Rolling weekly report. New releases append below as detected.
Week label: 2026-W23 First detection: 2026-06-01T05:00:44.771146+00:00
Repo: https://github.com/OpenClaw/openclaw Release: https://github.com/openclaw/openclaw/releases/tag/v2026.5.31-beta.4 Detected: 2026-06-01T05:00:44.771146+00:00 Borrowable ideas: 2
Nothing mission-critical for current Luci setup, but three incremental hardening items worth backporting.
| Feature | OpenClaw Purpose | Luci Relevance | Action |
|---|---|---|---|
| Tool call recovery (#88129, #88136, #88141, #88162, #88182) | Agents resume from interrupted tool calls, stale session bindings, compaction handoffs | mc_pickup workers spawn independent CLI sessions; interrupted tool calls (API timeout, network drop, daemon stale) currently have no recovery path. Worker can hang or emit partial state → zombie MC ticket. Recovery logic would reduce hung-worker incidents. | Yes. Backport session-recovery pattern into mc_pickup worker subprocess wrap (test via network interrupt scenario) |
| Request timeout bounding (provider, OAuth, media, service probes) | Cap lifetimes before they hang a run | Scheduler.py calls Anthropic SDK + provider-profile injection; no explicit timeout per request. Slow provider (GLM API timeout, Kimi latency spike) hangs task runner → blocks tick scheduler heartbeat. Better timeouts = predictable failure + retry. | Yes. Add per-provider request timeout config + fallback to main-loop tick timeout; prevents scheduler cascade. |
| Stale disabled-skill snapshot handling (#79072, #79173) | Plugin/skill loaders handle disabled snapshots, emit recovery guidance | Luci skill-evolver auto-creates/disables skills; stale disabled snapshots (disabled skill re-enabled mid-session, loader caches old disabled state) can silently drop skills. Clearer recovery = better visibility into skill state churn. | Maybe. Audit skill-evolver for snapshot stale risk; low priority (rare in practice). Skip unless skill-evolver audit surfaces a gap. |
Repo: https://github.com/OpenClaw/openclaw Release: https://github.com/openclaw/openclaw/releases/tag/v2026.6.2-alpha.1 Detected: 2026-06-02T05:00:53.630833+00:00 Borrowable ideas: 0
| Feature | Relevance to Luci | Rationale |
|---|---|---|
| Worker recovery from tool interrupts/stale bindings | Passive benefit | mc_pickup spawns background workers; cleaner recovery from stale sessions = fewer silent task failures. Automatic as base improves. |
| Provider request timeout bounds | Passive benefit | scheduler.py injects provider env per runtime_profile; unbounded OAuth/media/polling can stall tasks. Bounds reduce hanging tasks. |
| Skill/plugin loading error clarity | Passive benefit | ~/.claude/skills/ + auto-skill-evolver inherit clearer diagnostics on disabled snapshots, plugin load failures. Better visibility on skill-refresh errors. |
| SQLite-backed plugin install ledger | Passive benefit | Reduces filesystem scanning on restarts; may help skill-evolver detect stale plugin state faster. Secondary. |
| Workboard orchestration primitives | Watch, not adopt yet | New multi-agent coordination surface. If it's an alternative to MC tickets for agent routing, could replace/augment mc_pickup. Needs docs to assess. |
| Skill Workshop proposal review UI | Watch, not adopt yet | Human-driven skill review (propose → approve → ship). auto-skill-evolver already generates proposals; Skill Workshop could streamline the review gate. Not urgent; verify it doesn't duplicate auto-evolver. |
No action required. All three load-bearing improvements are passive base-system gains. Luci's mc_pickup, scheduler, and skill-evolver inherit them automatically. Watch Workboard and Skill Workshop when docs land; they may become relevant for future orchestration redesigns, but not now.
Repo: https://github.com/OpenClaw/openclaw Release: https://github.com/openclaw/openclaw/releases/tag/v2026.6.3-alpha.1 Detected: 2026-06-03T05:00:46.155863+00:00 Borrowable ideas: 3
| Feature | Relevance to MC/Luci | One-liner |
|---|---|---|
| Agent tool-call recovery (#88129, #88136, #88141) | MC workers (mc_pickup) + scheduler task runtimes spawn agents; cleaner binding recovery = fewer orphan sessions | Adopt: add explicit session recovery on network dropout in worker bootstrap |
| Timer/retry bounds for OAuth, polling, media | Scheduler tasks & mc_pickup workers can hang waiting on Anthropic API, GCS media, or Google OAuth; explicit caps prevent stalls | Adopt: cap all external calls in scheduler.py + mc_pickup.py with timeouts; audit claude CLI invocation patterns |
| Provider model metadata caching (OpenRouter, Copilot) | Runtime profile routing (runtime_profile field) picks Anthropic/GLM/Kimi/MiniMax; model catalog + caching tightens cost tracking | Adopt: cache provider models in vault.db (schema new provider_models table), refresh on scheduler heartbeat, use in runtime-profile audit |
| Disabled-snapshot handling for skill loading | Auto-skill-evolver creates skills; stale disabled snapshots = unclear recovery | Skip: auto-skill-evolver is lightweight; not worth the governance overhead yet |
| Skill Workshop proposal flow | Guarded skill creation with review states, versioned proposals, rollback metadata | Skip: auto-skill-evolver auto-triggers on repeat patterns; proposal review is overkill for Luci's use case |
| SQLite state migration (iMessage ledgers, plugin installs) | Mirrors Luci's vault.db strategy; pattern is sound, already in use | Neutral: Luci already uses SQLite for activity_log + scheduled-task state |
If the overhead is trivial:
- Add session-recovery guard to mc_pickup.py worker spawn (catch stale bindings on failed tool calls, re-attach)
- Add timeout caps to scheduler.py task execution (prevent hangs on Anthropic API, GCS, OAuth)
If worth the complexity: - Extend vault.db schema with provider model metadata table; refresh on heartbeat
Otherwise: pattern catalogue only (reference for next reliability crisis).
