Summary of "OpenClaw's BIGGEST Update Yet | Here's What Changed"

OpenClaw major update (Feb 17, 2026)

This release introduces major capabilities and security fixes, plus new model support and automation improvements.

OpenClaw can now hold ~1,000,000 tokens (≈750,000 words) in a single conversation context.
- Practical result: import very large documents (hundreds–thousands of pages) and have the agent reference any page directly instead of relying on compressed summaries.
- Example: a 500‑page report can be analyzed without losing details from early pages; this is nearly the scale of most multi‑book series.
Clarified distinction:
- “Memory” = saved user facts (soul.md).
- “Context window” = what the model can see during a single chat.
Notes:
- This feature is opt‑in and increases API/token usage and cost.
- Install/configure via terminal (not via Telegram).
- Recommended deployment pattern: maintain two profiles — one cheap/default for cron/daily tasks and one for deep analysis (large context) to control costs and API load.

OpenClaw supports Sonnet 4.6 (released Feb 17).
- Sonnet 4.6: strong cost/quality balance; much cheaper than Opus while approaching Opus 4.6 quality.
- Guidance:
  - Haiku 4.5 = very cheap, not recommended for serious tasks.
  - Sonnet 4.6 = best cost/quality for many workflows.
  - Opus = highest quality, highest cost — use for critical decisions.
Cost example:
- Five daily cron jobs on Opus ≈ $2–$4/day ($60–$120/month).
- Switching to Sonnet 4.6 yields ≈ $12–$25/month for the same jobs.
Improvements:
- Better “computer use” ability and harder to trick (security improvements).

Subagents:
- Users can explicitly spawn subagents to run tasks concurrently.
- Subagents run in isolated sessions/bubbles (sandboxed), reducing risk from prompt injection and malicious webpages.
- Supports parallel workflows and helps keep the main agent and API keys safe.
Cron jobs:
- Automatic staggering of scheduled jobs to avoid API spikes (jobs spaced by seconds rather than all firing simultaneously).
- Per‑job cost tracking (tokens and dollars) to identify budget hot spots.
- Website whitelisting: restrict agents to a specified set of domains to reduce prompt injection/unsafe browsing.
Integrations:
- Slack native streaming: responses stream live (word‑by‑word) in Slack to show progress and improve team experience.
- iOS share extension: share screen content (e.g., an Instagram ad) directly into OpenClaw for analysis. Android still requires Telegram/Discord (rollout expected later).

Environment injection vulnerability fixed:
- Earlier bug could expose API keys/credentials (gateway tokens, device.json cryptographic keys, memory files).
- Attackers used malware targeting OpenClaw files to steal keys and conversations.
Hudson Rock documented malware specifically designed to steal OpenClaw files.
Recommended actions:
- Update OpenClaw to the latest release (use terminal update commands).
- Remove keys from exposed files and rotate API keys if they were stored in older files.
- Sandbox agents (Docker recommended).
- Apply allowed‑sites and subagent restrictions.
The presenter offers a free “school community” with security docs and update instructions (link in the video description).

Use two profiles:
- One cheap/default for cron jobs and routine tasks.
- One separate profile for deep context work to manage cost.
Enable the 1M token context feature via terminal.
Prefer Sonnet 4.6 for the best value; reserve Opus for highest‑priority tasks.
Stagger cron jobs to prevent API spikes; enable per‑job cost tracking to monitor spend.
Spawn subagents for parallel tasks and run them in isolated sandboxes (Docker recommended).
Update immediately to patch credential‑exposure bugs and rotate keys if needed.