Back to all articles

OpenClaw 2026.3.12: Dashboard V2, GPT-5.4 Fast Mode, and Security Hardening

The OpenClaw 2026.3.12 release has arrived, bringing a massive refresh to the control surface, enhanced performance for flagship models, and a significant suite of security improvements. This update focuses on making the gateway more modular and secure while providing developers with more granular control over model performance.

Here’s a deep dive into the most significant changes in this version.

The All-New Dashboard V2

The headline feature of 2026.3.12 is the complete overhaul of the Control UI. Dashboard-v2 introduces a modular architecture designed for high-performance agent management:

  • Modular Overview: A fresh layout with dedicated views for Chat, Config, Agents, and Sessions.
  • Command Palette: Navigate the entire gateway interface instantly with a new global command palette.
  • Mobile Optimizations: Bottom tabs and refined touch areas make managing your agents on the go much smoother.
  • Richer Chat Tools: New support for slash commands, advanced message search, export functionality, and pinned messages.

Flagship "Fast Mode" Support

Performance tuning takes a step forward with natively integrated "fast mode" toggles for leading models:

  • OpenAI/GPT-5.4 Fast Mode: Adds configurable session-level fast toggles natively across /fast, TUI, and the Control UI. The update also includes smarter request shaping for OpenAI/Codex.
  • Anthropic/Claude Fast Mode: The shared /fast toggle now maps directly to Anthropic API service_tier requests, ensuring you get the priority and speed required for real-time tasks.

This pairs perfectly with the memory optimizations introduced in the OpenClaw ContextEngine v2026.3.7 Update.

Provider-Plugin Architecture

OpenClaw is becoming more modular at its core. In 2026.3.12, Ollama, vLLM, and SGLang have been moved onto a unified provider-plugin architecture.

This shift allows for:

  • Provider-owned Onboarding: Discovery and setup are now handled by the specific plugin.
  • Custom Hooks: Post-selection hooks allow for deeper integration without bloating the core engine.
  • Improved Discovery: The model picker setup is now more reliable for locally-hosted models.

For more on local setups, see our OpenClaw 2026.3.11 release notes.

Critical Security Hardening

Security remains a top priority, and this release patches several high-priority vulnerabilities and potential exploits:

  • Invisible Unicode Mitigation: Approval prompts now escape invisible Unicode format characters (GHSA-pcqg-f7rg-xfvv), preventing attackers from spoofing commands during manual review.
  • Workspace Boundary Enforcement: External agent callers can no longer override the gateway workspace boundary (GHSA-2rqg-gjgv-84jm).
  • Plugin Auto-load: Implicit workspace plugin auto-loading is now disabled (GHSA-99qw-6mr3-36qr), requiring an explicit trust decision before executing code in cloned repositories.
  • Pairing Security: QR setup and device pairing now use short-lived bootstrap tokens instead of embedding persistent credentials.

We strongly recommend reviewing our OpenClaw Security Best Practices to ensure your installation is fully hardened.

Quality of Life & Bug Fixes

Beyond the major features, 2026.3.12 includes dozens of refinements:

  • Kubernetes Ready: Added a starter K8s install path with raw manifests and Kind setup documentation.
  • Slack Block Kit: Agents can now deliver rich channelData.slack.blocks messages directly.
  • Subagent Orchestration: New sessions_yield functionality allows orchestrators to skip queued work and carry follow-up payloads across turns.
  • Windows Updates: Improvements to the native update path, ensuring openclaw update handles git and node environments more robustly on Windows.

OpenClaw 2026.3.12 is a mandatory upgrade for anyone using the Control UI or running agents in sensitive environments. You can pull the latest version from the official GitHub repository.

By CompareClaw TeamUpdated Mar 2026