OpenClaw 2026.3.2 Release: Production Secrets, PDF Tool, and Safer Defaults
What Changed in OpenClaw 2026.3.2
OpenClaw 2026.3.2 is a feature release focused on security, tooling, and developer experience. The update makes several practical improvements to how agents handle sensitive data, process documents, and operate safely by default.
Key Features and Changes
Production-Grade Secrets System
- SecretRef support now covers 64 credential targets including Stripe, Slack, and GitHub
- Unresolved secret references now fail fast instead of breaking mid-run
- New workflow:
openclaw secrets audit→ fix →openclaw secrets reloadwithout restarting the gateway
First-Class PDF Tool
- Native support for Anthropic and Google models
- Extraction fallback for other models
- Configurable page and size limits
- Built-in routing and validation
Practical applications mentioned: summarizing contracts by party, comparing research paper methodologies, and creating structured response outlines from RFPs.
Unified Outbound Adapter
- Discord, Slack, WhatsApp, Zalo, and Telegram now share a single
sendPayloadadapter - Telegram streaming defaults to "partial" instead of "off" for new setups
- Live typing previews work out of the box with zero configuration
Safer Defaults for New Installs
- New installations default
tools.profileto "messaging" — no filesystem or shell access unless explicitly opted in - ACP dispatch enabled by default
- Plugin HTTP routes now require explicit authentication
For Plugin/Skill Builders
session_startandsession_endhooks now includesessionKey- New hook events:
message:transcribedandmessage:preprocessed api.runtime.stt.transcribeAudioFile(...)— transcribe local audio through configured providerschannelRuntimeexposed onChannelGatewayContext— build new channels without internal imports
Other Notable Updates
openclaw config validate --json— lint configuration before startup- MiniMax-M2.5-highspeed is now first-class — cheaper fast model option for rote tasks
- Ollama embeddings work for memory search — long-term memory can stay fully local
- Diff tool can export as PDF with quality/scale controls
The release addresses common pain points for developers integrating OpenClaw into production workflows, particularly around credential management and document processing.
📖 Read the full source: r/openclaw
👀 See Also
OpenClaw v2026.3.11-beta.1 released with free AI models, cron breaking change
OpenClaw v2026.3.11-beta.1 introduces two free AI models on OpenRouter with 1M context windows, fixes Kimi coding tool calls, adds OpenCode provider support, and includes a breaking change for cron job notifications.
Claude Code System Prompt Assembly and Structure Revealed
A source map leak in Claude Code's npm package exposed the system prompt assembly flow, showing static prefix sections followed by dynamic session-specific content, with three identity variants and detailed execution guidelines.
Claude-Code v2.1.84 adds PowerShell tool, environment variables, and multiple fixes
Claude-Code v2.1.84 introduces a PowerShell tool for Windows as an opt-in preview, adds environment variables for model configuration and streaming timeouts, and includes numerous bug fixes and performance improvements.
Local vs Cloud Models: Qwen-3.6-27B, Gemma-4-31B, Claude Haiku, Codex-Spark on Hard Code Gen
A user tested Qwen-3.6-27B (q4_k_m) locally on an RTX 5080 against API-based Gemma-4-31B, Claude Haiku 4.5, and Codex-Spark on a complex code task. Only Codex-Spark produced complete code (but with import errors); all others failed partially. Cost: Gemma used $0.112 for 803k input tokens.