spawn-time transcript-path persistence best-effort so history storage failures do not block execution. (#40137) thanks @mbelinky.
+- Browser/CDP: normalize loopback direct WebSocket CDP URLs back to HTTP(S) for `/json/*` tab operations so local `ws://` / `wss://` profiles can still list, focus, open, and close tabs after the new direct-WS support lands. (#31085) Thanks @shrey150.
+
 ## 2026.3.7

 ### Changes
@@ -33,6 +60,7 @@ Docs: https://docs.openclaw.ai
 - Mattermost/model picker: add Telegram-style interactive provider/model browsing for `/oc_model` and `/oc_models`, fix picker callback updates, and emit a normal confirmation reply when a model is selected. (#38767) thanks @mukhtharcm.
 - Docker/multi-stage build: restructure Dockerfile as a multi-stage build to produce a minimal runtime image without build tools, source code, or Bun; add `OPENCLAW_VARIANT=slim` build arg for a bookworm-slim variant. (#38479) Thanks @sallyom.
 - Google/Gemini 3.1 Flash-Lite: add first-class `google/gemini-3.1-flash-lite-preview` support across model-id normalization, default aliases, media-understanding image lookups, Google Gemini CLI forward-compat fallback, and docs.
+- Agents/compaction model override: allow `agents.defaults.compaction.model` to route compaction summarization through a different model than the main session, and document the override across config help/reference surfaces. (#38753) thanks @starbuck100.

 ### Breaking

@@ -41,6 +69,7 @@ Docs: https://docs.openclaw.ai
 ### Fixes

 - Models/MiniMax: stop advertising removed `MiniMax-M2.5-Lightning` in built-in provider catalogs, onboarding metadata, and docs; keep the supported fast-tier model as `MiniMax-M2.5-highspeed`.
+- Models/Vercel AI Gateway: synthesize the built-in `vercel-ai-gateway` provider from `AI_GATEWAY_API_KEY` and auto-discover the live `/v1/models` catalog so `/models vercel-ai-gateway` exposes current refs including `openai/gpt-5.4`.
 - Security/Config: fail closed when `loadConfig()` hits validation or read errors so invalid configs cannot silently fall back to permissive runtime defaults. (#9040) Thanks @joetomasone.
 - Memory/Hybrid search: preserve negative FTS5 BM25 relevance ordering in `bm25RankToScore()` so stronger keyword matches rank above weaker ones instead of collapsing or reversing scores. (#33757) Thanks @lsdcc01.
 - LINE/`requireMention` group gating: align inbound and reply-stage LINE group policy resolution across raw, `group:`, and `room:` keys (including account-scoped group config), preserve plugin-backed reply-stage fallback behavior, and add regression coverage for prefixed-only group/room config plus reply-stage policy resolution. (#35847) Thanks @kirisame-wang.
@@ -353,6 +382,8 @@ Docs: https://docs.openclaw.ai
 - Discord/config schema parity: add `channels.discord.agentComponents` to the strict Zod config schema so valid `agentComponents.enabled` settings (root and account-scoped) no longer fail with unrecognized-key validation errors. Landed from contributor PR #39378 by @gambletan. Thanks @gambletan and @thewilloftheshadow.
 - ACPX/MCP session bootstrap: inject configured MCP servers into ACP `session/new` and `session/load` for acpx-backed sessions, restoring Canva and other external MCP tools. Landed from contributor PR #39337. Thanks @goodspeed-apps.
 - Control UI/Telegram sender labels: preserve inbound sender labels in sanitized chat history so dashboard user-message groups split correctly and show real group-member names instead of `You`. (#39414) Thanks @obviyus.
+- Agents/failover 402 recovery: keep temporary spend-limit `402` payloads retryable, preserve explicit insufficient-credit billing detection even in long provider payloads, and allow throttled billing-cooldown probes so single-provider setups can recover instead of staying locked out. (#38533) Thanks @xialonglee.
+- Browser/config schema: accept `browser.profiles.*.driver: "openclaw"` while preserving legacy `"clawd"` compatibility in validated config. (#39374; based on #35621) Thanks @gambletan and @ingyukoh.

 ## 2026.3.2

@@ -710,6 +741,7 @@ Docs: https://docs.openclaw.ai

 ### Fixes

+- Gateway/macOS restart: remove self-issued `launchctl kickstart -k` from launchd supervised restart path to prevent race with launchd's async bootout state machine that permanently unloads the LaunchAgent. With `ThrottleInterval=1` (current default), `exit(0)` + `KeepAlive=true` restarts the service within ~1s without the race condition. (#39760) Landed from contributor PR #39763 by @daymade. Thanks @daymade.
 - Exec/system.run env sanitization: block dangerous override-only env pivots such as `GIT_SSH_COMMAND`, editor/pager hooks, and `GIT_CONFIG_` / `NPM_CONFIG_` override prefixes so allowlisted tools cannot smuggle helper command execution through subprocess environment overrides. Thanks @tdjackey and @SnailSploit for reporting.
 - Network/fetch guard redirect auth stripping: switch cross-origin redirect handling in `fetchWithSsrFGuard` from a narrow sensitive-header denylist to a safe-header allowlist so custom auth headers like `X-Api-Key` and `Private-Token` no longer leak on origin changes. Thanks @Rickidevs for reporting.
 - Security/Sandbox media reads: eliminate sandbox media TOCTOU symlink-retarget escapes by enforcing root-scoped boundary-safe reads at attachment/image load time and consolidating shared safe-read helpers across sandbox media callsites. This ships in the next npm release. Thanks @tdjackey for reporting.
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -74,8 +74,19 @@ Welcome to the lobster tank! 🦞
 - Ensure CI checks pass
 - Keep PRs focused (one thing per PR; do not mix unrelated concerns)
 - Describe what & why
+- Reply to or resolve bot review conversations you addressed before asking for review again
 - **Include screenshots** — one showing the problem/before, one showing the fix/after (for UI or visual changes)

+## Review Conversations Are Author-Owned
+
+If a review bot leaves review conversations on your PR, you are expected to handle the follow-through:
+
+- Resolve the conversation yourself once the code or explanation fully addresses the bot's concern
+- Reply and leave it open only when you need maintainer or reviewer judgment
+- Do not leave "fixed" bot review conversations for maintainers to clean up for you
+
+This applies to both human-authored and AI-assisted PRs.
+
 ## Control UI Decorators

 The Control UI uses Lit with **legacy** decorators (current Rollup parsing does not support
@@ -101,8 +112,9 @@ Please include in your PR:
 - [ ] Note the degree of testing (untested / lightly tested / fully tested)
 - [ ] Include prompts or session logs if possible (super helpful!)
 - [ ] Confirm you understand what the code does
+- [ ] Resolve or reply to bot review conversations after you address them

-AI PRs are first-class citizens here. We just want transparency so reviewers know what to look for.
+AI PRs are first-class citizens here. We just want transparency so reviewers know what to look for. If you are using an LLM coding agent, instruct it to resolve bot review conversations it has addressed instead of leaving them for maintainers.

 ## Current Focus & Roadmap 🗺

--- a/appcast.xml
+++ b/appcast.xml
@@ -38,6 +38,7 @@
 <li>iOS/App Store Connect release prep: align iOS bundle identifiers under <code>ai.openclaw.client</code>, refresh Watch app icons, add Fastlane metadata/screenshot automation, and support Keychain-backed ASC auth for uploads. (#38936) Thanks @ngutman.</li>
 <li>Mattermost/model picker: add Telegram-style interactive provider/model browsing for <code>/oc_model</code> and <code>/oc_models</code>, fix picker callback updates, and emit a normal confirmation reply when a model is selected. (#38767) thanks @mukhtharcm.</li>
 <li>Docker/multi-stage build: restructure Dockerfile as a multi-stage build to produce a minimal runtime image without build tools, source code, or Bun; add <code>OPENCLAW_VARIANT=slim</code> build arg for a bookworm-slim variant. (#38479) Thanks @sallyom.</li>
+<li>Google/Gemini 3.1 Flash-Lite: add first-class <code>google/gemini-3.1-flash-lite-preview</code> support across model-id normalization, default aliases, media-understanding image lookups, Google Gemini CLI forward-compat fallback, and docs.</li>
 </ul>
 <h3>Breaking</h3>
 <ul>
@@ -361,7 +362,7 @@
 </ul>
 <p><a href="https://github.com/openclaw/openclaw/blob/main/CHANGELOG.md">View full changelog</a></p>
 ]]></description>
-            <enclosure url="https://github.com/openclaw/openclaw/releases/download/v2026.3.7-beta.1/OpenClaw-2026.3.7.zip" length="23263836" type="application/octet-stream" sparkle:edSignature="IjhLPw9QKZukMDV0rU/06N2D0cu7WyNBPfZ+UL58KbTo7av7s3syYAGAmr+zhvfkMoqvtrQfN9prnvnNIKLNCQ=="/>
+            <enclosure url="https://github.com/openclaw/openclaw/releases/download/v2026.3.7/OpenClaw-2026.3.7.zip" length="23263833" type="application/octet-stream" sparkle:edSignature="SO0zedZMzrvSDltLkuaSVQTWFPPPe1iu/enS4TGGb5EGckhqRCmNJWMKNID5lKwFC8vefTbfG9JTlSrZedP4Bg=="/>
        </item>
        <item>
            <title>2026.3.2</title>
--- a/apps/android/README.md
+++ b/apps/android/README.md
@@ -211,7 +211,7 @@ What it does:
 - Reads `node.describe` command list from the selected Android node.
 - Invokes advertised non-interactive commands.
 - Skips `screen.record` in this suite (Android requires interactive per-invocation screen-capture consent).
- Asserts command contracts (success or expected deterministic error for safe-invalid calls like `sms.send`, `notifications.actions`, `app.update`).
+- Asserts command contracts (success or expected deterministic error for safe-invalid calls like `sms.send` and `notifications.actions`).

 Common failure quick-fixes:

--- a/apps/android/app/build.gradle.kts
+++ b/apps/android/app/build.gradle.kts
@@ -63,8 +63,8 @@ android {
        applicationId = "ai.openclaw.app"
        minSdk = 31
        targetSdk = 36
-        versionCode = 202603070
-        versionName = "2026.3.7"
+        versionCode = 202603081
+        versionName = "2026.3.8"
        ndk {
            // Support all major ABIs — native libs are tiny (~47 KB per ABI)
            abiFilters += listOf("armeabi-v7a", "arm64-v8a", "x86", "x86_64")
--- a/apps/android/app/src/main/AndroidManifest.xml
+++ b/apps/android/app/src/main/AndroidManifest.xml
@@ -3,15 +3,12 @@
    <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
    <uses-permission android:name="android.permission.FOREGROUND_SERVICE" />
    <uses-permission android:name="android.permission.FOREGROUND_SERVICE_DATA_SYNC" />
-    <uses-permission android:name="android.permission.FOREGROUND_SERVICE_MICROPHONE" />
-    <uses-permission android:name="android.permission.FOREGROUND_SERVICE_MEDIA_PROJECTION" />
    <uses-permission android:name="android.permission.POST_NOTIFICATIONS" />
    <uses-permission
        android:name="android.permission.NEARBY_WIFI_DEVICES"
        android:usesPermissionFlags="neverForLocation" />
    <uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
    <uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
-    <uses-permission android:name="android.permission.ACCESS_BACKGROUND_LOCATION" />
    <uses-permission android:name="android.permission.CAMERA" />
    <uses-permission android:name="android.permission.RECORD_AUDIO" />
    <uses-permission android:name="android.permission.SEND_SMS" />
@@ -25,7 +22,6 @@
    <uses-permission android:name="android.permission.READ_CALENDAR" />
    <uses-permission android:name="android.permission.WRITE_CALENDAR" />
    <uses-permission android:name="android.permission.ACTIVITY_RECOGNITION" />
-    <uses-permission android:name="android.permission.REQUEST_INSTALL_PACKAGES" />
    <uses-feature
        android:name="android.hardware.camera"
        android:required="false" />
@@ -47,7 +43,7 @@
        <service
            android:name=".NodeForegroundService"
            android:exported="false"
-            android:foregroundServiceType="dataSync|microphone|mediaProjection" />
+            android:foregroundServiceType="dataSync" />
        <service
            android:name=".node.DeviceNotificationListenerService"
            android:label="@string/app_name"
@@ -76,9 +72,5 @@
                <category android:name="android.intent.category.LAUNCHER" />
            </intent-filter>
        </activity>
-
-        <receiver
-            android:name=".InstallResultReceiver"
-            android:exported="false" />
    </application>
 </manifest>
--- a/apps/android/app/src/main/java/ai/openclaw/app/InstallResultReceiver.kt
+++ b/apps/android/app/src/main/java/ai/openclaw/app/InstallResultReceiver.kt
@@ -1,33 +0,0 @@
-package ai.openclaw.app
-
-import android.content.BroadcastReceiver
-import android.content.Context
-import android.content.Intent
-import android.content.pm.PackageInstaller
-import android.util.Log
-
-class InstallResultReceiver : BroadcastReceiver() {
-  override fun onReceive(context: Context, intent: Intent) {
-    val status = intent.getIntExtra(PackageInstaller.EXTRA_STATUS, PackageInstaller.STATUS_FAILURE)
-    val message = intent.getStringExtra(PackageInstaller.EXTRA_STATUS_MESSAGE)
-
-    when (status) {
-      PackageInstaller.STATUS_PENDING_USER_ACTION -> {
-        // System needs user confirmation — launch the confirmation activity
-        @Suppress("DEPRECATION")
-        val confirmIntent = intent.getParcelableExtra<Intent>(Intent.EXTRA_INTENT)
-        if (confirmIntent != null) {
-          confirmIntent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK)
-          context.startActivity(confirmIntent)
-          Log.w("openclaw", "app.update: user confirmation requested, launching install dialog")
-        }
-      }
-      PackageInstaller.STATUS_SUCCESS -> {
-        Log.w("openclaw", "app.update: install SUCCESS")
-      }
-      else -> {
-        Log.e("openclaw", "app.update: install FAILED status=$status message=$message")
-      }
-    }
-  }
-}
--- a/apps/android/app/src/main/java/ai/openclaw/app/LocationMode.kt
+++ b/apps/android/app/src/main/java/ai/openclaw/app/LocationMode.kt
@@ -3,12 +3,12 @@ package ai.openclaw.app
 enum class LocationMode(val rawValue: String) {
  Off("off"),
  WhileUsing("whileUsing"),
-  Always("always"),
  ;

  companion object {
    fun fromRawValue(raw: String?): LocationMode {
      val normalized = raw?.trim()?.lowercase()
+      if (normalized == "always") return WhileUsing
      return entries.firstOrNull { it.rawValue.lowercase() == normalized } ?: Off
    }
  }
--- a/apps/android/app/src/main/java/ai/openclaw/app/MainActivity.kt
+++ b/apps/android/app/src/main/java/ai/openclaw/app/MainActivity.kt
@@ -18,18 +18,14 @@ import kotlinx.coroutines.launch
 class MainActivity : ComponentActivity() {
  private val viewModel: MainViewModel by viewModels()
  private lateinit var permissionRequester: PermissionRequester
-  private lateinit var screenCaptureRequester: ScreenCaptureRequester

  override fun onCreate(savedInstanceState: Bundle?) {
    super.onCreate(savedInstanceState)
    WindowCompat.setDecorFitsSystemWindows(window, false)
    permissionRequester = PermissionRequester(this)
-    screenCaptureRequester = ScreenCaptureRequester(this)
    viewModel.camera.attachLifecycleOwner(this)
    viewModel.camera.attachPermissionRequester(permissionRequester)
    viewModel.sms.attachPermissionRequester(permissionRequester)
-    viewModel.screenRecorder.attachScreenCaptureRequester(screenCaptureRequester)
-    viewModel.screenRecorder.attachPermissionRequester(permissionRequester)

    lifecycleScope.launch {
      repeatOnLifecycle(Lifecycle.State.STARTED) {
--- a/apps/android/app/src/main/java/ai/openclaw/app/MainViewModel.kt
+++ b/apps/android/app/src/main/java/ai/openclaw/app/MainViewModel.kt
@@ -6,7 +6,6 @@ import ai.openclaw.app.gateway.GatewayEndpoint
 import ai.openclaw.app.chat.OutgoingAttachment
 import ai.openclaw.app.node.CameraCaptureManager
 import ai.openclaw.app.node.CanvasController
-import ai.openclaw.app.node.ScreenRecordManager
 import ai.openclaw.app.node.SmsManager
 import ai.openclaw.app.voice.VoiceConversationEntry
 import kotlinx.coroutines.flow.StateFlow
@@ -20,7 +19,6 @@ class MainViewModel(app: Application) : AndroidViewModel(app) {
  val canvasRehydratePending: StateFlow<Boolean> = runtime.canvasRehydratePending
  val canvasRehydrateErrorText: StateFlow<String?> = runtime.canvasRehydrateErrorText
  val camera: CameraCaptureManager = runtime.camera
-  val screenRecorder: ScreenRecordManager = runtime.screenRecorder
  val sms: SmsManager = runtime.sms

  val gateways: StateFlow<List<GatewayEndpoint>> = runtime.gateways
@@ -38,7 +36,6 @@ class MainViewModel(app: Application) : AndroidViewModel(app) {

  val cameraHud: StateFlow<CameraHudState?> = runtime.cameraHud
  val cameraFlashToken: StateFlow<Long> = runtime.cameraFlashToken
-  val screenRecordActive: StateFlow<Boolean> = runtime.screenRecordActive

  val instanceId: StateFlow<String> = runtime.instanceId
  val displayName: StateFlow<String> = runtime.displayName
--- a/apps/android/app/src/main/java/ai/openclaw/app/NodeForegroundService.kt
+++ b/apps/android/app/src/main/java/ai/openclaw/app/NodeForegroundService.kt
@@ -5,13 +5,10 @@ import android.app.NotificationChannel
 import android.app.NotificationManager
 import android.app.Service
 import android.app.PendingIntent
-import android.Manifest
 import android.content.Context
 import android.content.Intent
-import android.content.pm.PackageManager
 import android.content.pm.ServiceInfo
 import androidx.core.app.NotificationCompat
-import androidx.core.content.ContextCompat
 import kotlinx.coroutines.CoroutineScope
 import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.Job
@@ -23,14 +20,13 @@ import kotlinx.coroutines.launch
 class NodeForegroundService : Service() {
  private val scope: CoroutineScope = CoroutineScope(SupervisorJob() + Dispatchers.Main)
  private var notificationJob: Job? = null
-  private var lastRequiresMic = false
  private var didStartForeground = false

  override fun onCreate() {
    super.onCreate()
    ensureChannel()
    val initial = buildNotification(title = "OpenClaw Node", text = "Starting…")
-    startForegroundWithTypes(notification = initial, requiresMic = false)
+    startForegroundWithTypes(notification = initial)

    val runtime = (application as NodeApp).runtime
    notificationJob =
@@ -53,11 +49,8 @@ class NodeForegroundService : Service() {
            }
          val text = (server?.let { "$status · $it" } ?: status) + micSuffix

-          val requiresMic =
-            micEnabled && hasRecordAudioPermission()
          startForegroundWithTypes(
            notification = buildNotification(title = title, text = text),
-            requiresMic = requiresMic,
          )
        }
      }
@@ -135,30 +128,15 @@ class NodeForegroundService : Service() {
    mgr.notify(NOTIFICATION_ID, notification)
  }

-  private fun startForegroundWithTypes(notification: Notification, requiresMic: Boolean) {
-    if (didStartForeground && requiresMic == lastRequiresMic) {
+  private fun startForegroundWithTypes(notification: Notification) {
+    if (didStartForeground) {
      updateNotification(notification)
      return
    }
-
-    lastRequiresMic = requiresMic
-    val types =
-      if (requiresMic) {
-        ServiceInfo.FOREGROUND_SERVICE_TYPE_DATA_SYNC or ServiceInfo.FOREGROUND_SERVICE_TYPE_MICROPHONE
-      } else {
-        ServiceInfo.FOREGROUND_SERVICE_TYPE_DATA_SYNC
-      }
-    startForeground(NOTIFICATION_ID, notification, types)
+    startForeground(NOTIFICATION_ID, notification, ServiceInfo.FOREGROUND_SERVICE_TYPE_DATA_SYNC)
    didStartForeground = true
  }

-  private fun hasRecordAudioPermission(): Boolean {
-    return (
-      ContextCompat.checkSelfPermission(this, Manifest.permission.RECORD_AUDIO) ==
-        PackageManager.PERMISSION_GRANTED
-      )
-  }
-
  companion object {
    private const val CHANNEL_ID = "connection"
    private const val NOTIFICATION_ID = 1
--- a/apps/android/app/src/main/java/ai/openclaw/app/NodeRuntime.kt
+++ b/apps/android/app/src/main/java/ai/openclaw/app/NodeRuntime.kt
@@ -50,7 +50,6 @@ class NodeRuntime(context: Context) {
  val canvas = CanvasController()
  val camera = CameraCaptureManager(appContext)
  val location = LocationCaptureManager(appContext)
-  val screenRecorder = ScreenRecordManager(appContext)
  val sms = SmsManager(appContext)
  private val json = Json { ignoreUnknownKeys = true }

@@ -77,17 +76,11 @@ class NodeRuntime(context: Context) {
    identityStore = identityStore,
  )

-  private val appUpdateHandler: AppUpdateHandler = AppUpdateHandler(
-    appContext = appContext,
-    connectedEndpoint = { connectedEndpoint },
-  )
-
  private val locationHandler: LocationHandler = LocationHandler(
    appContext = appContext,
    location = location,
    json = json,
    isForeground = { _isForeground.value },
-    locationMode = { locationMode.value },
    locationPreciseEnabled = { locationPreciseEnabled.value },
  )

@@ -119,12 +112,6 @@ class NodeRuntime(context: Context) {
    appContext = appContext,
  )

-  private val screenHandler: ScreenHandler = ScreenHandler(
-    screenRecorder = screenRecorder,
-    setScreenRecordActive = { _screenRecordActive.value = it },
-    invokeErrorFromThrowable = { invokeErrorFromThrowable(it) },
-  )
-
  private val smsHandlerImpl: SmsHandler = SmsHandler(
    sms = sms,
  )
@@ -159,11 +146,9 @@ class NodeRuntime(context: Context) {
    contactsHandler = contactsHandler,
    calendarHandler = calendarHandler,
    motionHandler = motionHandler,
-    screenHandler = screenHandler,
    smsHandler = smsHandlerImpl,
    a2uiHandler = a2uiHandler,
    debugHandler = debugHandler,
-    appUpdateHandler = appUpdateHandler,
    isForeground = { _isForeground.value },
    cameraEnabled = { cameraEnabled.value },
    locationEnabled = { locationMode.value != LocationMode.Off },
@@ -206,9 +191,6 @@ class NodeRuntime(context: Context) {
  private val _cameraFlashToken = MutableStateFlow(0L)
  val cameraFlashToken: StateFlow<Long> = _cameraFlashToken.asStateFlow()

-  private val _screenRecordActive = MutableStateFlow(false)
-  val screenRecordActive: StateFlow<Boolean> = _screenRecordActive.asStateFlow()
-
  private val _canvasA2uiHydrated = MutableStateFlow(false)
  val canvasA2uiHydrated: StateFlow<Boolean> = _canvasA2uiHydrated.asStateFlow()
  private val _canvasRehydratePending = MutableStateFlow(false)
@@ -623,6 +605,9 @@ class NodeRuntime(context: Context) {

  fun setForeground(value: Boolean) {
    _isForeground.value = value
+    if (!value) {
+      stopActiveVoiceSession()
+    }
  }

  fun setDisplayName(value: String) {
@@ -667,11 +652,7 @@ class NodeRuntime(context: Context) {

  fun setVoiceScreenActive(active: Boolean) {
    if (!active) {
-      // User left voice screen — stop mic and TTS
-      talkMode.ttsOnAllResponses = false
-      talkMode.stopTts()
-      micCapture.setMicEnabled(false)
-      prefs.setTalkEnabled(false)
+      stopActiveVoiceSession()
    }
    // Don't re-enable on active=true; mic toggle drives that
  }
@@ -700,6 +681,14 @@ class NodeRuntime(context: Context) {
    talkMode.setPlaybackEnabled(value)
  }

