OpenClaw 2026.4.10 Makes Codex a First-Class Provider, Adds Active Memory Plugin and Security Hardening

OpenClaw 2026.4.10, released April 10, treats Codex as a first-class native provider instead of routing it through the regular OpenAI compatibility path. The change gives codex/* models their own auth flow, native threads, model discovery, and optimized compaction, according to OpenClaw Playbook’s analysis.

Before this release, Codex-powered workflows passed through a compatibility layer that created friction points: auth mismatches, unpredictable thread handling, and compaction behavior that did not account for Codex-specific patterns. For agents bouncing between chat, coding, and execution in a single session, those seams produced mysterious failures. Native provider treatment eliminates that class of bug.

Active Memory: Context Before You Ask

The release introduces an optional Active Memory plugin that runs a dedicated memory sub-agent before the main reply. Instead of waiting for users to explicitly search memory or say “remember this,” Active Memory proactively pulls in relevant preferences, prior decisions, and ongoing context.

As OpenClaw Playbook noted, one of the classic failure modes for agents is not ignorance but friction: “The system technically knows how to search memory, but only if the user asks the right way, at the right time, with the right wording.” Active Memory addresses that by making retrieval automatic rather than user-initiated.

Local Speech and Operator Controls

Talk Mode gains an experimental local MLX speech provider on macOS, including explicit provider selection, local utterance playback, and interruption handling with fallback to system voice. A new openclaw exec-policy command gives operators a cleaner interface for inspecting and synchronizing tool execution policies with local approvals.

Security Hardening

The release tightens security across browser navigation, sandbox escape prevention, tool boundary validation, and startup integrity checks. The GitHub releases page shows the full changelog, which includes dozens of fixes spanning browser isolation, sandbox behavior, and credential handling in agent workflows.

Why Native Provider Treatment Matters

The Codex change reflects a broader pattern in agent platforms: as model providers multiply, treating each one as a compatibility-layer add-on creates compounding operational debt. Native provider integration (dedicated auth, threading, compaction) is becoming table stakes for frameworks that want reliable multi-model agent workflows. OpenClaw is not the first to recognize this, but 2026.4.10 is the release that formalizes the approach.