OpenClaw v2026.3.2: Built-in PDF Analysis, STT API, and 4 Breaking Changes

OpenClaw v2026.3.2 dropped on March 3, 2026. 93 contributors. 150+ bug fixes. Two headline features that change what your agents can do out of the box. And four breaking changes you probably want to read before hitting upgrade.

Here's what matters.

What's New

Native PDF Analysis Tool. This is the big one. OpenClaw now ships a first-class, built-in PDF tool. Not a plugin, not a community add-on. It supports both Anthropic and Google as extraction backends, with configurable page limits, file size caps, and fallback policies if extraction fails. Your agents can read, summarize, and pull structured data from PDFs without any extra setup. Think invoice processing, contract review, research digests. If your workflow touches documents, this is probably the feature you've been waiting for.

Speech-to-Text API. Plugins can now call a runtime STT method to transcribe audio files through your configured provider. Until now, OpenClaw had TTS (text-to-speech) but no way back. That gap is closed. Voice-driven workflows just got a lot more realistic.

SecretRef Expansion. The credential reference system now covers 64 targets. If you're running multi-agent setups with shared secrets across tools and integrations, you'll spend less time manually wiring credentials. Honestly, this one sounds boring but saves real headaches at scale.

Other additions include the MiniMax-M2.5-highspeed model in the provider directory, HTTP health check endpoints (/health, /healthz, /ready, /readyz) for container orchestration, and a new Listen-Only Channel Mode (suppressOutbound) for monitoring bots.

Breaking Changes

Four changes that require your attention:

1. Default tools.profile is now "messaging." Previously, new instances got a broad programming toolset by default. Now they default to messaging only. If you rely on the default profile without explicit config, check your setup.
2. ACP scheduling is enabled by default. Agent Communication Protocol scheduling was opt-in. Now it's on unless you turn it off.
3. Plugin SDK rename. registerHttpHandler is now registerHttpRoute, and explicit authentication is required. Plugin developers need to update this.
4. Telegram streaming defaults to "partial" mode. Messages stream in chunks instead of full replacements. Better UX for most users, but test your Telegram integration to be sure.

None of these require data migrations. They're all configuration-level. Manageable, but don't skip them.

Security Fixes Worth Knowing

The release includes 40+ security hardening changes. The two that stand out: Gateway Loopback WebSocket protection (patches an attack vector known as "ClawJacked") and skill workspace symbolic link escape prevention. If you're running a ClawHosters managed instance, these patches apply automatically. Self-hosters need to update and restart manually. Our security hardening guide covers what to review.

What ClawHosters Customers Should Do

Check your tools.profile configuration. If you never set it explicitly, your new instances will now get the "messaging" profile instead of the old broad default. Everything else rolls out through managed updates. If you're not a customer yet, we offer a free trial so you can test v2026.3.2 without the ops overhead.