+  private fun stopActiveVoiceSession() {
+    talkMode.ttsOnAllResponses = false
+    talkMode.stopTts()
+    micCapture.setMicEnabled(false)
+    prefs.setTalkEnabled(false)
+    externalAudioCaptureActive.value = false
+  }
+
  fun refreshGatewayConnection() {
    val endpoint =
      connectedEndpoint ?: run {
--- a/apps/android/app/src/main/java/ai/openclaw/app/ScreenCaptureRequester.kt
+++ b/apps/android/app/src/main/java/ai/openclaw/app/ScreenCaptureRequester.kt
@@ -1,65 +0,0 @@
-package ai.openclaw.app
-
-import android.app.Activity
-import android.content.Context
-import android.content.Intent
-import android.media.projection.MediaProjectionManager
-import androidx.activity.ComponentActivity
-import androidx.activity.result.ActivityResultLauncher
-import androidx.activity.result.contract.ActivityResultContracts
-import androidx.appcompat.app.AlertDialog
-import kotlinx.coroutines.CompletableDeferred
-import kotlinx.coroutines.Dispatchers
-import kotlinx.coroutines.sync.Mutex
-import kotlinx.coroutines.sync.withLock
-import kotlinx.coroutines.withContext
-import kotlinx.coroutines.withTimeout
-import kotlinx.coroutines.suspendCancellableCoroutine
-import kotlin.coroutines.resume
-
-class ScreenCaptureRequester(private val activity: ComponentActivity) {
-  data class CaptureResult(val resultCode: Int, val data: Intent)
-
-  private val mutex = Mutex()
-  private var pending: CompletableDeferred<CaptureResult?>? = null
-
-  private val launcher: ActivityResultLauncher<Intent> =
-    activity.registerForActivityResult(ActivityResultContracts.StartActivityForResult()) { result ->
-      val p = pending
-      pending = null
-      val data = result.data
-      if (result.resultCode == Activity.RESULT_OK && data != null) {
-        p?.complete(CaptureResult(result.resultCode, data))
-      } else {
-        p?.complete(null)
-      }
-    }
-
-  suspend fun requestCapture(timeoutMs: Long = 20_000): CaptureResult? =
-    mutex.withLock {
-      val proceed = showRationaleDialog()
-      if (!proceed) return null
-
-      val mgr = activity.getSystemService(Context.MEDIA_PROJECTION_SERVICE) as MediaProjectionManager
-      val intent = mgr.createScreenCaptureIntent()
-
-      val deferred = CompletableDeferred<CaptureResult?>()
-      pending = deferred
-      withContext(Dispatchers.Main) { launcher.launch(intent) }
-
-      withContext(Dispatchers.Default) { withTimeout(timeoutMs) { deferred.await() } }
-    }
-
-  private suspend fun showRationaleDialog(): Boolean =
-    withContext(Dispatchers.Main) {
-      suspendCancellableCoroutine { cont ->
-        AlertDialog.Builder(activity)
-          .setTitle("Screen recording required")
-          .setMessage("OpenClaw needs to record the screen for this command.")
-          .setPositiveButton("Continue") { _, _ -> cont.resume(true) }
-          .setNegativeButton("Not now") { _, _ -> cont.resume(false) }
-          .setOnCancelListener { cont.resume(false) }
-          .show()
-      }
-    }
-}
--- a/apps/android/app/src/main/java/ai/openclaw/app/SecurePrefs.kt
+++ b/apps/android/app/src/main/java/ai/openclaw/app/SecurePrefs.kt
@@ -19,6 +19,7 @@ class SecurePrefs(context: Context) {
  companion object {
    val defaultWakeWords: List<String> = listOf("openclaw", "claude")
    private const val displayNameKey = "node.displayName"
+    private const val locationModeKey = "location.enabledMode"
    private const val voiceWakeModeKey = "voiceWake.mode"
    private const val plainPrefsName = "openclaw.node"
    private const val securePrefsName = "openclaw.node.secure"
@@ -46,8 +47,7 @@ class SecurePrefs(context: Context) {
  private val _cameraEnabled = MutableStateFlow(plainPrefs.getBoolean("camera.enabled", true))
  val cameraEnabled: StateFlow<Boolean> = _cameraEnabled

-  private val _locationMode =
-    MutableStateFlow(LocationMode.fromRawValue(plainPrefs.getString("location.enabledMode", "off")))
+  private val _locationMode = MutableStateFlow(loadLocationMode())
  val locationMode: StateFlow<LocationMode> = _locationMode

  private val _locationPreciseEnabled =
@@ -120,7 +120,7 @@ class SecurePrefs(context: Context) {
  }

  fun setLocationMode(mode: LocationMode) {
-    plainPrefs.edit { putString("location.enabledMode", mode.rawValue) }
+    plainPrefs.edit { putString(locationModeKey, mode.rawValue) }
    _locationMode.value = mode
  }

@@ -290,6 +290,15 @@ class SecurePrefs(context: Context) {
    return resolved
  }

+  private fun loadLocationMode(): LocationMode {
+    val raw = plainPrefs.getString(locationModeKey, "off")
+    val resolved = LocationMode.fromRawValue(raw)
+    if (raw?.trim()?.lowercase() == "always") {
+      plainPrefs.edit { putString(locationModeKey, resolved.rawValue) }
+    }
+    return resolved
+  }
+
  private fun loadWakeWords(): List<String> {
    val raw = plainPrefs.getString("voiceWake.triggerWords", null)?.trim()
    if (raw.isNullOrEmpty()) return defaultWakeWords
--- a/apps/android/app/src/main/java/ai/openclaw/app/node/AppUpdateHandler.kt
+++ b/apps/android/app/src/main/java/ai/openclaw/app/node/AppUpdateHandler.kt
@@ -1,295 +0,0 @@
-package ai.openclaw.app.node
-
-import android.app.PendingIntent
-import android.content.Context
-import android.content.Intent
-import ai.openclaw.app.InstallResultReceiver
-import ai.openclaw.app.MainActivity
-import ai.openclaw.app.gateway.GatewayEndpoint
-import ai.openclaw.app.gateway.GatewaySession
-import java.io.File
-import java.net.URI
-import java.security.MessageDigest
-import java.util.Locale
-import kotlinx.coroutines.CoroutineScope
-import kotlinx.coroutines.Dispatchers
-import kotlinx.coroutines.launch
-import kotlinx.serialization.json.Json
-import kotlinx.serialization.json.buildJsonObject
-import kotlinx.serialization.json.jsonObject
-import kotlinx.serialization.json.jsonPrimitive
-import kotlinx.serialization.json.put
-
-private val SHA256_HEX = Regex("^[a-fA-F0-9]{64}$")
-
-internal data class AppUpdateRequest(
-  val url: String,
-  val expectedSha256: String,
-)
-
-internal fun parseAppUpdateRequest(paramsJson: String?, connectedHost: String?): AppUpdateRequest {
-  val params =
-    try {
-      paramsJson?.let { Json.parseToJsonElement(it).jsonObject }
-    } catch (_: Throwable) {
-      throw IllegalArgumentException("params must be valid JSON")
-    } ?: throw IllegalArgumentException("missing 'url' parameter")
-
-  val urlRaw =
-    params["url"]?.jsonPrimitive?.content?.trim().orEmpty()
-      .ifEmpty { throw IllegalArgumentException("missing 'url' parameter") }
-  val sha256Raw =
-    params["sha256"]?.jsonPrimitive?.content?.trim().orEmpty()
-      .ifEmpty { throw IllegalArgumentException("missing 'sha256' parameter") }
-  if (!SHA256_HEX.matches(sha256Raw)) {
-    throw IllegalArgumentException("invalid 'sha256' parameter (expected 64 hex chars)")
-  }
-
-  val uri =
-    try {
-      URI(urlRaw)
-    } catch (_: Throwable) {
-      throw IllegalArgumentException("invalid 'url' parameter")
-    }
-  val scheme = uri.scheme?.lowercase(Locale.US).orEmpty()
-  if (scheme != "https") {
-    throw IllegalArgumentException("url must use https")
-  }
-  if (!uri.userInfo.isNullOrBlank()) {
-    throw IllegalArgumentException("url must not include credentials")
-  }
-  val host = uri.host?.lowercase(Locale.US) ?: throw IllegalArgumentException("url host required")
-  val connectedHostNormalized = connectedHost?.trim()?.lowercase(Locale.US).orEmpty()
-  if (connectedHostNormalized.isNotEmpty() && host != connectedHostNormalized) {
-    throw IllegalArgumentException("url host must match connected gateway host")
-  }
-
-  return AppUpdateRequest(
-    url = uri.toASCIIString(),
-    expectedSha256 = sha256Raw.lowercase(Locale.US),
-  )
-}
-
-internal fun sha256Hex(file: File): String {
-  val digest = MessageDigest.getInstance("SHA-256")
-  file.inputStream().use { input ->
-    val buffer = ByteArray(DEFAULT_BUFFER_SIZE)
-    while (true) {
-      val read = input.read(buffer)
-      if (read < 0) break
-      if (read == 0) continue
-      digest.update(buffer, 0, read)
-    }
-  }
-  val out = StringBuilder(64)
-  for (byte in digest.digest()) {
-    out.append(String.format(Locale.US, "%02x", byte))
-  }
-  return out.toString()
-}
-
-class AppUpdateHandler(
-  private val appContext: Context,
-  private val connectedEndpoint: () -> GatewayEndpoint?,
-) {
-
-  fun handleUpdate(paramsJson: String?): GatewaySession.InvokeResult {
-    try {
-      val updateRequest =
-        try {
-          parseAppUpdateRequest(paramsJson, connectedEndpoint()?.host)
-        } catch (err: IllegalArgumentException) {
-          return GatewaySession.InvokeResult.error(
-            code = "INVALID_REQUEST",
-            message = "INVALID_REQUEST: ${err.message ?: "invalid app.update params"}",
-          )
-        }
-      val url = updateRequest.url
-      val expectedSha256 = updateRequest.expectedSha256
-
-      android.util.Log.w("openclaw", "app.update: downloading from $url")
-
-      val notifId = 9001
-      val channelId = "app_update"
-      val notifManager = appContext.getSystemService(android.content.Context.NOTIFICATION_SERVICE) as android.app.NotificationManager
-
-      // Create notification channel (required for Android 8+)
-      val channel = android.app.NotificationChannel(channelId, "App Updates", android.app.NotificationManager.IMPORTANCE_LOW)
-      notifManager.createNotificationChannel(channel)
-
-      // PendingIntent to open the app when notification is tapped
-      val launchIntent = Intent(appContext, MainActivity::class.java).apply {
-        flags = Intent.FLAG_ACTIVITY_NEW_TASK or Intent.FLAG_ACTIVITY_CLEAR_TOP
-      }
-      val launchPi = PendingIntent.getActivity(appContext, 0, launchIntent, PendingIntent.FLAG_UPDATE_CURRENT or PendingIntent.FLAG_IMMUTABLE)
-
-      // Launch download async so the invoke returns immediately
-      CoroutineScope(Dispatchers.IO).launch {
-        try {
-          val cacheDir = java.io.File(appContext.cacheDir, "updates")
-          cacheDir.mkdirs()
-          val file = java.io.File(cacheDir, "update.apk")
-          if (file.exists()) file.delete()
-
-          // Show initial progress notification
-          fun buildProgressNotif(progress: Int, max: Int, text: String): android.app.Notification {
-            return android.app.Notification.Builder(appContext, channelId)
-              .setSmallIcon(android.R.drawable.stat_sys_download)
-              .setContentTitle("OpenClaw Update")
-              .setContentText(text)
-              .setProgress(max, progress, max == 0)
-              
-              .setContentIntent(launchPi)
-              .setOngoing(true)
-              .build()
-          }
-          notifManager.notify(notifId, buildProgressNotif(0, 0, "Connecting..."))
-
-          val client = okhttp3.OkHttpClient.Builder()
-            .connectTimeout(30, java.util.concurrent.TimeUnit.SECONDS)
-            .readTimeout(300, java.util.concurrent.TimeUnit.SECONDS)
-            .build()
-          val request = okhttp3.Request.Builder().url(url).build()
-          val response = client.newCall(request).execute()
-          if (!response.isSuccessful) {
-            notifManager.cancel(notifId)
-            notifManager.notify(notifId, android.app.Notification.Builder(appContext, channelId)
-              .setSmallIcon(android.R.drawable.stat_notify_error)
-              .setContentTitle("Update Failed")
-              
-              .setContentIntent(launchPi)
-              .setContentText("HTTP ${response.code}")
-              .build())
-            return@launch
-          }
-
-          val contentLength = response.body?.contentLength() ?: -1L
-          val body = response.body ?: run {
-            notifManager.cancel(notifId)
-            return@launch
-          }
-
-          // Download with progress tracking
-          var totalBytes = 0L
-          var lastNotifUpdate = 0L
-          body.byteStream().use { input ->
-            file.outputStream().use { output ->
-              val buffer = ByteArray(8192)
-              while (true) {
-                val bytesRead = input.read(buffer)
-                if (bytesRead == -1) break
-                output.write(buffer, 0, bytesRead)
-                totalBytes += bytesRead
-
-                // Update notification at most every 500ms
-                val now = System.currentTimeMillis()
-                if (now - lastNotifUpdate > 500) {
-                  lastNotifUpdate = now
-                  if (contentLength > 0) {
-                    val pct = ((totalBytes * 100) / contentLength).toInt()
-                    val mb = String.format(Locale.US, "%.1f", totalBytes / 1048576.0)
-                    val totalMb = String.format(Locale.US, "%.1f", contentLength / 1048576.0)
-                    notifManager.notify(notifId, buildProgressNotif(pct, 100, "$mb / $totalMb MB ($pct%)"))
-                  } else {
-                    val mb = String.format(Locale.US, "%.1f", totalBytes / 1048576.0)
-                    notifManager.notify(notifId, buildProgressNotif(0, 0, "${mb} MB downloaded"))
-                  }
-                }
-              }
-            }
-          }
-
-          android.util.Log.w("openclaw", "app.update: downloaded ${file.length()} bytes")
-          val actualSha256 = sha256Hex(file)
-          if (actualSha256 != expectedSha256) {
-            android.util.Log.e(
-              "openclaw",
-              "app.update: sha256 mismatch expected=$expectedSha256 actual=$actualSha256",
-            )
-            file.delete()
-            notifManager.cancel(notifId)
-            notifManager.notify(
-              notifId,
-              android.app.Notification.Builder(appContext, channelId)
-                .setSmallIcon(android.R.drawable.stat_notify_error)
-                .setContentTitle("Update Failed")
-                .setContentIntent(launchPi)
-                .setContentText("SHA-256 mismatch")
-                .build(),
-            )
-            return@launch
-          }
-
-          // Verify file is a valid APK (basic check: ZIP magic bytes)
-          val magic = file.inputStream().use { it.read().toByte() to it.read().toByte() }
-          if (magic.first != 0x50.toByte() || magic.second != 0x4B.toByte()) {
-            android.util.Log.e("openclaw", "app.update: invalid APK (bad magic: ${magic.first}, ${magic.second})")
-            file.delete()
-            notifManager.cancel(notifId)
-            notifManager.notify(notifId, android.app.Notification.Builder(appContext, channelId)
-              .setSmallIcon(android.R.drawable.stat_notify_error)
-              .setContentTitle("Update Failed")
-              
-              .setContentIntent(launchPi)
-              .setContentText("Downloaded file is not a valid APK")
-              .build())
-            return@launch
-          }
-
-          // Use PackageInstaller session API — works from background on API 34+
-          // The system handles showing the install confirmation dialog
-          notifManager.cancel(notifId)
-          notifManager.notify(
-            notifId,
-            android.app.Notification.Builder(appContext, channelId)
-              .setSmallIcon(android.R.drawable.stat_sys_download_done)
-              .setContentTitle("Installing Update...")
-              .setContentIntent(launchPi)
-              .setContentText("${String.format(Locale.US, "%.1f", totalBytes / 1048576.0)} MB downloaded")
-              .build(),
-          )
-
-          val installer = appContext.packageManager.packageInstaller
-          val params = android.content.pm.PackageInstaller.SessionParams(
-            android.content.pm.PackageInstaller.SessionParams.MODE_FULL_INSTALL
-          )
-          params.setSize(file.length())
-          val sessionId = installer.createSession(params)
-          val session = installer.openSession(sessionId)
-          session.openWrite("openclaw-update.apk", 0, file.length()).use { out ->
-            file.inputStream().use { inp -> inp.copyTo(out) }
-            session.fsync(out)
-          }
-          // Commit with FLAG_MUTABLE PendingIntent — system requires mutable for PackageInstaller status
-          val callbackIntent = android.content.Intent(appContext, InstallResultReceiver::class.java)
-          val pi = android.app.PendingIntent.getBroadcast(
-            appContext, sessionId, callbackIntent,
-            android.app.PendingIntent.FLAG_UPDATE_CURRENT or android.app.PendingIntent.FLAG_MUTABLE
-          )
-          session.commit(pi.intentSender)
-          android.util.Log.w("openclaw", "app.update: PackageInstaller session committed, waiting for user confirmation")
-        } catch (err: Throwable) {
-          android.util.Log.e("openclaw", "app.update: async error", err)
-          notifManager.cancel(notifId)
-          notifManager.notify(notifId, android.app.Notification.Builder(appContext, channelId)
-            .setSmallIcon(android.R.drawable.stat_notify_error)
-            .setContentTitle("Update Failed")
-            
-              .setContentIntent(launchPi)
-              .setContentText(err.message ?: "Unknown error")
-            .build())
-        }
-      }
-
-      // Return immediately — download happens in background
-      return GatewaySession.InvokeResult.ok(buildJsonObject {
-          put("status", "downloading")
-          put("url", url)
-          put("sha256", expectedSha256)
-        }.toString())
-    } catch (err: Throwable) {
-      android.util.Log.e("openclaw", "app.update: error", err)
-      return GatewaySession.InvokeResult.error(code = "UNAVAILABLE", message = err.message ?: "update failed")
-    }
-  }
-}
--- a/apps/android/app/src/main/java/ai/openclaw/app/node/DeviceHandler.kt
+++ b/apps/android/app/src/main/java/ai/openclaw/app/node/DeviceHandler.kt
@@ -170,13 +170,6 @@ class DeviceHandler(
              promptableWhenDenied = true,
            ),
          )
-          put(
-            "backgroundLocation",
-            permissionStateJson(
-              granted = hasPermission(Manifest.permission.ACCESS_BACKGROUND_LOCATION),
-              promptableWhenDenied = true,
-            ),
-          )
          put(
            "sms",
            permissionStateJson(
@@ -226,14 +219,6 @@ class DeviceHandler(
              promptableWhenDenied = true,
            ),
          )
-          // Screen capture on Android is interactive per-capture consent, not a sticky app permission.
-          put(
-            "screenCapture",
-            permissionStateJson(
-              granted = false,
-              promptableWhenDenied = true,
-            ),
-          )
        },
      )
    }.toString()
--- a/apps/android/app/src/main/java/ai/openclaw/app/node/InvokeCommandRegistry.kt
+++ b/apps/android/app/src/main/java/ai/openclaw/app/node/InvokeCommandRegistry.kt
@@ -11,7 +11,6 @@ import ai.openclaw.app.protocol.OpenClawLocationCommand
 import ai.openclaw.app.protocol.OpenClawMotionCommand
 import ai.openclaw.app.protocol.OpenClawNotificationsCommand
 import ai.openclaw.app.protocol.OpenClawPhotosCommand
-import ai.openclaw.app.protocol.OpenClawScreenCommand
 import ai.openclaw.app.protocol.OpenClawSmsCommand
 import ai.openclaw.app.protocol.OpenClawSystemCommand

@@ -59,11 +58,9 @@ object InvokeCommandRegistry {
  val capabilityManifest: List<NodeCapabilitySpec> =
    listOf(
      NodeCapabilitySpec(name = OpenClawCapability.Canvas.rawValue),
-      NodeCapabilitySpec(name = OpenClawCapability.Screen.rawValue),
      NodeCapabilitySpec(name = OpenClawCapability.Device.rawValue),
      NodeCapabilitySpec(name = OpenClawCapability.Notifications.rawValue),
      NodeCapabilitySpec(name = OpenClawCapability.System.rawValue),
-      NodeCapabilitySpec(name = OpenClawCapability.AppUpdate.rawValue),
      NodeCapabilitySpec(
        name = OpenClawCapability.Camera.rawValue,
        availability = NodeCapabilityAvailability.CameraEnabled,
@@ -123,10 +120,6 @@ object InvokeCommandRegistry {
        name = OpenClawCanvasA2UICommand.Reset.rawValue,
        requiresForeground = true,
      ),
-      InvokeCommandSpec(
-        name = OpenClawScreenCommand.Record.rawValue,
-        requiresForeground = true,
-      ),
      InvokeCommandSpec(
        name = OpenClawSystemCommand.Notify.rawValue,
      ),
@@ -202,7 +195,6 @@ object InvokeCommandRegistry {
        name = "debug.ed25519",
        availability = InvokeCommandAvailability.DebugBuild,
      ),
-      InvokeCommandSpec(name = "app.update"),
    )

  private val byNameInternal: Map<String, InvokeCommandSpec> = all.associateBy { it.name }
--- a/apps/android/app/src/main/java/ai/openclaw/app/node/InvokeDispatcher.kt
+++ b/apps/android/app/src/main/java/ai/openclaw/app/node/InvokeDispatcher.kt
@@ -10,7 +10,6 @@ import ai.openclaw.app.protocol.OpenClawDeviceCommand
 import ai.openclaw.app.protocol.OpenClawLocationCommand
 import ai.openclaw.app.protocol.OpenClawMotionCommand
 import ai.openclaw.app.protocol.OpenClawNotificationsCommand
-import ai.openclaw.app.protocol.OpenClawScreenCommand
 import ai.openclaw.app.protocol.OpenClawSmsCommand
 import ai.openclaw.app.protocol.OpenClawSystemCommand

@@ -25,11 +24,9 @@ class InvokeDispatcher(
  private val contactsHandler: ContactsHandler,
  private val calendarHandler: CalendarHandler,
  private val motionHandler: MotionHandler,
-  private val screenHandler: ScreenHandler,
  private val smsHandler: SmsHandler,
  private val a2uiHandler: A2UIHandler,
  private val debugHandler: DebugHandler,
-  private val appUpdateHandler: AppUpdateHandler,
  private val isForeground: () -> Boolean,
  private val cameraEnabled: () -> Boolean,
  private val locationEnabled: () -> Boolean,
@@ -161,19 +158,12 @@ class InvokeDispatcher(
      OpenClawMotionCommand.Activity.rawValue -> motionHandler.handleMotionActivity(paramsJson)
      OpenClawMotionCommand.Pedometer.rawValue -> motionHandler.handleMotionPedometer(paramsJson)

-      // Screen command
-      OpenClawScreenCommand.Record.rawValue -> screenHandler.handleScreenRecord(paramsJson)
-
      // SMS command
      OpenClawSmsCommand.Send.rawValue -> smsHandler.handleSmsSend(paramsJson)

      // Debug commands
      "debug.ed25519" -> debugHandler.handleEd25519()
      "debug.logs" -> debugHandler.handleLogs()
-
-      // App update
-      "app.update" -> appUpdateHandler.handleUpdate(paramsJson)
-
      else -> GatewaySession.InvokeResult.error(code = "INVALID_REQUEST", message = "INVALID_REQUEST: unknown command")
    }
  }
--- a/apps/android/app/src/main/java/ai/openclaw/app/node/LocationHandler.kt
+++ b/apps/android/app/src/main/java/ai/openclaw/app/node/LocationHandler.kt
@@ -5,7 +5,6 @@ import android.content.Context
 import android.content.pm.PackageManager
 import android.location.LocationManager
 import androidx.core.content.ContextCompat
-import ai.openclaw.app.LocationMode
 import ai.openclaw.app.gateway.GatewaySession
 import kotlinx.coroutines.TimeoutCancellationException
 import kotlinx.serialization.json.Json
@@ -17,7 +16,6 @@ class LocationHandler(
  private val location: LocationCaptureManager,
  private val json: Json,
  private val isForeground: () -> Boolean,
-  private val locationMode: () -> LocationMode,
  private val locationPreciseEnabled: () -> Boolean,
 ) {
  fun hasFineLocationPermission(): Boolean {
@@ -34,19 +32,11 @@ class LocationHandler(
      )
  }

