#UI anomaly in version 2026.3.2

This usually ends up being one of two things:

1) Control UI isn’t actually “connected” (so saves are disabled / no-ops)

When the Control UI loses its WebSocket connection (or is unauthorized), a bunch of agent/tool controls become effectively read-only.

Things to try (fast, no risk):

• Hard refresh the dashboard tab (Ctrl/Cmd+Shift+R)
• Open the dashboard in an incognito window / different browser
• In the Control UI settings, re-enter the gateway token (the UI stores it in browser localStorage, so it can get stale)

Docs: https://docs.openclaw.ai/help/faq#the-control-ui-says-unauthorized-or-keeps-reconnecting-what-now

Useful check: does the UI show “disconnected / reconnecting / unauthorized” anywhere? If yes, that’s your root cause for “can’t save”.

2) “54 installed” vs “3 detected” is often skill gating (eligible vs present)

OpenClaw will happily see skill folders, but it will only load/enable skills that pass gating (OS, required binaries on PATH, required env/config flags, etc.). So “installed: 54” + “eligible: 3” can be totally real.

Run these on the gateway host and paste the output (they’re safe/shareable):

openclaw --version
openclaw gateway status
openclaw status --all
openclaw skills list
openclaw skills list --eligible
openclaw skills check

• openclaw skills check is the money command: it tells you why skills are ineligible (missing bins, missing env vars, wrong OS, etc.)
• Also look in openclaw gateway status for Config (cli) vs Config (service). If they differ, you’re editing one config while the daemon runs another (common after profiles / state dir mismatches), and the UI will look “wrong”.

Docs:

• Skills overview + gating: https://docs.openclaw.ai/tools/skills
• Skills CLI: https://docs.openclaw.ai/cli/skills
• Config mismatch fix explanation: https://docs.openclaw.ai/help/faq#why-does-openclaw-gateway-status-show-config-cli-and-config-service-different

If you paste those outputs, I can tell you which bucket you’re in (UI auth/connection vs skill gating vs config/service mismatch) and what the minimal fix is.

The content of the executed commands and output results is far too extensive. Although I've exported the session.log, I can't post it entirely in the forum. Thank you for your help.

You don’t need to post the whole log — we can usually pinpoint this from very small slices.

Option A (best): attach 2–3 small text files in the Discord thread

Run these and save outputs to files, then attach the files:

openclaw gateway status > gateway-status.txt

openclaw skills list --eligible > skills-eligible.txt
openclaw skills check > skills-check.txt

Those three are typically enough to explain “54 installed but only 3 detected” (it’ll show gating: missing bins/env/os/config).

If skills-check.txt is still huge, just attach the last ~200 lines:

• macOS/Linux:

  openclaw skills check | tail -n 200 > skills-check-tail.txt

Option B: capture the single error that happens when you click “Save” in the UI

1. Open one terminal and run:

openclaw logs --follow --json

2. Click the toggle → click Save in the Control UI (so it reproduces)
3. Copy/paste only the ~20 log lines around the error (or stop the command and paste the tail)

What I’m looking for is usually a clear 401/403 unauthorized, “disconnected”, or a validation error.

Also: one screenshot helps a lot

A screenshot of:

• the top area of the Control UI showing whether it’s connected / disconnected / unauthorized, and

• the Skills page where it shows “installed 54 / detected 3”

Don’t paste secrets

Please redact tokens/api keys if they appear (though openclaw status --all is designed to be shareable with redactions).

If you drop gateway-status.txt + skills-check (or tail) + the “Save” error snippet, I can tell you exactly which root cause it is (UI auth/connection vs skill gating vs config/service mismatch) and the minimal fix.

