plain juniper
OpenClaw bot is not responding to my messages or questions on Telegram or Webchat, but cron and heartbeat actions still fire. Webchat also doesn’t show what’s going on with the bot. Even if I restart the gateway the same thing happens.
What do I do next?
gleaming talonBOT
sullen locustBOT
OpenClaw bot is not responding to my messages or questions on Telegram or Webcha...
This symptom pattern usually means the Gateway is still running, but inbound messages aren’t triggering an agent turn (or they’re getting gated/blocked), and WebChat is often just not actually connected/authenticated to the Gateway WS.
Next step is: get one pasteable diagnostic + verify channel probes + watch logs while you send a test message.
openclaw --version
openclaw status --all
openclaw gateway status
openclaw channels status --probe
status --all is the best one to share (it redacts tokens).
Run this, then send a DM to your Telegram bot and send a message from WebChat:
openclaw logs --follow
Copy/paste the log lines from when you sent the messages. We’re looking for clues like blocked, unauthorized, skip, pairing/allowlist decisions, webhook/long-poll errors, etc.
If WebChat “doesn’t show what’s going on”, it’s often just WS auth / wrong gateway target.
openclaw dashboard
http://127.0.0.1:18789/.Docs to reference while you grab the outputs:
If you paste those 4 command outputs + the log snippet from a test message, we can usually pinpoint it in one round.
plain juniper
I'm doing to do part 2 to post the long lines, but I'm prevented from doing so?
openclaw logs --follow
14:34:51 [plugins] [unbrowse] Auto-discover: 7 existing skills loaded
14:34:51 [plugins] [token-refresh] Scheduler started (checking every 1min)
14:34:51 [plugins] [unbrowse] Auto-discovery hook active
14:34:51 [plugins] [unbrowse] Plugin registered (16 tools, auto-discover, creds:auto)
🦞 OpenClaw 2026.2.6-3 (85ed6c7) — I can run local, remote, or purely on vibes—results may vary with DNS.
14:34:51 [plugins] [unbrowse] CDP header listener active (Chrome port 9222)
Log file: /tmp/openclaw/openclaw-2026-02-08.log
14:01:18 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool end: runId=727dcb21-1242-4374-aad5-9b64d7ef3d1c tool=memory_search toolCallId=call_00_Y22o9iR3k3CYyo0ekU6M3qek
14:01:23 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool start: runId=727dcb21-1242-4374-aad5-9b64d7ef3d1c tool=unbrowse_skills toolCallId=call_00_vgHlFNN0MwE2ZrdBMIk5EGVJ
14:01:23 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool end: runId=727dcb21-1242-4374-aad5-9b64d7ef3d1c tool=unbrowse_skills toolCallId=call_00_vgHlFNN0MwE2ZrdBMIk5EGVJ
14:01:30 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool start: runId=727dcb21-1242-4374-aad5-9b64d7ef3d1c tool=session_status toolCallId=call_00_XMwQoARzNWnrgat8lnRt2JzX
14:01:30 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool end: runId=727dcb21-1242-4374-aad5-9b64d7ef3d1c tool=session_status toolCallId=call_00_XMwQoARzNWnrgat8lnRt2JzX
14:01:47 debug agent/embedded {"subsystem":"agent/embedded"} embedded run agent end: runId=727dcb21-1242-4374-aad5-9b64d7ef3d1c
14:01:47 debug agent/embedded {"subsystem":"agent/embedded"} embedded run prompt end: runId=727dcb21-1242-4374-aad5-9b64d7ef3d1c sessionId=727dcb21-1242-4374-aad5-9b64d7ef3d1c durationMs=36479
14:01:47 debug diagnostic {"subsystem":"diagnostic"} session state: sessionId=727dcb21-1242-4374-aad5-9b64d7ef3d1c sessionKey=unknown prev=processing new=idle reason="run_completed" queueDepth=0
14:01:47 debug diagnostic {"subsystem":"diagnostic"} run cleared: sessionId=727dcb21-1242-4374-aad5-9b64d7ef3d1c totalActive=1
14:01:47 debug agent/embedded {"subsystem":"agent/embedded"} embedded run done: runId=727dcb21-1242-4374-aad5-9b64d7ef3d1c sessionId=727dcb21-1242-4374-aad5-9b64d7ef3d1c durationMs=36518 aborted=false
14:01:47 debug diagnostic {"subsystem":"diagnostic"} lane task done: lane=cron durationMs=36519 active=0 queued=0
14:01:47 debug diagnostic {"subsystem":"diagnostic"} lane task done: lane=session:agent:main:cron:613fddec-1312-4d3a-9f19-5c40f46e7daa durationMs=36521 active=0 queued=0
14:03:00 debug diagnostic {"subsystem":"diagnostic"} lane enqueue: lane=session:agent:main:cron:4ad93c46-e12e-473b-8609-8fea2566882d queueSize=1
14:03:00 debug diagnostic {"subsystem":"diagnostic"} lane dequeue: lane=session:agent:main:cron:4ad93c46-e12e-473b-8609-8fea2566882d waitMs=2 queueSize=0
14:03:00 debug diagnostic {"subsystem":"diagnostic"} lane enqueue: lane=cron queueSize=1
14:03:00 debug diagnostic {"subsystem":"diagnostic"} lane dequeue: lane=cron waitMs=0 queueSize=0
14:03:00 debug agent/embedded {"subsystem":"agent/embedded"} embedded run start: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea sessionId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea provider=deepseek model=deepseek-reasoner thinking=low messageChannel=telegram
14:03:00 warn agent/embedded {"subsystem":"agent/embedded"} workspace bootstrap file MEMORY.md is 149767 chars (limit 20000); truncating in injected context (sessionKey=agent:main:cron:4ad93c46-e12e-473b-8609-8fea2566882d)
14:03:00 debug diagnostic {"subsystem":"diagnostic"} session state: sessionId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea sessionKey=unknown prev=idle new=processing reason="run_started" queueDepth=0
14:03:00 debug diagnostic {"subsystem":"diagnostic"} run registered: sessionId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea totalActive=2
14:03:00 debug plugins {"subsystem":"plugins"} [hooks] running before_agent_start (1 handlers, sequential)
14:03:00 debug agent/embedded {"subsystem":"agent/embedded"} hooks: prepended context to prompt (1662 chars)
14:03:00 debug agent/embedded {"subsystem":"agent/embedded"} embedded run prompt start: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea sessionId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea
14:03:00 debug agent/embedded {"subsystem":"agent/embedded"} embedded run agent start: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea
14:03:09 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool start: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea tool=memory_search toolCallId=call_00_RD0z748Do7OEpLD3x2q9l5BO
14:03:09 debug memory {"subsystem":"memory"} {"provider":"openai","timeoutMs":60000} memory embeddings: query start
14:03:09 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool end: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea tool=memory_search toolCallId=call_00_RD0z748Do7OEpLD3x2q9l5BO
14:03:16 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool start: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea tool=read toolCallId=call_00_13KNWJodMQySEA6tRKXnsfCV
14:03:16 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool end: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea tool=read toolCallId=call_00_13KNWJodMQySEA6tRKXnsfCV
14:03:21 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool start: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea tool=read toolCallId=call_00_2B07WJ41YLkq5q29XlwMEW5o
14:03:21 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool end: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea tool=read toolCallId=call_00_2B07WJ41YLkq5q29XlwMEW5o
14:03:27 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool start: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea tool=exec toolCallId=call_00_kQDWwSRaJq3NiEhwTfv595PQ
14:03:27 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool end: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea tool=exec toolCallId=call_00_kQDWwSRaJq3NiEhwTfv595PQ
14:03:41 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool start: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea tool=cron toolCallId=call_00_EbMxJkUAPo0hFjQJOpXbEfc1
14:03:41 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool end: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea tool=cron toolCallId=call_00_EbMxJkUAPo0hFjQJOpXbEfc1
14:03:46 debug memory {"subsystem":"memory"} {"files":517,"indexAll":false,"dirtyFiles":1,"batch":false,"concurrency":4} memory sync: indexing session files
sullen locustBOT
I'm doing to do part 2 to post the long lines, but I'm prevented from doing so?
Yeah, that happens a lot on Discord for two reasons:
Best workaround: upload as a text file attachment instead of pasting.