-  fun hasBackgroundLocationPermission(): Boolean {
-    return (
-      ContextCompat.checkSelfPermission(appContext, Manifest.permission.ACCESS_BACKGROUND_LOCATION) ==
-        PackageManager.PERMISSION_GRANTED
-      )
-  }
-
  suspend fun handleLocationGet(paramsJson: String?): GatewaySession.InvokeResult {
-    val mode = locationMode()
-    if (!isForeground() && mode != LocationMode.Always) {
+    if (!isForeground()) {
      return GatewaySession.InvokeResult.error(
        code = "LOCATION_BACKGROUND_UNAVAILABLE",
-        message = "LOCATION_BACKGROUND_UNAVAILABLE: background location requires Always",
+        message = "LOCATION_BACKGROUND_UNAVAILABLE: location requires OpenClaw to stay open",
      )
    }
    if (!hasFineLocationPermission() && !hasCoarseLocationPermission()) {
@@ -55,12 +45,6 @@ class LocationHandler(
        message = "LOCATION_PERMISSION_REQUIRED: grant Location permission",
      )
    }
-    if (!isForeground() && mode == LocationMode.Always && !hasBackgroundLocationPermission()) {
-      return GatewaySession.InvokeResult.error(
-        code = "LOCATION_PERMISSION_REQUIRED",
-        message = "LOCATION_PERMISSION_REQUIRED: enable Always in system Settings",
-      )
-    }
    val (maxAgeMs, timeoutMs, desiredAccuracy) = parseLocationParams(paramsJson)
    val preciseEnabled = locationPreciseEnabled()
    val accuracy =
--- a/apps/android/app/src/main/java/ai/openclaw/app/node/ScreenHandler.kt
+++ b/apps/android/app/src/main/java/ai/openclaw/app/node/ScreenHandler.kt
@@ -1,25 +0,0 @@
-package ai.openclaw.app.node
-
-import ai.openclaw.app.gateway.GatewaySession
-
-class ScreenHandler(
-  private val screenRecorder: ScreenRecordManager,
-  private val setScreenRecordActive: (Boolean) -> Unit,
-  private val invokeErrorFromThrowable: (Throwable) -> Pair<String, String>,
-) {
-  suspend fun handleScreenRecord(paramsJson: String?): GatewaySession.InvokeResult {
-    setScreenRecordActive(true)
-    try {
-      val res =
-        try {
-          screenRecorder.record(paramsJson)
-        } catch (err: Throwable) {
-          val (code, message) = invokeErrorFromThrowable(err)
-          return GatewaySession.InvokeResult.error(code = code, message = message)
-        }
-      return GatewaySession.InvokeResult.ok(res.payloadJson)
-    } finally {
-      setScreenRecordActive(false)
-    }
-  }
-}
--- a/apps/android/app/src/main/java/ai/openclaw/app/node/ScreenRecordManager.kt
+++ b/apps/android/app/src/main/java/ai/openclaw/app/node/ScreenRecordManager.kt
@@ -1,165 +0,0 @@
-package ai.openclaw.app.node
-
-import android.content.Context
-import android.hardware.display.DisplayManager
-import android.media.MediaRecorder
-import android.media.projection.MediaProjectionManager
-import android.os.Build
-import android.util.Base64
-import ai.openclaw.app.ScreenCaptureRequester
-import kotlinx.coroutines.Dispatchers
-import kotlinx.coroutines.delay
-import kotlinx.coroutines.withContext
-import kotlinx.serialization.json.JsonObject
-import java.io.File
-import kotlin.math.roundToInt
-
-class ScreenRecordManager(private val context: Context) {
-  data class Payload(val payloadJson: String)
-
-  @Volatile private var screenCaptureRequester: ScreenCaptureRequester? = null
-  @Volatile private var permissionRequester: ai.openclaw.app.PermissionRequester? = null
-
-  fun attachScreenCaptureRequester(requester: ScreenCaptureRequester) {
-    screenCaptureRequester = requester
-  }
-
-  fun attachPermissionRequester(requester: ai.openclaw.app.PermissionRequester) {
-    permissionRequester = requester
-  }
-
-  suspend fun record(paramsJson: String?): Payload =
-    withContext(Dispatchers.Default) {
-      val requester =
-        screenCaptureRequester
-          ?: throw IllegalStateException(
-            "SCREEN_PERMISSION_REQUIRED: grant Screen Recording permission",
-          )
-
-      val params = parseJsonParamsObject(paramsJson)
-      val durationMs = (parseDurationMs(params) ?: 10_000).coerceIn(250, 60_000)
-      val fps = (parseFps(params) ?: 10.0).coerceIn(1.0, 60.0)
-      val fpsInt = fps.roundToInt().coerceIn(1, 60)
-      val screenIndex = parseScreenIndex(params)
-      val includeAudio = parseIncludeAudio(params) ?: true
-      val format = parseString(params, key = "format")
-      if (format != null && format.lowercase() != "mp4") {
-        throw IllegalArgumentException("INVALID_REQUEST: screen format must be mp4")
-      }
-      if (screenIndex != null && screenIndex != 0) {
-        throw IllegalArgumentException("INVALID_REQUEST: screenIndex must be 0 on Android")
-      }
-
-      val capture = requester.requestCapture()
-        ?: throw IllegalStateException(
-          "SCREEN_PERMISSION_REQUIRED: grant Screen Recording permission",
-        )
-
-      val mgr =
-        context.getSystemService(Context.MEDIA_PROJECTION_SERVICE) as MediaProjectionManager
-      val projection = mgr.getMediaProjection(capture.resultCode, capture.data)
-        ?: throw IllegalStateException("UNAVAILABLE: screen capture unavailable")
-
-      val metrics = context.resources.displayMetrics
-      val width = metrics.widthPixels
-      val height = metrics.heightPixels
-      val densityDpi = metrics.densityDpi
-
-      val file = File.createTempFile("openclaw-screen-", ".mp4")
-      if (includeAudio) ensureMicPermission()
-
-      val recorder = createMediaRecorder()
-      var virtualDisplay: android.hardware.display.VirtualDisplay? = null
-      try {
-        if (includeAudio) {
-          recorder.setAudioSource(MediaRecorder.AudioSource.MIC)
-        }
-        recorder.setVideoSource(MediaRecorder.VideoSource.SURFACE)
-        recorder.setOutputFormat(MediaRecorder.OutputFormat.MPEG_4)
-        recorder.setVideoEncoder(MediaRecorder.VideoEncoder.H264)
-        if (includeAudio) {
-          recorder.setAudioEncoder(MediaRecorder.AudioEncoder.AAC)
-          recorder.setAudioChannels(1)
-          recorder.setAudioSamplingRate(44_100)
-          recorder.setAudioEncodingBitRate(96_000)
-        }
-        recorder.setVideoSize(width, height)
-        recorder.setVideoFrameRate(fpsInt)
-        recorder.setVideoEncodingBitRate(estimateBitrate(width, height, fpsInt))
-        recorder.setOutputFile(file.absolutePath)
-        recorder.prepare()
-
-        val surface = recorder.surface
-        virtualDisplay =
-          projection.createVirtualDisplay(
-            "openclaw-screen",
-            width,
-            height,
-            densityDpi,
-            DisplayManager.VIRTUAL_DISPLAY_FLAG_AUTO_MIRROR,
-            surface,
-            null,
-            null,
-          )
-
-        recorder.start()
-        delay(durationMs.toLong())
-      } finally {
-        try {
-          recorder.stop()
-        } catch (_: Throwable) {
-          // ignore
-        }
-        recorder.reset()
-        recorder.release()
-        virtualDisplay?.release()
-        projection.stop()
-      }
-
-      val bytes = withContext(Dispatchers.IO) { file.readBytes() }
-      file.delete()
-      val base64 = Base64.encodeToString(bytes, Base64.NO_WRAP)
-      Payload(
-        """{"format":"mp4","base64":"$base64","durationMs":$durationMs,"fps":$fpsInt,"screenIndex":0,"hasAudio":$includeAudio}""",
-      )
-    }
-
-  private fun createMediaRecorder(): MediaRecorder = MediaRecorder(context)
-
-  private suspend fun ensureMicPermission() {
-    val granted =
-      androidx.core.content.ContextCompat.checkSelfPermission(
-        context,
-        android.Manifest.permission.RECORD_AUDIO,
-      ) == android.content.pm.PackageManager.PERMISSION_GRANTED
-    if (granted) return
-
-    val requester =
-      permissionRequester
-        ?: throw IllegalStateException("MIC_PERMISSION_REQUIRED: grant Microphone permission")
-    val results = requester.requestIfMissing(listOf(android.Manifest.permission.RECORD_AUDIO))
-    if (results[android.Manifest.permission.RECORD_AUDIO] != true) {
-      throw IllegalStateException("MIC_PERMISSION_REQUIRED: grant Microphone permission")
-    }
-  }
-
-  private fun parseDurationMs(params: JsonObject?): Int? =
-    parseJsonInt(params, "durationMs")
-
-  private fun parseFps(params: JsonObject?): Double? =
-    parseJsonDouble(params, "fps")
-
-  private fun parseScreenIndex(params: JsonObject?): Int? =
-    parseJsonInt(params, "screenIndex")
-
-  private fun parseIncludeAudio(params: JsonObject?): Boolean? = parseJsonBooleanFlag(params, "includeAudio")
-
-  private fun parseString(params: JsonObject?, key: String): String? =
-    parseJsonString(params, key)
-
-  private fun estimateBitrate(width: Int, height: Int, fps: Int): Int {
-    val pixels = width.toLong() * height.toLong()
-    val raw = (pixels * fps.toLong() * 2L).toInt()
-    return raw.coerceIn(1_000_000, 12_000_000)
-  }
-}
--- a/apps/android/app/src/main/java/ai/openclaw/app/protocol/OpenClawProtocolConstants.kt
+++ b/apps/android/app/src/main/java/ai/openclaw/app/protocol/OpenClawProtocolConstants.kt
@@ -3,14 +3,12 @@ package ai.openclaw.app.protocol
 enum class OpenClawCapability(val rawValue: String) {
  Canvas("canvas"),
  Camera("camera"),
-  Screen("screen"),
  Sms("sms"),
  VoiceWake("voiceWake"),
  Location("location"),
  Device("device"),
  Notifications("notifications"),
  System("system"),
-  AppUpdate("appUpdate"),
  Photos("photos"),
  Contacts("contacts"),
  Calendar("calendar"),
@@ -52,15 +50,6 @@ enum class OpenClawCameraCommand(val rawValue: String) {
  }
 }

-enum class OpenClawScreenCommand(val rawValue: String) {
-  Record("screen.record"),
-  ;
-
-  companion object {
-    const val NamespacePrefix: String = "screen."
-  }
-}
-
 enum class OpenClawSmsCommand(val rawValue: String) {
  Send("sms.send"),
  ;
--- a/apps/android/app/src/main/java/ai/openclaw/app/ui/OnboardingFlow.kt
+++ b/apps/android/app/src/main/java/ai/openclaw/app/ui/OnboardingFlow.kt
@@ -80,7 +80,6 @@ import androidx.compose.ui.text.style.TextOverflow
 import androidx.compose.ui.unit.dp
 import androidx.compose.ui.unit.sp
 import androidx.core.content.ContextCompat
-import androidx.core.net.toUri
 import androidx.lifecycle.Lifecycle
 import androidx.lifecycle.LifecycleEventObserver
 import androidx.lifecycle.compose.LocalLifecycleOwner
@@ -118,7 +117,6 @@ private enum class PermissionToggle {

 private enum class SpecialAccessToggle {
  NotificationListener,
-  AppUpdates,
 }

 private val onboardingBackgroundGradient =
@@ -274,10 +272,6 @@ fun OnboardingFlow(viewModel: MainViewModel, modifier: Modifier = Modifier) {
    rememberSaveable {
      mutableStateOf(isNotificationListenerEnabled(context))
    }
-  var enableAppUpdates by
-    rememberSaveable {
-      mutableStateOf(canInstallUnknownApps(context))
-    }
  var enableMicrophone by rememberSaveable { mutableStateOf(false) }
  var enableCamera by rememberSaveable { mutableStateOf(false) }
  var enablePhotos by rememberSaveable { mutableStateOf(false) }
@@ -342,7 +336,6 @@ fun OnboardingFlow(viewModel: MainViewModel, modifier: Modifier = Modifier) {
  fun setSpecialAccessToggleEnabled(toggle: SpecialAccessToggle, enabled: Boolean) {
    when (toggle) {
      SpecialAccessToggle.NotificationListener -> enableNotificationListener = enabled
-      SpecialAccessToggle.AppUpdates -> enableAppUpdates = enabled
    }
  }

@@ -352,7 +345,6 @@ fun OnboardingFlow(viewModel: MainViewModel, modifier: Modifier = Modifier) {
      enableLocation,
      enableNotifications,
      enableNotificationListener,
-      enableAppUpdates,
      enableMicrophone,
      enableCamera,
      enablePhotos,
@@ -368,7 +360,6 @@ fun OnboardingFlow(viewModel: MainViewModel, modifier: Modifier = Modifier) {
      if (enableLocation) enabled += "Location"
      if (enableNotifications) enabled += "Notifications"
      if (enableNotificationListener) enabled += "Notification listener"
-      if (enableAppUpdates) enabled += "App updates"
      if (enableMicrophone) enabled += "Microphone"
      if (enableCamera) enabled += "Camera"
      if (enablePhotos) enabled += "Photos"
@@ -385,10 +376,6 @@ fun OnboardingFlow(viewModel: MainViewModel, modifier: Modifier = Modifier) {
      openNotificationListenerSettings(context)
      openedSpecialSetup = true
    }
-    if (enableAppUpdates && !canInstallUnknownApps(context)) {
-      openUnknownAppSourcesSettings(context)
-      openedSpecialSetup = true
-    }
    if (openedSpecialSetup) {
      return@proceed
    }
@@ -431,7 +418,6 @@ fun OnboardingFlow(viewModel: MainViewModel, modifier: Modifier = Modifier) {
      val grantedNow =
        when (toggle) {
          SpecialAccessToggle.NotificationListener -> isNotificationListenerEnabled(context)
-          SpecialAccessToggle.AppUpdates -> canInstallUnknownApps(context)
        }
      if (grantedNow) {
        setSpecialAccessToggleEnabled(toggle, true)
@@ -441,7 +427,6 @@ fun OnboardingFlow(viewModel: MainViewModel, modifier: Modifier = Modifier) {
      pendingSpecialAccessToggle = toggle
      when (toggle) {
        SpecialAccessToggle.NotificationListener -> openNotificationListenerSettings(context)
-        SpecialAccessToggle.AppUpdates -> openUnknownAppSourcesSettings(context)
      }
    }

@@ -459,13 +444,6 @@ fun OnboardingFlow(viewModel: MainViewModel, modifier: Modifier = Modifier) {
            )
            pendingSpecialAccessToggle = null
          }
-          SpecialAccessToggle.AppUpdates -> {
-            setSpecialAccessToggleEnabled(
-              SpecialAccessToggle.AppUpdates,
-              canInstallUnknownApps(context),
-            )
-            pendingSpecialAccessToggle = null
-          }
          null -> Unit
        }
      }
@@ -606,7 +584,6 @@ fun OnboardingFlow(viewModel: MainViewModel, modifier: Modifier = Modifier) {
              enableLocation = enableLocation,
              enableNotifications = enableNotifications,
              enableNotificationListener = enableNotificationListener,
-              enableAppUpdates = enableAppUpdates,
              enableMicrophone = enableMicrophone,
              enableCamera = enableCamera,
              enablePhotos = enablePhotos,
@@ -649,9 +626,6 @@ fun OnboardingFlow(viewModel: MainViewModel, modifier: Modifier = Modifier) {
              onNotificationListenerChange = { checked ->
                requestSpecialAccessToggle(SpecialAccessToggle.NotificationListener, checked)
              },
-              onAppUpdatesChange = { checked ->
-                requestSpecialAccessToggle(SpecialAccessToggle.AppUpdates, checked)
-              },
              onMicrophoneChange = { checked ->
                requestPermissionToggle(
                  PermissionToggle.Microphone,
@@ -1337,7 +1311,6 @@ private fun PermissionsStep(
  enableLocation: Boolean,
  enableNotifications: Boolean,
  enableNotificationListener: Boolean,
-  enableAppUpdates: Boolean,
  enableMicrophone: Boolean,
  enableCamera: Boolean,
  enablePhotos: Boolean,
@@ -1353,7 +1326,6 @@ private fun PermissionsStep(
  onLocationChange: (Boolean) -> Unit,
  onNotificationsChange: (Boolean) -> Unit,
  onNotificationListenerChange: (Boolean) -> Unit,
-  onAppUpdatesChange: (Boolean) -> Unit,
  onMicrophoneChange: (Boolean) -> Unit,
  onCameraChange: (Boolean) -> Unit,
  onPhotosChange: (Boolean) -> Unit,
@@ -1387,7 +1359,6 @@ private fun PermissionsStep(
      isPermissionGranted(context, Manifest.permission.ACTIVITY_RECOGNITION)
    }
  val notificationListenerGranted = isNotificationListenerEnabled(context)
-  val appUpdatesGranted = canInstallUnknownApps(context)

  StepShell(title = "Permissions") {
    Text(
@@ -1405,7 +1376,7 @@ private fun PermissionsStep(
    InlineDivider()
    PermissionToggleRow(
      title = "Location",
-      subtitle = "location.get (while app is open unless set to Always later)",
+      subtitle = "location.get (while app is open)",
      checked = enableLocation,
      granted = locationGranted,
      onCheckedChange = onLocationChange,
@@ -1429,17 +1400,9 @@ private fun PermissionsStep(
      onCheckedChange = onNotificationListenerChange,
    )
    InlineDivider()
-    PermissionToggleRow(
-      title = "App updates",
-      subtitle = "app.update install confirmation (opens Android Settings)",
-      checked = enableAppUpdates,
-      granted = appUpdatesGranted,
-      onCheckedChange = onAppUpdatesChange,
-    )
-    InlineDivider()
    PermissionToggleRow(
      title = "Microphone",
-      subtitle = "Voice tab transcription",
+      subtitle = "Foreground Voice tab transcription",
      checked = enableMicrophone,
      granted = isPermissionGranted(context, Manifest.permission.RECORD_AUDIO),
      onCheckedChange = onMicrophoneChange,
@@ -1635,10 +1598,6 @@ private fun isNotificationListenerEnabled(context: Context): Boolean {
  return DeviceNotificationListenerService.isAccessEnabled(context)
 }

-private fun canInstallUnknownApps(context: Context): Boolean {
-  return context.packageManager.canRequestPackageInstalls()
-}
-
 private fun openNotificationListenerSettings(context: Context) {
  val intent = Intent(Settings.ACTION_NOTIFICATION_LISTENER_SETTINGS).addFlags(Intent.FLAG_ACTIVITY_NEW_TASK)
  runCatching {
@@ -1648,19 +1607,6 @@ private fun openNotificationListenerSettings(context: Context) {
  }
 }

-private fun openUnknownAppSourcesSettings(context: Context) {
-  val intent =
-    Intent(
-      Settings.ACTION_MANAGE_UNKNOWN_APP_SOURCES,
-      "package:${context.packageName}".toUri(),
-    ).addFlags(Intent.FLAG_ACTIVITY_NEW_TASK)
-  runCatching {
-    context.startActivity(intent)
-  }.getOrElse {
-    openAppSettings(context)
-  }
-}
-
 private fun openAppSettings(context: Context) {
  val intent =
    Intent(
--- a/apps/android/app/src/main/java/ai/openclaw/app/ui/SettingsSheet.kt
+++ b/apps/android/app/src/main/java/ai/openclaw/app/ui/SettingsSheet.kt
@@ -62,7 +62,6 @@ import androidx.compose.ui.text.font.FontWeight
 import androidx.compose.ui.unit.sp
 import androidx.compose.ui.unit.dp
 import androidx.core.content.ContextCompat
-import androidx.core.net.toUri
 import androidx.lifecycle.Lifecycle
 import androidx.lifecycle.LifecycleEventObserver
 import androidx.lifecycle.compose.LocalLifecycleOwner
@@ -115,7 +114,7 @@ fun SettingsSheet(viewModel: MainViewModel) {
      viewModel.setCameraEnabled(cameraOk)
    }

-  var pendingLocationMode by remember { mutableStateOf<LocationMode?>(null) }
+  var pendingLocationRequest by remember { mutableStateOf(false) }
  var pendingPreciseToggle by remember { mutableStateOf(false) }

  val locationPermissionLauncher =
@@ -123,8 +122,6 @@ fun SettingsSheet(viewModel: MainViewModel) {
      val fineOk = perms[Manifest.permission.ACCESS_FINE_LOCATION] == true
      val coarseOk = perms[Manifest.permission.ACCESS_COARSE_LOCATION] == true
      val granted = fineOk || coarseOk
-      val requestedMode = pendingLocationMode
-      pendingLocationMode = null

      if (pendingPreciseToggle) {
        pendingPreciseToggle = false
@@ -132,21 +129,9 @@ fun SettingsSheet(viewModel: MainViewModel) {
        return@rememberLauncherForActivityResult
      }

-      if (!granted) {
-        viewModel.setLocationMode(LocationMode.Off)
-        return@rememberLauncherForActivityResult
-      }
-
-      if (requestedMode != null) {
-        viewModel.setLocationMode(requestedMode)
-        if (requestedMode == LocationMode.Always) {
-          val backgroundOk =
-            ContextCompat.checkSelfPermission(context, Manifest.permission.ACCESS_BACKGROUND_LOCATION) ==
-              PackageManager.PERMISSION_GRANTED
-          if (!backgroundOk) {
-            openAppSettings(context)
-          }
-        }
+      if (pendingLocationRequest) {
+        pendingLocationRequest = false
+        viewModel.setLocationMode(if (granted) LocationMode.WhileUsing else LocationMode.Off)
      }
    }

@@ -246,11 +231,6 @@ fun SettingsSheet(viewModel: MainViewModel) {
      motionPermissionGranted = granted
    }

-  var appUpdateInstallEnabled by
-    remember {
-      mutableStateOf(canInstallUnknownApps(context))
-    }
-
  var smsPermissionGranted by
    remember {
      mutableStateOf(
@@ -290,7 +270,6 @@ fun SettingsSheet(viewModel: MainViewModel) {
            !motionPermissionRequired ||
              ContextCompat.checkSelfPermission(context, Manifest.permission.ACTIVITY_RECOGNITION) ==
              PackageManager.PERMISSION_GRANTED
-          appUpdateInstallEnabled = canInstallUnknownApps(context)
          smsPermissionGranted =
            ContextCompat.checkSelfPermission(context, Manifest.permission.SEND_SMS) ==
              PackageManager.PERMISSION_GRANTED
@@ -316,7 +295,7 @@ fun SettingsSheet(viewModel: MainViewModel) {
    }
  }

-  fun requestLocationPermissions(targetMode: LocationMode) {
+  fun requestLocationPermissions() {
    val fineOk =
      ContextCompat.checkSelfPermission(context, Manifest.permission.ACCESS_FINE_LOCATION) ==
        PackageManager.PERMISSION_GRANTED
@@ -324,17 +303,9 @@ fun SettingsSheet(viewModel: MainViewModel) {
      ContextCompat.checkSelfPermission(context, Manifest.permission.ACCESS_COARSE_LOCATION) ==
        PackageManager.PERMISSION_GRANTED
    if (fineOk || coarseOk) {
-      viewModel.setLocationMode(targetMode)
-      if (targetMode == LocationMode.Always) {
-        val backgroundOk =
-          ContextCompat.checkSelfPermission(context, Manifest.permission.ACCESS_BACKGROUND_LOCATION) ==
-            PackageManager.PERMISSION_GRANTED
-        if (!backgroundOk) {
-          openAppSettings(context)
-        }
-      }
+      viewModel.setLocationMode(LocationMode.WhileUsing)
    } else {
-      pendingLocationMode = targetMode
+      pendingLocationRequest = true
      locationPermissionLauncher.launch(
        arrayOf(Manifest.permission.ACCESS_FINE_LOCATION, Manifest.permission.ACCESS_COARSE_LOCATION),
      )
@@ -431,9 +402,9 @@ fun SettingsSheet(viewModel: MainViewModel) {
          supportingContent = {
            Text(
              if (micPermissionGranted) {
-                "Granted. Use the Voice tab mic button to capture transcript."
+                "Granted. Use the Voice tab mic button to capture transcript while the app is open."
              } else {
-                "Required for Voice tab transcription."
+                "Required for foreground Voice tab transcription."
              },
              style = mobileCallout,
            )
@@ -460,7 +431,7 @@ fun SettingsSheet(viewModel: MainViewModel) {
      }
      item {
        Text(
-          "Voice wake and talk modes were removed. Voice now uses one mic on/off flow in the Voice tab.",
+          "Voice wake and talk modes were removed. Voice now uses one mic on/off flow in the Voice tab while the app is open.",
          style = mobileCallout,
          color = mobileTextSecondary,
        )
@@ -759,41 +730,6 @@ fun SettingsSheet(viewModel: MainViewModel) {
      }
      item { HorizontalDivider(color = mobileBorder) }

-    // System
-      item {
-        Text(
-          "SYSTEM",
-          style = mobileCaption1.copy(fontWeight = FontWeight.Bold, letterSpacing = 1.sp),
-          color = mobileAccent,
-        )
-      }
-      item {
-        ListItem(
-          modifier = Modifier.settingsRowModifier(),
-          colors = listItemColors,
-          headlineContent = { Text("Install App Updates", style = mobileHeadline) },
-          supportingContent = {
-            Text(
-              "Enable install access for `app.update` package installs.",
-              style = mobileCallout,
-            )
-          },
-          trailingContent = {
-            Button(
-              onClick = { openUnknownAppSourcesSettings(context) },
-              colors = settingsPrimaryButtonColors(),
-              shape = RoundedCornerShape(14.dp),
-            ) {
-              Text(
-                if (appUpdateInstallEnabled) "Manage" else "Enable",
-                style = mobileCallout.copy(fontWeight = FontWeight.Bold),
-              )
-            }
-          },
-        )
-      }
-      item { HorizontalDivider(color = mobileBorder) }
-
    // Location
      item {
        Text(
@@ -825,20 +761,7 @@ fun SettingsSheet(viewModel: MainViewModel) {
            trailingContent = {
              RadioButton(
                selected = locationMode == LocationMode.WhileUsing,
-                onClick = { requestLocationPermissions(LocationMode.WhileUsing) },
-              )
-            },
-          )
-          HorizontalDivider(color = mobileBorder)
-          ListItem(
-            modifier = Modifier.fillMaxWidth(),
-            colors = listItemColors,
-            headlineContent = { Text("Always", style = mobileHeadline) },
-            supportingContent = { Text("Allow background location (requires system permission).", style = mobileCallout) },
-            trailingContent = {
-              RadioButton(
-                selected = locationMode == LocationMode.Always,
-                onClick = { requestLocationPermissions(LocationMode.Always) },
+                onClick = { requestLocationPermissions() },
              )
            },
          )
@@ -858,14 +781,6 @@ fun SettingsSheet(viewModel: MainViewModel) {
          )
        }
      }
-    item {
-      Text(
-        "Always may require Android Settings to allow background location.",
-        style = mobileCallout,
-        color = mobileTextSecondary,
-      )
-    }
-
      item { HorizontalDivider(color = mobileBorder) }

