FR-D1: Add least-privilege auth guidance to SECURITY-HARDENING.md
- Agent-scoped keys vs global API key comparison
- Auth hierarchy table (scoped key > global key > session > proxy)
- CLI examples for creating scoped keys
- Monitoring guidance for global key usage
FR-D2: Log security event when global admin API key is used
- Emits 'global_api_key_used' event to audit trail
- Hints toward agent-scoped keys for least-privilege
FR-D3: Add durable spawn history persistence
- New migration 043_spawn_history with indexed table
- spawn-history.ts with recordSpawnStart/Finish, getSpawnHistory,
getSpawnStats functions
- Replaces log-scraping fallback with DB-backed tracking
FR-D4: Document rate-limit backend strategy
- Current in-memory Map approach documented
- Pluggable backend plan for multi-instance (Redis, SQLite WAL)
- Per-agent rate limiter details documented
Also fixes MCP test type annotation (content: string → any).
Zero-dependency TUI using raw ANSI escape codes. Shows:
- System health status with connection indicator
- Agents panel (sorted by status, with last heartbeat)
- Tasks panel (recent tasks with status and assignee)
- Token costs summary (24h)
Keyboard controls:
- r: refresh now
- a: focus agents panel
- t: focus tasks panel
- w: wake first sleeping agent
- q/Esc: quit
Auto-refreshes every 5s (configurable with --refresh flag).
Uses same profile/auth system as CLI and MCP server.
Run with: pnpm mc:tui
- add bounded timeout+retry helper for /api/setup checks
- show actionable setup error state with Retry button
- avoid blank-screen fallback when setup status check fails
- add unit tests for retry helper
Fixes#456
* feat: add system monitor panel with live CPU, memory, disk, and GPU metrics
New btop-inspired monitoring page in the OBSERVE sidebar group.
Polls /api/system-monitor every 2s and renders rolling Recharts area
charts for CPU/memory/GPU and progress bars for disk usage.
* feat: add network I/O monitoring to system monitor panel
Add live network throughput (rx/tx bytes/sec) as a dual area chart.
API returns cumulative byte counters per interface (stateless), frontend
computes rates from deltas between 2s polls. Supports Linux (/proc/net/dev)
and macOS (netstat -ib).
* feat: add top processes list to system monitor
Shows top 8 processes by CPU usage in a compact table with CPU%, Mem%,
and RSS columns. Color-codes high usage values. Uses ps on both Linux
and macOS with fallback for platforms without --sort support.
* fix: normalize process CPU% to 0-100 and filter out ps itself
CPU% from ps is per-core (e.g. 200% on 4 cores), now divided by core
count to show total system percentage. Also filters out the ps command
that briefly appears while collecting process data.
---------
Co-authored-by: Dan <github@bookkept.com.au>
Add ability to hide agents from the dashboard without deleting them.
Hidden agents still receive heartbeats and exist in the DB — they are
purely hidden from the default UI view.
- Migration 042: adds `hidden` column to agents table
- API: POST/DELETE /api/agents/[id]/hide to toggle visibility
- GET /api/agents filters hidden by default, ?show_hidden=true to include
- UI: "Show hidden" toggle in panel header, Hide/Unhide button on cards
Co-authored-by: Dan <github@bookkept.com.au>
Add min-h-0 to the kanban board flex container and its column children
so that overflow-y-auto on column bodies can actually trigger. Without
this, flexbox min-height:auto causes containers to grow unbounded
instead of constraining height and enabling scroll.
Fixes#376
Co-authored-by: Dan <github@bookkept.com.au>
- make /api/spawn compatible with gateway-managed default models
- add regression coverage for gateway dashboard registration
- publish official multi-arch images to Docker Hub when configured
Add awaiting_owner column to task board with keyword-based detection
for tasks requiring human action. Tasks matching keywords like
"waiting for", "needs human", "approval needed" are automatically
placed in a dedicated column with orange styling.
Supersedes #397
Add a CSS-only Dunk It button to task cards with a 4-phase state
machine (idle, success, error, dismissing). Uses inline CSS
transitions for animations with no external dependencies.
Supersedes #373
Dynamically scan workspace-* directories under the openclaw state dir
to discover per-agent skill roots. Display them in the Skills Hub with
agent-specific labels and violet badge styling.