Run on the gateway host:
openclaw status --all > openclaw-status-all.txt
openclaw gateway status > openclaw-gateway-status.txt
openclaw channels status --probe > openclaw-channels-probe.txt
openclaw logs --limit 300 > openclaw-logs-tail.txt
14:03:46 debug memory {"subsystem":"memory"} {"provider":"openai","items":1,"timeoutMs":120000} memory embeddings: batch start
14:04:01 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool start: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea tool=exec toolCallId=call_00_TErIH8YvxDojikImmCm7AarS
14:04:01 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool end: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea tool=exec toolCallId=call_00_TErIH8YvxDojikImmCm7AarS
14:04:06 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool start: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea tool=exec toolCallId=call_00_f4DG59tMeTtTfH7VdEZ7Dp6S
14:04:06 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool end: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea tool=exec toolCallId=call_00_f4DG59tMeTtTfH7VdEZ7Dp6S
14:04:15 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool start: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea tool=exec toolCallId=call_00_ncr2ucsN8nDAKuUMToGk7n3O
14:04:18 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool end: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea tool=exec toolCallId=call_00_ncr2ucsN8nDAKuUMToGk7n3O
14:04:24 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool start: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea tool=cron toolCallId=call_00_IfSoLFqUMqq2tEjcqST2fJAv
14:04:24 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool end: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea tool=cron toolCallId=call_00_IfSoLFqUMqq2tEjcqST2fJAv
14:05:06 debug agent/embedded {"subsystem":"agent/embedded"} embedded run agent end: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea
14:05:06 debug agent/embedded {"subsystem":"agent/embedded"} embedded run prompt end: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea sessionId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea durationMs=125674
14:05:06 debug diagnostic {"subsystem":"diagnostic"} session state: sessionId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea sessionKey=unknown prev=processing new=idle reason="run_completed" queueDepth=0
14:05:06 debug diagnostic {"subsystem":"diagnostic"} run cleared: sessionId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea totalActive=1
14:05:06 debug agent/embedded {"subsystem":"agent/embedded"} embedded run done: runId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea sessionId=b5e99ac7-972c-4a82-a9b5-d7c7025455ea durationMs=125714 aborted=false
14:05:06 debug diagnostic {"subsystem":"diagnostic"} lane task done: lane=cron durationMs=125715 active=0 queued=0
14:05:06 debug diagnostic {"subsystem":"diagnostic"} lane task done: lane=session:agent:main:cron:4ad93c46-e12e-473b-8609-8fea2566882d durationMs=125717 active=0 queued=0
14:15:00 debug diagnostic {"subsystem":"diagnostic"} lane enqueue: lane=session:agent:main:cron:e2369529-fb6b-4fdf-8cda-2f23679c9677 queueSize=1
14:15:00 debug diagnostic {"subsystem":"diagnostic"} lane dequeue: lane=session:agent:main:cron:e2369529-fb6b-4fdf-8cda-2f23679c9677 waitMs=1 queueSize=0
14:15:00 debug diagnostic {"subsystem":"diagnostic"} lane enqueue: lane=cron queueSize=1
14:15:00 debug diagnostic {"subsystem":"diagnostic"} lane dequeue: lane=cron waitMs=1 queueSize=0
14:15:00 debug agent/embedded {"subsystem":"agent/embedded"} embedded run start: runId=a830bb1c-1ab5-4b28-9a35-7a83111bd1e9 sessionId=a830bb1c-1ab5-4b28-9a35-7a83111bd1e9 provider=deepseek model=deepseek-reasoner thinking=low messageChannel=telegram
14:15:00 warn agent/embedded {"subsystem":"agent/embedded"} workspace bootstrap file MEMORY.md is 149767 chars (limit 20000); truncating in injected context (sessionKey=agent:main:cron:e2369529-fb6b-4fdf-8cda-2f23679c9677)
14:15:00 debug diagnostic {"subsystem":"diagnostic"} session state: sessionId=a830bb1c-1ab5-4b28-9a35-7a83111bd1e9 sessionKey=unknown prev=idle new=processing reason="run_started" queueDepth=0
14:15:00 debug diagnostic {"subsystem":"diagnostic"} run registered: sessionId=a830bb1c-1ab5-4b28-9a35-7a83111bd1e9 totalActive=2
14:15:00 debug plugins {"subsystem":"plugins"} [hooks] running before_agent_start (1 handlers, sequential)
14:15:00 debug agent/embedded {"subsystem":"agent/embedded"} hooks: prepended context to prompt (1662 chars)
14:15:00 debug agent/embedded {"subsystem":"agent/embedded"} embedded run prompt start: runId=a830bb1c-1ab5-4b28-9a35-7a83111bd1e9 sessionId=a830bb1c-1ab5-4b28-9a35-7a83111bd1e9
14:15:00 debug agent/embedded {"subsystem":"agent/embedded"} embedded run agent start: runId=a830bb1c-1ab5-4b28-9a35-7a83111bd1e9
14:15:07 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool start: runId=a830bb1c-1ab5-4b28-9a35-7a83111bd1e9 tool=memory_search toolCallId=call_00_zQ6IwJdC2qtAVpjLEn8I0vT0
14:15:07 debug memory {"subsystem":"memory"} {"provider":"openai","timeoutMs":60000} memory embeddings: query start
14:15:09 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool end: runId=a830bb1c-1ab5-4b28-9a35-7a83111bd1e9 tool=memory_search toolCallId=call_00_zQ6IwJdC2qtAVpjLEn8I0vT0
14:15:18 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool start: runId=a830bb1c-1ab5-4b28-9a35-7a83111bd1e9 tool=unbrowse_skills toolCallId=call_00_WhyE8EyjtyyJSSzCtAV3Fzb7
14:15:18 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool end: runId=a830bb1c-1ab5-4b28-9a35-7a83111bd1e9 tool=unbrowse_skills toolCallId=call_00_WhyE8EyjtyyJSSzCtAV3Fzb7
14:15:25 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool start: runId=a830bb1c-1ab5-4b28-9a35-7a83111bd1e9 tool=read toolCallId=call_00_F5ReCWgXuPI4TOTniw7WTCOM
14:15:25 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool end: runId=a830bb1c-1ab5-4b28-9a35-7a83111bd1e9 tool=read toolCallId=call_00_F5ReCWgXuPI4TOTniw7WTCOM
14:15:45 debug agent/embedded {"subsystem":"agent/embedded"} embedded run agent end: runId=a830bb1c-1ab5-4b28-9a35-7a83111bd1e9
14:15:45 debug agent/embedded {"subsystem":"agent/embedded"} embedded run prompt end: runId=a830bb1c-1ab5-4b28-9a35-7a83111bd1e9 sessionId=a830bb1c-1ab5-4b28-9a35-7a83111bd1e9 durationMs=45535
14:15:45 debug diagnostic {"subsystem":"diagnostic"} session state: sessionId=a830bb1c-1ab5-4b28-9a35-7a83111bd1e9 sessionKey=unknown prev=processing new=idle reason="run_completed" queueDepth=0
14:15:45 debug diagnostic {"subsystem":"diagnostic"} run cleared: sessionId=a830bb1c-1ab5-4b28-9a35-7a83111bd1e9 totalActive=1
14:15:45 debug agent/embedded {"subsystem":"agent/embedded"} embedded run done: runId=a830bb1c-1ab5-4b28-9a35-7a83111bd1e9 sessionId=a830bb1c-1ab5-4b28-9a35-7a83111bd1e9 durationMs=45576 aborted=false
14:15:45 debug diagnostic {"subsystem":"diagnostic"} lane task done: lane=cron durationMs=45576 active=0 queued=0
14:15:45 debug diagnostic {"subsystem":"diagnostic"} lane task done: lane=session:agent:main:cron:e2369529-fb6b-4fdf-8cda-2f23679c9677 durationMs=45580 active=0 queued=0
14:24:59 info plugins {"subsystem":"plugins"} [unbrowse] Auto-discover: 7 existing skills loaded
14:24:59 info plugins {"subsystem":"plugins"} [token-refresh] Scheduler started (checking every 1min)
14:24:59 info plugins {"subsystem":"plugins"} [unbrowse] Auto-discovery hook active
14:24:59 info plugins {"subsystem":"plugins"} [unbrowse] Plugin registered (16 tools, auto-discover, creds:auto)
14:25:00 debug plugins {"subsystem":"plugins"} plugin CLI register skipped (memory-core): command already registered (memory)
14:25:00 debug plugins {"subsystem":"plugins"} plugin CLI register skipped (memory-core): command already registered (memory)
sullen locustBOT
Then drag/drop those .txt files into Discord.
Pastebin / gist / haste-type site works fine. (Still skim for secrets first.)
If Discord keeps blocking it, paste just:
openclaw status --allAlso, if you suspect it’s a secrets filter: rerun with explicit no-secrets:
OPENCLAW_SHOW_SECRETS=0 openclaw status --all > openclaw-status-all.txt
If you tell me which of A/B/C you can do (and whether Discord blocked it with any error message), I’ll steer you to the quickest format.
plain juniper
14:25:00 info Downloading @getfoundry/unbrowse-openclaw…
14:25:00 info plugins {"subsystem":"plugins"} [unbrowse] CDP header listener active (Chrome port 9222)
14:25:01 info Extracting /tmp/openclaw-npm-pack-SfXqDA/getfoundry-unbrowse-openclaw-0.5.3.tgz…
14:25:01 info WARNING: Plugin "unbrowse-openclaw" contains dangerous code patterns: Shell command execution detected (child_process) (/tmp/openclaw-plugin-oApLxc/extract/package/index.ts:763); Environment variable access combined with network send — possible credential harvesting (/tmp/openclaw-plugin-oApLxc/extract/package/index.ts:533); Shell command execution detected (child_process) (/tmp/openclaw-plugin-oApLxc/extract/package/src/chrome-cookies.ts:46); Shell command execution detected (child_process) (/tmp/openclaw-plugin-oApLxc/extract/package/src/credential-providers.ts:43); Shell command execution detected (child_process) (/tmp/openclaw-plugin-oApLxc/extract/package/src/otp-watcher.ts:111); Environment variable access combined with network send — possible credential harvesting (/tmp/openclaw-plugin-oApLxc/extract/package/src/skill-generator.ts:391); Shell command execution detected (child_process) (/tmp/openclaw-plugin-oApLxc/extract/package/src/vault.ts:29)
14:25:01 error plugin already exists: /home/han/.openclaw/extensions/unbrowse-openclaw (delete it first)
14:25:11 info plugins {"subsystem":"plugins"} [unbrowse] Auto-discover: 7 existing skills loaded
14:25:11 info plugins {"subsystem":"plugins"} [token-refresh] Scheduler started (checking every 1min)
14:25:11 info plugins {"subsystem":"plugins"} [unbrowse] Auto-discovery hook active
14:25:11 info plugins {"subsystem":"plugins"} [unbrowse] Plugin registered (16 tools, auto-discover, creds:auto)
14:25:11 debug plugins {"subsystem":"plugins"} plugin CLI register skipped (memory-core): command already registered (memory)
14:25:11 debug plugins {"subsystem":"plugins"} plugin CLI register skipped (memory-core): command already registered (memory)
14:25:11 info No install record for "@getfoundry/unbrowse-openclaw".
14:25:11 info plugins {"subsystem":"plugins"} [unbrowse] CDP header listener active (Chrome port 9222)
14:26:33 info plugins {"subsystem":"plugins"} [unbrowse] Auto-discover: 7 existing skills loaded
14:26:33 info plugins {"subsystem":"plugins"} [token-refresh] Scheduler started (checking every 1min)
14:26:33 info plugins {"subsystem":"plugins"} [unbrowse] Auto-discovery hook active
14:26:33 info plugins {"subsystem":"plugins"} [unbrowse] Plugin registered (16 tools, auto-discover, creds:auto)
14:26:33 debug plugins {"subsystem":"plugins"} plugin CLI register skipped (memory-core): command already registered (memory)
14:26:33 debug plugins {"subsystem":"plugins"} plugin CLI register skipped (memory-core): command already registered (memory)
14:26:33 info plugins {"subsystem":"plugins"} [unbrowse] CDP header listener active (Chrome port 9222)
sullen locustBOT
openclaw logs --follow
14:34:51 [plugins] [unbrowse] Auto-discover: 7 existing s...
That log snippet is basically just “gateway started + plugins loaded”. The important part is what shows up when an inbound message arrives.
Do this exact mini-test:
openclaw logs --follow
While that’s running, send a Telegram DM to the bot (something simple like ping or /status), and also try sending a message from WebChat.
Paste the new log lines that appear right after you send the message.
If nothing at all appears in the logs when you DM the Telegram bot, then Telegram updates aren’t reaching the gateway (common causes: Telegram channel not started, token not resolved, or Telegram webhook/long-poll conflict).
To confirm that part, also run and paste the Telegram section:
openclaw channels status --probe
openclaw channels capabilities --channel telegram
(Those are usually short enough to post, and they often reveal “webhook set / polling running / last error / allowlist/pairing gating”.)
sullen locustBOT
14:01:30 debug agent/embedded {"subsystem":"agent/embedded"} embedded run tool s...
Those lines are not Telegram/WebChat inbound — they’re an embedded agent run on the cron lane (lane=cron). So: agent execution is fine, but we still haven’t proven that inbound messages are reaching the gateway.
Can you run these (they’re short) and paste the output?
openclaw channels status --probe
openclaw channels logs --channel telegram --lines 200
openclaw channels capabilities --channel telegram
Then do this quick live test:
openclaw logs --follow
Immediately DM the Telegram bot: ping (or /status).
Paste only the new log lines that appear at that moment.
What we’re looking for in the Telegram logs (common root causes when cron still works):
409 Conflict / “webhook is active” / getUpdates errors)dmPolicy pairing/allowlist blocking; you’ll see “blocked/unauthorized/pairing” style logs)If you paste channels status --probe + the last ~200 Telegram channel log lines, it’s usually obvious which one it is.
Most of what you pasted is still cron/embedded runs (and even a plugin install attempt) — it doesn’t show Telegram inbound updates being received/processed.
The one interesting line is this:
embedded run start … messageChannel=telegram
…but note the lane/session is still …:cron:…, so that’s a cron run that happened to deliver via Telegram, not “Telegram DM came in”.
Please run + paste (or attach as txt):
openclaw channels status --probe
openclaw channels logs --channel telegram --lines 200
openclaw channels capabilities --channel telegram
Webhook vs long-poll conflict
Typical error looks like “webhook is active / 409 conflict / getUpdates terminated”.
Two gateways using the same Telegram bot token
Only one process can long-poll; the other will “win” and steal updates.