    // Screen
@@ -970,19 +885,6 @@ private fun openNotificationListenerSettings(context: Context) {
  }
 }

-private fun openUnknownAppSourcesSettings(context: Context) {
-  val intent =
-    Intent(
-      Settings.ACTION_MANAGE_UNKNOWN_APP_SOURCES,
-      "package:${context.packageName}".toUri(),
-    )
-  runCatching {
-    context.startActivity(intent)
-  }.getOrElse {
-    openAppSettings(context)
-  }
-}
-
 private fun hasNotificationsPermission(context: Context): Boolean {
  if (Build.VERSION.SDK_INT < 33) return true
  return ContextCompat.checkSelfPermission(context, Manifest.permission.POST_NOTIFICATIONS) ==
@@ -993,10 +895,6 @@ private fun isNotificationListenerEnabled(context: Context): Boolean {
  return DeviceNotificationListenerService.isAccessEnabled(context)
 }

-private fun canInstallUnknownApps(context: Context): Boolean {
-  return context.packageManager.canRequestPackageInstalls()
-}
-
 private fun hasMotionCapabilities(context: Context): Boolean {
  val sensorManager = context.getSystemService(SensorManager::class.java) ?: return false
  return sensorManager.getDefaultSensor(Sensor.TYPE_ACCELEROMETER) != null ||
--- a/apps/android/app/src/main/java/ai/openclaw/app/voice/TalkDefaults.kt
+++ b/apps/android/app/src/main/java/ai/openclaw/app/voice/TalkDefaults.kt
@@ -0,0 +1,5 @@
+package ai.openclaw.app.voice
+
+internal object TalkDefaults {
+  const val defaultSilenceTimeoutMs = 700L
+}
--- a/apps/android/app/src/main/java/ai/openclaw/app/voice/TalkModeGatewayConfig.kt
+++ b/apps/android/app/src/main/java/ai/openclaw/app/voice/TalkModeGatewayConfig.kt
@@ -0,0 +1,161 @@
+package ai.openclaw.app.voice
+
+import ai.openclaw.app.normalizeMainKey
+import kotlinx.serialization.json.JsonElement
+import kotlinx.serialization.json.JsonObject
+import kotlinx.serialization.json.JsonPrimitive
+import kotlinx.serialization.json.buildJsonObject
+import kotlinx.serialization.json.booleanOrNull
+import kotlinx.serialization.json.contentOrNull
+
+internal data class TalkProviderConfigSelection(
+  val provider: String,
+  val config: JsonObject,
+  val normalizedPayload: Boolean,
+)
+
+internal data class TalkModeGatewayConfigState(
+  val activeProvider: String,
+  val normalizedPayload: Boolean,
+  val missingResolvedPayload: Boolean,
+  val mainSessionKey: String,
+  val defaultVoiceId: String?,
+  val voiceAliases: Map<String, String>,
+  val defaultModelId: String,
+  val defaultOutputFormat: String,
+  val apiKey: String?,
+  val interruptOnSpeech: Boolean?,
+  val silenceTimeoutMs: Long,
+)
+
+internal object TalkModeGatewayConfigParser {
+  private const val defaultTalkProvider = "elevenlabs"
+
+  fun parse(
+    config: JsonObject?,
+    defaultProvider: String,
+    defaultModelIdFallback: String,
+    defaultOutputFormatFallback: String,
+    envVoice: String?,
+    sagVoice: String?,
+    envKey: String?,
+  ): TalkModeGatewayConfigState {
+    val talk = config?.get("talk").asObjectOrNull()
+    val selection = selectTalkProviderConfig(talk)
+    val activeProvider = selection?.provider ?: defaultProvider
+    val activeConfig = selection?.config
+    val sessionCfg = config?.get("session").asObjectOrNull()
+    val mainKey = normalizeMainKey(sessionCfg?.get("mainKey").asStringOrNull())
+    val voice = activeConfig?.get("voiceId")?.asStringOrNull()?.trim()?.takeIf { it.isNotEmpty() }
+    val aliases =
+      activeConfig?.get("voiceAliases").asObjectOrNull()?.entries?.mapNotNull { (key, value) ->
+        val id = value.asStringOrNull()?.trim()?.takeIf { it.isNotEmpty() } ?: return@mapNotNull null
+        normalizeTalkAliasKey(key).takeIf { it.isNotEmpty() }?.let { it to id }
+      }?.toMap().orEmpty()
+    val model = activeConfig?.get("modelId")?.asStringOrNull()?.trim()?.takeIf { it.isNotEmpty() }
+    val outputFormat =
+      activeConfig?.get("outputFormat")?.asStringOrNull()?.trim()?.takeIf { it.isNotEmpty() }
+    val key = activeConfig?.get("apiKey")?.asStringOrNull()?.trim()?.takeIf { it.isNotEmpty() }
+    val interrupt = talk?.get("interruptOnSpeech")?.asBooleanOrNull()
+    val silenceTimeoutMs = resolvedSilenceTimeoutMs(talk)
+
+    return TalkModeGatewayConfigState(
+      activeProvider = activeProvider,
+      normalizedPayload = selection?.normalizedPayload == true,
+      missingResolvedPayload = talk != null && selection == null,
+      mainSessionKey = mainKey,
+      defaultVoiceId =
+        if (activeProvider == defaultProvider) {
+          voice ?: envVoice?.takeIf { it.isNotEmpty() } ?: sagVoice?.takeIf { it.isNotEmpty() }
+        } else {
+          voice
+        },
+      voiceAliases = aliases,
+      defaultModelId = model ?: defaultModelIdFallback,
+      defaultOutputFormat = outputFormat ?: defaultOutputFormatFallback,
+      apiKey = key ?: envKey?.takeIf { it.isNotEmpty() },
+      interruptOnSpeech = interrupt,
+      silenceTimeoutMs = silenceTimeoutMs,
+    )
+  }
+
+  fun fallback(
+    defaultProvider: String,
+    defaultModelIdFallback: String,
+    defaultOutputFormatFallback: String,
+    envVoice: String?,
+    sagVoice: String?,
+    envKey: String?,
+  ): TalkModeGatewayConfigState =
+    TalkModeGatewayConfigState(
+      activeProvider = defaultProvider,
+      normalizedPayload = false,
+      missingResolvedPayload = false,
+      mainSessionKey = "main",
+      defaultVoiceId = envVoice?.takeIf { it.isNotEmpty() } ?: sagVoice?.takeIf { it.isNotEmpty() },
+      voiceAliases = emptyMap(),
+      defaultModelId = defaultModelIdFallback,
+      defaultOutputFormat = defaultOutputFormatFallback,
+      apiKey = envKey?.takeIf { it.isNotEmpty() },
+      interruptOnSpeech = null,
+      silenceTimeoutMs = TalkDefaults.defaultSilenceTimeoutMs,
+    )
+
+  fun selectTalkProviderConfig(talk: JsonObject?): TalkProviderConfigSelection? {
+    if (talk == null) return null
+    selectResolvedTalkProviderConfig(talk)?.let { return it }
+    val rawProvider = talk["provider"].asStringOrNull()
+    val rawProviders = talk["providers"].asObjectOrNull()
+    val hasNormalizedPayload = rawProvider != null || rawProviders != null
+    if (hasNormalizedPayload) {
+      return null
+    }
+    return TalkProviderConfigSelection(
+      provider = defaultTalkProvider,
+      config = talk,
+      normalizedPayload = false,
+    )
+  }
+
+  fun resolvedSilenceTimeoutMs(talk: JsonObject?): Long {
+    val fallback = TalkDefaults.defaultSilenceTimeoutMs
+    val primitive = talk?.get("silenceTimeoutMs") as? JsonPrimitive ?: return fallback
+    if (primitive.isString) return fallback
+    val timeout = primitive.content.toDoubleOrNull() ?: return fallback
+    if (timeout <= 0 || timeout % 1.0 != 0.0 || timeout > Long.MAX_VALUE.toDouble()) {
+      return fallback
+    }
+    return timeout.toLong()
+  }
+
+  private fun selectResolvedTalkProviderConfig(talk: JsonObject): TalkProviderConfigSelection? {
+    val resolved = talk["resolved"].asObjectOrNull() ?: return null
+    val providerId = normalizeTalkProviderId(resolved["provider"].asStringOrNull()) ?: return null
+    return TalkProviderConfigSelection(
+      provider = providerId,
+      config = resolved["config"].asObjectOrNull() ?: buildJsonObject {},
+      normalizedPayload = true,
+    )
+  }
+
+  private fun normalizeTalkProviderId(raw: String?): String? {
+    val trimmed = raw?.trim()?.lowercase().orEmpty()
+    return trimmed.takeIf { it.isNotEmpty() }
+  }
+}
+
+private fun normalizeTalkAliasKey(value: String): String =
+  value.trim().lowercase()
+
+private fun JsonElement?.asStringOrNull(): String? =
+  this?.let { element ->
+    element as? JsonPrimitive
+  }?.contentOrNull
+
+private fun JsonElement?.asBooleanOrNull(): Boolean? {
+  val primitive = this as? JsonPrimitive ?: return null
+  return primitive.booleanOrNull
+}
+
+private fun JsonElement?.asObjectOrNull(): JsonObject? =
+  this as? JsonObject
--- a/apps/android/app/src/main/java/ai/openclaw/app/voice/TalkModeManager.kt
+++ b/apps/android/app/src/main/java/ai/openclaw/app/voice/TalkModeManager.kt
@@ -59,52 +59,11 @@ class TalkModeManager(
    private const val tag = "TalkMode"
    private const val defaultModelIdFallback = "eleven_v3"
    private const val defaultOutputFormatFallback = "pcm_24000"
-private const val defaultTalkProvider = "elevenlabs"
-    private const val silenceWindowMs = 500L
+    private const val defaultTalkProvider = "elevenlabs"
    private const val listenWatchdogMs = 12_000L
    private const val chatFinalWaitWithSubscribeMs = 45_000L
    private const val chatFinalWaitWithoutSubscribeMs = 6_000L
    private const val maxCachedRunCompletions = 128
-
-    internal data class TalkProviderConfigSelection(
-      val provider: String,
-      val config: JsonObject,
-      val normalizedPayload: Boolean,
-    )
-
-    private fun normalizeTalkProviderId(raw: String?): String? {
-      val trimmed = raw?.trim()?.lowercase().orEmpty()
-      return trimmed.takeIf { it.isNotEmpty() }
-    }
-
-    internal fun selectTalkProviderConfig(talk: JsonObject?): TalkProviderConfigSelection? {
-      if (talk == null) return null
-      val rawProvider = talk["provider"].asStringOrNull()
-      val rawProviders = talk["providers"].asObjectOrNull()
-      val hasNormalizedPayload = rawProvider != null || rawProviders != null
-      if (hasNormalizedPayload) {
-        val providers =
-          rawProviders?.entries?.mapNotNull { (key, value) ->
-            val providerId = normalizeTalkProviderId(key) ?: return@mapNotNull null
-            val providerConfig = value.asObjectOrNull() ?: return@mapNotNull null
-            providerId to providerConfig
-          }?.toMap().orEmpty()
-        val providerId =
-          normalizeTalkProviderId(rawProvider)
-            ?: providers.keys.sorted().firstOrNull()
-            ?: defaultTalkProvider
-        return TalkProviderConfigSelection(
-          provider = providerId,
-          config = providers[providerId] ?: buildJsonObject {},
-          normalizedPayload = true,
-        )
-      }
-      return TalkProviderConfigSelection(
-        provider = defaultTalkProvider,
-        config = talk,
-        normalizedPayload = false,
-      )
-    }
  }

  private val mainHandler = Handler(Looper.getMainLooper())
@@ -134,7 +93,7 @@ private const val defaultTalkProvider = "elevenlabs"
  private var listeningMode = false

  private var silenceJob: Job? = null
-  private val silenceWindowMs = 700L
+  private var silenceWindowMs = TalkDefaults.defaultSilenceTimeoutMs
  private var lastTranscript: String = ""
  private var lastHeardAtMs: Long? = null
  private var lastSpokenText: String? = null
@@ -854,7 +813,7 @@ private const val defaultTalkProvider = "elevenlabs"
    _lastAssistantText.value = cleaned

    val requestedVoice = directive?.voiceId?.trim()?.takeIf { it.isNotEmpty() }
-    val resolvedVoice = resolveVoiceAlias(requestedVoice)
+    val resolvedVoice = TalkModeVoiceResolver.resolveVoiceAlias(requestedVoice, voiceAliases)
    if (requestedVoice != null && resolvedVoice == null) {
      Log.w(tag, "unknown voice alias: $requestedVoice")
    }
@@ -877,12 +836,35 @@ private const val defaultTalkProvider = "elevenlabs"
      apiKey?.trim()?.takeIf { it.isNotEmpty() }
        ?: System.getenv("ELEVENLABS_API_KEY")?.trim()
    val preferredVoice = resolvedVoice ?: currentVoiceId ?: defaultVoiceId
-    val voiceId =
+    val resolvedPlaybackVoice =
      if (!apiKey.isNullOrEmpty()) {
-        resolveVoiceId(preferredVoice, apiKey)
+        try {
+          TalkModeVoiceResolver.resolveVoiceId(
+            preferred = preferredVoice,
+            fallbackVoiceId = fallbackVoiceId,
+            defaultVoiceId = defaultVoiceId,
+            currentVoiceId = currentVoiceId,
+            voiceOverrideActive = voiceOverrideActive,
+            listVoices = { TalkModeVoiceResolver.listVoices(apiKey, json) },
+          )
+        } catch (err: Throwable) {
+          Log.w(tag, "list voices failed: ${err.message ?: err::class.simpleName}")
+          null
+        }
      } else {
        null
      }
+    resolvedPlaybackVoice?.let { resolved ->
+      fallbackVoiceId = resolved.fallbackVoiceId
+      defaultVoiceId = resolved.defaultVoiceId
+      currentVoiceId = resolved.currentVoiceId
+      resolved.selectedVoiceName?.let { name ->
+        resolved.voiceId?.let { voiceId ->
+          Log.d(tag, "default voice selected $name ($voiceId)")
+        }
+      }
+    }
+    val voiceId = resolvedPlaybackVoice?.voiceId

    _statusText.value = "Speaking…"
    _isSpeaking.value = true
@@ -1393,60 +1375,64 @@ private const val defaultTalkProvider = "elevenlabs"
    try {
      val res = session.request("talk.config", """{"includeSecrets":true}""")
      val root = json.parseToJsonElement(res).asObjectOrNull()
-      val config = root?.get("config").asObjectOrNull()
-      val talk = config?.get("talk").asObjectOrNull()
-      val selection = selectTalkProviderConfig(talk)
-      val activeProvider = selection?.provider ?: defaultTalkProvider
-      val activeConfig = selection?.config
-      val sessionCfg = config?.get("session").asObjectOrNull()
-      val mainKey = normalizeMainKey(sessionCfg?.get("mainKey").asStringOrNull())
-      val voice = activeConfig?.get("voiceId")?.asStringOrNull()?.trim()?.takeIf { it.isNotEmpty() }
-      val aliases =
-        activeConfig?.get("voiceAliases").asObjectOrNull()?.entries?.mapNotNull { (key, value) ->
-          val id = value.asStringOrNull()?.trim()?.takeIf { it.isNotEmpty() } ?: return@mapNotNull null
-          normalizeAliasKey(key).takeIf { it.isNotEmpty() }?.let { it to id }
-        }?.toMap().orEmpty()
-      val model = activeConfig?.get("modelId")?.asStringOrNull()?.trim()?.takeIf { it.isNotEmpty() }
-      val outputFormat =
-        activeConfig?.get("outputFormat")?.asStringOrNull()?.trim()?.takeIf { it.isNotEmpty() }
-      val key = activeConfig?.get("apiKey")?.asStringOrNull()?.trim()?.takeIf { it.isNotEmpty() }
-      val interrupt = talk?.get("interruptOnSpeech")?.asBooleanOrNull()
+      val parsed =
+        TalkModeGatewayConfigParser.parse(
+          config = root?.get("config").asObjectOrNull(),
+          defaultProvider = defaultTalkProvider,
+          defaultModelIdFallback = defaultModelIdFallback,
+          defaultOutputFormatFallback = defaultOutputFormatFallback,
+          envVoice = envVoice,
+          sagVoice = sagVoice,
+          envKey = envKey,
+        )
+      if (parsed.missingResolvedPayload) {
+        Log.w(tag, "talk config ignored: normalized payload missing talk.resolved")
+      }

      if (!isCanonicalMainSessionKey(mainSessionKey)) {
-        mainSessionKey = mainKey
+        mainSessionKey = parsed.mainSessionKey
      }
-      defaultVoiceId =
-        if (activeProvider == defaultTalkProvider) {
-          voice ?: envVoice?.takeIf { it.isNotEmpty() } ?: sagVoice?.takeIf { it.isNotEmpty() }
-        } else {
-          voice
-        }
-      voiceAliases = aliases
+      defaultVoiceId = parsed.defaultVoiceId
+      voiceAliases = parsed.voiceAliases
      if (!voiceOverrideActive) currentVoiceId = defaultVoiceId
-      defaultModelId = model ?: defaultModelIdFallback
+      defaultModelId = parsed.defaultModelId
      if (!modelOverrideActive) currentModelId = defaultModelId
-      defaultOutputFormat = outputFormat ?: defaultOutputFormatFallback
-      apiKey = key ?: envKey?.takeIf { it.isNotEmpty() }
-      Log.d(tag, "reloadConfig apiKey=${if (apiKey != null) "set" else "null"} voiceId=$defaultVoiceId")
-      if (interrupt != null) interruptOnSpeech = interrupt
-      activeProviderIsElevenLabs = activeProvider == defaultTalkProvider
+      defaultOutputFormat = parsed.defaultOutputFormat
+      apiKey = parsed.apiKey
+      silenceWindowMs = parsed.silenceTimeoutMs
+      Log.d(
+        tag,
+        "reloadConfig apiKey=${if (apiKey != null) "set" else "null"} voiceId=$defaultVoiceId silenceTimeoutMs=${parsed.silenceTimeoutMs}",
+      )
+      if (parsed.interruptOnSpeech != null) interruptOnSpeech = parsed.interruptOnSpeech
+      activeProviderIsElevenLabs = parsed.activeProvider == defaultTalkProvider
      if (!activeProviderIsElevenLabs) {
        // Clear ElevenLabs credentials so playAssistant won't attempt ElevenLabs calls
        apiKey = null
        defaultVoiceId = null
        if (!voiceOverrideActive) currentVoiceId = null
-        Log.w(tag, "talk provider $activeProvider unsupported; using system voice fallback")
-      } else if (selection?.normalizedPayload == true) {
+        Log.w(tag, "talk provider ${parsed.activeProvider} unsupported; using system voice fallback")
+      } else if (parsed.normalizedPayload) {
        Log.d(tag, "talk config provider=elevenlabs")
      }
      configLoaded = true
    } catch (_: Throwable) {
-      defaultVoiceId = envVoice?.takeIf { it.isNotEmpty() } ?: sagVoice?.takeIf { it.isNotEmpty() }
-      defaultModelId = defaultModelIdFallback
+      val fallback =
+        TalkModeGatewayConfigParser.fallback(
+          defaultProvider = defaultTalkProvider,
+          defaultModelIdFallback = defaultModelIdFallback,
+          defaultOutputFormatFallback = defaultOutputFormatFallback,
+          envVoice = envVoice,
+          sagVoice = sagVoice,
+          envKey = envKey,
+        )
+      silenceWindowMs = fallback.silenceTimeoutMs
+      defaultVoiceId = fallback.defaultVoiceId
+      defaultModelId = fallback.defaultModelId
      if (!modelOverrideActive) currentModelId = defaultModelId
-      apiKey = envKey?.takeIf { it.isNotEmpty() }
-      voiceAliases = emptyMap()
-      defaultOutputFormat = defaultOutputFormatFallback
+      apiKey = fallback.apiKey
+      voiceAliases = fallback.voiceAliases
+      defaultOutputFormat = fallback.defaultOutputFormat
      // Keep config load retryable after transient fetch failures.
      configLoaded = false
    }
@@ -1740,82 +1726,6 @@ private const val defaultTalkProvider = "elevenlabs"
    }
  }