Repo: https://github.com/OpenClaw/openclaw Release: https://github.com/openclaw/openclaw/releases/tag/v2026.6.4-alpha.1 Detected: 2026-06-04T05:00:40.431690+00:00 Borrowable ideas: 4
| Feature | Relevance | Rationale |
|---|---|---|
| Skill install operator policy + doctor | ✅ Yes | auto-skill-evolver currently installs without gates. Operator policy + doctor checks reduce supply-chain risk (MC-4657 hardening precedent). |
| Telegram admin writeback + DM exec allowlists | ✅ Yes | ccgram owns polling; approval gates + admin checks harden Telegram control plane (Telegram lock critical per CLAUDE.md). |
| Provider runtime fanout | ✅ Yes | scheduler already routes via runtime_profile; bundled aliases + custom fanout reduce model-spawn overhead when dev-loop spawns council (Opus/Sonnet/Gemini/Kimi/GLM in parallel). |
| Session write-lock recovery | ✅ Yes | defensive. mc_pickup dispatcher spawns per-ticket workers; lock-release failures could block ticket dispatch. Low-cost hardening. |
| Streaming text visibility + ACK reconcile | ⚠️ Maybe | MC's SSE broadcaster already streams task output. ACK timing metadata is nice-to-have for debugging UI/state races, not blocking. |
| Prompt cache boundaries | ❓ Defer | Luci/workers don't use caching yet. Worth scanning if cost-optimization becomes priority. |
auto-skill-evolver (model: install-policy enum, doctor checks on skill source)Repo: https://github.com/block/goose Release: https://github.com/aaif-goose/goose/releases/tag/v1.37.0 Detected: 2026-06-04T05:01:26.886354+00:00 Borrowable ideas: 4
| Feature | Luci System | Rationale | Effort |
|---|---|---|---|
| PreToolUse denial hooks (#9304) | dev-loop / scheduler | Luci already blocks Edit/Write/Bash before dev-loop via require-dev-loop.sh. Goose's hook pattern could replace or strengthen that gate. |
Low — inspect goose implementation, backport pattern if cleaner |
| GOOSE_MAX_TOOL_RESPONSE_SIZE (#9256) | context-mode sandbox | Luci's ctx_execute already contains large output, but global limit prevents workers from accidentally flooding context. Forward-compatible with vault.db query results. | Low — add env var to scheduler + MC worker spawn |
| Provider model exposure + ACP system prompt setter (#9475, #9478) | scheduler runtime_profile | Luci dispatches multi-model council (Opus/Sonnet/Codex/Gemini/Kimi/GLM) hardcoded in tasks. Exposing raw models + per-session system-prompt could let scheduler dynamically route by model capability (e.g., "use Opus for council, Sonnet for Tier 1 fix"). | Medium — schema change to task runner, update mc_pickup provider injection |
| Declarative provider system (Perplexity, Alibaba, Databricks, etc.) (#9443, #9254, #9274) | scheduler task routing | Currently scheduler hardcodes provider→env mapping. Goose's declarative shape (name, endpoint, auth-field) could replace scheduler's _apply_provider_profile_env() with a config table, reducing code + enabling new providers without redeploy. |
Medium-to-High — requires task/provider schema migration, test coverage |
review skill + MC tickets, not Goose CLI.Backport PreToolUse denial hooks + MAX_TOOL_RESPONSE_SIZE immediately (both low-risk, high-safety gain).
Defer provider model exposure + declarative system to a follow-up ticket: useful for council dispatch tuning + onboarding new models, but requires schema planning. Not blocking.
Open ticket for auto-skill-evolver to adopt Goose's operator install-policy pattern (2026-06-02 context shows this was already identified as backport candidate from prior release review).
