OpenClaw 5.28: Security Fences Bolted Shut, Video Generation Built Right In - Deep Dive
🩺 Summary
OpenClaw 5.28 quietly shipped, but security hardening + Codex stability fixes + Pixverse video integration are all heavy-hitters
📝 Details
Today OpenClaw pushed V2026.5.28. Four main pillars: security boundary hardening, Codex stability fixes, Pixverse video generation as a first-class citizen, and DeepInfra model catalog refresh.
The most critical are the security fences:
1) Group Prompt metadata no longer leaks into System Prompt
2) Tailscale unauthenticated exposure paths sealed
3) Node/Device-Role approval now requires admin permissions
The Codex fix list is extensive - over twenty fixes including sub-agent cwd/workspace state isolation, correct session lock timeout release, compaction failure recovery, app-server shared state persistence, and Claude Live tool progress visibility.
Pixverse video generation is now a native OpenClaw Provider. /generate video works directly, on the same level as text and image generation. You can orchestrate end-to-end workflows like "research -> write script -> generate video clips -> composite output" within agent flows.
DeepInfra model catalog now auto-fetches the live model list from the DeepInfra API on startup. DeepSeek-V4-Flash, Kimi K2.5, MiniMax-M2.5, NeMo - if DeepInfra supports it, OpenClaw discovers it directly.
ClawHub has reached 52,700+ tools and 12+ million downloads.
If you run Codex sub-agents for development and frequently hit session crashes, or you deploy in production with multi-user Gateway - you must upgrade to 5.28. If you want to embed video generation in agent workflows, this is the release for you.
💬 Comments (0)