-  private fun resolveVoiceAlias(value: String?): String? {
-    val trimmed = value?.trim().orEmpty()
-    if (trimmed.isEmpty()) return null
-    val normalized = normalizeAliasKey(trimmed)
-    voiceAliases[normalized]?.let { return it }
-    if (voiceAliases.values.any { it.equals(trimmed, ignoreCase = true) }) return trimmed
-    return if (isLikelyVoiceId(trimmed)) trimmed else null
-  }
-
-  private suspend fun resolveVoiceId(preferred: String?, apiKey: String): String? {
-    val trimmed = preferred?.trim().orEmpty()
-    if (trimmed.isNotEmpty()) {
-      val resolved = resolveVoiceAlias(trimmed)
-      // If it resolves as an alias, use the alias target.
-      // Otherwise treat it as a direct voice ID (e.g. "21m00Tcm4TlvDq8ikWAM").
-      return resolved ?: trimmed
-    }
-    fallbackVoiceId?.let { return it }
-
-    return try {
-      val voices = listVoices(apiKey)
-      val first = voices.firstOrNull() ?: return null
-      fallbackVoiceId = first.voiceId
-      if (defaultVoiceId.isNullOrBlank()) {
-        defaultVoiceId = first.voiceId
-      }
-      if (!voiceOverrideActive) {
-        currentVoiceId = first.voiceId
-      }
-      val name = first.name ?: "unknown"
-      Log.d(tag, "default voice selected $name (${first.voiceId})")
-      first.voiceId
-    } catch (err: Throwable) {
-      Log.w(tag, "list voices failed: ${err.message ?: err::class.simpleName}")
-      null
-    }
-  }
-
-  private suspend fun listVoices(apiKey: String): List<ElevenLabsVoice> {
-    return withContext(Dispatchers.IO) {
-      val url = URL("https://api.elevenlabs.io/v1/voices")
-      val conn = url.openConnection() as HttpURLConnection
-      conn.requestMethod = "GET"
-      conn.connectTimeout = 15_000
-      conn.readTimeout = 15_000
-      conn.setRequestProperty("xi-api-key", apiKey)
-
-      val code = conn.responseCode
-      val stream = if (code >= 400) conn.errorStream else conn.inputStream
-      val data = stream.readBytes()
-      if (code >= 400) {
-        val message = data.toString(Charsets.UTF_8)
-        throw IllegalStateException("ElevenLabs voices failed: $code $message")
-      }
-
-      val root = json.parseToJsonElement(data.toString(Charsets.UTF_8)).asObjectOrNull()
-      val voices = (root?.get("voices") as? JsonArray) ?: JsonArray(emptyList())
-      voices.mapNotNull { entry ->
-        val obj = entry.asObjectOrNull() ?: return@mapNotNull null
-        val voiceId = obj["voice_id"].asStringOrNull() ?: return@mapNotNull null
-        val name = obj["name"].asStringOrNull()
-        ElevenLabsVoice(voiceId, name)
-      }
-    }
-  }
-
-  private fun isLikelyVoiceId(value: String): Boolean {
-    if (value.length < 10) return false
-    return value.all { it.isLetterOrDigit() || it == '-' || it == '_' }
-  }
-
-  private fun normalizeAliasKey(value: String): String =
-    value.trim().lowercase()
-
-  private data class ElevenLabsVoice(val voiceId: String, val name: String?)
-
  private val listener =
    object : RecognitionListener {
      override fun onReadyForSpeech(params: Bundle?) {
--- a/apps/android/app/src/main/java/ai/openclaw/app/voice/TalkModeVoiceResolver.kt
+++ b/apps/android/app/src/main/java/ai/openclaw/app/voice/TalkModeVoiceResolver.kt
@@ -0,0 +1,118 @@
+package ai.openclaw.app.voice
+
+import java.net.HttpURLConnection
+import java.net.URL
+import kotlinx.coroutines.Dispatchers
+import kotlinx.coroutines.withContext
+import kotlinx.serialization.json.Json
+import kotlinx.serialization.json.JsonArray
+import kotlinx.serialization.json.JsonElement
+import kotlinx.serialization.json.JsonObject
+import kotlinx.serialization.json.JsonPrimitive
+
+internal data class ElevenLabsVoice(val voiceId: String, val name: String?)
+
+internal data class TalkModeResolvedVoice(
+  val voiceId: String?,
+  val fallbackVoiceId: String?,
+  val defaultVoiceId: String?,
+  val currentVoiceId: String?,
+  val selectedVoiceName: String? = null,
+)
+
+internal object TalkModeVoiceResolver {
+  fun resolveVoiceAlias(value: String?, voiceAliases: Map<String, String>): String? {
+    val trimmed = value?.trim().orEmpty()
+    if (trimmed.isEmpty()) return null
+    val normalized = normalizeAliasKey(trimmed)
+    voiceAliases[normalized]?.let { return it }
+    if (voiceAliases.values.any { it.equals(trimmed, ignoreCase = true) }) return trimmed
+    return if (isLikelyVoiceId(trimmed)) trimmed else null
+  }
+
+  suspend fun resolveVoiceId(
+    preferred: String?,
+    fallbackVoiceId: String?,
+    defaultVoiceId: String?,
+    currentVoiceId: String?,
+    voiceOverrideActive: Boolean,
+    listVoices: suspend () -> List<ElevenLabsVoice>,
+  ): TalkModeResolvedVoice {
+    val trimmed = preferred?.trim().orEmpty()
+    if (trimmed.isNotEmpty()) {
+      return TalkModeResolvedVoice(
+        voiceId = trimmed,
+        fallbackVoiceId = fallbackVoiceId,
+        defaultVoiceId = defaultVoiceId,
+        currentVoiceId = currentVoiceId,
+      )
+    }
+    if (!fallbackVoiceId.isNullOrBlank()) {
+      return TalkModeResolvedVoice(
+        voiceId = fallbackVoiceId,
+        fallbackVoiceId = fallbackVoiceId,
+        defaultVoiceId = defaultVoiceId,
+        currentVoiceId = currentVoiceId,
+      )
+    }
+
+    val first = listVoices().firstOrNull()
+    if (first == null) {
+      return TalkModeResolvedVoice(
+        voiceId = null,
+        fallbackVoiceId = fallbackVoiceId,
+        defaultVoiceId = defaultVoiceId,
+        currentVoiceId = currentVoiceId,
+      )
+    }
+
+    return TalkModeResolvedVoice(
+      voiceId = first.voiceId,
+      fallbackVoiceId = first.voiceId,
+      defaultVoiceId = if (defaultVoiceId.isNullOrBlank()) first.voiceId else defaultVoiceId,
+      currentVoiceId = if (voiceOverrideActive) currentVoiceId else first.voiceId,
+      selectedVoiceName = first.name,
+    )
+  }
+
+  suspend fun listVoices(apiKey: String, json: Json): List<ElevenLabsVoice> {
+    return withContext(Dispatchers.IO) {
+      val url = URL("https://api.elevenlabs.io/v1/voices")
+      val conn = url.openConnection() as HttpURLConnection
+      conn.requestMethod = "GET"
+      conn.connectTimeout = 15_000
+      conn.readTimeout = 15_000
+      conn.setRequestProperty("xi-api-key", apiKey)
+
+      val code = conn.responseCode
+      val stream = if (code >= 400) conn.errorStream else conn.inputStream
+      val data = stream.readBytes()
+      if (code >= 400) {
+        val message = data.toString(Charsets.UTF_8)
+        throw IllegalStateException("ElevenLabs voices failed: $code $message")
+      }
+
+      val root = json.parseToJsonElement(data.toString(Charsets.UTF_8)).asObjectOrNull()
+      val voices = (root?.get("voices") as? JsonArray) ?: JsonArray(emptyList())
+      voices.mapNotNull { entry ->
+        val obj = entry.asObjectOrNull() ?: return@mapNotNull null
+        val voiceId = obj["voice_id"].asStringOrNull() ?: return@mapNotNull null
+        val name = obj["name"].asStringOrNull()
+        ElevenLabsVoice(voiceId, name)
+      }
+    }
+  }
+
+  private fun isLikelyVoiceId(value: String): Boolean {
+    if (value.length < 10) return false
+    return value.all { it.isLetterOrDigit() || it == '-' || it == '_' }
+  }
+
+  private fun normalizeAliasKey(value: String): String =
+    value.trim().lowercase()
+}
+
+private fun JsonElement?.asObjectOrNull(): JsonObject? = this as? JsonObject
+
+private fun JsonElement?.asStringOrNull(): String? =
+  (this as? JsonPrimitive)?.takeIf { it.isString }?.content
--- a/apps/android/app/src/main/res/mipmap-hdpi/ic_launcher.png
+++ b/apps/android/app/src/main/res/mipmap-hdpi/ic_launcher.png
--- a/apps/android/app/src/main/res/mipmap-hdpi/ic_launcher_foreground.png
+++ b/apps/android/app/src/main/res/mipmap-hdpi/ic_launcher_foreground.png
--- a/apps/android/app/src/main/res/mipmap-mdpi/ic_launcher.png
+++ b/apps/android/app/src/main/res/mipmap-mdpi/ic_launcher.png
--- a/apps/android/app/src/main/res/mipmap-mdpi/ic_launcher_foreground.png
+++ b/apps/android/app/src/main/res/mipmap-mdpi/ic_launcher_foreground.png
--- a/apps/android/app/src/main/res/mipmap-xhdpi/ic_launcher.png
+++ b/apps/android/app/src/main/res/mipmap-xhdpi/ic_launcher.png
--- a/apps/android/app/src/main/res/mipmap-xhdpi/ic_launcher_foreground.png
+++ b/apps/android/app/src/main/res/mipmap-xhdpi/ic_launcher_foreground.png
--- a/apps/android/app/src/main/res/mipmap-xxhdpi/ic_launcher.png
+++ b/apps/android/app/src/main/res/mipmap-xxhdpi/ic_launcher.png
--- a/apps/android/app/src/main/res/mipmap-xxhdpi/ic_launcher_foreground.png
+++ b/apps/android/app/src/main/res/mipmap-xxhdpi/ic_launcher_foreground.png
--- a/apps/android/app/src/main/res/mipmap-xxxhdpi/ic_launcher.png
+++ b/apps/android/app/src/main/res/mipmap-xxxhdpi/ic_launcher.png
--- a/apps/android/app/src/main/res/mipmap-xxxhdpi/ic_launcher_foreground.png
+++ b/apps/android/app/src/main/res/mipmap-xxxhdpi/ic_launcher_foreground.png
--- a/apps/android/app/src/main/res/values/colors.xml
+++ b/apps/android/app/src/main/res/values/colors.xml
@@ -1,3 +1,3 @@
 <resources>
-    <color name="ic_launcher_background">#0A0A0A</color>
+    <color name="ic_launcher_background">#DD1A08</color>
 </resources>
--- a/apps/android/app/src/test/java/ai/openclaw/app/SecurePrefsTest.kt
+++ b/apps/android/app/src/test/java/ai/openclaw/app/SecurePrefsTest.kt
@@ -0,0 +1,23 @@
+package ai.openclaw.app
+
+import android.content.Context
+import org.junit.Assert.assertEquals
+import org.junit.Test
+import org.junit.runner.RunWith
+import org.robolectric.RobolectricTestRunner
+import org.robolectric.RuntimeEnvironment
+
+@RunWith(RobolectricTestRunner::class)
+class SecurePrefsTest {
+  @Test
+  fun loadLocationMode_migratesLegacyAlwaysValue() {
+    val context = RuntimeEnvironment.getApplication()
+    val plainPrefs = context.getSharedPreferences("openclaw.node", Context.MODE_PRIVATE)
+    plainPrefs.edit().clear().putString("location.enabledMode", "always").commit()
+
+    val prefs = SecurePrefs(context)
+
+    assertEquals(LocationMode.WhileUsing, prefs.locationMode.value)
+    assertEquals("whileUsing", plainPrefs.getString("location.enabledMode", null))
+  }
+}
--- a/apps/android/app/src/test/java/ai/openclaw/app/node/AppUpdateHandlerTest.kt
+++ b/apps/android/app/src/test/java/ai/openclaw/app/node/AppUpdateHandlerTest.kt
@@ -1,65 +0,0 @@
-package ai.openclaw.app.node
-
-import java.io.File
-import org.junit.Assert.assertEquals
-import org.junit.Assert.assertThrows
-import org.junit.Test
-
-class AppUpdateHandlerTest {
-  @Test
-  fun parseAppUpdateRequest_acceptsHttpsWithMatchingHost() {
-    val req =
-      parseAppUpdateRequest(
-        paramsJson =
-          """{"url":"https://gw.example.com/releases/openclaw.apk","sha256":"${"a".repeat(64)}"}""",
-        connectedHost = "gw.example.com",
-      )
-
-    assertEquals("https://gw.example.com/releases/openclaw.apk", req.url)
-    assertEquals("a".repeat(64), req.expectedSha256)
-  }
-
-  @Test
-  fun parseAppUpdateRequest_rejectsNonHttps() {
-    assertThrows(IllegalArgumentException::class.java) {
-      parseAppUpdateRequest(
-        paramsJson = """{"url":"http://gw.example.com/releases/openclaw.apk","sha256":"${"a".repeat(64)}"}""",
-        connectedHost = "gw.example.com",
-      )
-    }
-  }
-
-  @Test
-  fun parseAppUpdateRequest_rejectsHostMismatch() {
-    assertThrows(IllegalArgumentException::class.java) {
-      parseAppUpdateRequest(
-        paramsJson = """{"url":"https://evil.example.com/releases/openclaw.apk","sha256":"${"a".repeat(64)}"}""",
-        connectedHost = "gw.example.com",
-      )
-    }
-  }
-
-  @Test
-  fun parseAppUpdateRequest_rejectsInvalidSha256() {
-    assertThrows(IllegalArgumentException::class.java) {
-      parseAppUpdateRequest(
-        paramsJson = """{"url":"https://gw.example.com/releases/openclaw.apk","sha256":"bad"}""",
-        connectedHost = "gw.example.com",
-      )
-    }
-  }
-
-  @Test
-  fun sha256Hex_computesExpectedDigest() {
-    val tmp = File.createTempFile("openclaw-update-hash", ".bin")
-    try {
-      tmp.writeText("hello", Charsets.UTF_8)
-      assertEquals(
-        "2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824", // pragma: allowlist secret
-        sha256Hex(tmp),
-      )
-    } finally {
-      tmp.delete()
-    }
-  }
-}
--- a/apps/android/app/src/test/java/ai/openclaw/app/node/DeviceHandlerTest.kt
+++ b/apps/android/app/src/test/java/ai/openclaw/app/node/DeviceHandlerTest.kt
@@ -87,7 +87,6 @@ class DeviceHandlerTest {
        "camera",
        "microphone",
        "location",
-        "backgroundLocation",
        "sms",
        "notificationListener",
        "notifications",
@@ -95,7 +94,6 @@ class DeviceHandlerTest {
        "contacts",
        "calendar",
        "motion",
-        "screenCapture",
      )
    for (key in expected) {
      val state = permissions.getValue(key).jsonObject
--- a/apps/android/app/src/test/java/ai/openclaw/app/node/InvokeCommandRegistryTest.kt
+++ b/apps/android/app/src/test/java/ai/openclaw/app/node/InvokeCommandRegistryTest.kt
@@ -19,11 +19,9 @@ class InvokeCommandRegistryTest {
  private val coreCapabilities =
    setOf(
      OpenClawCapability.Canvas.rawValue,
-      OpenClawCapability.Screen.rawValue,
      OpenClawCapability.Device.rawValue,
      OpenClawCapability.Notifications.rawValue,
      OpenClawCapability.System.rawValue,
-      OpenClawCapability.AppUpdate.rawValue,
      OpenClawCapability.Photos.rawValue,
      OpenClawCapability.Contacts.rawValue,
      OpenClawCapability.Calendar.rawValue,
@@ -52,7 +50,6 @@ class InvokeCommandRegistryTest {
      OpenClawContactsCommand.Add.rawValue,
      OpenClawCalendarCommand.Events.rawValue,
      OpenClawCalendarCommand.Add.rawValue,
-      "app.update",
    )

  private val optionalCommands =
--- a/apps/android/app/src/test/java/ai/openclaw/app/protocol/OpenClawProtocolConstantsTest.kt
+++ b/apps/android/app/src/test/java/ai/openclaw/app/protocol/OpenClawProtocolConstantsTest.kt
@@ -24,14 +24,12 @@ class OpenClawProtocolConstantsTest {
  fun capabilitiesUseStableStrings() {
    assertEquals("canvas", OpenClawCapability.Canvas.rawValue)
    assertEquals("camera", OpenClawCapability.Camera.rawValue)
-    assertEquals("screen", OpenClawCapability.Screen.rawValue)
    assertEquals("voiceWake", OpenClawCapability.VoiceWake.rawValue)
    assertEquals("location", OpenClawCapability.Location.rawValue)
    assertEquals("sms", OpenClawCapability.Sms.rawValue)
    assertEquals("device", OpenClawCapability.Device.rawValue)
    assertEquals("notifications", OpenClawCapability.Notifications.rawValue)
    assertEquals("system", OpenClawCapability.System.rawValue)
-    assertEquals("appUpdate", OpenClawCapability.AppUpdate.rawValue)
    assertEquals("photos", OpenClawCapability.Photos.rawValue)
    assertEquals("contacts", OpenClawCapability.Contacts.rawValue)
    assertEquals("calendar", OpenClawCapability.Calendar.rawValue)
@@ -45,11 +43,6 @@ class OpenClawProtocolConstantsTest {
    assertEquals("camera.clip", OpenClawCameraCommand.Clip.rawValue)
  }

-  @Test
-  fun screenCommandsUseStableStrings() {
-    assertEquals("screen.record", OpenClawScreenCommand.Record.rawValue)
-  }
-
  @Test
  fun notificationsCommandsUseStableStrings() {
    assertEquals("notifications.list", OpenClawNotificationsCommand.List.rawValue)
--- a/apps/android/app/src/test/java/ai/openclaw/app/voice/TalkModeConfigContractTest.kt
+++ b/apps/android/app/src/test/java/ai/openclaw/app/voice/TalkModeConfigContractTest.kt
@@ -0,0 +1,100 @@
+package ai.openclaw.app.voice
+
+import java.io.File
+import kotlinx.serialization.SerialName
+import kotlinx.serialization.Serializable
+import kotlinx.serialization.json.Json
+import kotlinx.serialization.json.JsonObject
+import kotlinx.serialization.json.JsonPrimitive
+import org.junit.Assert.assertEquals
+import org.junit.Assert.assertNotNull
+import org.junit.Assert.assertNull
+import org.junit.Test
+
+@Serializable
+private data class TalkConfigContractFixture(
+  @SerialName("selectionCases") val selectionCases: List<SelectionCase>,
+  @SerialName("timeoutCases") val timeoutCases: List<TimeoutCase>,
+) {
+  @Serializable
+  data class SelectionCase(
+    val id: String,
+    val defaultProvider: String,
+    val payloadValid: Boolean,
+    val expectedSelection: ExpectedSelection? = null,
+    val talk: JsonObject,
+  )
+
+  @Serializable
+  data class ExpectedSelection(
+    val provider: String,
+    val normalizedPayload: Boolean,
+    val voiceId: String? = null,
+    val apiKey: String? = null,
+  )
+
+  @Serializable
+  data class TimeoutCase(
+    val id: String,
+    val fallback: Long,
+    val expectedTimeoutMs: Long,
+    val talk: JsonObject,
+  )
+}
+
+class TalkModeConfigContractTest {
+  private val json = Json { ignoreUnknownKeys = true }
+
+  @Test
+  fun selectionFixtures() {
+    for (fixture in loadFixtures().selectionCases) {
+      val selection = TalkModeGatewayConfigParser.selectTalkProviderConfig(fixture.talk)
+      val expected = fixture.expectedSelection
+      if (expected == null) {
+        assertNull(fixture.id, selection)
+        continue
+      }
+      assertNotNull(fixture.id, selection)
+      assertEquals(fixture.id, expected.provider, selection?.provider)
+      assertEquals(fixture.id, expected.normalizedPayload, selection?.normalizedPayload)
+      assertEquals(
+        fixture.id,
+        expected.voiceId,
+        (selection?.config?.get("voiceId") as? JsonPrimitive)?.content,
+      )
+      assertEquals(
+        fixture.id,
+        expected.apiKey,
+        (selection?.config?.get("apiKey") as? JsonPrimitive)?.content,
+      )
+      assertEquals(fixture.id, true, fixture.payloadValid)
+    }
+  }
+
+  @Test
+  fun timeoutFixtures() {
+    for (fixture in loadFixtures().timeoutCases) {
+      val timeout = TalkModeGatewayConfigParser.resolvedSilenceTimeoutMs(fixture.talk)
+      assertEquals(fixture.id, fixture.expectedTimeoutMs, timeout)
+      assertEquals(fixture.id, TalkDefaults.defaultSilenceTimeoutMs, fixture.fallback)
+    }
+  }
+
+  private fun loadFixtures(): TalkConfigContractFixture {
+    val fixturePath = findFixtureFile()
+    return json.decodeFromString(File(fixturePath).readText())
+  }
+
+  private fun findFixtureFile(): String {
+    val startDir = System.getProperty("user.dir") ?: error("user.dir unavailable")
+    var current = File(startDir).absoluteFile
+    while (true) {
+      val candidate = File(current, "test-fixtures/talk-config-contract.json")
+      if (candidate.exists()) {
+        return candidate.absolutePath
+      }
+      current = current.parentFile ?: break
+    }
+    error("talk-config-contract.json not found from $startDir")
+  }
+}
--- a/apps/android/app/src/test/java/ai/openclaw/app/voice/TalkModeConfigParsingTest.kt
+++ b/apps/android/app/src/test/java/ai/openclaw/app/voice/TalkModeConfigParsingTest.kt
@@ -13,6 +13,36 @@ import org.junit.Test
 class TalkModeConfigParsingTest {
  private val json = Json { ignoreUnknownKeys = true }

+  @Test
+  fun prefersCanonicalResolvedTalkProviderPayload() {
+    val talk =
+      json.parseToJsonElement(
+          """
+          {
+            "resolved": {
+              "provider": "elevenlabs",
+              "config": {
+                "voiceId": "voice-resolved"
+              }
+            },
+            "provider": "elevenlabs",
+            "providers": {
+              "elevenlabs": {
+                "voiceId": "voice-normalized"
+              }
+            }
+          }
+          """.trimIndent(),
+        )
+        .jsonObject
+
+    val selection = TalkModeGatewayConfigParser.selectTalkProviderConfig(talk)
+    assertNotNull(selection)
+    assertEquals("elevenlabs", selection?.provider)
+    assertTrue(selection?.normalizedPayload == true)
+    assertEquals("voice-resolved", selection?.config?.get("voiceId")?.jsonPrimitive?.content)
+  }
+
  @Test
  fun prefersNormalizedTalkProviderPayload() {
    val talk =
@@ -31,11 +61,52 @@ class TalkModeConfigParsingTest {
        )
        .jsonObject

-    val selection = TalkModeManager.selectTalkProviderConfig(talk)
-    assertNotNull(selection)
-    assertEquals("elevenlabs", selection?.provider)
-    assertTrue(selection?.normalizedPayload == true)
-    assertEquals("voice-normalized", selection?.config?.get("voiceId")?.jsonPrimitive?.content)
+    val selection = TalkModeGatewayConfigParser.selectTalkProviderConfig(talk)
+    assertEquals(null, selection)
+  }
+
+  @Test
+  fun rejectsNormalizedTalkProviderPayloadWhenProviderMissingFromProviders() {
+    val talk =
+      json.parseToJsonElement(
+          """
+          {
+            "provider": "acme",
+            "providers": {
+              "elevenlabs": {
+                "voiceId": "voice-normalized"
+              }
+            }
+          }
+          """.trimIndent(),
+        )
+        .jsonObject
+
+    val selection = TalkModeGatewayConfigParser.selectTalkProviderConfig(talk)
+    assertEquals(null, selection)
+  }
+
+  @Test
+  fun rejectsNormalizedTalkProviderPayloadWhenProviderIsAmbiguous() {
+    val talk =
+      json.parseToJsonElement(
+          """
+          {
+            "providers": {
+              "acme": {
+                "voiceId": "voice-acme"
+              },
+              "elevenlabs": {
+                "voiceId": "voice-normalized"
+              }
+            }
+          }
+          """.trimIndent(),
+        )
+        .jsonObject
+
+    val selection = TalkModeGatewayConfigParser.selectTalkProviderConfig(talk)
+    assertEquals(null, selection)
  }

  @Test
@@ -47,11 +118,46 @@ class TalkModeConfigParsingTest {
        put("apiKey", legacyApiKey) // pragma: allowlist secret
      }

-    val selection = TalkModeManager.selectTalkProviderConfig(talk)
+    val selection = TalkModeGatewayConfigParser.selectTalkProviderConfig(talk)
    assertNotNull(selection)
    assertEquals("elevenlabs", selection?.provider)
    assertTrue(selection?.normalizedPayload == false)
    assertEquals("voice-legacy", selection?.config?.get("voiceId")?.jsonPrimitive?.content)
    assertEquals("legacy-key", selection?.config?.get("apiKey")?.jsonPrimitive?.content)
  }
+
+  @Test
+  fun readsConfiguredSilenceTimeoutMs() {
+    val talk = buildJsonObject { put("silenceTimeoutMs", 1500) }
+
+    assertEquals(1500L, TalkModeGatewayConfigParser.resolvedSilenceTimeoutMs(talk))
+  }
+
+  @Test
+  fun defaultsSilenceTimeoutMsWhenMissing() {
+    assertEquals(
+      TalkDefaults.defaultSilenceTimeoutMs,
+      TalkModeGatewayConfigParser.resolvedSilenceTimeoutMs(null),
+    )
+  }
+
+  @Test
+  fun defaultsSilenceTimeoutMsWhenInvalid() {
+    val talk = buildJsonObject { put("silenceTimeoutMs", 0) }
+
+    assertEquals(
+      TalkDefaults.defaultSilenceTimeoutMs,
+      TalkModeGatewayConfigParser.resolvedSilenceTimeoutMs(talk),
+    )
+  }
+
+  @Test
+  fun defaultsSilenceTimeoutMsWhenString() {
+    val talk = buildJsonObject { put("silenceTimeoutMs", "1500") }
+
+    assertEquals(
+      TalkDefaults.defaultSilenceTimeoutMs,
+      TalkModeGatewayConfigParser.resolvedSilenceTimeoutMs(talk),
+    )
+  }
 }
--- a/apps/android/app/src/test/java/ai/openclaw/app/voice/TalkModeVoiceResolverTest.kt
+++ b/apps/android/app/src/test/java/ai/openclaw/app/voice/TalkModeVoiceResolverTest.kt
@@ -0,0 +1,92 @@
+package ai.openclaw.app.voice
+
+import kotlinx.coroutines.runBlocking
+import org.junit.Assert.assertEquals
+import org.junit.Assert.assertNull
+import org.junit.Test
+
+class TalkModeVoiceResolverTest {
+  @Test
+  fun resolvesVoiceAliasCaseInsensitively() {
+    val resolved =
+      TalkModeVoiceResolver.resolveVoiceAlias(
+        " Clawd ",
+        mapOf("clawd" to "voice-123"),
+      )
+
+    assertEquals("voice-123", resolved)
+  }
+
+  @Test
+  fun acceptsDirectVoiceIds() {
+    val resolved = TalkModeVoiceResolver.resolveVoiceAlias("21m00Tcm4TlvDq8ikWAM", emptyMap())
+
+    assertEquals("21m00Tcm4TlvDq8ikWAM", resolved)
+  }
+
+  @Test
+  fun rejectsUnknownAliases() {
+    val resolved = TalkModeVoiceResolver.resolveVoiceAlias("nickname", emptyMap())
+
+    assertNull(resolved)
+  }
+
+  @Test
+  fun reusesCachedFallbackVoiceBeforeFetchingCatalog() =
+    runBlocking {
+      var fetchCount = 0
+
+      val resolved =
+        TalkModeVoiceResolver.resolveVoiceId(
+          preferred = null,
+          fallbackVoiceId = "cached-voice",
+          defaultVoiceId = null,
+          currentVoiceId = null,
+          voiceOverrideActive = false,
+          listVoices = {
+            fetchCount += 1
+            emptyList()
+          },
+        )
+
+      assertEquals("cached-voice", resolved.voiceId)
+      assertEquals(0, fetchCount)
+    }
+
+  @Test
+  fun seedsDefaultVoiceFromCatalogWhenNeeded() =
+    runBlocking {
+      val resolved =
+        TalkModeVoiceResolver.resolveVoiceId(
+          preferred = null,
+          fallbackVoiceId = null,
+          defaultVoiceId = null,
+          currentVoiceId = null,
+          voiceOverrideActive = false,
+          listVoices = { listOf(ElevenLabsVoice("voice-1", "First")) },
+        )
+
+      assertEquals("voice-1", resolved.voiceId)
+      assertEquals("voice-1", resolved.fallbackVoiceId)
+      assertEquals("voice-1", resolved.defaultVoiceId)
+      assertEquals("voice-1", resolved.currentVoiceId)
+      assertEquals("First", resolved.selectedVoiceName)
+    }
+
+  @Test
+  fun preservesCurrentVoiceWhenOverrideIsActive() =
+    runBlocking {
+      val resolved =
+        TalkModeVoiceResolver.resolveVoiceId(
+          preferred = null,
+          fallbackVoiceId = null,
+          defaultVoiceId = null,
+          currentVoiceId = null,
+          voiceOverrideActive = true,
+          listVoices = { listOf(ElevenLabsVoice("voice-1", "First")) },
+        )
+
+      assertEquals("voice-1", resolved.voiceId)
+      assertNull(resolved.currentVoiceId)
+    }
+}
--- a/apps/ios/ActivityWidget/Info.plist
+++ b/apps/ios/ActivityWidget/Info.plist
@@ -17,9 +17,9 @@
 	<key>CFBundlePackageType</key>
 	<string>XPC!</string>
 	<key>CFBundleShortVersionString</key>
-	<string>2026.3.7</string>
+	<string>2026.3.8</string>
 	<key>CFBundleVersion</key>
-	<string>20260307</string>
+	<string>20260308</string>
 	<key>NSExtension</key>
 	<dict>
 		<key>NSExtensionPointIdentifier</key>
--- a/apps/ios/ShareExtension/Info.plist
+++ b/apps/ios/ShareExtension/Info.plist
@@ -17,9 +17,9 @@
 	<key>CFBundlePackageType</key>
 	<string>XPC!</string>
 	<key>CFBundleShortVersionString</key>
-	<string>2026.3.7</string>
+	<string>2026.3.8</string>
 	<key>CFBundleVersion</key>
-	<string>20260307</string>
+	<string>20260308</string>
 	<key>NSExtension</key>
 	<dict>
 		<key>NSExtensionAttributes</key>
--- a/apps/ios/Sources/Info.plist
+++ b/apps/ios/Sources/Info.plist
@@ -23,7 +23,7 @@
 	<key>CFBundlePackageType</key>
 	<string>APPL</string>
 	<key>CFBundleShortVersionString</key>
-	<string>2026.3.7</string>
+	<string>2026.3.8</string>
 	<key>CFBundleURLTypes</key>
 	<array>
 		<dict>
@@ -36,7 +36,7 @@
 		</dict>
 	</array>
 	<key>CFBundleVersion</key>
-	<string>20260307</string>
+	<string>20260308</string>
 	<key>ITSAppUsesNonExemptEncryption</key>
 	<false/>
 	<key>NSAppTransportSecurity</key>
--- a/apps/ios/Sources/Model/NodeAppModel.swift
+++ b/apps/ios/Sources/Model/NodeAppModel.swift
@@ -129,8 +129,7 @@ final class NodeAppModel {
    private var backgroundReconnectSuppressed = false
    private var backgroundReconnectLeaseUntil: Date?
    private var lastSignificantLocationWakeAt: Date?
-    private var queuedWatchReplies: [WatchQuickReplyEvent] = []
-    private var seenWatchReplyIds = Set<String>()
+    @ObservationIgnored private let watchReplyCoordinator = WatchReplyCoordinator()