Closes#412
Supersedes #413
Replace style-src nonce directive with unsafe-inline to support
reagraph's runtime <style> injection. Add style-src-elem and
style-src-attr directives for CSP Level 3 compliance. Extend
fitNodesInView retries from 2 to 4 for more reliable canvas sizing.
Closes#414
Supersedes #415
Adds install.ps1 — a PowerShell port of install.sh for Windows users. Supports local and Docker deployment modes with secure credential generation, standalone server setup, and OpenClaw fleet checks. Adds Windows install section to README.
Adds 70 missing translation keys across 3 namespaces (logViewer, pipeline, debug) to messages/en.json. These namespaces are referenced by existing components but were absent, causing raw keys to render.\n\nFixes #416
Fixes#410 — getSkillRoots() in skill-sync.ts was not updated when #408 added workspace support to route.ts, causing the scheduler sync to never populate workspace skills (always showing 0).
- Add `workspace` skill root (~/.openclaw/workspace/skills) for
workspace-local skill discovery alongside the existing 5 roots
- Make group cards clickable to filter the installed skills list by root
- Add `workspace` as valid target for skill creation and registry install
- Add `showAllRoots` i18n key to all 10 locale files
Closes#364
Replace all `runClawdbot(['-c', ...])` invocations with
`callOpenClawGateway()` RPC calls in session control, spawn, and delete
routes. This eliminates the deprecated CLI dependency and uses the
structured gateway protocol instead.
Also add `formatSessionLabel()` helper and `useAgentSessions()` hook to
task-board-panel for better session dropdown display labels.
Closes#401, closes#406
Implements Phase 1 of GNAP (Git-Native Agent Protocol) integration:
- SQLite stays primary, GNAP repo is an optional sync target
- Push task create/update/delete to .gnap/tasks/{id}.json with git commits
- Status/priority mapping between MC and GNAP formats
- Management API at /api/gnap (status, init, manual sync)
- GNAP badge in task board header with click-to-sync
- 15 unit tests covering mapping, init, push, remove, pull, and status
Enable with GNAP_ENABLED=true in .env. Follows the same fire-and-forget
pattern as the existing GitHub sync engine.
Closes#374
Supersedes #389
Always merge both gateway and local (Claude Code, Codex, Hermes) sessions
in the sessions API instead of gating on `include_local`. The conversation
list now renders all sources unconditionally, using each session's `source`
field for display logic rather than the global `dashboardMode`.
- Add `localSessionsAvailable` store flag, set from capabilities `claudeHome`
- Remove `include_local` query param and early-return in sessions API
- Remove source-based filter and `dashboardMode` branching in conversation list
- Show both gateway and local active/recent groups when data exists
* fix(gateway): probe /api/health instead of root URL for health checks (#390)
The server-side gateway health probe was fetching the root URL (/)
which returns HTTP 400 on OpenClaw 2026.3.13 gateways. The gateway
exposes a dedicated /api/health endpoint that returns 200 with status
info.
The WebSocket ping RPC 'unknown method' issue is already handled —
websocket.ts detects the INVALID_REQUEST and falls back to passive
heartbeat mode. The actual bug was this HTTP probe hitting the wrong
endpoint.
Fixes#390
* fix(gateway): ensure gateways table exists before health probe
The gateways table is created lazily by the gateways API (ensureTable).
The health route was querying it directly without CREATE IF NOT EXISTS,
causing SqliteError: no such table: gateways in fresh databases (E2E tests,
Docker first-boot).
Add ensureGatewaysTable() inline to mirror the pattern in route.ts.
* fix: update health-utils test to match /api/health probe path
The test file has its own copy of buildGatewayProbeUrl — update it to
append /api/health instead of / to match the route.ts change.
---------
Co-authored-by: Nyk <0xnykcd@googlemail.com>
* feat: add task session targeting - dispatch tasks to specific agent sessions (#395)
When assigning a task to an agent, users can now optionally select an
existing session to dispatch the task to instead of creating a new one.
Changes:
- task-dispatch.ts: When target_session is set in task metadata, use
gateway chat.send to dispatch to that specific session instead of
creating a new one via call agent
- task-board-panel.tsx: Add session selector dropdown in both Create
and Edit task modals that appears when an agent is selected and has
active sessions
- store/index.ts: Add agent and channel fields to Session interface
Closes#395
* fix(gateway): ensure gateways table exists before health probe
The gateways table is created lazily by the gateways API (ensureTable).