Repo: https://github.com/OpenClaw/openclaw Release: https://github.com/openclaw/openclaw/releases/tag/v2026.6.5-alpha.1 Detected: 2026-06-05T05:00:44.772406+00:00 Borrowable ideas: 4
| Feature | Load-Bearing for Luci |
|---|---|
| Telegram admin writeback + DM approval allowlists | ccgram.service is sole Telegram poller; new role verification + exec approval gates tighten MC ticket approval routing. Check if ccgram enforces these. |
| Durable sends on transcript mirror failure | Currently ccgram fails the entire Telegram send if transcript mirroring (e.g., to audit log) fails. This decouples mirror reliability from send delivery. |
| Custom-provider runtime fanout | scheduler.py injects runtime_profile as env string (anthropic/glm/kimi/minimax); openclaw now routes context-aware. Could replace string-injection with structured dispatch for GLM/Kimi/MiniMax cost control. |
| Policy load-time rejection (corrupt shells, unsupported keys, unsafe exec) | If tighter policy enforcement, MC ticket workers + skill-loader may hit new rejections. Verify no false positives on existing worker spawns. |
Medium priority backport: Telegram safety gates + durable sends. Low priority: custom-provider fanout (forward-looking for cost scaling). Test on ccgram.service next scheduler run and report any admin-role enforcement side effects.
Repo: https://github.com/NousResearch/hermes-agent Release: https://github.com/NousResearch/hermes-agent/releases/tag/v2026.6.5 Detected: 2026-06-06T05:00:47.871315+00:00 Borrowable ideas: 2
| Feature | What | Luci mapping |
|---|---|---|
| Desktop app (Electron) | Native macOS/Linux/Windows, one-click install, self-update, GUI chat | Out of scope. Luci is orchestrator on Hetzner, not user agent. |
| Remote Hermes over OAuth/WS | Desktop connects to remote gateway; thin GUI + heavy backend | Luci already multiplexes runtimes via scheduler env injection (Anthropic/GLM/Kimi). Adding a frontend doesn't pay. Skip. |
| Web admin panel (Channels/MCP/Webhooks) | Browser UI for Telegram/Discord/Slack setup, credential store, hook creation, memory config — no SSH+config.yaml | MC dashboard (port 3001) could expose ccgram Telegram config + scheduler task setup + vault entity config as browser controls instead of file-edit. Incremental polish, low priority. |
| Fuzzy model picker everywhere | CLI/desktop/TUI can filter models by keyword | Scheduler already injects provider env; MC workers inherit. UX only. Skip. |
/undo last N turns |
Session rewind | Dev-loop is explicit council rounds, not turn-undo. Not applicable. |
Admin panel pattern — Marginally. MC's current workflow (edit config files, push, git-sync) works. Hermes's "all admin in browser, no SSH required" is cleaner UX but not a blocker. If Luci ever needs faster onboarding for new messaging channels (e.g., Discord integration), steal the pattern. For now: log as future UX debt, don't act yet.
Credential stripping in subprocess — Good reminder. MC workers (mc_pickup.py) spawn subprocesses; verify none leak API keys in argv or env. Audit: grep -r 'Popen.*api' ~/workspace/mc_pickup.py — low-confidence risk, but worth a check.
@Nous Portal onboarding, /undo (not applicable)Bottom line: No blockers, no urgent feature gaps. Hermes's admin-panel UX is a good idea long-term; park as optional refactor. Credential-stripping audit is a quick win if time allows.
Repo: https://github.com/OpenClaw/openclaw Release: https://github.com/openclaw/openclaw/releases/tag/v2026.6.6-alpha.1 Detected: 2026-06-06T05:01:19.286331+00:00 Borrowable ideas: 3
| Feature | Load-bearing? | Luci Application |
|---|---|---|
Extended-thinking recovery (stream start waits for message_start) |
Yes | Long-running Opus workers in MC tickets + scheduler tasks can recover after prompt-cache expiry or mc_pickup restart without losing session. Currently no recovery on Gateway hiccup. |
| MCP tool result coercion (blocks at materialize, prevent richer content poisoning) | Yes | Luci dispatches Home Assistant, context-mode, Iris PA, and custom MCP tools. A malformed image or non-text block from an MCP tool can poison the session. Auto-coerce to text/safe fallback. |
| Upgrade safety: env-secret masking + cron migration | Maybe | scheduler.py + mc_pickup use env injection for provider keys (ANTHROPIC_API_KEY, GLM_API_KEY, etc.). If a subprocess writes its environ to a log or config, secrets could leak. Audit mc_pickup.py subprocess calls for argv/env leakage (low confidence risk, but worth a once-over). |
| Parallel bundled web_search | No | Luci's research subagents use WebSearch tool directly; no dependency on provider switching. Feature is for operators choosing search backends. |
~/.claude/skills/ with git sync.Adopt extended-thinking recovery + MCP coercion. Both are low-cost, high-value mitigations for existing pain points (worker restart brittleness, MCP tool failures). Audit mc_pickup for secret leakage as a follow-up (quick skim, no active changes needed unless found).