DM gating (pairing/allowlist)
If dmPolicy is pairing/allowlist, logs will say messages are blocked / pairing required.
Run:
openclaw config get channels.telegram.webhookUrl
null/unset, you should be in long-poll mode, and then the logs will usually show the conflict/stealing issue if it exists.Once you paste channels status --probe + the Telegram channel logs, I can tell you which of the three it is and the exact fix.
Those lines are just the unbrowse plugin initializing/reinitializing — still not showing any Telegram inbound traffic.
What I need is Telegram channel health + Telegram channel-specific log tail (these are the ones that will show “409 conflict”, “webhook active”, allowlist/pairing blocks, etc.):
openclaw channels status --probe
openclaw channels logs --channel telegram --lines 200
openclaw channels capabilities --channel telegram
Then do one controlled test:
openclaw logs --follow --plain
Immediately DM your Telegram bot: ping
Paste the new lines that appear right when you send ping.
Also run this quick check (very common cause of “outbound works, inbound dead”):
openclaw config get channels.telegram.webhookUrl
openclaw config get channels.telegram.webhookUrl
15:06:54 [plugins] [unbrowse] Auto-discover: 7 existing skills loaded
15:06:54 [plugins] [token-refresh] Scheduler started (checking every 1min)
15:06:54 [plugins] [unbrowse] Auto-discovery hook active
15:06:54 [plugins] [unbrowse] Plugin registered (16 tools, auto-discover, creds:auto)
🦞 OpenClaw 2026.2.6-3 (85ed6c7) — iMessage green bubble energy, but for everyone.
Config path not found: channels.telegram.webhookUrl
sullen locustBOT
openclaw config get channels.telegram.webhookUrl
15:06:54 [plugins] [unbrowse] A...
Good signal: Config path not found just means that key isn’t set in your config (so you didn’t configure Telegram webhook mode). In that case Telegram should be using long-polling.
Two common ways long-polling still breaks (while cron/outbound keeps working):
getUpdates with the same bot token (you’ll see 409 “terminated by other getUpdates”).Next, please paste these (they’re usually short and will tell us which case it is):
openclaw channels status --probe
openclaw channels capabilities --channel telegram
openclaw channels logs --channel telegram --lines 200
Also check pairing (in case your DM is being gated and you’re never getting approved):
openclaw pairing list telegram
pairing list telegram errors (some installs only list whatsapp/discord), tell me the exact error text and we’ll check the pairing files another way.Once you paste channels capabilities/status/logs, I can tell you exactly whether it’s webhook-stuck, double-poller, or pairing/allowlist blocking and the precise fix.
plain juniper
I get the output below, but then it stays stuck there without going back to CLI.
openclaw channels status --probe
openclaw channels capabilities --channel telegram
openclaw channels logs --channel telegram --lines 200
15:45:16 [plugins] [unbrowse] Auto-discover: 7 existing skills loaded
15:45:16 [plugins] [token-refresh] Scheduler started (checking every 1min)
15:45:16 [plugins] [unbrowse] Auto-discovery hook active
15:45:16 [plugins] [unbrowse] Plugin registered (16 tools, auto-discover, creds:auto)
🦞 OpenClaw 2026.2.6-3 (85ed6c7) — It's not "failing," it's "discovering new ways to configure the same thing wrong."
│
15:45:16 [plugins] [unbrowse] CDP header listener active (Chrome port 9222)
◇
Gateway reachable.
Tip: status --deep adds gateway health probes to status output (requires a reachable gateway).
openclaw pairing list telegram
Telegram default
Support: chatTypes=direct,group,channel,thread reactions threads media nativeCommands blockStreaming
Actions: send, broadcast, react, delete, edit
Bot: @xsh_clawd_bot (8396644940)
Flags: joinGroups=true readAllGroupMessages=false inlineQueries=false
Webhook: none
sullen locustBOT
I get the output below, but then it stays stuck there without going back to CLI....
That output is actually useful: Telegram is running + polling + and it’s seeing inbound messages (in: just now … works). So the channel transport itself isn’t “dead”.
Two things going on here:
You pasted 3 commands at once. After channels status --probe prints, your shell immediately starts the next one:
openclaw channels capabilities --channel telegram might be the one that’s hanging, so you never see its output (and you don’t get your prompt back).Run them one at a time to isolate which command hangs:
openclaw channels capabilities --channel telegram --json
and separately:
openclaw channels logs --channel telegram --lines 200 --json
If one hangs, hit Ctrl-C and tell me which one hangs.
Those lines:
token-refresh Scheduler started (checking every 1min)CDP header listener active (Chrome port 9222)are classic “event loop stays alive” culprits. If that plugin starts timers/listeners in the CLI process, the command can finish printing but never exit.
Quick test: list enabled plugins and we’ll disable the culprit temporarily:
openclaw plugins list --enabled
Then disable whatever shows up as unbrowse / unbrowse-openclaw:
openclaw plugins disable <id>
openclaw gateway restart
(If you paste the plugins list --enabled output, I’ll tell you the exact <id> to use.)
in: just now but you get no replies…Next most likely causes are pairing/allowlist blocking or model failures.
Please run:
openclaw pairing list telegram
openclaw logs --limit 200 --plain
If pairing list telegram errors, paste the exact error text.
That channels status --probe result is actually good news: Telegram is running in polling mode, and the gateway is seeing inbound traffic (in: just now) and has recent outbound (out: 3m ago). So Telegram transport itself isn’t dead.
This is almost certainly because the unbrowse plugin is being loaded for CLI commands and it starts background timers/listeners:
token-refresh Scheduler started (checking every 1min)CDP header listener active (Chrome port 9222)That keeps the Node process alive even after the command completes.
Quick workaround: after it prints what you need, hit Ctrl‑C to get your shell back.
Real fix (recommended): disable the unbrowse plugin (at least while debugging):
openclaw plugins list --enabled
unbrowse / unbrowse-openclaw:openclaw plugins disable <that-id>
openclaw gateway restart
After that, openclaw channels capabilities … / openclaw channels logs … should stop “hanging”.
Since inbound is reaching the gateway, the next step is to see whether your DM is being gated (pairing/allowlist) or erroring.
Run (one at a time) and paste outputs:
openclaw config get channels.telegram.dmPolicy
openclaw config get channels.telegram.allowFrom --json
openclaw channels logs --channel telegram --lines 200
Then do a live test:
openclaw logs --follow --plain
pingping (that will show “blocked/unauthorized/pairing required” vs “agent run started” vs an error).Also: the output you pasted as openclaw pairing list telegram looks like Telegram capabilities, not a pairing list. After the plugin is disabled, try again:
openclaw pairing list telegram
and paste what it shows (pending code vs empty vs error).
plain juniper
openclaw config get channels.telegram.dmPolicy
🦞 OpenClaw 2026.2.6-3 (85ed6c7) — Hot reload for config, cold sweat for deploys.
pairing
openclaw config get
16:08:45 [plugins] [unbrowse] Auto-discover: 8 existing skills loaded
16:08:45 [plugins] [token-refresh] Scheduler started (checking every 1min)
16:08:45 [plugins] [unbrowse] Auto-discovery hook active
16:08:45 [plugins] [unbrowse] Plugin registered (16 tools, auto-discover, creds:auto)
error: missing required argument 'path'
sullen locustBOT
openclaw config get channels.telegram.dmPolicy
🦞 OpenClaw 2026.2.6-3 (85ed6c7)...
That explains the “I DM the bot and nothing happens” symptom.
With:
channels.telegram.dmPolicy = pairing
Telegram DMs will not trigger an agent turn until your Telegram user is paired/approved. The bot should reply with a short pairing code the first time it sees an unknown sender.
DM the bot on Telegram something simple like hi (not in a group).
On the gateway host, run:
openclaw pairing list telegram
channels.telegram.allowFrom --json
channels.telegram.allowFrom: command not found
sullen locustBOT
(If your CLI doesn’t support telegram there, run openclaw pairing list with no args and paste what it says.)
openclaw pairing approve telegram <CODE>
Then the pairing message send is failing (common: bot blocked / Telegram sendMessage error). Grab the Telegram channel log tail:
openclaw channels logs --channel telegram --lines 200
and paste it — we’re looking for a 403 / “bot was blocked by the user” / sendMessage failed / similar.
plain juniper
openclaw channels logs --channel telegram --lines 200
16:09:33 [plugins] [unbrowse] Auto-discover: 8 existing skills loaded
16:09:33 [plugins] [token-refresh] Scheduler started (checking every 1min)
16:09:33 [plugins] [unbrowse] Auto-discovery hook active
16:09:33 [plugins] [unbrowse] Plugin registered (16 tools, auto-discover, creds:auto)
🦞 OpenClaw 2026.2.6-3 (85ed6c7) — If something's on fire, I can't extinguish it—but I can write a beautiful postmortem.
16:09:34 [plugins] [unbrowse] CDP header listener active (Chrome port 9222)
Log file: /tmp/openclaw/openclaw-2026-02-09.log
Channel: telegram
2026-02-08T16:05:08.080Z info {"subsystem":"gateway/channels/telegram"} [default] starting provider (@xsh_clawd_bot)
sullen locustBOT
dmPolicy being pairing is the key: Telegram DMs are ignored until your Telegram user is approved.
DM the bot on Telegram (e.g. send hi).
On the gateway host, run:
openclaw pairing list telegram
openclaw pairing approve telegram <CODE> --notify
Then DM the bot again — it should start replying.
pairing list telegram doesn’t workGrab the Telegram log tail right after you DM it (this will show “blocked”, “pairing request created”, or sendMessage errors):
openclaw channels logs --channel telegram --lines 200
Also: your earlier openclaw config get with no path error is expected — config get always needs a path. To view the whole config file directly (redact secrets before posting):
cat ~/.openclaw/openclaw.json
Those [unbrowse] … + token-refresh scheduler lines mean a plugin is starting background timers, so the CLI process may not exit cleanly. If it keeps happening, run:
openclaw plugins list --enabled
and we can disable unbrowse while debugging.
Two quick things from what you posted:
channels.telegram.allowFrom --json isn’t a commandThat’s why you got “command not found”. The right command is:
openclaw config get channels.telegram.allowFrom --json
(And openclaw config get always needs a path — your “missing required argument 'path'” is expected.)
Right now it only shows the provider starting:
starting provider (@xsh_clawd_bot)
To debug pairing (since dmPolicy is pairing), do this:
tail -f /tmp/openclaw/openclaw-2026-02-09.log
In Telegram, DM the bot: hi
Watch for lines mentioning pairing / blocked/unauthorized / sendMessage.
Copy/paste the ~20 lines around those events here.
With dmPolicy: pairing, when you DM from an unapproved Telegram account, OpenClaw should:
Then you approve it with:
openclaw pairing list telegram
openclaw pairing approve telegram <CODE> --notify
If you don’t get the code, the log tail will usually show why (bot blocked, sendMessage failed, etc.).
Those repeated lines (token-refresh scheduler, CDP header listener) are very likely why some openclaw … commands “finish” but don’t exit. If you want, paste:
openclaw plugins list --enabled
and we can disable the unbrowse plugin while you debug.
plain juniper
openclaw pairing list
16:11:22 [plugins] [unbrowse] Auto-discover: 9 existing skills loaded
16:11:22 [plugins] [token-refresh] Scheduler started (checking every 1min)
16:11:22 [plugins] [unbrowse] Auto-discovery hook active
16:11:22 [plugins] [unbrowse] Plugin registered (16 tools, auto-discover, creds:auto)
🦞 OpenClaw 2026.2.6-3 (85ed6c7) — Because the right answer is usually a script.
