Aggressive plan faces setbacks, OpenClaw version upgrade "fails"

On March 24, Beijing time, the highly popular “lobster” OpenClaw underwent its largest update since its inception, including a complete reconstruction of the plugin system, model upgrades, security enhancements, sandbox architecture upgrades, and ecosystem integration.

The new version is positioned as a cross-platform personal AI assistant, with key updates involving adjustments to the underlying architecture, including prioritizing the installation of OpenClaw plugins from ClawHub (the official dedicated plugin market for OpenClaw) rather than npm (the standard Node.js official package manager); the old plugin system has been removed, and a brand new plugin development toolkit is being used.

npm is a public infrastructure shared by JavaScript developers worldwide, allowing free downloads and uploads of code plugins, becoming a public repository where global programmers can share code modules. However, this feature is also accompanied by issues such as malicious plugins being uploaded indiscriminately, lack of review or control, and ease of poisoning. This is a major reason why OpenClaw has abandoned npm in favor of ClawHub.

However, this radical reconstruction aimed at “unifying security and ecology” has directly turned into a serious “upgrade incident.” Due to OpenClaw’s forced migration of the plugin ecosystem from public npm to the official ClawHub, traffic surged instantly, causing the new version to report errors across the board, specifically including missing dist/control-ui directory, plugin system crashes, failures in configurations for domestic models like MiniMax, Windows sandbox permission errors, and other issues.

Developers have reported that this is a terrible update, as all plugin skills must now be uploaded to ClawHub to be used, and many commonly used plugins have not been synchronized to ClawHub, with rate limiting occurring after request numbers increase. Another developer indicated that the new version causes the WhatsApp plugin to fail, and after the upgrade, the channel stopped functioning, requiring a rollback.

In response to the abnormal access issues with ClawHub, OpenClaw developer Peter Steinberger stated that the rate limiting rules were set too strictly to fend off frequent cyberattacks. They will adjust the rate limiting policy in the future to ease restrictions and restore normal access.

This also reveals the reason behind this upgrade “failure”: a large number of users flooded into ClawHub to find new plugins and resolve old plugin issues after the upgrade, compounded by possible malicious traffic attacks, which triggered ClawHub’s rate limiting mechanism, further exacerbating the collapse of user experience: old plugins cannot be used, and new plugins cannot be downloaded.

The background of this OpenClaw upgrade is the growing industry concern over the security issues of the “lobster series.” On March 22, the National Internet Emergency Center and the China Cybersecurity Association jointly released the OpenClaw Security Usage Practice Guide, aimed at ordinary users, enterprise users, cloud service providers, and technical developers, proposing security protection recommendations.

In addition to the plugin ecosystem, OpenClaw is also reinforcing its sandbox, implementing multiple security fixes for execution environments and network requests, strengthening permission control of Discord Slash Commands, and restricting SMB credential handshakes on Windows to prevent local media inputs from triggering malicious network authentication.

Overall, the new version of OpenClaw is developer and security-oriented, but the imbalance between security, usability, and user experience indicates that the migration of user-facing ecosystems and engineering implementation still requires more detailed refinement, and radical architectural adjustments need to be accompanied by adequate compatibility plans, traffic testing, and user transition strategies.

Source: CCTV News

Duty Editor: Su Xiao