There was a problem with the OpenClaw upgrade, and the lobster that WeChat was about to get flew away.
For AI manufacturers who have recently tried to capitalize on the popularity of crayfish, the cruelest thing is that before they even have time to celebrate with champagne, OpenClaw pulls the rug out from under them.
On March 22nd, WeChat launched its official crayfish plugin, ClawBot, which caused quite a stir in the developer community.
However, just one day later, OpenClaw suddenly released a new version, 2026.3.22-beta.1.
ClawBot was unable to adapt to the new security audit flow of OpenClaw, resulting in a large number of request errors. Subsequently, ClawBot completely crashed.
Third - party integration solutions such as Feishu and DingTalk also malfunctioned due to incompatible underlying architectures.
Many netizens said, "I should have known better than to upgrade!"
Today, the "Father of Crayfish", Steinberg, posted that when the OpenClaw 3.22 version was released yesterday, a step for publishing web - control UI assets was missed.
So today, the latest version of OpenClaw is 3.23.
After upgrading to version 3.23, OpenClaw integrated with Feishu did not report any errors. It is possible that today's update completed the previously missing UI assets.
However, WeChat's ClawBot still hasn't returned to normal.
01 What has OpenClaw changed?
It all started when OpenClaw completely overhauled its plugin system in this update.
It completely abandoned the original extension API and launched a brand - new SDK.
In the past, plugin development could bypass the rules of the main program and directly access system resources.
However, the new SDK introduced a strict sandbox isolation mechanism. All plugins must communicate through standard interfaces in a restricted operating environment.
The official has clearly designated ClawHub as the preferred (and possibly the only supported) distribution channel. This means that "wild" plugins, such as WeChat's ClawBot, which are privately distributed through GitHub and not adapted to the official architecture, will be directly denied access at the underlying level because they cannot pass the authentication of the new SDK.
In terms of security, which everyone is most concerned about, the new version of OpenClaw no longer trusts the external filtering systems provided by third - party manufacturers. Instead, it has moved the security defense logic to the deepest part of the execution pipeline.
The system has added execution reinforcement and interception for the Windows environment. All input and output are no longer simply filtered as strings but must go through a logical judgment called the "compliance audit flow".
Domestic manufacturers (such as DeepSeek and Zhipu) were used to conducting content review at the front - end when accessing through the API. But now OpenClaw requires the model to provide real - time feedback on the compliance status during the generation process.
If the token output logic of the model itself does not match OpenClaw's audit flow, a large number of Request Errors will be triggered. This also explains why many domestic - developed plugins lost contact after the update.
To solve the long - standing hallucination problem of the Agent, OpenClaw also optimized the context compression mechanism.
It introduced a more intelligent token weight distribution algorithm. Instead of simply discarding old information, it stores the conversation history in a "multi - level memory slot" based on task relevance.
It also optimized the scheduling of the underlying video memory, enabling it to support longer contexts.
However, this high - precision scheduling logic is deeply integrated with GPT - 5.4. For domestic open - source models with weak inference performance or incomplete Tokenizer adaptation, this new mechanism has become a heavy burden, resulting in a serious sense of delay.
02 Do Chinese large - model manufacturers have to follow OpenClaw?
This version update of OpenClaw at the technical level re - emphasizes its dominance in the ecosystem.
For giants like Feishu and WeChat, as dependent parties in the OpenClaw ecosystem, they are in an embarrassing situation where they can only passively follow and adapt.
In the past, large companies often held the power of discourse through their traffic advantages. But in the new order of AI agents, the right to set the rules is clearly not in their hands.
Although the code of OpenClaw is open - source and can be reviewed by global developers, the final interpretation of "how to modify" always lies firmly in the hands of the OpenClaw official.
This centralization tendency in the architecture means that its requirements for the security compliance and architecture adaptation of plugins will only become extremely strict in the future.
Domestic manufacturers are used to quickly accessing through the API, trying to be the first to reap the traffic dividends of agents, but they have ignored security and content review.
However, OpenClaw has moved the security defense logic directly to the deepest part of the execution pipeline. This requirement for endogenous security has made third - party plugins that are used to external filtering systems malfunction.
The deeper crisis lies in the deep binding of the underlying architecture. The high - precision video memory scheduling logic and context compression mechanism newly introduced by OpenClaw are deeply coupled with GPT - 5.4.
For domestic open - source models with a gap in inference performance or incomplete Tokenizer adaptation, this new mechanism is not a help but a heavy burden that causes serious delays.
The ecological exclusivity caused by this technological gap is already emerging. The official has clearly designated ClawHub as the core and possibly the only supported channel. This means that any "wild" plugins that are not adapted to the official architecture and try to bypass the rules through private distribution will be directly rejected at the underlying authentication stage.
This sudden upgrade can instantly cut off all speculative attempts.
If AI model manufacturers are only satisfied with riding on the wave and reaping the benefits without delving deep into the underlying protocols, their products will be extremely vulnerable in the face of the powerful open - source core.
In the future, they either have to fully integrate into OpenClaw's increasingly strict standard system and accept real - time monitoring by its security audit flow, or they will have to watch their integration solutions become unloadable code junk in each version change.
There is no buffer zone in this race. Players who can't keep up with the pace will eventually be excluded from the new ecosystem of this round of AI transformation.
This article is from the WeChat official account "Alphabet AI", written by Liu Yijun, and published by 36Kr with authorization.