If you’re running OpenClaw below version 2026.3.22, stop what you’re doing and upgrade. A newly disclosed high-severity vulnerability — CVE-2026-35650 — allows attackers to bypass the shared host environment policy through inconsistent sanitization of environment variable override keys. The fix landed in v2026.3.22. If you’re not there yet, you’re exposed. What the Vulnerability Does OpenClaw lets operators configure a shared host environment policy that controls which environment variables agents can read, write, or inherit. This is a critical security boundary, especially in multi-tenant or enterprise deployments where different agents may run with different permission scopes. ...

The question has been everywhere in DMs, group chats, and comment sections for weeks: did Anthropic just kill OpenClaw with Claude Code Channels? It’s a fair ask. Channels dropped recently. Anthropic also temporarily banned the OpenClaw harness from running on their subscriptions. Suddenly, the community started questioning everything. Dheeraj Sharma and the team at AI Maker decided to stop speculating and actually run both tools live. They scored them across eight categories with real deployments, not synthetic benchmarks. The verdict? No, Anthropic didn’t kill OpenClaw. But the gap is closing faster than most people expected — and the actual decision between these two tools is more nuanced than the tribal debates suggest. ...

On April 4, 2026, Anthropic quietly rolled out an OAuth authentication change that broke a significant number of OpenClaw deployments overnight. No breaking change notice in the standard channels. No deprecation warning. Agents just stopped working. OpenClaw GitHub issue #19938 lit up within hours, and the community has been piecing together fixes ever since. This guide walks you through diagnosing the auth gap and getting your OpenClaw agent back online in under 20 minutes. ...

Microsoft is done pretending that copilots are good enough. The company is assembling a dedicated engineering team with one clear mandate: integrate OpenClaw — the open-source autonomous agent framework — directly into M365 Copilot. The earliest preview is expected to debut at Microsoft Build 2026 in June, and if the framing holds, it represents the clearest signal yet that the “chatbot era” of enterprise AI is ending. From RAG to Real Autonomy Right now, M365 Copilot is a very sophisticated search engine. It retrieves documents, summarizes them, drafts emails. Those are genuinely useful things. But the architecture underlying all of it is Retrieval-Augmented Generation — a model that finds and reports, not one that acts. ...

Anthropic published one of its more technically substantive engineering blog posts this week: a deep dive into Claude Managed Agents, their hosted service for running long-horizon AI agents. The core thesis is elegant and directly relevant to anyone building production agent systems today. The Brain/Hands Problem The central challenge Anthropic addresses is one that every serious agentic AI practitioner has run into: your harness — the loop of code that calls Claude, handles tool results, manages context, and decides when to stop — encodes assumptions about what the model can and can’t do. The problem? Those assumptions go stale as models improve. ...

Enterprise AI teams have a sprawl problem. As organizations ship more and more AI agents — for customer support, data pipelines, code review, compliance checks, you name it — the question of what agents exist and who controls them is becoming a genuine operational headache. AWS moved to address this head-on with the launch of AWS Agent Registry, now in preview inside Amazon Bedrock AgentCore. The Problem It Solves The AWS announcement describes the situation with unusual directness for a cloud provider: without a centralized registry, “agent sprawl accelerates, compliance risks grow, and development effort is wasted on duplicate work.” Three teams might independently build the same data-fetching agent. A security incident with one agent is invisible to the platform team managing others. New hires can’t discover what already exists. ...

OpenClaw v2026.4.10 ships with a new Active Memory plugin that fundamentally changes how your agent handles context and recall. Instead of relying on you to manually tell it what to remember, the plugin runs a background memory sub-agent that automatically pulls in relevant history before each reply. This guide walks you through installation, configuration, and the key things to know before you turn it on. Prerequisites OpenClaw v2026.4.10 or later (check with openclaw --version) An existing OpenClaw workspace configured Basic familiarity with OpenClaw plugins Step 1: Install the Active Memory Plugin The plugin ships as an optional module in v2026.4.10+. To enable it: ...

OpenClaw had a busy Friday. Two releases shipped within hours of each other — first a genuinely exciting new capability, then a same-day polish pass to smooth the rough edges. If you’re an OpenClaw user, there’s a lot to unpack here. v2026.4.10: Active Memory Plugin The headline feature is the Active Memory plugin — a new optional plugin that gives OpenClaw a dedicated memory sub-agent. Rather than waiting for users to manually say “remember this,” the plugin automatically pulls in relevant preferences, past decisions, and contextual history before each reply. ...

Shopify just made it significantly easier for AI coding agents to interact with live stores. The company released the Shopify AI Toolkit — an open-source (MIT license) plugin and skills system — on April 9, and the implications for agentic e-commerce development are substantial. What the Toolkit Does The Shopify AI Toolkit is a bridge between AI coding agents and the Shopify platform. Once installed, agents like Claude Code, OpenAI Codex, Cursor, Gemini CLI, and VS Code can: ...

If you’ve been running OpenClaw for more than a few weeks, Anthropic’s newly launched Agent Skills will feel instantly familiar — and that’s not a coincidence. Released this week on the Claude platform, Agent Skills are modular capability packages that extend Claude’s functionality across conversations. Each Skill bundles instructions, metadata, and optional resources — scripts, templates, workflows — that Claude loads automatically when relevant to a user’s request. Sound familiar? It should. ...