- The CLI should connect to the Gateway without `1008` errors. - The `exec` tool should return the actual stdout/stderr of the command (e.g., `exec-ok \n /home/node/.openclaw/workspace`), or at least a clear `SYSTEM_RUN_DENIED` error if blocked by a new security policy.

openclaw - 💡(How to fix) Fix [Bug]: v2026.4.5 Regression: CLI WS Handshake code=1008 & Silent exec failures with full profile [1 comments, 1 participants]

dinegredin · 2026-04-06T20:41:30Z

[openclaw] After upgrading my Docker stack from v2026.4.1 to v2026.4.5 , I encountered two breaking issues: 1. The local openclaw-cli container failed to conne… After upgrading my Docker stack from `v2026.4.1` to `v2026.4.5`, I encountered two breaking issues: 1. The local `openclaw-cli` container failed to connect to `openclaw-gateway` via WebSocket, spamming `code=1008 reason=invalid request frame`. 2. The `exec` tool silently failed for agents. Even with `security: "full"` and `ask: "off"`, commands executed by the agent (like `echo "test"`) returned an empty string `""` instead of the expected output or a permission error. Rolling back to `v2026.4.1` immediately resolved both issues. ### Bug type Regression (worked before, now fails) ### Beta release blocker No ### Summary After upgrading my Docker stack from `v2026.4.1` to `v2026.4.5`, I encountered two breaking issues: 1. The local `openclaw-cli` container failed to connect to `openclaw-gateway` via WebSocket, spamming `code=1008 reason=invalid request frame`. 2. The `exec` tool silently failed for agents. Even with `security: "full"` and `ask: "off"`, commands executed by the agent (like `echo "test"`) returned an empty string `""` instead of the expected output or a permission error. Rolling back to `v2026.4.1` immediately resolved both issues. ### Steps to reproduce 1. Run OpenClaw `v2026.4.5` via `docker-compose` on a Debian VPS. 2. Configure `openclaw.json` with `auth: { mode: "token" }`. 3. Set `tools.exec` to `{ "profile": "full", "security": "full", "ask": "off", "strictInlineEval": false }`. 4. Ask the agent (MiniMax-M2.7) to run a simple command: `echo exec-ok && pwd`. 5. Observe the agent receiving an empty string instead of the command output. 6. Check gateway logs to see the `code=1008` handshake errors from the CLI container. ### Expected behavior - The CLI should connect to the Gateway without `1008` errors. - The `exec` tool should return the actual stdout/stderr of the command (e.g., `exec-ok \n /home/node/.openclaw/workspace`), or at least a clear `SYSTEM_RUN_DENIED` error if blocked by a new security policy. ### Actual behavior 1. The local `openclaw-cli` container failed to connect to `openclaw-gateway` via WebSocket, spamming `code=1008 reason=invalid request frame`. 2. The `exec` tool silently failed for agents. Even with `security: "full"` and `ask: "off"`, commands executed by the agent (like `echo "test"`) returned an empty string `""` instead of the expected output or a permission error. ### OpenClaw version 2026.4.5 ### Operating system Debian 13 (VPS) ### Install method docker compose ### Model Minimax-M2.7 ### Provider / routing chain minimax ### Additional provider/model setup details _No response_ ### Logs, screenshots, and evidence ```shell ### Logs **Gateway Logs (Handshake Error):** [ws] closed before connect conn=f0a1a9d9... remote=127.0.0.1 fwd=n/a origin=n/a host=127.0.0.1:18789 ua=Python/3.11 websockets/10.4 code=1008 reason=invalid request frame ``` ### Impact and severity _No response_ ### Additional information ### Configuration snippet ```json "agents": { "defaults": { "workspace": "/home/node/.openclaw/workspace" } }, "tools": { "profile": "full", "fs": { "workspaceOnly": true }, "exec": { "host": "gateway", "security": "full", "ask": "off", "strictInlineEval": false } } ``` ### Environment - **OS:** Debian 13 (VPS Netcup) - **Installation Method:** Docker Compose - **Version:** `v2026.4.5` (Bugged) / `v2026.4.1` (Stable) - **Model:** `MiniMax-M2.7`

openclaw2026-04-06 20:41:30

ON THIS PAGE

Recommended Tools

×6

Utilities matched from this issue’s tags and category — try them while you read without losing context.