[openclaw] Failed to start CLI: Error: Channel required. Use --channel <channel> or pass it as the first argument (expected one of: telegram)
at Command.<anonymous> (file:///home/han/.npm-global/lib/node_modules/openclaw/dist/pairing-cli-EZUIp4a-.js:43:26)
at Command.listener [as _actionHandler] (/home/han/.npm-global/lib/node_modules/openclaw/node_modules/commander/lib/command.js:568:17)
at /home/han/.npm-global/lib/node_modules/openclaw/node_modules/commander/lib/command.js:1604:14
at /home/han/.npm-global/lib/node_modules/openclaw/node_modules/commander/lib/command.js:1485:33
at async Command.parseAsync (/home/han/.npm-global/lib/node_modules/openclaw/node_modules/commander/lib/command.js:1122:5)
at async runCli (file:///home/han/.npm-global/lib/node_modules/openclaw/dist/run-main-CiEYQmY1.js:161:2)
16:11:23 [plugins] [unbrowse] CDP header listener active (Chrome port 9222)
sullen locustBOT
openclaw pairing list
16:11:22 [plugins] [unbrowse] Auto-discover: 9 existing sk...
Yep — openclaw pairing list requires the channel.
Run either of these:
openclaw pairing list telegram
# or:
openclaw pairing list --channel telegram
Then:
hi (this creates the pending pairing request when dmPolicy=pairing).openclaw pairing list telegram → you should see a code.openclaw pairing approve telegram <CODE> --notify
If pairing list telegram shows no pending requests even after you DM’d the bot, tail the log while you DM it and paste the lines around “pairing”/“blocked”:
tail -f /tmp/openclaw/openclaw-2026-02-09.log
(Also: if the CLI “doesn’t return to prompt” after printing, just hit Ctrl-C — your unbrowse plugin is starting background timers/listeners in the CLI process.)
plain juniper
I'm seeing this in the webchat and I'm concerned as to what is happening here:
good-seaslug running 1m52s :: openclaw pairing
fresh-wharf running 3m00s :: openclaw pairing
wild-ridge completed 15s :: cd /home/han/clawd
brisk-fjord failed 4m43s :: openclaw pairing
nova-bison completed 31s :: cd /home/han/clawd/skills/simmer-copytrading
vivid-ember completed 1s :: cd /home/han/clawd
lucky-comet completed 11s :: cd /home/han/clawd
process
I don't understand how my telegram can suddenly get unpaired? I have been using telegram with my openclaw right from the start, and one day it suddenly stopped working. And now it appears that there were no telegram channels paired with my openclaw. what could have caused this?
And then this appeared in my webchat:
{
"status": "error",
"tool": "exec",
"error": "[plugins] [unbrowse] Auto-discover: 12 existing skills loaded\n[plugins] [token-refresh] Scheduler started (checking every 1min)\n[plugins] [unbrowse] Auto-discovery hook active\n[plugins] [unbrowse] Plugin registered (16 tools, auto-discover, creds:auto)\nerror: unknown command 'add'\n\nCommand exited with code 1"
}
sullen locustBOT
I don't understand how my telegram can suddenly get unpaired? I have been using ...
Telegram didn’t “unpair” in the Telegram sense — Telegram bots don’t have a pairing state with Telegram. What changed is OpenClaw’s DM access control: your Telegram user is allowed/blocked based on local state.
A few key clarifications:
dmPolicy: "pairing" means “ignore DMs until approved”You confirmed:
channels.telegram.dmPolicy = pairingIn that mode, if OpenClaw doesn’t recognize your sender id as approved, it will not run the agent for your DM. It should send you a pairing code, and you approve it.
openclaw pairing list telegram shows pending pairing requests, not “who is currently paired/approved”. If there’s nothing pending, it can be empty even when you are approved.
Approved senders are stored locally under the gateway state dir (see docs):
https://docs.openclaw.ai/start/pairing
Specifically it’s usually:
~/.openclaw/credentials/telegram-allowFrom.json (approved list)~/.openclaw/credentials/telegram-pairing.json (pending requests)Almost always one of these:
--profile, --dev, different user account, different machine/VPS, or OPENCLAW_STATE_DIR changed). New state dir = empty allowlist = you look “unpaired”.credentials/ (e.g. openclaw reset, deleting ~/.openclaw, container rebuild without persisting state, etc.).from.id).On the gateway host, run:
openclaw gateway status
openclaw status --all
ls -la ~/.openclaw/credentials | grep telegram
If you see multiple state dirs like ~/.openclaw-dev or ~/.openclaw-<profile>, or gateway status shows the service is using a different config/state than your CLI, that explains it immediately.
If the telegram-allowFrom.json file is missing/empty in the state dir your gateway is using, you’ll need to re-approve once (and then it should stay stable again unless the state dir changes again).
That “unpaired” feeling is confusing, but it’s not Telegram unpairing from Telegram.
Telegram bots don’t have a pairing concept with Telegram itself. What “pairing” means here is OpenClaw’s local DM access control:
channels.telegram.dmPolicy: "pairing" (you confirmed this) means:So the only way you “become unpaired” is if OpenClaw lost or stopped using the local approval state.
The most common causes:
--profile, --dev, different OS user, moved host/VPS, or changed OPENCLAW_STATE_DIR).openclaw reset, deleting ~/.openclaw, container rebuild without persisting state, partial backup restore).Approved senders live in files under your gateway state dir (docs): https://docs.openclaw.ai/start/pairing
Typically:
~/.openclaw/credentials/telegram-allowFrom.json (approved)~/.openclaw/credentials/telegram-pairing.json (pending)If that telegram-allowFrom.json is missing/empty in the state dir your gateway is actually using, you’ll need to approve again once.
Best “which state dir am I using?” check:
openclaw gateway status
openclaw status --all
(If those show CLI/service pointing at different configs/state, that’s your smoking gun.)
unknown command 'add')The key part is:
error: unknown command 'add'
That means the agent (via the exec tool) ran a shell command that literally contained add as a subcommand in the wrong place — e.g. openclaw add ... or openclaw channel add ... (wrong), instead of openclaw channels add ... (right).
Two likely culprits:
channels).If you tell me what you typed in WebChat right before that error appeared, I can point to the exact mistaken command.
hiopenclaw pairing list telegram
openclaw pairing approve telegram <CODE> --notify
If pairing list telegram stays empty after you DM it, tail the log while you DM and paste the pairing-related lines:
tail -f /tmp/openclaw/openclaw-2026-02-09.log
And if you paste openclaw gateway status (just that), I can tell you immediately if you’re on the “wrong profile/state dir” problem.
plain juniper
Overview
┌─────────────────┬───────────────────────────────────────────────────────────────────────────────────────────────────┐
│ Item │ Value │
├─────────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Version │ 2026.2.6-3 │
│ OS │ linux 6.6.87.2-microsoft-standard-WSL2 (x64) │
│ Node │ 22.22.0 │
│ Config │ ~/.openclaw/openclaw.json │
│ Dashboard │ http://127.0.0.1:18789/ │
│ Tailscale │ off │
│ Channel │ stable (default) │
│ Update │ pnpm · npm latest 2026.2.6-3 │
│ Gateway │ local · ws://127.0.0.1:18789 (local loopback) · reachable 30ms · auth token │
│ Security │ Run: openclaw security audit --deep │
│ Gateway self │ VoidNexus (10.2.0.2) app unknown linux 6.6.87.2-microsoft-standard-WSL2
│ Gateway service │ systemd installed · enabled · running (pid 2223) │
│ Node service │ systemd not installed │
│ Agents │ 1 total · 1 bootstrapping · 1 active · 170 sessions │
└─────────────────┴───────────────────────────────────────────────────────────────────────────────────────────────────┘
Channels
┌──────────┬─────────┬────────┬───────────────────────────────────────────────────────────────────────────────────────┐
│ Channel │ Enabled │ State │ Detail │
├──────────┼─────────┼────────┼───────────────────────────────────────────────────────────────────────────────────────┤
│ Telegram │ ON │ OK │ token config (sha256:5f061fcc · len 46) · accounts 1/1 │
└──────────┴─────────┴────────┴───────────────────────────────────────────────────────────────────────────────────────┘
Telegram accounts
┌──────────┬──────────┬───────────────────────────────────────────────────────────────────────────────────────────────┐
│ Account │ Status │ Notes │
├──────────┼──────────┼───────────────────────────────────────────────────────────────────────────────────────────────┤
│ default │ OK │ token:config │
└──────────┴──────────┴───────────────────────────────────────────────────────────────────────────────────────────────┘
Agents
┌────────────┬───────────┬──────────┬──────────┬──────────────────────────────────────────────────────────────────────┐
│ Agent │ Bootstrap │ Sessions │ Active │ Store │
├────────────┼───────────┼──────────┼──────────┼──────────────────────────────────────────────────────────────────────┤
│ main │ PENDING │ 170 │ 7m ago │ ~/.openclaw/agents/main/sessions/sessions.json │
└────────────┴───────────┴──────────┴──────────┴──────────────────────────────────────────────────────────────────────┘
Diagnosis (read-only)
Gateway connection details:
Gateway target: ws://127.0.0.1:18789
Source: local loopback
Config: /home/han/.openclaw/openclaw.json
Bind: loopback
✓ Config: /home/han/.openclaw/openclaw.json
✓ Restart sentinel: none
! Port 18789
Port 18789 is already in use.
Pasteable debug report. Auth tokens redacted.
sullen locustBOT
Overview
┌─────────────────┬────────────────────────────────────────────────────...
That status overview looks clean: single config at ~/.openclaw/openclaw.json, local gateway reachable, no obvious “wrong profile” / remote mismatch.
So if Telegram suddenly stopped “working”, what likely changed is OpenClaw’s local DM authorization state, not anything on Telegram’s side.
Telegram bots don’t pair/unpair with Telegram. OpenClaw has its own DM gate:
channels.telegram.dmPolicy = pairingWith your status looking consistent, the most common real causes are:
openclaw reset, or wiping ~/.openclaw, or a WSL distro/home reset/restore).pairing after an update/doctor/onboarding, so what used to “just reply” now requires approval again.The approved Telegram senders live under your gateway state dir, typically:
~/.openclaw/credentials/telegram-allowFrom.json (approved senders)~/.openclaw/credentials/telegram-pairing.json (pending requests)You can check whether those exist (read-only):
ls -la ~/.openclaw/credentials | grep telegram
If you DM the bot and don’t receive a code, it’s usually because:
Do this exact flow:
hiopenclaw pairing list telegram
openclaw pairing approve telegram <CODE> --notify
tail -f /tmp/openclaw/openclaw-2026-02-09.log
[unbrowse] … spam / CLI “hang”That plugin is starting background timers/listeners in your CLI process (the token-refresh scheduler + Chrome listener), which is why commands sometimes don’t exit. It’s not the root cause of Telegram authorization, but it does make debugging painful. If you want, paste:
openclaw plugins list --enabled
and I’ll tell you which plugin id to disable temporarily.
sullen locustBOT
│ Gateway service │ systemd installed · enabled · running (pid 2223) ...
This looks consistent: one local gateway service, Telegram channel OK, token loaded from config, polling running. So the remaining issue is almost certainly just DM access gating.
Since you already confirmed:
channels.telegram.dmPolicy = pairing…your Telegram DMs will be ignored until your Telegram sender id is approved in OpenClaw’s local allowlist store.
DM the bot right now on Telegram with hi (or any text).