    private var gatewayConnected = false
    private var operatorConnected = false
@@ -2199,37 +2198,22 @@ extension NodeAppModel {
    }

    private func handleWatchQuickReply(_ event: WatchQuickReplyEvent) async {
-        let replyId = event.replyId.trimmingCharacters(in: .whitespacesAndNewlines)
-        let actionId = event.actionId.trimmingCharacters(in: .whitespacesAndNewlines)
-        if replyId.isEmpty || actionId.isEmpty {
+        switch self.watchReplyCoordinator.ingest(event, isGatewayConnected: await self.isGatewayConnected()) {
+        case .dropMissingFields:
            self.watchReplyLogger.info("watch reply dropped: missing replyId/actionId")
-            return
-        }
-
-        if self.seenWatchReplyIds.contains(replyId) {
+        case .deduped(let replyId):
            self.watchReplyLogger.debug(
                "watch reply deduped replyId=\(replyId, privacy: .public)")
-            return
-        }
-        self.seenWatchReplyIds.insert(replyId)
-
-        if await !self.isGatewayConnected() {
-            self.queuedWatchReplies.append(event)
+        case .queue(let replyId, let actionId):
            self.watchReplyLogger.info(
                "watch reply queued replyId=\(replyId, privacy: .public) action=\(actionId, privacy: .public)")
-            return
+        case .forward:
+            await self.forwardWatchReplyToAgent(event)
        }
-
-        await self.forwardWatchReplyToAgent(event)
    }

    private func flushQueuedWatchRepliesIfConnected() async {
-        guard await self.isGatewayConnected() else { return }
-        guard !self.queuedWatchReplies.isEmpty else { return }
-
-        let pending = self.queuedWatchReplies
-        self.queuedWatchReplies.removeAll()
-        for event in pending {
+        for event in self.watchReplyCoordinator.drainIfConnected(await self.isGatewayConnected()) {
            await self.forwardWatchReplyToAgent(event)
        }
    }
@@ -2259,7 +2243,7 @@ extension NodeAppModel {
                "watch reply forwarding failed replyId=\(event.replyId) "
                + "error=\(error.localizedDescription)"
            self.watchReplyLogger.error("\(failedMessage, privacy: .public)")
-            self.queuedWatchReplies.insert(event, at: 0)
+            self.watchReplyCoordinator.requeueFront(event)
        }
    }

@@ -2852,7 +2836,7 @@ extension NodeAppModel {
    }

    func _test_queuedWatchReplyCount() -> Int {
-        self.queuedWatchReplies.count
+        self.watchReplyCoordinator.queuedCount
    }

    func _test_setGatewayConnected(_ connected: Bool) {
--- a/apps/ios/Sources/Model/WatchReplyCoordinator.swift
+++ b/apps/ios/Sources/Model/WatchReplyCoordinator.swift
@@ -0,0 +1,46 @@
+import Foundation
+
+@MainActor
+final class WatchReplyCoordinator {
+    enum Decision {
+        case dropMissingFields
+        case deduped(replyId: String)
+        case queue(replyId: String, actionId: String)
+        case forward
+    }
+
+    private var queuedReplies: [WatchQuickReplyEvent] = []
+    private var seenReplyIds = Set<String>()
+
+    func ingest(_ event: WatchQuickReplyEvent, isGatewayConnected: Bool) -> Decision {
+        let replyId = event.replyId.trimmingCharacters(in: .whitespacesAndNewlines)
+        let actionId = event.actionId.trimmingCharacters(in: .whitespacesAndNewlines)
+        if replyId.isEmpty || actionId.isEmpty {
+            return .dropMissingFields
+        }
+        if self.seenReplyIds.contains(replyId) {
+            return .deduped(replyId: replyId)
+        }
+        self.seenReplyIds.insert(replyId)
+        if !isGatewayConnected {
+            self.queuedReplies.append(event)
+            return .queue(replyId: replyId, actionId: actionId)
+        }
+        return .forward
+    }
+
+    func drainIfConnected(_ isGatewayConnected: Bool) -> [WatchQuickReplyEvent] {
+        guard isGatewayConnected, !self.queuedReplies.isEmpty else { return [] }
+        let pending = self.queuedReplies
+        self.queuedReplies.removeAll()
+        return pending
+    }
+
+    func requeueFront(_ event: WatchQuickReplyEvent) {
+        self.queuedReplies.insert(event, at: 0)
+    }
+
+    var queuedCount: Int {
+        self.queuedReplies.count
+    }
+}
--- a/apps/ios/Sources/Voice/TalkDefaults.swift
+++ b/apps/ios/Sources/Voice/TalkDefaults.swift
@@ -0,0 +1,3 @@
+enum TalkDefaults {
+    static let silenceTimeoutMs = 900
+}
--- a/apps/ios/Sources/Voice/TalkModeGatewayConfig.swift
+++ b/apps/ios/Sources/Voice/TalkModeGatewayConfig.swift
@@ -0,0 +1,69 @@
+import Foundation
+import OpenClawKit
+
+struct TalkModeGatewayConfigState {
+    let activeProvider: String
+    let normalizedPayload: Bool
+    let missingResolvedPayload: Bool
+    let defaultVoiceId: String?
+    let voiceAliases: [String: String]
+    let defaultModelId: String
+    let defaultOutputFormat: String?
+    let rawConfigApiKey: String?
+    let interruptOnSpeech: Bool?
+    let silenceTimeoutMs: Int
+}
+
+enum TalkModeGatewayConfigParser {
+    static func parse(
+        config: [String: Any],
+        defaultProvider: String,
+        defaultModelIdFallback: String,
+        defaultSilenceTimeoutMs: Int
+    ) -> TalkModeGatewayConfigState {
+        let talk = TalkConfigParsing.bridgeFoundationDictionary(config["talk"] as? [String: Any])
+        let selection = TalkConfigParsing.selectProviderConfig(
+            talk,
+            defaultProvider: defaultProvider,
+            allowLegacyFallback: false)
+        let activeProvider = selection?.provider ?? defaultProvider
+        let activeConfig = selection?.config
+        let defaultVoiceId = activeConfig?["voiceId"]?.stringValue?
+            .trimmingCharacters(in: .whitespacesAndNewlines)
+        let voiceAliases: [String: String]
+        if let aliases = activeConfig?["voiceAliases"]?.dictionaryValue {
+            var resolved: [String: String] = [:]
+            for (key, value) in aliases {
+                guard let id = value.stringValue else { continue }
+                let normalizedKey = key.trimmingCharacters(in: .whitespacesAndNewlines).lowercased()
+                let trimmedId = id.trimmingCharacters(in: .whitespacesAndNewlines)
+                guard !normalizedKey.isEmpty, !trimmedId.isEmpty else { continue }
+                resolved[normalizedKey] = trimmedId
+            }
+            voiceAliases = resolved
+        } else {
+            voiceAliases = [:]
+        }
+        let model = activeConfig?["modelId"]?.stringValue?.trimmingCharacters(in: .whitespacesAndNewlines)
+        let defaultModelId = (model?.isEmpty == false) ? model! : defaultModelIdFallback
+        let defaultOutputFormat = activeConfig?["outputFormat"]?.stringValue?
+            .trimmingCharacters(in: .whitespacesAndNewlines)
+        let rawConfigApiKey = activeConfig?["apiKey"]?.stringValue?.trimmingCharacters(in: .whitespacesAndNewlines)
+        let interruptOnSpeech = talk?["interruptOnSpeech"]?.boolValue
+        let silenceTimeoutMs = TalkConfigParsing.resolvedSilenceTimeoutMs(
+            talk,
+            fallback: defaultSilenceTimeoutMs)
+
+        return TalkModeGatewayConfigState(
+            activeProvider: activeProvider,
+            normalizedPayload: selection?.normalizedPayload == true,
+            missingResolvedPayload: talk != nil && selection == nil,
+            defaultVoiceId: defaultVoiceId,
+            voiceAliases: voiceAliases,
+            defaultModelId: defaultModelId,
+            defaultOutputFormat: defaultOutputFormat,
+            rawConfigApiKey: rawConfigApiKey,
+            interruptOnSpeech: interruptOnSpeech,
+            silenceTimeoutMs: silenceTimeoutMs)
+    }
+}
--- a/apps/ios/Sources/Voice/TalkModeManager.swift
+++ b/apps/ios/Sources/Voice/TalkModeManager.swift
@@ -34,6 +34,7 @@ final class TalkModeManager: NSObject {
    private typealias SpeechRequest = SFSpeechAudioBufferRecognitionRequest
    private static let defaultModelIdFallback = "eleven_v3"
    private static let defaultTalkProvider = "elevenlabs"
+    private static let defaultSilenceTimeoutMs = TalkDefaults.silenceTimeoutMs
    private static let redactedConfigSentinel = "__OPENCLAW_REDACTED__"
    var isEnabled: Bool = false
    var isListening: Bool = false
@@ -97,7 +98,7 @@ final class TalkModeManager: NSObject {

    private var gateway: GatewayNodeSession?
    private var gatewayConnected = false
-    private let silenceWindow: TimeInterval = 0.9
+    private var silenceWindow: TimeInterval = TimeInterval(TalkModeManager.defaultSilenceTimeoutMs) / 1000
    private var lastAudioActivity: Date?
    private var noiseFloorSamples: [Double] = []
    private var noiseFloor: Double?
@@ -1969,38 +1970,6 @@ extension TalkModeManager {
        return trimmed
    }

-    struct TalkProviderConfigSelection {
-        let provider: String
-        let config: [String: Any]
-    }
-
-    private static func normalizedTalkProviderID(_ raw: String?) -> String? {
-        let trimmed = (raw ?? "").trimmingCharacters(in: .whitespacesAndNewlines).lowercased()
-        return trimmed.isEmpty ? nil : trimmed
-    }
-
-    static func selectTalkProviderConfig(_ talk: [String: Any]?) -> TalkProviderConfigSelection? {
-        guard let talk else { return nil }
-        let rawProvider = talk["provider"] as? String
-        let rawProviders = talk["providers"] as? [String: Any]
-        guard rawProvider != nil || rawProviders != nil else { return nil }
-        let providers = rawProviders ?? [:]
-        let normalizedProviders = providers.reduce(into: [String: [String: Any]]()) { acc, entry in
-            guard
-                let providerID = Self.normalizedTalkProviderID(entry.key),
-                let config = entry.value as? [String: Any]
-            else { return }
-            acc[providerID] = config
-        }
-        let providerID =
-            Self.normalizedTalkProviderID(rawProvider) ??
-            normalizedProviders.keys.min() ??
-            Self.defaultTalkProvider
-        return TalkProviderConfigSelection(
-            provider: providerID,
-            config: normalizedProviders[providerID] ?? [:])
-    }
-
    func reloadConfig() async {
        guard let gateway else { return }
        self.pcmFormatUnavailable = false
@@ -2012,40 +1981,27 @@ extension TalkModeManager {
            )
            guard let json = try JSONSerialization.jsonObject(with: res) as? [String: Any] else { return }
            guard let config = json["config"] as? [String: Any] else { return }
-            let talk = config["talk"] as? [String: Any]
-            let selection = Self.selectTalkProviderConfig(talk)
-            if talk != nil, selection == nil {
+            let parsed = TalkModeGatewayConfigParser.parse(
+                config: config,
+                defaultProvider: Self.defaultTalkProvider,
+                defaultModelIdFallback: Self.defaultModelIdFallback,
+                defaultSilenceTimeoutMs: Self.defaultSilenceTimeoutMs)
+            if parsed.missingResolvedPayload {
                GatewayDiagnostics.log(
-                    "talk config ignored: legacy payload unsupported on iOS beta; expected talk.provider/providers")
-            }
-            let activeProvider = selection?.provider ?? Self.defaultTalkProvider
-            let activeConfig = selection?.config
-            self.defaultVoiceId = (activeConfig?["voiceId"] as? String)?
-                .trimmingCharacters(in: .whitespacesAndNewlines)
-            if let aliases = activeConfig?["voiceAliases"] as? [String: Any] {
-                var resolved: [String: String] = [:]
-                for (key, value) in aliases {
-                    guard let id = value as? String else { continue }
-                    let normalizedKey = key.trimmingCharacters(in: .whitespacesAndNewlines).lowercased()
-                    let trimmedId = id.trimmingCharacters(in: .whitespacesAndNewlines)
-                    guard !normalizedKey.isEmpty, !trimmedId.isEmpty else { continue }
-                    resolved[normalizedKey] = trimmedId
-                }
-                self.voiceAliases = resolved
-            } else {
-                self.voiceAliases = [:]
+                    "talk config ignored: normalized payload missing talk.resolved")
            }
+            let activeProvider = parsed.activeProvider
+            self.defaultVoiceId = parsed.defaultVoiceId
+            self.voiceAliases = parsed.voiceAliases
            if !self.voiceOverrideActive {
                self.currentVoiceId = self.defaultVoiceId
            }
-            let model = (activeConfig?["modelId"] as? String)?.trimmingCharacters(in: .whitespacesAndNewlines)
-            self.defaultModelId = (model?.isEmpty == false) ? model : Self.defaultModelIdFallback
+            self.defaultModelId = parsed.defaultModelId
            if !self.modelOverrideActive {
                self.currentModelId = self.defaultModelId
            }
-            self.defaultOutputFormat = (activeConfig?["outputFormat"] as? String)?
-                .trimmingCharacters(in: .whitespacesAndNewlines)
-            let rawConfigApiKey = (activeConfig?["apiKey"] as? String)?.trimmingCharacters(in: .whitespacesAndNewlines)
+            self.defaultOutputFormat = parsed.defaultOutputFormat
+            let rawConfigApiKey = parsed.rawConfigApiKey
            let configApiKey = Self.normalizedTalkApiKey(rawConfigApiKey)
            let localApiKey = Self.normalizedTalkApiKey(
                GatewaySettingsStore.loadTalkProviderApiKey(provider: activeProvider))
@@ -2064,11 +2020,13 @@ extension TalkModeManager {
            self.gatewayTalkDefaultModelId = self.defaultModelId
            self.gatewayTalkApiKeyConfigured = (self.apiKey?.isEmpty == false)
            self.gatewayTalkConfigLoaded = true
-            if let interrupt = talk?["interruptOnSpeech"] as? Bool {
+            if let interrupt = parsed.interruptOnSpeech {
                self.interruptOnSpeech = interrupt
            }
-            if selection != nil {
-                GatewayDiagnostics.log("talk config provider=\(activeProvider)")
+            self.silenceWindow = TimeInterval(parsed.silenceTimeoutMs) / 1000
+            if parsed.normalizedPayload || parsed.defaultVoiceId != nil || parsed.rawConfigApiKey != nil {
+                GatewayDiagnostics.log(
+                    "talk config provider=\(activeProvider) silenceTimeoutMs=\(parsed.silenceTimeoutMs)")
            }
        } catch {
            self.defaultModelId = Self.defaultModelIdFallback
@@ -2079,6 +2037,7 @@ extension TalkModeManager {
            self.gatewayTalkDefaultModelId = nil
            self.gatewayTalkApiKeyConfigured = false
            self.gatewayTalkConfigLoaded = false
+            self.silenceWindow = TimeInterval(Self.defaultSilenceTimeoutMs) / 1000
        }
    }

--- a/apps/ios/SwiftSources.input.xcfilelist
+++ b/apps/ios/SwiftSources.input.xcfilelist
@@ -13,6 +13,7 @@ Sources/OpenClawApp.swift
 Sources/Location/LocationService.swift
 Sources/Model/NodeAppModel.swift
 Sources/Model/NodeAppModel+Canvas.swift
+Sources/Model/WatchReplyCoordinator.swift
 Sources/RootCanvas.swift
 Sources/RootTabs.swift
 Sources/Screen/ScreenController.swift
--- a/apps/ios/Tests/Info.plist
+++ b/apps/ios/Tests/Info.plist
@@ -17,8 +17,8 @@
 	<key>CFBundlePackageType</key>
 	<string>BNDL</string>
 	<key>CFBundleShortVersionString</key>
-	<string>2026.3.7</string>
+	<string>2026.3.8</string>
 	<key>CFBundleVersion</key>
-	<string>20260307</string>
+	<string>20260308</string>
 </dict>
 </plist>
--- a/apps/ios/Tests/Logic/TalkConfigParsingTests.swift
+++ b/apps/ios/Tests/Logic/TalkConfigParsingTests.swift
@@ -0,0 +1,75 @@
+import Foundation
+import OpenClawKit
+import Testing
+
+private let iOSSilenceTimeoutMs = 900
+
+@Suite struct TalkConfigParsingTests {
+    @Test func rejectsNormalizedTalkProviderPayloadWithoutResolved() {
+        let talk: [String: Any] = [
+            "provider": "elevenlabs",
+            "providers": [
+                "elevenlabs": [
+                    "voiceId": "voice-normalized",
+                ],
+            ],
+            "voiceId": "voice-legacy",
+        ]
+
+        let selection = TalkConfigParsing.selectProviderConfig(
+            TalkConfigParsing.bridgeFoundationDictionary(talk),
+            defaultProvider: "elevenlabs",
+            allowLegacyFallback: false)
+        #expect(selection == nil)
+    }
+
+    @Test func ignoresLegacyTalkFieldsWhenNormalizedPayloadMissing() {
+        let talk: [String: Any] = [
+            "voiceId": "voice-legacy",
+            "apiKey": "legacy-key", // pragma: allowlist secret
+        ]
+
+        let selection = TalkConfigParsing.selectProviderConfig(
+            TalkConfigParsing.bridgeFoundationDictionary(talk),
+            defaultProvider: "elevenlabs",
+            allowLegacyFallback: false)
+        #expect(selection == nil)
+    }
+
+    @Test func readsConfiguredSilenceTimeoutMs() {
+        let talk: [String: Any] = [
+            "silenceTimeoutMs": 1500,
+        ]
+
+        #expect(
+            TalkConfigParsing.resolvedSilenceTimeoutMs(
+                TalkConfigParsing.bridgeFoundationDictionary(talk),
+                fallback: iOSSilenceTimeoutMs) == 1500)
+    }
+
+    @Test func defaultsSilenceTimeoutMsWhenMissing() {
+        #expect(TalkConfigParsing.resolvedSilenceTimeoutMs(nil, fallback: iOSSilenceTimeoutMs) == iOSSilenceTimeoutMs)
+    }
+
+    @Test func defaultsSilenceTimeoutMsWhenInvalid() {
+        let talk: [String: Any] = [
+            "silenceTimeoutMs": 0,
+        ]
+
+        #expect(
+            TalkConfigParsing.resolvedSilenceTimeoutMs(
+                TalkConfigParsing.bridgeFoundationDictionary(talk),
+                fallback: iOSSilenceTimeoutMs) == iOSSilenceTimeoutMs)
+    }
+
+    @Test func defaultsSilenceTimeoutMsWhenBool() {
+        let talk: [String: Any] = [
+            "silenceTimeoutMs": true,
+        ]
+
+        #expect(
+            TalkConfigParsing.resolvedSilenceTimeoutMs(
+                TalkConfigParsing.bridgeFoundationDictionary(talk),
+                fallback: iOSSilenceTimeoutMs) == iOSSilenceTimeoutMs)
+    }
+}
--- a/apps/ios/Tests/TalkModeConfigParsingTests.swift
+++ b/apps/ios/Tests/TalkModeConfigParsingTests.swift
@@ -3,33 +3,7 @@ import Testing
@testable import OpenClaw

@MainActor
-@Suite struct TalkModeConfigParsingTests {
-    @Test func prefersNormalizedTalkProviderPayload() {
-        let talk: [String: Any] = [
-            "provider": "elevenlabs",
-            "providers": [
-                "elevenlabs": [
-                    "voiceId": "voice-normalized",
-                ],
-            ],
-            "voiceId": "voice-legacy",
-        ]
-
-        let selection = TalkModeManager.selectTalkProviderConfig(talk)
-        #expect(selection?.provider == "elevenlabs")
-        #expect(selection?.config["voiceId"] as? String == "voice-normalized")
-    }
-
-    @Test func ignoresLegacyTalkFieldsWhenNormalizedPayloadMissing() {
-        let talk: [String: Any] = [
-            "voiceId": "voice-legacy",
-            "apiKey": "legacy-key", // pragma: allowlist secret
-        ]
-
-        let selection = TalkModeManager.selectTalkProviderConfig(talk)
-        #expect(selection == nil)
-    }
-
+@Suite struct TalkModeManagerTests {
    @Test func detectsPCMFormatRejectionFromElevenLabsError() {
        let error = NSError(
            domain: "ElevenLabsTTS",
--- a/apps/ios/WatchApp/Info.plist
+++ b/apps/ios/WatchApp/Info.plist
@@ -17,9 +17,9 @@
 	<key>CFBundlePackageType</key>
 	<string>APPL</string>
 	<key>CFBundleShortVersionString</key>
-	<string>2026.3.7</string>
+	<string>2026.3.8</string>
 	<key>CFBundleVersion</key>
-	<string>20260307</string>
+	<string>20260308</string>
 	<key>WKCompanionAppBundleIdentifier</key>
 	<string>$(OPENCLAW_APP_BUNDLE_ID)</string>
 	<key>WKWatchKitApp</key>
--- a/apps/ios/WatchExtension/Info.plist
+++ b/apps/ios/WatchExtension/Info.plist
@@ -15,9 +15,9 @@
 	<key>CFBundleName</key>
 	<string>$(PRODUCT_NAME)</string>
 	<key>CFBundleShortVersionString</key>
-	<string>2026.3.7</string>
+	<string>2026.3.8</string>
 	<key>CFBundleVersion</key>
-	<string>20260307</string>
+	<string>20260308</string>
 	<key>NSExtension</key>
 	<dict>
 		<key>NSExtensionAttributes</key>
--- a/apps/ios/project.yml
+++ b/apps/ios/project.yml
@@ -25,6 +25,15 @@ schemes:
    test:
      targets:
        - OpenClawTests
+        - OpenClawLogicTests
+  OpenClawLogicTests:
+    shared: true
+    build:
+      targets:
+        OpenClawLogicTests: all
+    test:
+      targets:
+        - OpenClawLogicTests

 targets:
  OpenClaw:
@@ -98,8 +107,8 @@ targets:
          - CFBundleURLName: ai.openclaw.ios
            CFBundleURLSchemes:
              - openclaw
-        CFBundleShortVersionString: "2026.3.7"
-        CFBundleVersion: "20260307"
+        CFBundleShortVersionString: "2026.3.8"
+        CFBundleVersion: "20260308"
        UILaunchScreen: {}
        UIApplicationSceneManifest:
          UIApplicationSupportsMultipleScenes: false
@@ -117,8 +126,11 @@ targets:
        NSLocationWhenInUseUsageDescription: OpenClaw uses your location when you allow location sharing.
        NSLocationAlwaysAndWhenInUseUsageDescription: OpenClaw can share your location in the background when you enable Always.
        NSMicrophoneUsageDescription: OpenClaw needs microphone access for voice wake.
+        NSMotionUsageDescription: OpenClaw may use motion data to support device-aware interactions and automations.
+        NSPhotoLibraryUsageDescription: OpenClaw needs photo library access when you choose existing photos to share with your assistant.
        NSSpeechRecognitionUsageDescription: OpenClaw uses on-device speech recognition for voice wake.
        NSSupportsLiveActivities: true
+        ITSAppUsesNonExemptEncryption: false
        UISupportedInterfaceOrientations:
          - UIInterfaceOrientationPortrait
          - UIInterfaceOrientationPortraitUpsideDown
@@ -156,8 +168,8 @@ targets:
      path: ShareExtension/Info.plist
      properties:
        CFBundleDisplayName: OpenClaw Share
-        CFBundleShortVersionString: "2026.3.7"
-        CFBundleVersion: "20260307"
+        CFBundleShortVersionString: "2026.3.8"
+        CFBundleVersion: "20260308"
        NSExtension:
          NSExtensionPointIdentifier: com.apple.share-services
          NSExtensionPrincipalClass: "$(PRODUCT_MODULE_NAME).ShareViewController"
@@ -193,8 +205,8 @@ targets:
      path: ActivityWidget/Info.plist
      properties:
        CFBundleDisplayName: OpenClaw Activity
-        CFBundleShortVersionString: "2026.3.7"
-        CFBundleVersion: "20260307"
+        CFBundleShortVersionString: "2026.3.8"
+        CFBundleVersion: "20260308"
        NSSupportsLiveActivities: true
        NSExtension:
          NSExtensionPointIdentifier: com.apple.widgetkit-extension
@@ -219,8 +231,8 @@ targets:
      path: WatchApp/Info.plist
      properties:
        CFBundleDisplayName: OpenClaw
-        CFBundleShortVersionString: "2026.3.7"
-        CFBundleVersion: "20260307"
+        CFBundleShortVersionString: "2026.3.8"
+        CFBundleVersion: "20260308"
        WKCompanionAppBundleIdentifier: "$(OPENCLAW_APP_BUNDLE_ID)"
        WKWatchKitApp: true