GitHub issue graph ai analysis

Paste a GitHub issue URL. We fetch that issue, discover linked issues from bodies/comments/timeline, collect linked pull requests, and produce a structured English report.

The report is written in English Markdown for sharing and archival.

GitHub issue URL

Helpful · Quick feedback

GitHub stats

openclaw/openclaw#62115•Fetched 2026-04-08 03:08:52

View on GitHub

Comments

Participants

Timeline

Reactions

Author

dinegredin

Participants

dinegredin

Timeline (top)

labeled ×2commented ×1

After upgrading my Docker stack from v2026.4.1 to v2026.4.5, I encountered two breaking issues:

The local openclaw-cli container failed to connect to openclaw-gateway via WebSocket, spamming code=1008 reason=invalid request frame.
The exec tool silently failed for agents. Even with security: "full" and ask: "off", commands executed by the agent (like echo "test") returned an empty string "" instead of the expected output or a permission error.

Rolling back to v2026.4.1 immediately resolved both issues.

Error Message

Gateway Logs (Handshake Error):

[ws] closed before connect conn=f0a1a9d9... remote=127.0.0.1 fwd=n/a origin=n/a host=127.0.0.1:18789 ua=Python/3.11 websockets/10.4 code=1008 reason=invalid request frame

Root Cause

After upgrading my Docker stack from v2026.4.1 to v2026.4.5, I encountered two breaking issues:

The local openclaw-cli container failed to connect to openclaw-gateway via WebSocket, spamming code=1008 reason=invalid request frame.
The exec tool silently failed for agents. Even with security: "full" and ask: "off", commands executed by the agent (like echo "test") returned an empty string "" instead of the expected output or a permission error.

Rolling back to v2026.4.1 immediately resolved both issues.

Code Example

### Logs
**Gateway Logs (Handshake Error):**

[ws] closed before connect conn=f0a1a9d9... remote=127.0.0.1 fwd=n/a origin=n/a host=127.0.0.1:18789 ua=Python/3.11 websockets/10.4 code=1008 reason=invalid request frame

---

"agents": {
    "defaults": {
      "workspace": "/home/node/.openclaw/workspace"
    }
  },
  "tools": {
    "profile": "full",
    "fs": {
      "workspaceOnly": true
    },     
    "exec": {
      "host": "gateway",
      "security": "full",
      "ask": "off",
      "strictInlineEval": false
    }
  }

RAW_BUFFERClick to expand / collapse

Bug type

Regression (worked before, now fails)

Beta release blocker

Summary

After upgrading my Docker stack from v2026.4.1 to v2026.4.5, I encountered two breaking issues:

The local openclaw-cli container failed to connect to openclaw-gateway via WebSocket, spamming code=1008 reason=invalid request frame.
The exec tool silently failed for agents. Even with security: "full" and ask: "off", commands executed by the agent (like echo "test") returned an empty string "" instead of the expected output or a permission error.

Rolling back to v2026.4.1 immediately resolved both issues.

Steps to reproduce

Run OpenClaw v2026.4.5 via docker-compose on a Debian VPS.
Configure openclaw.json with auth: { mode: "token" }.
Set tools.exec to { "profile": "full", "security": "full", "ask": "off", "strictInlineEval": false }.
Ask the agent (MiniMax-M2.7) to run a simple command: echo exec-ok && pwd.
Observe the agent receiving an empty string instead of the command output.
Check gateway logs to see the code=1008 handshake errors from the CLI container.

Expected behavior

The CLI should connect to the Gateway without 1008 errors.
The exec tool should return the actual stdout/stderr of the command (e.g., exec-ok \n /home/node/.openclaw/workspace), or at least a clear SYSTEM_RUN_DENIED error if blocked by a new security policy.