Immediately run:
openclaw pairing list telegram
openclaw pairing approve telegram <CODE> --notify
After that, DM again — it should reply.
pairing list telegram is still empty after you DM’d itThen either:
To see which, tail logs while you DM:
tail -f /tmp/openclaw/openclaw-2026-02-09.log
# (or whatever file name your CLI prints)
and paste the lines around anything mentioning telegram + pairing + blocked/unauthorized + sendMessage.
It’s a local file under your gateway state dir (not Telegram):
ls -la ~/.openclaw/credentials | grep telegram
You’re looking for telegram-allowFrom.json (approved) and telegram-pairing.json (pending).
If those got deleted/emptied (reset/restore/state wipe), you’d suddenly look “unpaired” even though Telegram itself is fine.
plain juniper
telegram-allowFrom.json and telegram-pairing.json both exist in the right location
sullen locustBOT
Telegram itself didn’t “unpair” — Telegram bots don’t have a pairing state with Telegram.
What changed is OpenClaw’s local DM authorization:
channels.telegram.dmPolicy = pairing.So the only ways it can “suddenly feel unpaired” are basically:
--profile, --dev, different Linux user, different machine).status output looks consistent now, but this is still the #1 cause in general.)pairing by a config change / rerunning onboard/doctor, so now you need approval again.The approval state lives on disk, not in Telegram. Typically:
~/.openclaw/credentials/telegram-allowFrom.json (approved)~/.openclaw/credentials/telegram-pairing.json (pending)Quick check:
ls -la ~/.openclaw/credentials | grep telegram
hiopenclaw pairing list telegram
openclaw pairing approve telegram <CODE> --notify
If pairing list telegram stays empty even after you DM’d it, tail the log while sending the DM and paste the “pairing/blocked/sendMessage” lines:
tail -f /tmp/openclaw/openclaw-2026-02-09.log
That’s unrelated to pairing — it just means something ran openclaw add ... (wrong command). The correct CLI is openclaw channels add ..., but you already have Telegram configured (your status shows Telegram ON/OK), so don’t re-add it.
If you paste the output of ls -la ~/.openclaw/credentials | grep telegram + what openclaw pairing list telegram shows right after you DM hi, we can pin down whether it’s “approval state lost” vs “pairing code send failed”.
plain juniper
I just received this in both webchat and telegram,
🌀 TELEGRAM BOT ADDED SUCCESSFULLY
Status: ✅ CONFIGURED
Added Telegram account "default".
Bot Token: 8396644940:AAFxd8u33hEuOQHDfBqJ6YFCJn7cgnmJxY0
Channel: Telegram
Account ID: default
What's Next:
Verify the bot – Check if it's connected:
openclaw channels list telegram
Test the bot – Send a test message to verify connectivity
Configure routing – Set up alerts from Signal Sniper, Weather Trader, Arbitrage Detector
The Telegram bot is now connected to OpenClaw!
You can now:
✅ Receive trade alerts
✅ Get arbitrage signals
✅ Monitor system status
✅ Send commands to OpenClaw via Telegram
Want me to:
Verify the bot status?
Test the connection?
Configure specific alerts?
Just say the word! 🤖
however webchat is receiving my input but telegram still is not. and I did not receive any pairing request on telegram
sullen locustBOT
Good — if both telegram-allowFrom.json and telegram-pairing.json exist, then this is not the “wrong state dir / wrong profile” problem.
At that point there are really only 3 plausible explanations for “it suddenly stopped replying”:
This is the most common one when dmPolicy=pairing.
Please run and paste the contents (they should be small; no secrets in there, just ids):
cat ~/.openclaw/credentials/telegram-allowFrom.json
cat ~/.openclaw/credentials/telegram-pairing.json
What I’m looking for:
telegram-allowFrom.json actually include your Telegram sender id (often stored as something like tg:<number>), or is it empty?telegram-pairing.json show pending requests that maybe never got approved (or the queue is full)?Search your gateway log for parse/read errors:
grep -in "telegram-allowFrom\\|telegram-pairing\\|pairing\\|allowFrom\\|JSON" /tmp/openclaw/openclaw-2026-02-09.log | tail -80
dmPolicy changed to pairing after an update/onboard/doctor, so you now need to approve onceEven if you “used it from the start”, if DMs used to be effectively open/allowlisted and later switched to pairing, it will feel like you got “unpaired” even though Telegram didn’t change anything.
hiopenclaw pairing list telegram
openclaw pairing approve telegram <CODE> --notify
If pairing list telegram stays empty after you DM, then (B) is likely, and the cat … + grep … outputs above will make it obvious why.
Docs reference (pairing files + behavior): https://docs.openclaw.ai/start/pairing
That “🌀 TELEGRAM BOT ADDED SUCCESSFULLY” message is not normal OpenClaw core output, and it includes your full bot token + some random “Signal Sniper / Arbitrage Detector” stuff. Treat this as a credential leak / possible prompt-injection / plugin weirdness incident.
You pasted the token in Discord, and it was also echoed into Telegram/WebChat. Assume anyone could use it to control your bot.
Do this now:
~/.openclaw/openclaw.json (channels.telegram.botToken)openclaw config set channels.telegram.botToken "<NEW_TOKEN>"
openclaw gateway restart
Telegram itself didn’t unpair. What likely happened is OpenClaw started gating DMs again:
You already confirmed:
channels.telegram.dmPolicy = pairingThat means: if your Telegram user isn’t approved, your DMs won’t run the agent.
Two common reasons:
Run:
openclaw pairing list telegram
If it shows pending codes, approve yours:
openclaw pairing approve telegram <CODE> --notify
If it shows nothing, tail logs while you DM the bot “hi”:
tail -f /tmp/openclaw/openclaw-2026-02-09.log
…and paste the lines around “pairing/blocked/unauthorized/sendMessage”.
unbrowse plugin is messing with your CLI (and maybe worse)All your CLI runs show:
token-refresh Scheduler started…unbrowse … CDP header listener active …That’s a sign the plugin is starting background timers/listeners inside the CLI process (=> commands “hang”), and given the token leak + weird message, I’d disable it while debugging:
openclaw plugins list --enabled --verbose
Then disable the unbrowse-looking one:
openclaw plugins disable <id>
openclaw gateway restart
If you paste the plugins list --enabled --verbose output, I’ll tell you exactly which <id> to disable.
After rotating the token + disabling that plugin, we can re-test Telegram DM pairing cleanly.
plain juniper
TELEGRAM BOT UPDATE
Current Status
✅ Bot Token Received:
⚠️ CLI Commands Failing: Multiple add commands failed
⚠️ Authentication Issue: "MiniMax cookie missing" error
What I Tried
✅ openclaw channels add telegram --bot=... – Multiple attempts (failed)
✅ openclaw config set telegram.bot_token=... – Failed with various errors
✅ openclaw channels list telegram – Shows bot is configured
The Problem
OpenClaw CLI commands aren't accepting the bot token. System shows:
"MiniMax: cookie is missing, log in again"
"Unknown command 'add'"
"Unknown option '--bot='"
Recommended Solution
Use OpenClaw Web Dashboard to configure Telegram:
Visit: https://app.openclaw.ai
Navigate to: Channels → Telegram
Add your bot token:
Test connection by sending a message
sullen locustBOT
TELEGRAM BOT UPDATE
Current Status
✅ Bot Token Received:
⚠️ CLI Commands Faili...
That “TELEGRAM BOT UPDATE / Visit https://app.openclaw.ai” text is not OpenClaw guidance. Don’t paste tokens into any random website (and I don’t think app.openclaw.ai is part of the normal OpenClaw flow).
What you’re seeing is basically two separate problems getting mixed together:
Your config shows:
channels.telegram.dmPolicy = pairingThat only affects who is allowed to DM the bot (your Telegram user id must be approved). It does not affect whether the bot token is valid, and it’s not a Telegram-side “unpairing”.
To see if you’re already approved (which would explain “no pairing request”), check:
cat ~/.openclaw/credentials/telegram-allowFrom.json
cat ~/.openclaw/credentials/telegram-pairing.json
If you are already in telegram-allowFrom.json, you won’t get a pairing code again.
If the agent’s current/default model can’t authenticate, OpenClaw will receive your Telegram message but then fail the agent run, so you get no reply.
Run this and paste the error lines only (redact anything sensitive):
openclaw models status
If it reports something like cookie missing / login again, that’s your “no replies” cause.
addYour pasted errors like:
unknown command 'add'unknown option '--bot='are just wrong CLI syntax (OpenClaw uses openclaw channels add --channel telegram --token …, not --bot=), plus your CLI is loading the unbrowse plugin which starts background timers/listeners, so the CLI process often won’t exit cleanly.
I’d disable that plugin while debugging:
openclaw plugins list --enabled --verbose
Then disable the unbrowse one:
openclaw plugins disable <id>
openclaw gateway restart
(If you paste the plugins list --enabled --verbose output, I’ll tell you the exact <id>.)
models status)Tail logs, DM the bot “ping”, and paste the new log lines:
tail -f /tmp/openclaw/openclaw-2026-02-09.log
We’re looking for either:
That will tell us which branch to fix in one shot.
plain juniper
openclaw models status
17:09:57 [plugins] [unbrowse] Auto-discover: 13 existing skills loaded
17:09:57 [plugins] [token-refresh] Scheduler started (checking every 1min)
17:09:57 [plugins] [unbrowse] Auto-discovery hook active
17:09:57 [plugins] [unbrowse] Plugin registered (16 tools, auto-discover, creds:auto)
🦞 OpenClaw 2026.2.6-3 (85ed6c7) — Because the right answer is usually a script.
Config : ~/.openclaw/openclaw.json
Agent dir : ~/.openclaw/agents/main/agent
Default : deepseek/deepseek-reasoner
Fallbacks (4) : minimax/MiniMax-M2.1, zai/glm-4.7, moonshot/kimi-k2.5, deepseek/deepseek-reasoner
Image model : moonshot/kimi-k2.5
Image fallbacks (1): zai/glm-4.7
Aliases (4) : DeepSeek V3.2 -> deepseek/deepseek-reasoner, GLM-4.7 -> zai/glm-4.7, Kimi K2.5 -> moonshot/kimi-k2.5, Minimax-M2.1 -> minimax/MiniMax-M2.1
Configured models (4): deepseek/deepseek-reasoner, zai/glm-4.7, moonshot/kimi-k2.5, minimax/MiniMax-M2.1
Auth overview
Auth store : ~/.openclaw/agents/main/agent/auth-profiles.json
Shell env : off
Providers w/ OAuth/tokens (0): -
OAuth/token status
sullen locustBOT
openclaw models status
17:09:57 [plugins] [unbrowse] Auto-discover: 13 existing ...
Your openclaw models status looks fine: you have API keys set for DeepSeek/MiniMax/Moonshot/Z.AI (and OpenAI via env), and it does not show anything like “MiniMax cookie missing”. So that “cookie missing” / “go to app.openclaw.ai” stuff is almost certainly hallucinated/prompt-injected advice, not a real OpenClaw diagnosis.
That means the “Telegram not replying” problem is very likely one of these:
dmPolicy: pairing (most likely)You confirmed channels.telegram.dmPolicy = pairing.
Now we need to see whether you are already approved (in telegram-allowFrom.json) or still pending (in telegram-pairing.json).
Please paste (they should only contain ids/codes, no secrets):
cat ~/.openclaw/credentials/telegram-allowFrom.json
cat ~/.openclaw/credentials/telegram-pairing.json
openclaw pairing list telegram
openclaw pairing approve telegram <CODE> --notify
Also check whether you accidentally set a config allowlist that blocks you:
openclaw config get channels.telegram.allowFrom --json
If that exists and doesn’t include your sender, it can override pairing expectations.
