Bug type

Behavior bug (incorrect output/state without crash)

Beta release blocker

No

Summary

OpenClaw version

OpenClaw 2026.4.5 (3e72c03)

What I’m trying to do

Use image_generate with a local OpenAI-compatible image endpoint (LocalAI) on LAN:

• Text model: vLLM (http://192.168.1.15:8000/v1)
• Image model: LocalAI (http://192.168.1.15:8082/v1)

Config (relevant parts)

json5 { "models": { "mode": "merge", "providers": { "vllm": { "baseUrl": "http://192.168.1.15:8000/v1", "api": "openai-completions", "apiKey": "vllm-local", "models": [{ "id": "unsloth/Qwen3.5-35B-A3B-GGUF:UD-Q4_K_XL" }] }, "openai": { "baseUrl": "http://192.168.1.15:8082/v1", "api": "openai-completions", "apiKey": "local-noauth", "models": [{ "id": "flux2-klein" }] } } }, "agents": { "defaults": { "model": { "primary": "vllm/unsloth/Qwen3.5-35B-A3B-GGUF:UD-Q4_K_XL" }, "imageGenerationModel": { "primary": "openai/flux2-klein" } } }, "browser": { "ssrfPolicy": { "dangerouslyAllowPrivateNetwork": true } } }

Steps to reproduce

Repro steps

1. Configure openai provider baseUrl to LocalAI LAN endpoint (http://192.168.1.15:8082/v1)
2. Set agents.defaults.imageGenerationModel.primary to openai/flux2-klein
3. Run image_generate with a simple prompt

Expected

OpenClaw should call the configured local endpoint and generate an image.

Actual

Tool fails with SSRF block on private IP: text [security] blocked URL fetch (url-fetch) target=http://192.168.1.15:8082/v1/images/generations reason=Blocked hostname or private/internal/special-use IP address [tools] image_generate failed: Blocked hostname or private/internal/special-use IP address raw_params={"prompt":"A simple, clean illustration of a red apple with a green leaf"}

Additional context

• Direct call to LocalAI works:
• GET /v1/models returns: {"object":"list","data":[{"id":"flux2-klein","object":"model"}]}
• POST /v1/images/generations succeeds manually
• So this appears to be OpenClaw-side SSRF handling in image_generate path.

Expected behavior

When imageGenerationModel is set to an OpenAI-compatible local endpoint (LocalAI at http://192.168.1.15:8082/v1), image_generate should call /v1/images/generations successfully and return a generated image. Private/LAN endpoint usage should work in this local setup (especially with browser.ssrfPolicy.dangerouslyAllowPrivateNetwork=true).

Actual behavior

image_generate fails before generation with SSRF/private-network blocking.

Log: [security] blocked URL fetch (url-fetch) target=http://192.168.1.15:8082/v1/images/generations reason=Blocked hostname or private/internal/special-use IP address [tools] image_generate failed: Blocked hostname or private/internal/special-use IP address

OpenClaw version

2026.4.5 (3e72c03)

Operating system

Ubuntu 26.04

Install method

Installer inside a VM

Model

flux2-klein

Provider / routing chain

openclaw -> localAI -> flux2-klein (All LAN, no proxies)

Additional provider/model setup details

No response

Logs, screenshots, and evidence

Impact and severity

Blocks all local image generation via image_generate when the endpoint is on private/LAN IP (e.g., LocalAI at 192.168.x.x), even though the endpoint is valid and reachable. This prevents local/self-hosted image workflows and forces users to use public/cloud endpoints as a workaround.

High (functional blocker for local image-generation setups).

Reason:

• Core feature (image_generate) is unusable for a common self-hosted deployment pattern.
• Affects local-first users directly.
• Reliable workaround requires architecture changes (public proxy/tunnel), not just normal config tweaks.

Additional information

No response