Actual behavior

The local openclaw-cli container failed to connect to openclaw-gateway via WebSocket, spamming code=1008 reason=invalid request frame.
The exec tool silently failed for agents. Even with security: "full" and ask: "off", commands executed by the agent (like echo "test") returned an empty string "" instead of the expected output or a permission error.

OpenClaw version

2026.4.5

Operating system

Debian 13 (VPS)

Install method

docker compose

Model

Minimax-M2.7

Provider / routing chain

minimax

Additional provider/model setup details

No response

Logs, screenshots, and evidence

### Logs
**Gateway Logs (Handshake Error):**

[ws] closed before connect conn=f0a1a9d9... remote=127.0.0.1 fwd=n/a origin=n/a host=127.0.0.1:18789 ua=Python/3.11 websockets/10.4 code=1008 reason=invalid request frame

Impact and severity

No response

Additional information

Configuration snippet

  "agents": {
    "defaults": {
      "workspace": "/home/node/.openclaw/workspace"
    }
  },
  "tools": {
    "profile": "full",
    "fs": {
      "workspaceOnly": true
    },     
    "exec": {
      "host": "gateway",
      "security": "full",
      "ask": "off",
      "strictInlineEval": false
    }
  }

Environment

OS: Debian 13 (VPS Netcup)
Installation Method: Docker Compose
Version: v2026.4.5 (Bugged) / v2026.4.1 (Stable)
Model: MiniMax-M2.7

extent analysis

TL;DR

Downgrade to OpenClaw version v2026.4.1 to resolve the WebSocket connection and exec tool issues.

Guidance

Verify that the openclaw-cli container is correctly configured to connect to the openclaw-gateway via WebSocket in the v2026.4.5 version.
Check the openclaw.json configuration file for any changes or updates required for the v2026.4.5 version, specifically in the tools.exec and agents sections.
Test the exec tool with different security settings, such as setting security to "relaxed" or "disabled", to see if it resolves the issue.
Review the Gateway logs for any other error messages or clues that might indicate the root cause of the code=1008 handshake errors.

Example

No code snippet is provided as the issue seems to be related to a version-specific bug rather than a code error.

Notes

The issue seems to be specific to the v2026.4.5 version of OpenClaw, and downgrading to v2026.4.1 resolves the issues. However, it is recommended to investigate the changes made in the v2026.4.5 version to understand the root cause of the problem.

Recommendation

Apply workaround: Downgrade to v2026.4.1 until a fixed version is released, as it immediately resolves both issues.

Vote matrix · Quick signals

Works

Did the solution work? Tap to confirm.

Easy Fix

Was it a quick fix?

Time Saver

Did it save you time?

Blocking

Was it severely blocking?

Common Issue

Are others likely hitting this too?

Flaky / Intermittent

Is it intermittent?

Verified / Reproducible

Can you reproduce it reliably?

FAQ

Expected behavior

The CLI should connect to the Gateway without 1008 errors.
The exec tool should return the actual stdout/stderr of the command (e.g., exec-ok \n /home/node/.openclaw/workspace), or at least a clear SYSTEM_RUN_DENIED error if blocked by a new security policy.

#installation #environment setup #docker error #permission error #memory optimization

Still need to ship something?

×6

Another batch ranked right after the header list — different links, same matching logic.

openclaw - 💡(How to fix) Fix [Bug]: v2026.4.5 Regression: CLI WS Handshake code=1008 & Silent exec failures with full profile [1 comments, 1 participants]

Recommended Tools

GitHub issue graph ai analysis

Error Message

Root Cause

Code Example

Bug type

Beta release blocker

Summary

Steps to reproduce

Expected behavior

Actual behavior

OpenClaw version

Operating system

Install method

Model

Provider / routing chain

Additional provider/model setup details

Logs, screenshots, and evidence

Impact and severity

Additional information

Configuration snippet

Environment

extent analysis

TL;DR

Guidance

Example

Notes

Recommendation

FAQ

Expected behavior

Still need to ship something?

RELATED_DISCOVERY

TRENDING