The health route was querying it directly without CREATE IF NOT EXISTS,
causing SqliteError: no such table: gateways in fresh databases (E2E tests,
Docker first-boot).
Add ensureGatewaysTable() inline to mirror the pattern in route.ts.
* fix: reduce server memory footprint across session parsing, caching, and rate limiting
- Stream-parse Claude JSONL session files instead of loading entire files into memory
- Add 50MB file size cap to skip oversized session transcripts
- Add 30s TTL cache to getAllGatewaySessions() to avoid redundant disk reads per scheduler tick
- Cap rate limiter maps at 10,000 entries with oldest-first eviction
- Add request.signal abort listener to SSE route for defense-in-depth cleanup
- Add test for rate limiter maxEntries eviction behavior
* fix: address audit findings across all memory-fix files
claude-sessions.ts:
- Wrap readline loop in try/finally to ensure rl.close() on error paths
- Guard statSync in file loop to handle files deleted between readdir and stat
- Fix variable shadowing: rename inner `now` to `nowSec` to avoid confusion
- Update throttle timestamp on empty scan results (prevents repeated disk scans)
- Skip sidechain-only sessions (zero user+assistant messages)
sessions.ts:
- Decouple `active` flag from cache — compute at read time to prevent stale data
- Remove activeWithinMs from cache key to eliminate cache thrashing between
callers using different windows (Infinity vs default)
- Add invalidateSessionCache() and call it after pruneGatewaySessionsOlderThan
events/route.ts:
- Null out cleanup after first call to prevent double-invoke
- Remove unnecessary `if (request.signal)` guard (always defined on NextRequest)
rate-limit.test.ts:
- Rewrite eviction test with maxRequests=1 to actually prove eviction occurred
- Add assertion that non-evicted entries remain tracked
- Remove duplicate title check from POST /api/tasks (closes#368)\n- Scope recurring tasks duplicate check by project_id\n- Fix task deletion error handling — show errors to user (closes#369)\n- Enable vertical scrolling on Kanban board (closes#376)\n- Refactor nodes route to use RPC via callOpenClawGateway\n- Handle read-only filesystem in gateway config registration\n- Add screenshot-drift CI workflow and guide\n- Docker compose: add host-gateway for reaching host gateway
Switches notification delivery from sessions_send to gateway call agent command. No longer requires session_key — uses agent name (recipient) directly. Timeout increased 10s to 30s.
When memoryAllowedPrefixes is configured, scan only those subdirectories instead of the entire MEMORY_PATH. Falls back to full scan if no prefixes are set.\n\nCloses #366
- Remove unconditional `dangerouslyDisableDeviceAuth = true` from MC
origin registration. MC should only add its origin to allowedOrigins,
not silently downgrade the gateway's device auth security posture.
- Replace invalid `sandbox` value with `allowlist` in security scan
and auto-fix for `tools.exec.security`. Current OpenClaw validates
only: deny, allowlist, full. The old `sandbox` value was rejected.
Closes#357, closes#356
- Move pids limit from service-level `pids_limit` to
`deploy.resources.limits.pids` for Compose v5+ compatibility.
Some Compose versions normalize both into the same field, causing
"can't set distinct values" errors.
- Clear OpenClaw update banner when `/api/openclaw/version` reports
`updateAvailable: false`. Previously the banner could persist after
a successful update because only the `true` path was handled.
Closes#353, closes#351
* fix: show all agents in command select, disable those without active session
Previously the agent select in the OrchestrationBar only listed agents
with a session_key set (agents.filter(a => a.session_key)), causing the
dropdown to appear completely empty when agents exist but none have an
active session. This was confusing — users thought no agents were
registered.
Fix: show all registered agents in the dropdown. Agents without an
active session_key are shown as disabled with a '— no session' suffix
and a tooltip explaining why they can't be messaged. The 'No agents
registered' placeholder is shown only when the agents array is truly
empty.
The send button remains correctly disabled when no valid agent is
selected.
Fixes#321
* test: add gateway health history e2e + utility unit tests
- Add tests/gateway-health-history.spec.ts: Playwright e2e tests for
GET /api/gateways/health/history and POST /api/gateways/health
covering auth guards, response shape validation, chronological
ordering, and gateway name resolution.
