OpenClaw v2026.2.15 was released on February 16, 2026. This release introduces Discord Components V2 for native rich interactions, nested sub-agents with configurable spawn depth, LLM hook payloads for extension developers, and a broad set of security fixes. Over 40 contributors made this one happen.
Discord Components V2
Discord's Components V2 API is now fully supported. Buttons, select menus, modals, and attachment-backed file blocks let your agent deliver native interactive prompts without workarounds. CV2 containers, improved button layouts, and a refined exec-approval UX make the experience seamless. Thanks @thewilloftheshadow for driving this effort.
Nested Sub-Agents
Sub-agents can now spawn their own children. Set `agents.defaults.subagents.maxSpawnDepth: 2` to control how deep the chain goes. A `maxChildrenPerAgent` limit (default 5) prevents runaway spawning, depth-aware tool policies keep permissions tight, and announce-chain routing ensures messages reach the right parent. Thanks @tyler6204.
LLM Hook Payloads
Extension authors can now observe what goes into and comes out of the model. The new `llm_input` and `llm_output` hook payloads expose prompt context and model responses, opening the door to logging, guardrails, and analytics plugins. Thanks @SecondThread.
Security Improvements
This release includes significant security hardening across the stack:
- •SHA-256 sandbox hashing replaces deprecated SHA-1 for sandbox config integrity checks.
- •Telegram bot token redaction — tokens are now stripped from error messages and stack traces.
- •Dangerous Docker sandbox configs blocked — bind mounts, host networking, and unconfined seccomp/apparmor profiles are rejected.
- •Session/path redaction — sensitive details removed from status responses for non-admin clients.
- •LINE fails closed when channel token or secret is missing.
- •Skill installer sandboxed — downloads restricted to the per-skill tools directory.
- •Web fetch body cap — response body size is capped before HTML parsing to prevent memory abuse.
- •Stored XSS prevention via assistant name and avatar sanitization.
- •Workspace path sanitization before LLM prompt embedding.
- •Git pre-commit hook hardened against option injection from malicious filenames.
Platform Fixes
- •Telegram: fixed DM thread errors, duplicate messages, streaming glitches, and voice message handling.
- •Discord: session continuity improvements, deduplicated slash commands, role allowlist matching fixes.
- •Memory: Unicode-aware FTS queries with CJK support, timezone-aware memory dates.
- •Group chats: context now injected on every turn, not just the first.
Other Highlights
- •Per-channel ack reaction overrides for Slack, Discord, and Telegram.
- •Cron webhook delivery toggle and auth token support.
- •Browser tool returns explicit non-retry guidance when unavailable.
- •Full contributor list available on the GitHub release page.