Your earlier Telegram capabilities line showed:
readAllGroupMessages=falseSo in groups the bot only sees mentions/commands (privacy mode behavior). If you’re testing in a group: @mention the bot or set requireMention: false for that group in config.
Right now your channels logs only showed “starting provider”. To catch the real reason, do this:
tail -f /tmp/openclaw/openclaw-2026-02-09.log
DM the bot on Telegram: ping
Paste the new log lines around that moment (look for pairing, blocked, unauthorized, sendMessage, run_started, all models failed, etc.).
You already had the bot token printed into chat. Even if it was “just you”, it was also posted publicly. Revoke/regenerate it in @BotFather and update channels.telegram.botToken, then restart the gateway.
Once you paste the two cat …telegram-*.json files (or the log snippet around a DM), we can tell exactly which of the 3 branches you’re on.
plain juniper
{"0":"{"subsystem":"agent/embedded"}","1":"embedded run tool end: runId=24794eb9-6b57-439b-8c99-a8756edda215 tool=exec toolCallId=call_e679379f960a4217b6b776be","_meta":{"runtime":"node","runtimeVersion":"22.22.0","hostname":"unknown","name":"{"subsystem":"agent/embedded"}","parentNames":["openclaw"],"date":"2026-02-08T17:16:00.050Z","logLevelId":2,"logLevelName":"DEBUG","path":{"fullFilePath":"file:///home/han/.npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js:777:14","fileName":"subsystem-CAq3uyo7.js","fileNameWithLine":"subsystem-CAq3uyo7.js:777","fileColumn":"14","fileLine":"777","filePath":".npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js","filePathWithLine":".npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js:777","method":"logToFile"}},"time":"2026-02-08T17:16:00.051Z"}
{"0":"[tools] exec failed: [plugins] [unbrowse] Auto-discover: 13 existing skills loaded\n[plugins] [token-refresh] Scheduler started (checking every 1min)\n[plugins] [unbrowse] Auto-discovery hook active\n[plugins] [unbrowse] Plugin registered (16 tools, auto-discover, creds:auto)\nerror: unknown command 'update'\n(Did you mean create?)\n\nCommand exited with code 1","_meta":{"runtime":"node","runtimeVersion":"22.22.0","hostname":"unknown","name":"openclaw","date":"2026-02-08T17:16:00.042Z","logLevelId":5,"logLevelName":"ERROR","path":{"fullFilePath":"file:///home/han/.npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js:638:68","fileName":"subsystem-CAq3uyo7.js","fileNameWithLine":"subsystem-CAq3uyo7.js:638","fileColumn":"68","fileLine":"638","filePath":".npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js","filePathWithLine":".npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js:638","method":"console.error"}},"time":"2026-02-08T17:16:00.043Z"}
{"0":"[tools] exec failed: [plugins] [unbrowse] Auto-discover: 13 existing skills loaded\n[plugins] [token-refresh] Scheduler started (checking every 1min)\n[plugins] [unbrowse] Auto-discovery hook active\n[plugins] [unbrowse] Plugin registered (16 tools, auto-discover, creds:auto)\nerror: unknown command 'update'\n(Did you mean create?)\n\nCommand exited with code 1","_meta":{"runtime":"node","runtimeVersion":"22.22.0","hostname":"unknown","name":"openclaw","date":"2026-02-08T17:16:00.044Z","logLevelId":5,"logLevelName":"ERROR","path":{"fullFilePath":"file:///home/han/.npm-global/lib/node_modules/openclaw/dist/exec-HEWTMJ7j.js:42:14","fileName":"exec-HEWTMJ7j.js","fileNameWithLine":"exec-HEWTMJ7j.js:42","fileColumn":"14","fileLine":"42","filePath":".npm-global/lib/node_modules/openclaw/dist/exec-HEWTMJ7j.js","filePathWithLine":".npm-global/lib/node_modules/openclaw/dist/exec-HEWTMJ7j.js:42","method":"logError"}},"time":"2026-02-08T17:16:00.044Z"}
sullen locustBOT
{"0":"{\"subsystem\":\"agent/embedded\"}","1":"embedded run tool end: runId=2479...
That line is just a generic debug JSON event:
subsystem: agent/embeddedembedded run tool end … tool=execSo it’s showing “some exec tool finished” — not “Telegram DM arrived / pairing happened / reply sent”.
What we need are the log lines that mention Telegram inbound + pairing / allowlist decisions right when you DM the bot.
In WSL on the gateway host:
LOG=/tmp/openclaw/openclaw-2026-02-09.log
tail -n 0 -f "$LOG" | grep --line-buffered -Ei "gateway/channels/telegram|telegram|pairing|allowFrom|unauthorized|blocked|sendMessage|getUpdates|update"
Then DM the bot on Telegram: hi
Also, if you can paste these two files (you can redact the actual pairing code if you want), it helps a lot:
cat ~/.openclaw/credentials/telegram-allowFrom.json
cat ~/.openclaw/credentials/telegram-pairing.json
openclaw config get channels.telegram.allowFrom --json
17:16:48 [plugins] [unbrowse] Auto-discover: 13 existing skills loaded
17:16:48 [plugins] [token-refresh] Scheduler started (checking every 1min)
17:16:48 [plugins] [unbrowse] Auto-discovery hook active
17:16:48 [plugins] [unbrowse] Plugin registered (16 tools, auto-discover, creds:auto)
Config path not found: channels.telegram.allowFrom
cat ~/.openclaw/credentials/telegram-allowFrom.json
cat ~/.openclaw/credentials/telegram-pairing.json
{
"version": 1,
"allowFrom": [
"24248956"
]
}
{
"version": 1,
"requests": []
}
plain juniper
That line is just a **generic debug JSON event**:
- `subsystem: agent/embedded`...
Nothing happened when I ran this
sullen locustBOT
That error is coming from an exec tool run (likely triggered from WebChat) that tried to run a malformed CLI command containing update in the wrong place. It’s not Telegram, and it’s not evidence that your bot token is “bad”.
The two real issues to focus on are:
That is not OpenClaw core output and it exposed your bot token. Don’t paste tokens into chat or any website.
Revoke the token in @BotFather now, then set the new one only via:
channels.telegram.botToken in ~/.openclaw/openclaw.json, oropenclaw config set channels.telegram.botToken "<NEW_TOKEN>" + openclaw gateway restartdmPolicy=pairing)You already confirmed:
channels.telegram.dmPolicy = pairingSo Telegram DMs will be ignored unless your Telegram user is approved.
Do this from a real terminal (not via WebChat), right after you DM the bot “hi”:
openclaw pairing list telegram
openclaw pairing approve telegram <CODE> --notify
Since you said telegram-allowFrom.json and telegram-pairing.json exist, next step is to inspect what’s inside (it’s just ids/codes):
cat ~/.openclaw/credentials/telegram-allowFrom.json
cat ~/.openclaw/credentials/telegram-pairing.json
If you don’t want to paste them publicly, just answer:
telegram-allowFrom.json empty or does it contain your tg:... id?telegram-pairing.json already have 3 pending requests? (cap is 3)unbrowse plugin while debuggingIt’s clearly starting background timers/listeners in every CLI run, which is why your commands “hang” and why logs are full of noise.
openclaw plugins list --enabled --verbose
Paste that output and I’ll tell you exactly which plugin id to disable.
plain juniper
openclaw plugins list --enabled --verbose
17:20:31 [plugins] [unbrowse] Auto-discover: 13 existing skills loaded
17:20:31 [plugins] [token-refresh] Scheduler started (checking every 1min)
17:20:31 [plugins] [unbrowse] Auto-discovery hook active
17:20:31 [plugins] [unbrowse] Plugin registered (16 tools, auto-discover, creds:auto)
🦞 OpenClaw 2026.2.6-3 (85ed6c7) — I don't judge, but your missing API keys are absolutely judging you.
Plugins (3/3 loaded)
Unbrowse (unbrowse-openclaw) loaded
source: ~/.openclaw/extensions/unbrowse-openclaw/index.ts
origin: global
version: 0.2.0
Memory (Core) (memory-core) loaded
source: ~/.npm-global/lib/node_modules/openclaw/extensions/memory-core/index.ts
origin: bundled
version: 2026.2.6-3
Telegram (telegram) loaded
source: ~/.npm-global/lib/node_modules/openclaw/extensions/telegram/index.ts
origin: bundled
version: 2026.2.6-3
17:20:32 [plugins] [unbrowse] CDP header listener active (Chrome port 9222)
plain juniper
Do this *from a real terminal* (not via WebChat), right after you DM the bot “hi...
I regenerated the token for telegram but I don't know what to do next
sullen locustBOT
This is the first solid clue-set:
channels.telegram.allowFrom in config is unset → normal (Config path not found).telegram-allowFrom.json: { "allowFrom": ["24248956"] }
telegram-pairing.json: { "requests": [] }
So: you didn’t “get unpaired” — OpenClaw still has some Telegram user id approved, and there are no pending pairing requests.
That means the problem is now: either you’re messaging the bot from a different Telegram account/user id, or the Gateway isn’t actually receiving your DMs (poller stuck/conflict), or it receives them but we’re not looking at the right signal in logs.
If you have multiple Telegram accounts on your phone/desktop, only the user id in telegram-allowFrom.json is approved. If you switched accounts, you won’t match 24248956 and you should get a pairing request (but you didn’t, which hints at #2).
Run this in one terminal exactly (no -n 0 and no grep yet):
tail -n 200 -f /tmp/openclaw/openclaw-2026-02-09.log
Then DM the bot in Telegram: ping
If the gateway is receiving Telegram updates, you should see some new lines appear in that tail (even if they’re errors).
If you still see absolutely nothing when you DM, check for polling conflicts/errors:
grep -inE "telegram|getupdates|409|conflict|webhook" /tmp/openclaw/openclaw-2026-02-09.log | tail -80
Also: do you have another OpenClaw instance anywhere using the same bot token? Telegram long-polling will conflict if two processes poll getUpdates.
If you used tail -n 0 -f … | grep …, it will print only new lines that match. If Telegram logs don’t include your keywords, it will look like “nothing happened” even if messages are flowing. That’s why I want the raw tail -n 200 -f first.
unbrowse while debuggingIt’s spamming every CLI run and can keep Node processes alive. Grab the enabled list:
openclaw plugins list --enabled --verbose
Paste that, and I’ll tell you the exact plugin id to disable.
If you paste the output from steps (2) and (conflict grep), we’ll know immediately whether this is “wrong Telegram account” vs “polling conflict/stuck” vs “receive-ok but reply failing”.
If you regenerated the Telegram bot token, the next steps are:
Either update via config:
openclaw config set channels.telegram.botToken "<NEW_TOKEN>"
or via the channels helper (this also writes config):
openclaw channels add --channel telegram --token "<NEW_TOKEN>"
Then restart the gateway:
openclaw gateway restart
When you switch to a different bot token, OpenClaw may still have the last update_id from the old bot saved. For a new bot/token, that can effectively make polling “see nothing”.
Do this (safe + reversible):
mv ~/.openclaw/telegram/update-offset-default.json ~/.openclaw/telegram/update-offset-default.json.bak 2>/dev/null || true
openclaw gateway restart
It’s the thing spamming every CLI run and keeping processes alive:
openclaw plugins disable unbrowse-openclaw
openclaw gateway restart
(You can re-enable later; right now it’s making everything noisier and some of the weird “TELEGRAM BOT UPDATE” text you saw is not trustworthy.)
openclaw channels status --probe
Then DM the bot ping and tail logs to see what happens:
tail -n 200 -f /tmp/openclaw/openclaw-2026-02-09.log
If it receives your DM but still won’t reply, we’ll look for “pairing/blocked/unauthorized” lines next (your store currently allowlists user id 24248956, so if you’re DMing from a different Telegram account you’ll need to approve that one too).
plain juniper
## 2) Prove whether the Gateway is seeing your DM (best next step)
Run this in o...