@@ -244,8 +256,8 @@ targets:
      path: WatchExtension/Info.plist
      properties:
        CFBundleDisplayName: OpenClaw
-        CFBundleShortVersionString: "2026.3.7"
-        CFBundleVersion: "20260307"
+        CFBundleShortVersionString: "2026.3.8"
+        CFBundleVersion: "20260308"
        NSExtension:
          NSExtensionAttributes:
            WKAppBundleIdentifier: "$(OPENCLAW_WATCH_APP_BUNDLE_ID)"
@@ -259,6 +271,8 @@ targets:
      Release: Signing.xcconfig
    sources:
      - path: Tests
+        excludes:
+          - Logic
    dependencies:
      - target: OpenClaw
      - package: Swabble
@@ -279,5 +293,31 @@ targets:
      path: Tests/Info.plist
      properties:
        CFBundleDisplayName: OpenClawTests
-        CFBundleShortVersionString: "2026.3.7"
-        CFBundleVersion: "20260307"
+        CFBundleShortVersionString: "2026.3.8"
+        CFBundleVersion: "20260308"
+
+  OpenClawLogicTests:
+    type: bundle.unit-test
+    platform: iOS
+    configFiles:
+      Debug: Signing.xcconfig
+      Release: Signing.xcconfig
+    sources:
+      - path: Tests/Logic
+    dependencies:
+      - package: OpenClawKit
+    settings:
+      base:
+        CODE_SIGN_IDENTITY: "Apple Development"
+        CODE_SIGN_STYLE: "$(OPENCLAW_CODE_SIGN_STYLE)"
+        DEVELOPMENT_TEAM: "$(OPENCLAW_DEVELOPMENT_TEAM)"
+        PRODUCT_BUNDLE_IDENTIFIER: ai.openclaw.ios.logic-tests
+        ENABLE_APP_INTENTS_METADATA_GENERATION: NO
+        SWIFT_VERSION: "6.0"
+        SWIFT_STRICT_CONCURRENCY: complete
+    info:
+      path: Tests/Info.plist
+      properties:
+        CFBundleDisplayName: OpenClawLogicTests
+        CFBundleShortVersionString: "2026.3.8"
+        CFBundleVersion: "20260308"
--- a/apps/macos/Sources/OpenClaw/AnyCodable+Helpers.swift
+++ b/apps/macos/Sources/OpenClaw/AnyCodable+Helpers.swift
@@ -4,40 +4,3 @@ import OpenClawKit
 // Prefer the OpenClawKit wrapper to keep gateway request payloads consistent.
 typealias AnyCodable = OpenClawKit.AnyCodable
 typealias InstanceIdentity = OpenClawKit.InstanceIdentity
-
-extension AnyCodable {
-    var stringValue: String? {
-        self.value as? String
-    }
-
-    var boolValue: Bool? {
-        self.value as? Bool
-    }
-
-    var intValue: Int? {
-        self.value as? Int
-    }
-
-    var doubleValue: Double? {
-        self.value as? Double
-    }
-
-    var dictionaryValue: [String: AnyCodable]? {
-        self.value as? [String: AnyCodable]
-    }
-
-    var arrayValue: [AnyCodable]? {
-        self.value as? [AnyCodable]
-    }
-
-    var foundationValue: Any {
-        switch self.value {
-        case let dict as [String: AnyCodable]:
-            dict.mapValues { $0.foundationValue }
-        case let array as [AnyCodable]:
-            array.map(\.foundationValue)
-        default:
-            self.value
-        }
-    }
-}
--- a/apps/macos/Sources/OpenClaw/CameraCaptureService.swift
+++ b/apps/macos/Sources/OpenClaw/CameraCaptureService.swift
@@ -6,14 +6,14 @@ import OpenClawKit
 import OSLog

 actor CameraCaptureService {
-    struct CameraDeviceInfo: Encodable, Sendable {
+    struct CameraDeviceInfo: Encodable {
        let id: String
        let name: String
        let position: String
        let deviceType: String
    }

-    enum CameraError: LocalizedError, Sendable {
+    enum CameraError: LocalizedError {
        case cameraUnavailable
        case microphoneUnavailable
        case permissionDenied(kind: String)
--- a/apps/macos/Sources/OpenClaw/ConfigStore.swift
+++ b/apps/macos/Sources/OpenClaw/ConfigStore.swift
@@ -2,7 +2,7 @@ import Foundation
 import OpenClawProtocol

 enum ConfigStore {
-    struct Overrides: Sendable {
+    struct Overrides {
        var isRemoteMode: (@Sendable () async -> Bool)?
        var loadLocal: (@MainActor @Sendable () -> [String: Any])?
        var saveLocal: (@MainActor @Sendable ([String: Any]) -> Void)?
--- a/apps/macos/Sources/OpenClaw/ConnectionModeResolver.swift
+++ b/apps/macos/Sources/OpenClaw/ConnectionModeResolver.swift
@@ -1,13 +1,13 @@
 import Foundation

-enum EffectiveConnectionModeSource: Sendable, Equatable {
+enum EffectiveConnectionModeSource: Equatable {
    case configMode
    case configRemoteURL
    case userDefaults
    case onboarding
 }

-struct EffectiveConnectionMode: Sendable, Equatable {
+struct EffectiveConnectionMode: Equatable {
    let mode: AppState.ConnectionMode
    let source: EffectiveConnectionModeSource
 }
--- a/apps/macos/Sources/OpenClaw/ControlChannel.swift
+++ b/apps/macos/Sources/OpenClaw/ControlChannel.swift
@@ -14,7 +14,7 @@ struct ControlHeartbeatEvent: Codable {
    let reason: String?
 }

-struct ControlAgentEvent: Codable, Sendable, Identifiable {
+struct ControlAgentEvent: Codable, Identifiable {
    var id: String {
        "\(self.runId)-\(self.seq)"
    }
--- a/apps/macos/Sources/OpenClaw/CronModels.swift
+++ b/apps/macos/Sources/OpenClaw/CronModels.swift
@@ -226,7 +226,7 @@ struct CronJob: Identifiable, Codable, Equatable {
    }
 }

-struct CronEvent: Codable, Sendable {
+struct CronEvent: Codable {
    let jobId: String
    let action: String
    let runAtMs: Int?
@@ -237,7 +237,7 @@ struct CronEvent: Codable, Sendable {
    let nextRunAtMs: Int?
 }

-struct CronRunLogEntry: Codable, Identifiable, Sendable {
+struct CronRunLogEntry: Codable, Identifiable {
    var id: String {
        "\(self.jobId)-\(self.ts)"
    }
--- a/apps/macos/Sources/OpenClaw/DeviceModelCatalog.swift
+++ b/apps/macos/Sources/OpenClaw/DeviceModelCatalog.swift
@@ -1,6 +1,6 @@
 import Foundation

-struct DevicePresentation: Sendable {
+struct DevicePresentation {
    let title: String
    let symbol: String?
 }
--- a/apps/macos/Sources/OpenClaw/DiagnosticsFileLog.swift
+++ b/apps/macos/Sources/OpenClaw/DiagnosticsFileLog.swift
@@ -7,7 +7,7 @@ actor DiagnosticsFileLog {
    private let maxBytes: Int64 = 5 * 1024 * 1024
    private let maxBackups = 5

-    struct Record: Codable, Sendable {
+    struct Record: Codable {
        let ts: String
        let pid: Int32
        let category: String
--- a/apps/macos/Sources/OpenClaw/ExecApprovals.swift
+++ b/apps/macos/Sources/OpenClaw/ExecApprovals.swift
@@ -84,13 +84,13 @@ enum ExecAsk: String, CaseIterable, Codable, Identifiable {
    }
 }

-enum ExecApprovalDecision: String, Codable, Sendable {
+enum ExecApprovalDecision: String, Codable {
    case allowOnce = "allow-once"
    case allowAlways = "allow-always"
    case deny
 }

-enum ExecAllowlistPatternValidationReason: String, Codable, Sendable, Equatable {
+enum ExecAllowlistPatternValidationReason: String, Codable, Equatable {
    case empty
    case missingPathComponent

@@ -104,12 +104,12 @@ enum ExecAllowlistPatternValidationReason: String, Codable, Sendable, Equatable
    }
 }

-enum ExecAllowlistPatternValidation: Sendable, Equatable {
+enum ExecAllowlistPatternValidation: Equatable {
    case valid(String)
    case invalid(ExecAllowlistPatternValidationReason)
 }

-struct ExecAllowlistRejectedEntry: Sendable, Equatable {
+struct ExecAllowlistRejectedEntry: Equatable {
    let id: UUID
    let pattern: String
    let reason: ExecAllowlistPatternValidationReason
@@ -753,7 +753,7 @@ enum ExecApprovalHelpers {
    }
 }

-struct ExecEventPayload: Codable, Sendable {
+struct ExecEventPayload: Codable {
    var sessionKey: String
    var runId: String
    var host: String
--- a/apps/macos/Sources/OpenClaw/ExecApprovalsGatewayPrompter.swift
+++ b/apps/macos/Sources/OpenClaw/ExecApprovalsGatewayPrompter.swift
@@ -11,7 +11,7 @@ final class ExecApprovalsGatewayPrompter {
    private let logger = Logger(subsystem: "ai.openclaw", category: "exec-approvals.gateway")
    private var task: Task<Void, Never>?

-    struct GatewayApprovalRequest: Codable, Sendable {
+    struct GatewayApprovalRequest: Codable {
        var id: String
        var request: ExecApprovalPromptRequest
        var createdAtMs: Int
--- a/apps/macos/Sources/OpenClaw/ExecApprovalsSocket.swift
+++ b/apps/macos/Sources/OpenClaw/ExecApprovalsSocket.swift
@@ -5,7 +5,7 @@ import Foundation
 import OpenClawKit
 import OSLog

-struct ExecApprovalPromptRequest: Codable, Sendable {
+struct ExecApprovalPromptRequest: Codable {
    var command: String
    var cwd: String?
    var host: String?
--- a/apps/macos/Sources/OpenClaw/ExecCommandResolution.swift
+++ b/apps/macos/Sources/OpenClaw/ExecCommandResolution.swift
@@ -1,6 +1,6 @@
 import Foundation

-struct ExecCommandResolution: Sendable {
+struct ExecCommandResolution {
    let rawExecutable: String
    let resolvedPath: String?
    let executableName: String
--- a/apps/macos/Sources/OpenClaw/GatewayConnection.swift
+++ b/apps/macos/Sources/OpenClaw/GatewayConnection.swift
@@ -6,7 +6,7 @@ import OSLog

 private let gatewayConnectionLogger = Logger(subsystem: "ai.openclaw", category: "gateway.connection")

-enum GatewayAgentChannel: String, Codable, CaseIterable, Sendable {
+enum GatewayAgentChannel: String, Codable, CaseIterable {
    case last
    case whatsapp
    case telegram
@@ -33,7 +33,7 @@ enum GatewayAgentChannel: String, Codable, CaseIterable, Sendable {
    }
 }

-struct GatewayAgentInvocation: Sendable {
+struct GatewayAgentInvocation {
    var message: String
    var sessionKey: String = "main"
    var thinking: String?
@@ -53,7 +53,7 @@ actor GatewayConnection {

    typealias Config = (url: URL, token: String?, password: String?)

-    enum Method: String, Sendable {
+    enum Method: String {
        case agent
        case status
        case setHeartbeats = "set-heartbeats"
@@ -110,6 +110,44 @@ actor GatewayConnection {
    private var subscribers: [UUID: AsyncStream<GatewayPush>.Continuation] = [:]
    private var lastSnapshot: HelloOk?

+    private struct LossyDecodable<Value: Decodable>: Decodable {
+        let value: Value?
+
+        init(from decoder: Decoder) throws {
+            do {
+                self.value = try Value(from: decoder)
+            } catch {
+                self.value = nil
+            }
+        }
+    }
+
+    private struct LossyCronListResponse: Decodable {
+        let jobs: [LossyDecodable<CronJob>]
+
+        enum CodingKeys: String, CodingKey {
+            case jobs
+        }
+
+        init(from decoder: Decoder) throws {
+            let container = try decoder.container(keyedBy: CodingKeys.self)
+            self.jobs = try container.decodeIfPresent([LossyDecodable<CronJob>].self, forKey: .jobs) ?? []
+        }
+    }
+
+    private struct LossyCronRunsResponse: Decodable {
+        let entries: [LossyDecodable<CronRunLogEntry>]
+
+        enum CodingKeys: String, CodingKey {
+            case entries
+        }
+
+        init(from decoder: Decoder) throws {
+            let container = try decoder.container(keyedBy: CodingKeys.self)
+            self.entries = try container.decodeIfPresent([LossyDecodable<CronRunLogEntry>].self, forKey: .entries) ?? []
+        }
+    }
+
    init(
        configProvider: @escaping @Sendable () async throws -> Config = GatewayConnection.defaultConfigProvider,
        sessionBox: WebSocketSessionBox? = nil)
@@ -390,9 +428,9 @@ actor GatewayConnection {
 // MARK: - Typed gateway API

 extension GatewayConnection {
-    struct ConfigGetSnapshot: Decodable, Sendable {
-        struct SnapshotConfig: Decodable, Sendable {
-            struct Session: Decodable, Sendable {
+    struct ConfigGetSnapshot: Decodable {
+        struct SnapshotConfig: Decodable {
+            struct Session: Decodable {
                let mainKey: String?
                let scope: String?
            }
@@ -691,7 +729,7 @@ extension GatewayConnection {

    // MARK: - Cron

-    struct CronSchedulerStatus: Decodable, Sendable {
+    struct CronSchedulerStatus: Decodable {
        let enabled: Bool
        let storePath: String
        let jobs: Int
@@ -703,17 +741,17 @@ extension GatewayConnection {
    }

    func cronList(includeDisabled: Bool = true) async throws -> [CronJob] {
-        let res: CronListResponse = try await self.requestDecoded(
+        let data = try await self.requestRaw(
            method: .cronList,
            params: ["includeDisabled": AnyCodable(includeDisabled)])
-        return res.jobs
+        return try Self.decodeCronListResponse(data)
    }

    func cronRuns(jobId: String, limit: Int = 200) async throws -> [CronRunLogEntry] {
-        let res: CronRunsResponse = try await self.requestDecoded(
+        let data = try await self.requestRaw(
            method: .cronRuns,
            params: ["id": AnyCodable(jobId), "limit": AnyCodable(limit)])
-        return res.entries
+        return try Self.decodeCronRunsResponse(data)
    }

    func cronRun(jobId: String, force: Bool = true) async throws {
@@ -739,4 +777,24 @@ extension GatewayConnection {
    func cronAdd(payload: [String: AnyCodable]) async throws {
        try await self.requestVoid(method: .cronAdd, params: payload)
    }
+
+    nonisolated static func decodeCronListResponse(_ data: Data) throws -> [CronJob] {
+        let decoded = try JSONDecoder().decode(LossyCronListResponse.self, from: data)
+        let jobs = decoded.jobs.compactMap(\.value)
+        let skipped = decoded.jobs.count - jobs.count
+        if skipped > 0 {
+            gatewayConnectionLogger.warning("cron.list skipped \(skipped, privacy: .public) malformed jobs")
+        }
+        return jobs
+    }
+
+    nonisolated static func decodeCronRunsResponse(_ data: Data) throws -> [CronRunLogEntry] {
+        let decoded = try JSONDecoder().decode(LossyCronRunsResponse.self, from: data)
+        let entries = decoded.entries.compactMap(\.value)
+        let skipped = decoded.entries.count - entries.count
+        if skipped > 0 {
+            gatewayConnectionLogger.warning("cron.runs skipped \(skipped, privacy: .public) malformed entries")
+        }
+        return entries
+    }
 }
--- a/apps/macos/Sources/OpenClaw/GatewayEndpointStore.swift
+++ b/apps/macos/Sources/OpenClaw/GatewayEndpointStore.swift
@@ -2,7 +2,7 @@ import ConcurrencyExtras
 import Foundation
 import OSLog

-enum GatewayEndpointState: Sendable, Equatable {
+enum GatewayEndpointState: Equatable {
    case ready(mode: AppState.ConnectionMode, url: URL, token: String?, password: String?)
    case connecting(mode: AppState.ConnectionMode, detail: String)
    case unavailable(mode: AppState.ConnectionMode, reason: String)
@@ -24,14 +24,14 @@ actor GatewayEndpointStore {
    ]
    private static let remoteConnectingDetail = "Connecting to remote gateway…"
    private static let staticLogger = Logger(subsystem: "ai.openclaw", category: "gateway-endpoint")
-    private enum EnvOverrideWarningKind: Sendable {
+    private enum EnvOverrideWarningKind {
        case token
        case password
    }

    private static let envOverrideWarnings = LockIsolated((token: false, password: false))

-    struct Deps: Sendable {
+    struct Deps {
        let mode: @Sendable () async -> AppState.ConnectionMode
        let token: @Sendable () -> String?
        let password: @Sendable () -> String?
@@ -614,6 +614,44 @@ actor GatewayEndpointStore {
 }

 extension GatewayEndpointStore {
+    static func localConfig() -> GatewayConnection.Config {
+        self.localConfig(
+            root: OpenClawConfigFile.loadDict(),
+            env: ProcessInfo.processInfo.environment,
+            launchdSnapshot: GatewayLaunchAgentManager.launchdConfigSnapshot(),
+            tailscaleIP: TailscaleService.fallbackTailnetIPv4())
+    }
+
+    static func localConfig(
+        root: [String: Any],
+        env: [String: String],
+        launchdSnapshot: LaunchAgentPlistSnapshot?,
+        tailscaleIP: String?) -> GatewayConnection.Config
+    {
+        let port = GatewayEnvironment.gatewayPort()
+        let bind = self.resolveGatewayBindMode(root: root, env: env)
+        let customBindHost = self.resolveGatewayCustomBindHost(root: root)
+        let scheme = self.resolveGatewayScheme(root: root, env: env)
+        let host = self.resolveLocalGatewayHost(
+            bindMode: bind,
+            customBindHost: customBindHost,
+            tailscaleIP: tailscaleIP)
+        let token = self.resolveGatewayToken(
+            isRemote: false,
+            root: root,
+            env: env,
+            launchdSnapshot: launchdSnapshot)
+        let password = self.resolveGatewayPassword(
+            isRemote: false,
+            root: root,
+            env: env,
+            launchdSnapshot: launchdSnapshot)
+        return (
+            url: URL(string: "\(scheme)://\(host):\(port)")!,
+            token: token,
+            password: password)
+    }
+
    private static func normalizeDashboardPath(_ rawPath: String?) -> String {
        let trimmed = (rawPath ?? "").trimmingCharacters(in: .whitespacesAndNewlines)
        guard !trimmed.isEmpty else { return "/" }
@@ -721,5 +759,18 @@ extension GatewayEndpointStore {
            customBindHost: customBindHost,
            tailscaleIP: tailscaleIP)
    }
+
+    static func _testLocalConfig(
+        root: [String: Any],
+        env: [String: String],
+        launchdSnapshot: LaunchAgentPlistSnapshot? = nil,
+        tailscaleIP: String? = nil) -> GatewayConnection.Config
+    {
+        self.localConfig(
+            root: root,
+            env: env,
+            launchdSnapshot: launchdSnapshot,
+            tailscaleIP: tailscaleIP)
+    }
 }
 #endif
--- a/apps/macos/Sources/OpenClaw/GatewayEnvironment.swift
+++ b/apps/macos/Sources/OpenClaw/GatewayEnvironment.swift
@@ -3,7 +3,7 @@ import OpenClawIPC
 import OSLog

 /// Lightweight SemVer helper (major.minor.patch only) for gateway compatibility checks.
-struct Semver: Comparable, CustomStringConvertible, Sendable {
+struct Semver: Comparable, CustomStringConvertible {
    let major: Int
    let minor: Int
    let patch: Int
--- a/apps/macos/Sources/OpenClaw/HealthStore.swift
+++ b/apps/macos/Sources/OpenClaw/HealthStore.swift
@@ -3,14 +3,14 @@ import Network
 import Observation
 import SwiftUI

-struct HealthSnapshot: Codable, Sendable {
-    struct ChannelSummary: Codable, Sendable {
-        struct Probe: Codable, Sendable {
-            struct Bot: Codable, Sendable {
+struct HealthSnapshot: Codable {
+    struct ChannelSummary: Codable {
+        struct Probe: Codable {
+            struct Bot: Codable {
                let username: String?
            }

-            struct Webhook: Codable, Sendable {
+            struct Webhook: Codable {
                let url: String?
            }

@@ -29,13 +29,13 @@ struct HealthSnapshot: Codable, Sendable {
        let lastProbeAt: Double?
    }

-    struct SessionInfo: Codable, Sendable {
+    struct SessionInfo: Codable {
        let key: String
        let updatedAt: Double?
        let age: Double?
    }

-    struct Sessions: Codable, Sendable {
+    struct Sessions: Codable {
        let path: String
        let count: Int
        let recent: [SessionInfo]
--- a/apps/macos/Sources/OpenClaw/Launchctl.swift
+++ b/apps/macos/Sources/OpenClaw/Launchctl.swift
@@ -1,7 +1,7 @@
 import Foundation

 enum Launchctl {
-    struct Result: Sendable {
+    struct Result {
        let status: Int32
        let output: String
    }
@@ -26,7 +26,7 @@ enum Launchctl {
    }
 }