- Add src/app/api/gateways/health/health-utils.test.ts: 30 vitest
unit tests for the pure utility functions in the health probe route:
ipv4InCidr, isBlockedUrl (SSRF protection), buildGatewayProbeUrl,
parseGatewayVersion, and hasOpenClaw32ToolsProfileRisk.
All 30 unit tests pass. Covers the health history feature introduced
in feat(gateways): add health history logging and timeline (#300).
* test: add Docker-mode integration tests for gateway connectivity regressions
Covers three post-fix regression scenarios:
- 404 on gateway health (wizard used GET; endpoint is POST-only) — #334
- EROFS / build-phase DB eager init in Docker — #337
- Gateway connect resolves ws_url without OPENCLAW_HOME env var
Adds tests/docker-mode.spec.ts with four describe blocks:
1. Gateway health endpoint contract (POST=200, GET=405, no-auth=401)
2. Lazy DB init on first runtime request (read + write paths)
3. Gateway connect without home env vars
4. Onboarding gateway-link step lifecycle
* fix: show all agents in command select, disable those without active session
Previously the agent select in the OrchestrationBar only listed agents
with a session_key set (agents.filter(a => a.session_key)), causing the
dropdown to appear completely empty when agents exist but none have an
active session. This was confusing — users thought no agents were
registered.
Fix: show all registered agents in the dropdown. Agents without an
active session_key are shown as disabled with a '— no session' suffix
and a tooltip explaining why they can't be messaged. The 'No agents
registered' placeholder is shown only when the agents array is truly
empty.
The send button remains correctly disabled when no valid agent is
selected.
Fixes#321
* test: add gateway health history e2e + utility unit tests
- Add tests/gateway-health-history.spec.ts: Playwright e2e tests for
GET /api/gateways/health/history and POST /api/gateways/health
covering auth guards, response shape validation, chronological
ordering, and gateway name resolution.
- Add src/app/api/gateways/health/health-utils.test.ts: 30 vitest
unit tests for the pure utility functions in the health probe route:
ipv4InCidr, isBlockedUrl (SSRF protection), buildGatewayProbeUrl,
parseGatewayVersion, and hasOpenClaw32ToolsProfileRisk.
All 30 unit tests pass. Covers the health history feature introduced
in feat(gateways): add health history logging and timeline (#300).
The two-step agent → agent.wait pattern used in dispatchAssignedTasks and
runAegisReviews only returns lifecycle metadata (runId, status, timestamps).
The agent's actual response text is only available via --expect-final on the
initial agent call, which blocks until completion and returns the full payload
including result.payloads[0].text.
Without this fix:
- Task resolution is stored as the raw wait JSON instead of the agent's response
- Aegis cannot parse a VERDICT from the resolution, so it always defaults to rejected
- Tasks are permanently stuck in a reject/retry loop and never complete
Fix: replace the two-call pattern with a single --expect-final call in both
dispatchAssignedTasks and runAegisReviews. Also improve sessionId extraction
to use the agentMeta path from the final payload.
Co-authored-by: Tom Watts <tom@techteamup.com>
Previously the agent select in the OrchestrationBar only listed agents
with a session_key set (agents.filter(a => a.session_key)), causing the
dropdown to appear completely empty when agents exist but none have an
active session. This was confusing — users thought no agents were
registered.
Fix: show all registered agents in the dropdown. Agents without an
active session_key are shown as disabled with a '— no session' suffix
and a tooltip explaining why they can't be messaged. The 'No agents
registered' placeholder is shown only when the agents array is truly
empty.
The send button remains correctly disabled when no valid agent is
selected.
Fixes#321
Replace the unhelpful "POST /api/agents with X-Api-Key header" message
with a user-friendly hint explaining that agents are auto-discovered
from Claude, Codex, and Hermes directories, and that gateway mode shows
registered agents.
Adds missing noAgentsHint translation key across all 10 locales.
Closes#321
- Filter out cron jobs with missing/empty schedule before processing,
preventing TypeError on .toLowerCase() (#342)
- Add defensive .localeCompare() guard in sort comparator
- Exclude positive/instructional lines ("No ... warnings detected",
"Run: ...") from doctor issue extraction (#331)
- Strip negated warning phrases before keyword detection so "No channel
security warnings detected" doesn't trigger warning level
- Add 2 tests for the doctor parser fix
Nyk
nyk
danielaustralia1
Lucas Wiessel
Brixyy
Jonathan Gill
HonzysClawdbot
Héctor Arriola
Tom Watts