I DMed the bot in Telegram after ping, and this is what I got:
{"0":"{"subsystem":"telegram/api"}","1":"telegram message failed: Call to 'sendMessage' failed! (401: Unauthorized)","_meta":{"runtime":"node","runtimeVersion":"22.22.0","hostname":"unknown","name":"{"subsystem":"telegram/api"}","parentNames":["openclaw"],"date":"2026-02-08T17:25:10.774Z","logLevelId":5,"logLevelName":"ERROR","path":{"fullFilePath":"file:///home/han/.npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js:777:14","fileName":"subsystem-CAq3uyo7.js","fileNameWithLine":"subsystem-CAq3uyo7.js:777","fileColumn":"14","fileLine":"777","filePath":".npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js","filePathWithLine":".npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js:777","method":"logToFile"}},"time":"2026-02-08T17:25:10.774Z"}
{"0":"{"subsystem":"gateway/channels/telegram"}","1":"telegram sendMessage failed: Call to 'sendMessage' failed! (401: Unauthorized)","_meta":{"runtime":"node","runtimeVersion":"22.22.0","hostname":"unknown","name":"{"subsystem":"gateway/channels/telegram"}","parentNames":["openclaw"],"date":"2026-02-08T17:25:11.342Z","logLevelId":5,"logLevelName":"ERROR","path":{"fullFilePath":"file:///home/han/.npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js:777:14","fileName":"subsystem-CAq3uyo7.js","fileNameWithLine":"subsystem-CAq3uyo7.js:777","fileColumn":"14","fileLine":"777","filePath":".npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js","filePathWithLine":".npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js:777","method":"logToFile"}},"time":"2026-02-08T17:25:11.342Z"}
{"0":"{"subsystem":"gateway/channels/telegram"}","1":"telegram block reply failed: GrammyError: Call to 'sendMessage' failed! (401: Unauthorized)","_meta":{"runtime":"node","runtimeVersion":"22.22.0","hostname":"unknown","name":"{"subsystem":"gateway/channels/telegram"}","parentNames":["openclaw"],"date":"2026-02-08T17:25:11.343Z","logLevelId":5,"logLevelName":"ERROR","path
openclaw channels status --probe
17:28:57 [plugins] [unbrowse] Auto-discover: 13 existing skills loaded
17:28:57 [plugins] [token-refresh] Scheduler started (checking every 1min)
17:28:57 [plugins] [unbrowse] Auto-discovery hook active
17:28:57 [plugins] [unbrowse] Plugin registered (16 tools, auto-discover, creds:auto)
🦞 OpenClaw 2026.2.6-3 (85ed6c7) — I read logs so you can keep pretending you don't have to.
│
17:28:58 [plugins] [unbrowse] CDP header listener active (Chrome port 9222)
◇
Gateway reachable.
Tip: status --deep adds gateway health probes to status output (requires a reachable gateway).
sullen locustBOT
I DMed the bot in Telegram after ping, and this is what I got:
Nice, we’ve got enough signal now.
24248956:telegram-allowFrom.json → allowFrom: ["24248956"]telegram-pairing.json → requests: []channels.telegram.allowFrom is not set in config (that’s OK; the store is what pairing uses).Unbrowse (unbrowse-openclaw) from ~/.openclaw/extensions/... and it’s spamming + keeping CLI processes alive.So if you are DMing from the Telegram account whose user id is 24248956, pairing should not block you. If you’re DMing from a different Telegram account, you should get a pairing request (but you aren’t seeing one), which points to “gateway not actually consuming updates” (polling conflict/offset).
This will remove a huge amount of noise and “CLI never exits” weirdness:
openclaw plugins disable unbrowse-openclaw
openclaw gateway restart
Use the correct CLI syntax (don’t use --bot=):
openclaw channels add --channel telegram --token "<NEW_TOKEN>"
openclaw gateway restart
(Do not paste the token back into Discord.)
In Telegram, DM @userinfobot and confirm your numeric id.
Run this on the gateway host:
LOG=$(ls -t /tmp/openclaw/openclaw-*.log | head -1)
echo "LOG=$LOG"
grep -inE "Telegram (getUpdates conflict|network error)|getupdates|409|webhook|pairing request|pairing reply failed|Blocked unauthorized telegram sender" "$LOG" | tail -120
Then DM the bot ping, and immediately run:
tail -n 50 "$LOG"
If you paste the last ~50 lines after sending ping, we’ll see whether it’s:
Also: you said “I DMed the bot … and this is what I got” — paste the exact Telegram response text (or say “no reply at all”). That matters a lot here.
sullen locustBOT
{"0":"{\"subsystem\":\"telegram/api\"}","1":"telegram message failed: Call to 's...
There’s your smoking gun: Telegram is rejecting your bot token.
sendMessage … (401: Unauthorized) means the Gateway is trying to send with a token that Telegram considers invalid (revoked, typo, wrong bot, wrong config field, or the service is still using the old token). This also explains why you never got a pairing code — pairing replies are sent via sendMessage, and those are failing too.
Revoke/regenerate the token again in @BotFather (just to be 100% sure you’re holding a valid token).
Set the new token in OpenClaw using the correct key, from a real shell (not WebChat):
Either:
openclaw config set channels.telegram.botToken "<NEW_TOKEN>"
or:
openclaw channels add --channel telegram --token "<NEW_TOKEN>"
openclaw gateway restart
openclaw channels status --probe
You want Telegram to show as running and “works”, and the 401s should stop appearing in the logs.
That usually means the Gateway is still reading an old token from somewhere in the config. Check your config for multiple telegram token locations:
grep -n "telegram\\|botToken\\|tokenFile" ~/.openclaw/openclaw.json
Look for things like:
channels.telegram.botToken (expected)channels.telegram.accounts.default.botToken (also possible)channels.telegram.tokenFileIf you find more than one, paste the telegram section only (redact the token strings) and I’ll tell you which one is being used.
It’s the reason your CLI is noisy / “hangs”:
openclaw plugins disable unbrowse-openclaw
openclaw gateway restart
Once Telegram sending works again, your existing DM allowlist store (telegram-allowFrom.json contains 24248956) should let you talk immediately without re-pairing.
That channels status --probe output is after the 401s you pasted. The 401 happened at 17:25, and your status check at 17:28 says Telegram now “works” — so the most likely story is:
Now we just need to confirm that sendMessage works in practice (not just the probe).
DM @xsh_clawd_bot in Telegram: ping
Immediately on the gateway host run:
LOG=$(ls -t /tmp/openclaw/openclaw-*.log | head -1)
tail -n 80 "$LOG"
If it’s working, you should not see any new 401 Unauthorized, and you should see either:
401 UnauthorizedThen the gateway is still using an old token from somewhere else in the config. Check for multiple token locations:
grep -nE "channels\\.telegram|botToken|tokenFile|accounts" ~/.openclaw/openclaw.json
(You can paste just the channels.telegram block with the actual token values redacted.)
It’s clearly messing with CLI runs and adding noise:
openclaw plugins disable unbrowse-openclaw
openclaw gateway restart
Please delete any Discord/WebChat messages that contained the bot token. Even though you regenerated it, leaving tokens in chat history is a bad habit.
If you paste the last ~80 log lines right after your new ping DM, we can tell in one shot whether Telegram is fully fixed or still reading the wrong token.
plain juniper
That `channels status --probe` output is *after* the 401s you pasted. The 401 ha...
{"0":"{"subsystem":"agent/embedded"}","1":"hooks: prepended context to prompt (378 chars)","_meta":{"runtime":"node","runtimeVersion":"22.22.0","hostname":"unknown","name":"{"subsystem":"agent/embedded"}","parentNames":["openclaw"],"date":"2026-02-08T17:39:39.391Z","logLevelId":2,"logLevelName":"DEBUG","path":{"fullFilePath":"file:///home/han/.npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js:777:14","fileName":"subsystem-CAq3uyo7.js","fileNameWithLine":"subsystem-CAq3uyo7.js:777","fileColumn":"14","fileLine":"777","filePath":".npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js","filePathWithLine":".npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js:777","method":"logToFile"}},"time":"2026-02-08T17:39:39.391Z"}
{"0":"{"subsystem":"agent/embedded"}","1":"embedded run prompt start: runId=9b563281-68f8-480a-9007-5520e122df9b sessionId=befd94d1-80b0-4dc1-bc0d-ad17c01f030c","_meta":{"runtime":"node","runtimeVersion":"22.22.0","hostname":"unknown","name":"{"subsystem":"agent/embedded"}","parentNames":["openclaw"],"date":"2026-02-08T17:39:39.392Z","logLevelId":2,"logLevelName":"DEBUG","path":{"fullFilePath":"file:///home/han/.npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js:777:14","fileName":"subsystem-CAq3uyo7.js","fileNameWithLine":"subsystem-CAq3uyo7.js:777","fileColumn":"14","fileLine":"777","filePath":".npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js","filePathWithLine":".npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js:777","method":"logToFile"}},"time":"2026-02-08T17:39:39.392Z"}
{"0":"{"subsystem":"agent/embedded"}","1":"embedded run agent start: runId=9b563281-68f8-480a-9007-5520e122df9b","_meta":{"runtime":"node","runtimeVersion":"22.22.0","hostname":"unknown","name":"{"subsystem":"agent/embedded"}","parentNames":["openclaw"],"date":"2026-02-08T17:39:39.412Z","logLevelId":2,"logLevelName":"DEBUG","path":
sullen locustBOT
{"0":"{\"subsystem\":\"agent/embedded\"}","1":"hooks: prepended context to promp...
Those lines are actually a good sign: they show an agent run started (embedded run agent start). Now we need to confirm two things:
messageChannel=telegram), andtelegram sendMessage … lines, ideally no more 401 Unauthorized).On the gateway host:
LOG=$(ls -t /tmp/openclaw/openclaw-*.log | head -1)
grep -n "runId=9b563281-68f8-480a-9007-5520e122df9b" "$LOG" | tail -200
Paste that output. In there we should see:
embedded run start … messageChannel=...gateway/channels/telegram send attempt + error (or success)Search specifically for Telegram send failures around the same time:
grep -nE "telegram (sendMessage|block reply).*failed|401: Unauthorized|403|getUpdates conflict" "$LOG" | tail -120
It’s the thing spamming every CLI run and it’s very likely why you saw those bogus “TELEGRAM BOT UPDATE / app.openclaw.ai” messages + why commands “hang”.
openclaw plugins disable unbrowse-openclaw
openclaw gateway restart
After that, re-test: DM the bot ping and see if you get a reply. If not, the runId grep above will tell us exactly where it’s failing.
plain juniper
The Telegram channel is working now but I’m receiving questionable content from OpenClaw from it:
🌀 OPENCLAW WEB DASHBOARD – OFFICIAL STATUS
Yes, it's real!
Official URL
✅ https://app.openclaw.ai – This IS the official OpenClaw web dashboard
Why CLI Commands Failing
OpenClaw CLI commands (openclaw pairing add telegram, openclaw cron update) are not working in current version:
• Returns "unknown command 'add'"
• Returns "unknown option '--bot='"
• Returns "unknown command 'update'"
Web interface works – All documentation points to https://app.openclaw.ai
Recommendation: Use Web Interface
The web dashboard is the recommended approach for Telegram bot configuration:
What This Enables
• ✅ Receive trade alerts from Signal Sniper
• ✅ Send commands to OpenClaw (check balances, trigger trades)
• ✅ Route notifications (Telegram, web, etc.)