-struct LaunchAgentPlistSnapshot: Equatable, Sendable {
+struct LaunchAgentPlistSnapshot: Equatable {
    let programArguments: [String]
    let environment: [String: String]
    let stdoutPath: String?
--- a/apps/macos/Sources/OpenClaw/NodeMode/MacNodeBrowserProxy.swift
+++ b/apps/macos/Sources/OpenClaw/NodeMode/MacNodeBrowserProxy.swift
@@ -0,0 +1,234 @@
+import Foundation
+import OpenClawProtocol
+import UniformTypeIdentifiers
+
+actor MacNodeBrowserProxy {
+    static let shared = MacNodeBrowserProxy()
+
+    struct Endpoint {
+        let baseURL: URL
+        let token: String?
+        let password: String?
+    }
+
+    private struct RequestParams: Decodable {
+        let method: String?
+        let path: String?
+        let query: [String: OpenClawProtocol.AnyCodable]?
+        let body: OpenClawProtocol.AnyCodable?
+        let timeoutMs: Int?
+        let profile: String?
+    }
+
+    private struct ProxyFilePayload {
+        let path: String
+        let base64: String
+        let mimeType: String?
+
+        func asJSON() -> [String: Any] {
+            var json: [String: Any] = [
+                "path": self.path,
+                "base64": self.base64,
+            ]
+            if let mimeType = self.mimeType {
+                json["mimeType"] = mimeType
+            }
+            return json
+        }
+    }
+
+    private static let maxProxyFileBytes = 10 * 1024 * 1024
+    private let endpointProvider: @Sendable () -> Endpoint
+    private let performRequest: @Sendable (URLRequest) async throws -> (Data, URLResponse)
+
+    init(
+        session: URLSession = .shared,
+        endpointProvider: (@Sendable () -> Endpoint)? = nil,
+        performRequest: (@Sendable (URLRequest) async throws -> (Data, URLResponse))? = nil)
+    {
+        self.endpointProvider = endpointProvider ?? MacNodeBrowserProxy.defaultEndpoint
+        self.performRequest = performRequest ?? { request in
+            try await session.data(for: request)
+        }
+    }
+
+    func request(paramsJSON: String?) async throws -> String {
+        let params = try Self.decodeRequestParams(from: paramsJSON)
+        let request = try Self.makeRequest(params: params, endpoint: self.endpointProvider())
+        let (data, response) = try await self.performRequest(request)
+        let http = try Self.requireHTTPResponse(response)
+        guard (200..<300).contains(http.statusCode) else {
+            throw NSError(domain: "MacNodeBrowserProxy", code: http.statusCode, userInfo: [
+                NSLocalizedDescriptionKey: Self.httpErrorMessage(statusCode: http.statusCode, data: data),
+            ])
+        }
+
+        let result = try JSONSerialization.jsonObject(with: data, options: [.fragmentsAllowed])
+        let files = try Self.loadProxyFiles(from: result)
+        var payload: [String: Any] = ["result": result]
+        if !files.isEmpty {
+            payload["files"] = files.map { $0.asJSON() }
+        }
+        let payloadData = try JSONSerialization.data(withJSONObject: payload)
+        guard let payloadJSON = String(data: payloadData, encoding: .utf8) else {
+            throw NSError(domain: "MacNodeBrowserProxy", code: 2, userInfo: [
+                NSLocalizedDescriptionKey: "browser proxy returned invalid UTF-8",
+            ])
+        }
+        return payloadJSON
+    }
+
+    private static func defaultEndpoint() -> Endpoint {
+        let config = GatewayEndpointStore.localConfig()
+        let controlPort = GatewayEnvironment.gatewayPort() + 2
+        let baseURL = URL(string: "http://127.0.0.1:\(controlPort)")!
+        return Endpoint(baseURL: baseURL, token: config.token, password: config.password)
+    }
+
+    private static func decodeRequestParams(from raw: String?) throws -> RequestParams {
+        guard let raw else {
+            throw NSError(domain: "MacNodeBrowserProxy", code: 3, userInfo: [
+                NSLocalizedDescriptionKey: "INVALID_REQUEST: paramsJSON required",
+            ])
+        }
+        return try JSONDecoder().decode(RequestParams.self, from: Data(raw.utf8))
+    }
+
+    private static func makeRequest(params: RequestParams, endpoint: Endpoint) throws -> URLRequest {
+        let method = (params.method ?? "GET").trimmingCharacters(in: .whitespacesAndNewlines).uppercased()
+        let path = (params.path ?? "").trimmingCharacters(in: .whitespacesAndNewlines)
+        guard !path.isEmpty else {
+            throw NSError(domain: "MacNodeBrowserProxy", code: 1, userInfo: [
+                NSLocalizedDescriptionKey: "INVALID_REQUEST: path required",
+            ])
+        }
+
+        let normalizedPath = path.hasPrefix("/") ? path : "/\(path)"
+        guard var components = URLComponents(
+            url: endpoint.baseURL.appendingPathComponent(String(normalizedPath.dropFirst())),
+            resolvingAgainstBaseURL: false)
+        else {
+            throw NSError(domain: "MacNodeBrowserProxy", code: 4, userInfo: [
+                NSLocalizedDescriptionKey: "INVALID_REQUEST: invalid browser proxy URL",
+            ])
+        }
+
+        var queryItems: [URLQueryItem] = []
+        if let query = params.query {
+            for key in query.keys.sorted() {
+                let value = query[key]?.value
+                guard value != nil, !(value is NSNull) else { continue }
+                queryItems.append(URLQueryItem(name: key, value: Self.stringValue(for: value)))
+            }
+        }
+        let profile = params.profile?.trimmingCharacters(in: .whitespacesAndNewlines) ?? ""
+        if !profile.isEmpty, !queryItems.contains(where: { $0.name == "profile" }) {
+            queryItems.append(URLQueryItem(name: "profile", value: profile))
+        }
+        if !queryItems.isEmpty {
+            components.queryItems = queryItems
+        }
+        guard let url = components.url else {
+            throw NSError(domain: "MacNodeBrowserProxy", code: 5, userInfo: [
+                NSLocalizedDescriptionKey: "INVALID_REQUEST: invalid browser proxy URL",
+            ])
+        }
+
+        var request = URLRequest(url: url)
+        request.httpMethod = method
+        request.timeoutInterval = params.timeoutMs.map { TimeInterval(max($0, 1)) / 1000 } ?? 5
+        request.setValue("application/json", forHTTPHeaderField: "Accept")
+        if let token = endpoint.token?.trimmingCharacters(in: .whitespacesAndNewlines), !token.isEmpty {
+            request.setValue("Bearer \(token)", forHTTPHeaderField: "Authorization")
+        } else if let password = endpoint.password?.trimmingCharacters(in: .whitespacesAndNewlines),
+                  !password.isEmpty
+        {
+            request.setValue(password, forHTTPHeaderField: "x-openclaw-password")
+        }
+
+        if method != "GET", let body = params.body?.value {
+            request.httpBody = try JSONSerialization.data(withJSONObject: body, options: [.fragmentsAllowed])
+            request.setValue("application/json", forHTTPHeaderField: "Content-Type")
+        }
+
+        return request
+    }
+
+    private static func requireHTTPResponse(_ response: URLResponse) throws -> HTTPURLResponse {
+        guard let http = response as? HTTPURLResponse else {
+            throw NSError(domain: "MacNodeBrowserProxy", code: 6, userInfo: [
+                NSLocalizedDescriptionKey: "browser proxy returned a non-HTTP response",
+            ])
+        }
+        return http
+    }
+
+    private static func httpErrorMessage(statusCode: Int, data: Data) -> String {
+        if let object = try? JSONSerialization.jsonObject(with: data, options: [.fragmentsAllowed]) as? [String: Any],
+           let error = object["error"] as? String,
+           !error.trimmingCharacters(in: .whitespacesAndNewlines).isEmpty
+        {
+            return error
+        }
+        if let text = String(data: data, encoding: .utf8)?
+            .trimmingCharacters(in: .whitespacesAndNewlines),
+            !text.isEmpty
+        {
+            return text
+        }
+        return "HTTP \(statusCode)"
+    }
+
+    private static func stringValue(for value: Any?) -> String? {
+        guard let value else { return nil }
+        if let string = value as? String { return string }
+        if let bool = value as? Bool { return bool ? "true" : "false" }
+        if let number = value as? NSNumber { return number.stringValue }
+        return String(describing: value)
+    }
+
+    private static func loadProxyFiles(from result: Any) throws -> [ProxyFilePayload] {
+        let paths = self.collectProxyPaths(from: result)
+        return try paths.map(self.loadProxyFile)
+    }
+
+    private static func collectProxyPaths(from payload: Any) -> [String] {
+        guard let object = payload as? [String: Any] else { return [] }
+
+        var paths = Set<String>()
+        if let path = object["path"] as? String, !path.trimmingCharacters(in: .whitespacesAndNewlines).isEmpty {
+            paths.insert(path.trimmingCharacters(in: .whitespacesAndNewlines))
+        }
+        if let imagePath = object["imagePath"] as? String,
+           !imagePath.trimmingCharacters(in: .whitespacesAndNewlines).isEmpty
+        {
+            paths.insert(imagePath.trimmingCharacters(in: .whitespacesAndNewlines))
+        }
+        if let download = object["download"] as? [String: Any],
+           let path = download["path"] as? String,
+           !path.trimmingCharacters(in: .whitespacesAndNewlines).isEmpty
+        {
+            paths.insert(path.trimmingCharacters(in: .whitespacesAndNewlines))
+        }
+        return paths.sorted()
+    }
+
+    private static func loadProxyFile(path: String) throws -> ProxyFilePayload {
+        let url = URL(fileURLWithPath: path)
+        let values = try url.resourceValues(forKeys: [.isRegularFileKey, .fileSizeKey])
+        guard values.isRegularFile == true else {
+            throw NSError(domain: "MacNodeBrowserProxy", code: 7, userInfo: [
+                NSLocalizedDescriptionKey: "browser proxy file not found: \(path)",
+            ])
+        }
+        if let fileSize = values.fileSize, fileSize > Self.maxProxyFileBytes {
+            throw NSError(domain: "MacNodeBrowserProxy", code: 8, userInfo: [
+                NSLocalizedDescriptionKey: "browser proxy file exceeds 10MB: \(path)",
+            ])
+        }
+
+        let data = try Data(contentsOf: url)
+        let mimeType = UTType(filenameExtension: url.pathExtension)?.preferredMIMEType
+        return ProxyFilePayload(path: path, base64: data.base64EncodedString(), mimeType: mimeType)
+    }
+}
--- a/apps/macos/Sources/OpenClaw/NodeMode/MacNodeModeCoordinator.swift
+++ b/apps/macos/Sources/OpenClaw/NodeMode/MacNodeModeCoordinator.swift
@@ -32,6 +32,7 @@ final class MacNodeModeCoordinator {
    private func run() async {
        var retryDelay: UInt64 = 1_000_000_000
        var lastCameraEnabled: Bool?
+        var lastBrowserControlEnabled: Bool?
        let defaults = UserDefaults.standard

        while !Task.isCancelled {
@@ -48,6 +49,14 @@ final class MacNodeModeCoordinator {
                await self.session.disconnect()
                try? await Task.sleep(nanoseconds: 200_000_000)
            }
+            let browserControlEnabled = OpenClawConfigFile.browserControlEnabled()
+            if lastBrowserControlEnabled == nil {
+                lastBrowserControlEnabled = browserControlEnabled
+            } else if lastBrowserControlEnabled != browserControlEnabled {
+                lastBrowserControlEnabled = browserControlEnabled
+                await self.session.disconnect()
+                try? await Task.sleep(nanoseconds: 200_000_000)
+            }

            do {
                let config = try await GatewayEndpointStore.shared.requireConfig()
@@ -108,6 +117,9 @@ final class MacNodeModeCoordinator {

    private func currentCaps() -> [String] {
        var caps: [String] = [OpenClawCapability.canvas.rawValue, OpenClawCapability.screen.rawValue]
+        if OpenClawConfigFile.browserControlEnabled() {
+            caps.append(OpenClawCapability.browser.rawValue)
+        }
        if UserDefaults.standard.object(forKey: cameraEnabledKey) as? Bool ?? false {
            caps.append(OpenClawCapability.camera.rawValue)
        }
@@ -142,6 +154,9 @@ final class MacNodeModeCoordinator {
        ]

        let capsSet = Set(caps)
+        if capsSet.contains(OpenClawCapability.browser.rawValue) {
+            commands.append(OpenClawBrowserCommand.proxy.rawValue)
+        }
        if capsSet.contains(OpenClawCapability.camera.rawValue) {
            commands.append(OpenClawCameraCommand.list.rawValue)
            commands.append(OpenClawCameraCommand.snap.rawValue)
--- a/apps/macos/Sources/OpenClaw/NodeMode/MacNodeRuntime.swift
+++ b/apps/macos/Sources/OpenClaw/NodeMode/MacNodeRuntime.swift
@@ -6,6 +6,7 @@ import OpenClawKit
 actor MacNodeRuntime {
    private let cameraCapture = CameraCaptureService()
    private let makeMainActorServices: () async -> any MacNodeRuntimeMainActorServices
+    private let browserProxyRequest: @Sendable (String?) async throws -> String
    private var cachedMainActorServices: (any MacNodeRuntimeMainActorServices)?
    private var mainSessionKey: String = "main"
    private var eventSender: (@Sendable (String, String?) async -> Void)?
@@ -13,9 +14,13 @@ actor MacNodeRuntime {
    init(
        makeMainActorServices: @escaping () async -> any MacNodeRuntimeMainActorServices = {
            await MainActor.run { LiveMacNodeRuntimeMainActorServices() }
+        },
+        browserProxyRequest: @escaping @Sendable (String?) async throws -> String = { paramsJSON in
+            try await MacNodeBrowserProxy.shared.request(paramsJSON: paramsJSON)
        })
    {
        self.makeMainActorServices = makeMainActorServices
+        self.browserProxyRequest = browserProxyRequest
    }

    func updateMainSessionKey(_ sessionKey: String) {
@@ -50,6 +55,8 @@ actor MacNodeRuntime {
                 OpenClawCanvasA2UICommand.push.rawValue,
                 OpenClawCanvasA2UICommand.pushJSONL.rawValue:
                return try await self.handleA2UIInvoke(req)
+            case OpenClawBrowserCommand.proxy.rawValue:
+                return try await self.handleBrowserProxyInvoke(req)
            case OpenClawCameraCommand.snap.rawValue,
                 OpenClawCameraCommand.clip.rawValue,
                 OpenClawCameraCommand.list.rawValue:
@@ -165,6 +172,19 @@ actor MacNodeRuntime {
        }
    }

+    private func handleBrowserProxyInvoke(_ req: BridgeInvokeRequest) async throws -> BridgeInvokeResponse {
+        guard OpenClawConfigFile.browserControlEnabled() else {
+            return BridgeInvokeResponse(
+                id: req.id,
+                ok: false,
+                error: OpenClawNodeError(
+                    code: .unavailable,
+                    message: "BROWSER_DISABLED: enable Browser in Settings"))
+        }
+        let payloadJSON = try await self.browserProxyRequest(req.paramsJSON)
+        return BridgeInvokeResponse(id: req.id, ok: true, payloadJSON: payloadJSON)
+    }
+
    private func handleCameraInvoke(_ req: BridgeInvokeRequest) async throws -> BridgeInvokeResponse {
        guard Self.cameraEnabled() else {
            return BridgeInvokeResponse(
--- a/apps/macos/Sources/OpenClaw/NodeMode/MacNodeScreenCommands.swift
+++ b/apps/macos/Sources/OpenClaw/NodeMode/MacNodeScreenCommands.swift
@@ -1,10 +1,10 @@
 import Foundation

-enum MacNodeScreenCommand: String, Codable, Sendable {
+enum MacNodeScreenCommand: String, Codable {
    case record = "screen.record"
 }

-struct MacNodeScreenRecordParams: Codable, Sendable, Equatable {
+struct MacNodeScreenRecordParams: Codable, Equatable {
    var screenIndex: Int?
    var durationMs: Int?
    var fps: Double?
--- a/apps/macos/Sources/OpenClaw/NotifyOverlay.swift
+++ b/apps/macos/Sources/OpenClaw/NotifyOverlay.swift
@@ -61,9 +61,11 @@ final class NotifyOverlayController {
        self.ensureWindow()
        self.hostingView?.rootView = NotifyOverlayView(controller: self)
        let target = self.targetFrame()
+        let isFirst = !self.model.isVisible
+        if isFirst { self.model.isVisible = true }
        OverlayPanelFactory.present(
            window: self.window,
-            isVisible: &self.model.isVisible,
+            isFirstPresent: isFirst,
            target: target)
        { window in
            self.updateWindowFrame(animate: true)
--- a/apps/macos/Sources/OpenClaw/OverlayPanelFactory.swift
+++ b/apps/macos/Sources/OpenClaw/OverlayPanelFactory.swift
@@ -64,15 +64,14 @@ enum OverlayPanelFactory {
    @MainActor
    static func present(
        window: NSWindow?,
-        isVisible: inout Bool,
+        isFirstPresent: Bool,
        target: NSRect,
        startOffsetY: CGFloat = -6,
        onFirstPresent: (() -> Void)? = nil,
        onAlreadyVisible: (NSWindow) -> Void)
    {
        guard let window else { return }
-        if !isVisible {
-            isVisible = true
+        if isFirstPresent {
            onFirstPresent?()
            let start = target.offsetBy(dx: 0, dy: startOffsetY)
            self.animatePresent(window: window, from: start, to: target)
@@ -87,7 +86,7 @@ enum OverlayPanelFactory {
        offsetX: CGFloat = 6,
        offsetY: CGFloat = 6,
        duration: TimeInterval = 0.16,
-        completion: @escaping () -> Void)
+        completion: @escaping @MainActor @Sendable () -> Void)
    {
        let target = window.frame.offsetBy(dx: offsetX, dy: offsetY)
        NSAnimationContext.runAnimationGroup { context in
@@ -96,7 +95,7 @@ enum OverlayPanelFactory {
            window.animator().setFrame(target, display: true)
            window.animator().alphaValue = 0
        } completionHandler: {
-            completion()
+            Task { @MainActor in completion() }
        }
    }

@@ -109,10 +108,8 @@ enum OverlayPanelFactory {
        onHidden: @escaping @MainActor () -> Void)
    {
        self.animateDismiss(window: window, offsetX: offsetX, offsetY: offsetY, duration: duration) {
-            Task { @MainActor in
-                window.orderOut(nil)
-                onHidden()
-            }
+            window.orderOut(nil)
+            onHidden()
        }
    }

--- a/apps/macos/Sources/OpenClaw/PeekabooBridgeHostCoordinator.swift
+++ b/apps/macos/Sources/OpenClaw/PeekabooBridgeHostCoordinator.swift
@@ -56,7 +56,7 @@ final class PeekabooBridgeHostCoordinator {
    private func startIfNeeded() async {
        guard self.host == nil else { return }

-        var allowlistedTeamIDs: Set<String> = ["Y5PE65HELJ"]
+        var allowlistedTeamIDs: Set = ["Y5PE65HELJ"]
        if let teamID = Self.currentTeamID() {
            allowlistedTeamIDs.insert(teamID)
        }
--- a/apps/macos/Sources/OpenClaw/PermissionsSettings.swift
+++ b/apps/macos/Sources/OpenClaw/PermissionsSettings.swift
@@ -9,24 +9,28 @@ struct PermissionsSettings: View {
    let showOnboarding: () -> Void

    var body: some View {
-        VStack(alignment: .leading, spacing: 14) {
-            SystemRunSettingsView()
+        ScrollView {
+            VStack(alignment: .leading, spacing: 14) {
+                SystemRunSettingsView()

-            Text("Allow these so OpenClaw can notify and capture when needed.")
-                .padding(.top, 4)
+                Text("Allow these so OpenClaw can notify and capture when needed.")
+                    .padding(.top, 4)
+                    .fixedSize(horizontal: false, vertical: true)

-            PermissionStatusList(status: self.status, refresh: self.refresh)
-                .padding(.horizontal, 2)
-                .padding(.vertical, 6)
+                PermissionStatusList(status: self.status, refresh: self.refresh)
+                    .padding(.horizontal, 2)
+                    .padding(.vertical, 6)

-            LocationAccessSettings()
+                LocationAccessSettings()

-            Button("Restart onboarding") { self.showOnboarding() }
-                .buttonStyle(.bordered)
-            Spacer()
+                Button("Restart onboarding") { self.showOnboarding() }
+                    .buttonStyle(.bordered)
+            }
+            .frame(maxWidth: .infinity, alignment: .leading)
+            .padding(.horizontal, 12)
+            .padding(.vertical, 12)
        }
-        .frame(maxWidth: .infinity, alignment: .leading)
-        .padding(.horizontal, 12)
+        .frame(maxWidth: .infinity, maxHeight: .infinity, alignment: .topLeading)
    }
 }

@@ -99,11 +103,16 @@ private struct LocationAccessSettings: View {
 struct PermissionStatusList: View {
    let status: [Capability: Bool]
    let refresh: () async -> Void
+    @State private var pendingCapability: Capability?

    var body: some View {
        VStack(alignment: .leading, spacing: 12) {
            ForEach(Capability.allCases, id: \.self) { cap in
-                PermissionRow(capability: cap, status: self.status[cap] ?? false) {
+                PermissionRow(
+                    capability: cap,
+                    status: self.status[cap] ?? false,
+                    isPending: self.pendingCapability == cap)
+                {
                    Task { await self.handle(cap) }
                }
            }
@@ -122,20 +131,43 @@ struct PermissionStatusList: View {

    @MainActor
    private func handle(_ cap: Capability) async {
+        guard self.pendingCapability == nil else { return }
+        self.pendingCapability = cap
+        defer { self.pendingCapability = nil }
+
        _ = await PermissionManager.ensure([cap], interactive: true)
+        await self.refreshStatusTransitions()
+    }
+
+    @MainActor
+    private func refreshStatusTransitions() async {
        await self.refresh()
+
+        // TCC and notification settings can settle after the prompt closes or when the app regains focus.
+        for delay in [300_000_000, 900_000_000, 1_800_000_000] {
+            try? await Task.sleep(nanoseconds: UInt64(delay))
+            await self.refresh()
+        }
    }
 }

 struct PermissionRow: View {
    let capability: Capability
    let status: Bool
+    let isPending: Bool
    let compact: Bool
    let action: () -> Void

-    init(capability: Capability, status: Bool, compact: Bool = false, action: @escaping () -> Void) {
+    init(
+        capability: Capability,
+        status: Bool,
+        isPending: Bool = false,
+        compact: Bool = false,
+        action: @escaping () -> Void)
+    {
        self.capability = capability
        self.status = status
+        self.isPending = isPending
        self.compact = compact
        self.action = action
    }
@@ -150,17 +182,49 @@ struct PermissionRow: View {
            }
            VStack(alignment: .leading, spacing: 2) {
                Text(self.title).font(.body.weight(.semibold))
-                Text(self.subtitle).font(.caption).foregroundStyle(.secondary)
+                Text(self.subtitle)
+                    .font(.caption)
+                    .foregroundStyle(.secondary)
+                    .fixedSize(horizontal: false, vertical: true)
            }
-            Spacer()
-            if self.status {
-                Label("Granted", systemImage: "checkmark.circle.fill")
-                    .foregroundStyle(.green)
-            } else {
-                Button("Grant") { self.action() }
-                    .buttonStyle(.bordered)
+            .frame(maxWidth: .infinity, alignment: .leading)
+            .layoutPriority(1)
+            VStack(alignment: .trailing, spacing: 4) {
+                if self.status {
+                    Label("Granted", systemImage: "checkmark.circle.fill")
+                        .labelStyle(.iconOnly)
+                        .foregroundStyle(.green)
+                        .font(.title3)
+                        .help("Granted")
+                } else if self.isPending {
+                    ProgressView()
+                        .controlSize(.small)
+                        .frame(width: 78)
+                } else {
+                    Button("Grant") { self.action() }
+                        .buttonStyle(.bordered)
+                        .controlSize(self.compact ? .small : .regular)
+                        .frame(minWidth: self.compact ? 68 : 78, alignment: .trailing)
+                }
+
+                if self.status {
+                    Text("Granted")
+                        .font(.caption.weight(.medium))
+                        .foregroundStyle(.green)
+                } else if self.isPending {
+                    Text("Checking…")
+                        .font(.caption)
+                        .foregroundStyle(.secondary)
+                } else {
+                    Text("Request access")
+                        .font(.caption)
+                        .foregroundStyle(.secondary)
+                }
            }
+            .frame(minWidth: self.compact ? 86 : 104, alignment: .trailing)
        }
+        .frame(maxWidth: .infinity, alignment: .leading)
+        .fixedSize(horizontal: false, vertical: true)
        .padding(.vertical, self.compact ? 4 : 6)
    }

--- a/apps/macos/Sources/OpenClaw/PortGuardian.swift
+++ b/apps/macos/Sources/OpenClaw/PortGuardian.swift
@@ -15,7 +15,7 @@ actor PortGuardian {
        let timestamp: TimeInterval
    }

-    struct Descriptor: Sendable {
+    struct Descriptor {
        let pid: Int32
        let command: String
        let executablePath: String?
--- a/apps/macos/Sources/OpenClaw/Resources/Info.plist
+++ b/apps/macos/Sources/OpenClaw/Resources/Info.plist
@@ -15,9 +15,9 @@
    <key>CFBundlePackageType</key>
    <string>APPL</string>
    <key>CFBundleShortVersionString</key>
-    <string>2026.3.7</string>
+    <string>2026.3.8</string>
    <key>CFBundleVersion</key>
-    <string>202603070</string>
+    <string>202603080</string>
    <key>CFBundleIconFile</key>
    <string>OpenClaw</string>
    <key>CFBundleURLTypes</key>
--- a/apps/macos/Sources/OpenClaw/SessionMenuPreviewView.swift
+++ b/apps/macos/Sources/OpenClaw/SessionMenuPreviewView.swift
@@ -4,13 +4,13 @@ import OpenClawProtocol
 import OSLog
 import SwiftUI

-struct SessionPreviewItem: Identifiable, Sendable {
+struct SessionPreviewItem: Identifiable {
    let id: String
    let role: PreviewRole
    let text: String
 }

-enum PreviewRole: String, Sendable {
+enum PreviewRole: String {
    case user
    case assistant
    case tool
@@ -114,7 +114,7 @@ extension SessionPreviewCache {
 }
 #endif

-struct SessionMenuPreviewSnapshot: Sendable {
+struct SessionMenuPreviewSnapshot {
    let items: [SessionPreviewItem]
    let status: SessionMenuPreviewView.LoadStatus
 }
--- a/apps/macos/Sources/OpenClaw/SettingsRootView.swift
+++ b/apps/macos/Sources/OpenClaw/SettingsRootView.swift
@@ -1,3 +1,4 @@
+import AppKit
 import Observation
 import SwiftUI

@@ -98,6 +99,10 @@ struct SettingsRootView: View {
        .onChange(of: self.selectedTab) { _, newValue in
            self.updatePermissionMonitoring(for: newValue)
        }
+        .onReceive(NotificationCenter.default.publisher(for: NSApplication.didBecomeActiveNotification)) { _ in
+            guard self.selectedTab == .permissions else { return }
+            Task { await self.refreshPerms() }
+        }
        .onDisappear { self.stopPermissionMonitoring() }
        .task {
            guard !self.isPreview else { return }
--- a/apps/macos/Sources/OpenClaw/TalkAudioPlayer.swift
+++ b/apps/macos/Sources/OpenClaw/TalkAudioPlayer.swift
@@ -152,7 +152,7 @@ final class TalkAudioPlayer: NSObject, @preconcurrency AVAudioPlayerDelegate {
    }
 }

-struct TalkPlaybackResult: Sendable {
+struct TalkPlaybackResult {
    let finished: Bool
    let interruptedAt: Double?
 }
--- a/Show More
+++ b/Show More