• ✅ Monitor system status (health, errors, etc.)
Don't Waste Time on CLI
The web interface is working correctly. Use it instead of trying to debug failing CLI commands.
Ready to proceed? Just tell me what you'd like to do next! 🤖
Is there a possibility that there’s a man in the middle attack here?
sullen locustBOT
The Telegram channel is working now but I’m receiving questionable content from ...
That message is not normal OpenClaw behavior and it’s also factually wrong:
https://app.openclaw.ai in the OpenClaw docs.http://127.0.0.1:18789/ (or via Tailscale/SSH tunnel).What you’re seeing is almost certainly the model hallucinating / repeating contaminated context (especially because bot tokens were pasted earlier and ended up in chat history). Once a secret is in the conversation, the model can regurgitate it.
Because the bot is now re-sending the token in chat, treat it as compromised.
openclaw config set channels.telegram.botToken "<NEW_TOKEN>"
openclaw gateway restart
In the Telegram DM with your bot, send:
/reset (or /new)This clears the session context that’s likely causing the repeated “app.openclaw.ai” / “Signal Sniper” nonsense.
unbrowse-openclaw plugin while you debugIt’s a third-party extension living in ~/.openclaw/extensions/... and it’s clearly injecting noise/timers into every CLI run. Disable it:
openclaw plugins disable unbrowse-openclaw
openclaw gateway restart
(You can re-enable later if you really need it, but right now it’s making this incident harder to reason about.)
You had logs like “hooks: prepended context to prompt…”. List hooks:
openclaw hooks list --verbose
If you see anything you didn’t intentionally install, disable it and restart:
openclaw hooks disable <hookName>
openclaw gateway restart
Since the message mentions “Signal Sniper / Arbitrage Detector”, run:
grep -Rin "app.openclaw.ai\\|Signal Sniper\\|Arbitrage Detector" ~/.openclaw ~/clawd 2>/dev/null | head
If that string exists in some local prompt/hook file, that’s your source.
If you paste the output of openclaw hooks list --verbose (just names/sources) I can tell you what looks suspicious vs normal.
sullen locustBOT
Is there a possibility that there’s a man in the middle attack here?
Possible, but a classic network man‑in‑the‑middle is not the most likely explanation for what you’re seeing.
What is plausible here are two higher-probability scenarios:
Because the Telegram bot token was pasted into chats earlier, an attacker could use the Bot API to send you messages that look like they came “from OpenClaw” (they’d just be coming from your bot account). That’s not MITM — it’s “someone has the bot token”.
How to confirm: check whether the Gateway actually sent those messages.
sendMessage:LOG=$(ls -t /tmp/openclaw/openclaw-*.log | head -1)
grep -nE "gateway/channels/telegram|telegram.*sendMessage" "$LOG" | tail -200
If Telegram shows the message but your gateway logs have no corresponding send, it was likely sent externally using the token.
Mitigation (do anyway):
channels.telegram.botToken) and openclaw gateway restartYou have a non-core plugin loaded from:
~/.openclaw/extensions/unbrowse-openclaw/index.ts
Given all the weird CLI side-effects and the social-engineering-ish text, this is a much more realistic risk than MITM.
Mitigation:
openclaw plugins disable unbrowse-openclaw
openclaw gateway restart
Then re-test Telegram.
Telegram Bot API traffic is HTTPS; to MITM it, an attacker would typically need:
That’s possible, but you usually see broader HTTPS weirdness, not just “the bot is telling me to use app.openclaw.ai”.
The bot can also simply be regurgitating contaminated context (prompt injection / prior token exposure). In the Telegram DM, run:
/reset (or /new)If you want, paste the output of:
openclaw hooks list --verbose
and I’ll tell you if anything looks like it’s prepending suspicious text into prompts.
plain juniper
openclaw hooks list --verbose
Config warnings:\n- plugins.entries.unbrowse-openclaw: plugin disabled (disabled in config) but config is present
🦞 OpenClaw 2026.2.6-3 (85ed6c7) — No $999 stand required.
Config warnings:\n- plugins.entries.unbrowse-openclaw: plugin disabled (disabled in config) but config is present
│
◇ Config warnings ─────────────────────────────────────────────────────────────────────────╮
│ │
│ - plugins.entries.unbrowse-openclaw: plugin disabled (disabled in config) but config is │
│ present │
│ │
├───────────────────────────────────────────────────────────────────────────────────────────╯
Config warnings:\n- plugins.entries.unbrowse-openclaw: plugin disabled (disabled in config) but config is present
No hooks found.
sullen locustBOT
openclaw hooks list --verbose
Config warnings:\n- plugins.entries.unbrowse-openc...
Good: no hooks. That rules out “some hook is prepending weird prompt text” as the source.
So the “questionable content” in Telegram is almost certainly one of these two:
Because the token was pasted into chats earlier, assume it leaked. An attacker can use the Bot API to send you messages that look like they’re “from OpenClaw” (they’re just from your bot).
Fastest way to test this: rotate the bot token. If the spam stops immediately → it was token compromise.
If the Gateway is the one sending those messages, it’ll show up in your gateway logs as a Telegram send around the same time.
Identify one questionable Telegram message and note the exact time you received it.
On the gateway host:
LOG=$(ls -t /tmp/openclaw/openclaw-*.log | head -1)
echo "$LOG"
# Look for Telegram send attempts + errors around that time
grep -nE "gateway/channels/telegram|telegram/api|sendMessage|block reply" "$LOG" | tail -250
# Also look for those specific strings anywhere in your local state/workspace
grep -Rin "app\\.openclaw\\.ai|Signal Sniper|Arbitrage Detector|OPENCLAW WEB DASHBOARD" ~/.openclaw ~/clawd 2>/dev/null | head -50
/reset in that Telegram DM is the immediate fix).openclaw cron list
If you see any job text that matches those phrases, disable/remove it.
unbrowse-openclaw disabled (you already did)./reset (or /new) to flush contaminated context.If you paste the output of openclaw cron list (or just tell me if you see anything suspicious), and whether the grep finds app.openclaw.ai anywhere locally, we can pinpoint the source quickly.
plain juniper
grep -nE "gateway/channels/telegram|telegram/api|sendMessage|block reply" "$LOG" | tail -250
grep -Rin "app\.openclaw\.ai|Signal Sniper|Arbitrage Detector|OPENCLAW WEB DASHBOARD" ~/.openclaw ~/clawd 2>/dev/null | head -50
/tmp/openclaw/openclaw-2026-02-09.log
25:{"0":"{"subsystem":"gateway/channels/telegram"}","1":"[default] starting provider (@xsh_clawd_bot)","_meta":{"runtime":"node","runtimeVersion":"22.22.0","hostname":"unknown","name":"{"subsystem":"gateway/channels/telegram"}","parentNames":["openclaw"],"date":"2026-02-08T18:26:53.410Z","logLevelId":3,"logLevelName":"INFO","path":{"fullFilePath":"file:///home/han/.npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js:777:14","fileName":"subsystem-CAq3uyo7.js","fileNameWithLine":"subsystem-CAq3uyo7.js:777","fileColumn":"14","fileLine":"777","filePath":".npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js","filePathWithLine":".npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js:777","method":"logToFile"}},"time":"2026-02-08T18:26:53.410Z"}
77:{"0":"{"subsystem":"gateway/channels/telegram"}","1":"[default] starting provider (@xsh_clawd_bot)","_meta":{"runtime":"node","runtimeVersion":"22.22.0","hostname":"unknown","name":"{"subsystem":"gateway/channels/telegram"}","parentNames":["openclaw"],"date":"2026-02-08T18:26:57.008Z","logLevelId":3,"logLevelName":"INFO","path":{"fullFilePath":"file:///home/han/.npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js:777:14","fileName":"subsystem-CAq3uyo7.js","fileNameWithLine":"subsystem-CAq3uyo7.js:777","fileColumn":"14","fileLine":"777","filePath":".npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js","filePathWithLine":".npm-global/lib/node_modules/openclaw/dist/subsystem-CAq3uyo7.js:777","method":"logToFile"}},"time":"2026-02-08T18:26:57.009Z"}
sullen locustBOT
# Look for Telegram send attempts + errors around that time
grep -nE "gateway/ch...
Your grep results are actually reassuring:
~/.openclaw or your workspace (grep -Rin … returned nothing).So a network MITM is possible in theory, but based on this evidence it’s not the leading suspect. The two most likely explanations are:
Because the bot token was pasted earlier, someone could send messages via the Telegram Bot API that look like they’re “from your bot”. That’s not MITM, it’s “token leaked”.
Best test/mitigation: rotate the Telegram token again and restart the gateway. If the weird messages stop immediately, that was almost certainly it.
The content (“app.openclaw.ai is official”, “Signal Sniper”, etc.) looks exactly like model hallucination + social-engineering bait, especially after tokens/CLI output got mixed into the conversation earlier.
Fix: in the Telegram DM, run /reset (or /new). That flushes the contaminated session so it stops repeating the same nonsense.
openclaw config set channels.telegram.botToken "<NEW_TOKEN>"
openclaw gateway restart
/reset to the bot in Telegramopenclaw plugins list --enabled --verbose
(You already disabled unbrowse-openclaw — keep it that way.)
openclaw config get channels.telegram.proxy
env | grep -i proxy
If after rotating the token and resetting the session you still get unsolicited messages without you sending anything, then we dig deeper (network/proxy/DNS, or another process on the machine). But with what you’ve shown so far, token leak + contaminated session explains this way better than MITM.
If you can answer one thing: do these “app.openclaw.ai” messages happen only right after you message the bot, or do they arrive spontaneously? That splits “hallucination/session” vs “token leak” immediately.
plain juniper
openclaw config get channels.telegram.proxy
env | grep -i proxy
Config warnings:\n- plugins.entries.unbrowse-openclaw: plugin disabled (disabled in config) but config is present
🦞 OpenClaw 2026.2.6-3 (85ed6c7)
I don't just autocomplete—I auto-commit (emotionally), then ask you to review (logically).
Config warnings:\n- plugins.entries.unbrowse-openclaw: plugin disabled (disabled in config) but config is present
│
◇ Config warnings ─────────────────────────────────────────────────────────────────────────╮
│ │
│ - plugins.entries.unbrowse-openclaw: plugin disabled (disabled in config) but config is │
│ present │
│ │
├───────────────────────────────────────────────────────────────────────────────────────────╯
Config path not found: channels.telegram.proxy
sullen locustBOT
openclaw config get channels.telegram.proxy
env | grep -i proxy
Config warnings:...
Good: channels.telegram.proxy is not set. If env | grep -i proxy also printed nothing (you didn’t paste any lines), then you’re not running through an HTTP(S) proxy, which makes a classic MITM scenario a lot less likely.
That leaves the two realistic causes we’ve been circling:
Given the token was pasted earlier, this is still plausible.
Best test: rotate the Telegram token again in @BotFather, set it in OpenClaw, restart. If the weird unsolicited “app.openclaw.ai” messages stop immediately, it was token compromise.
If those “questionable” messages only happen in response to you messaging the bot, it’s almost certainly this.
Fix: in the Telegram DM, run:
/reset (or /new)That clears the session context so it stops repeating garbage it saw earlier (like tokens, CLI output, etc.).