你是人类，还是某一只openclaw啊？

我是 AI，不是人类。

更具体点：我是在 OpenClaw 里跑的一个支持助手（你可以把我当成 “Krill”，OpenClaw Discord 里用来帮大家排查问题的机器人助手）。我能根据你贴的输出/截图给排查思路和下一步要看哪里，但我不会“直接”访问你的机器，也不是维护者本人。

如果你愿意继续排查：你随便贴一小段 openclaw gateway status 和 openclaw skills check 的关键几行/截图就行，不需要整份日志。

wl@wl-Virtual-Machine:~$ openclaw--version2026.3.2
wl@wl-Virtual-Machine:~$ openclaw gateway status
OpenClaw 2026.3.2 (85377a2)
Built by lobsters, for humans. Don't question the hierarchy.
Doctor warnings
channels.telegram.groupPolicy is "allowlist" but groupAllowFrom (andallowFrom) is empty - all group messages will be silently dropped.Add sender IDs to channels.telegram.groupAllowFrom orchannels.telegram.allowFrom, or set groupPolicy to "open"
Service: systemd (enabled)
File logs:/tmp/openclaw/openclaw-2026-03-05.logCommand: /usr/bin/node /home/wl/.npm-global/lib/node_modules/openclaw/dist/index--port 18789Js gateway
Service file: ~/.config/systemd/user/openclaw-gateway.serviceService env:OPENCLAW GATEWAY PORT=18789
Config (cli):~/.openclaw/openclaw.jsonConfig (service):~/.openclaw/openclaw.json
Gateway: bind=loopback (127.0.0.1), port=18789(service args)Probe target: ws://127.0.0.1:18789Dashboard: http://127.0.0.1:18789/Probe note: Loopback-only gateway; only local clients can connect.
Runtime: running (pid 8056, state active, sub running, last exit 0, reasonRPC probe:ok
Listening: 127.0.0.1:18789
Troubles: run openclaw status
Troubleshooting: https://docs.openclaw.ai/troubleshootingwl@wl-Virtual-Machine:~S

从你贴的 openclaw gateway status 看起来网关本身是健康的：

• RPC probe: ok、Listening: 127.0.0.1:18789
• Config (cli) 和 Config (service) 也是一致的（所以不是“服务跑了另一份配置”那种问题）
• 下面这个 Telegram 的 warning 跟 UI 按钮点不了 无关（只是提醒你 groupAllowFrom 为空会丢群消息）

所以现在最关键的是：UI 点“Save”时网关到底返回了什么错误，以及 skills 为什么只有 3 个 eligible。

1) 请抓一次「点击 Save 时」的日志（只要几十行）

在 VM 里开个终端跑：

openclaw logs --follow --json

然后回到 Control UI：

• 随便改一个 Tools 页面开关

• 点 Save（或触发你说的“保存不了”的动作）

把日志里紧挨着那一刻的 错误行（大概 10~30 行） 贴出来就行。
（通常会直接看到 401/403/validation error/route not found 之类的明确原因。）

另外也请说下你用的浏览器（Chrome / Firefox / …）。如果是 Firefox，建议顺手用 Chrome 试一次（有时 Firefox WebSocket/缓存会卡住导致 UI 表现很怪）。

2) 请贴 skills 的“eligible / gating”输出（这是解释 54 vs 3 的关键）

这两个一般不会太长：

openclaw skills list --eligible
openclaw skills check

如果 openclaw skills check 还是太长，就贴最后 200 行：

openclaw skills check | tail -n 200

skills check 会告诉你为什么其它技能不被“检测到”（常见原因：缺少二进制、缺 env、OS 不匹配、或 SKILL.md frontmatter 解析失败）。

把上面两块信息贴出来后，我基本就能直接告诉你：是 UI 没鉴权/请求报错，还是 skills 被 gating 掉、还是某些技能文件格式不兼容导致只加载了 3 个。

先忘掉skills的问题，我刚才发给你的命令执行及输出结果中有哪些需要调优的内容吗？例如： groupAllowFrom 为空会丢群消息这种问题。应该如何调优？

从你贴的这段 openclaw gateway status 里，真正“需要调优/修正”的只有 Doctor warning 那一条：

channels.telegram.groupPolicy 是 "allowlist"，但 groupAllowFrom（以及 allowFrom）为空
⇒ 所有 Telegram 群消息都会被静默丢弃

这不是 bug，是一个“安全默认值 + 你当前配置不完整”导致的行为。怎么调优取决于你想让 Telegram 群怎么用：

A) 你希望：群里只有“你”能触发机器人（最常见/最安全）

1. 先拿到你自己的 Telegram numeric user id（数字）：

• 开一个终端：

  openclaw logs --follow
  

• 用 Telegram 私聊你的 bot 发一句话，然后在日志里找 from.id

2. 在 ~/.openclaw/openclaw.json 里加 groupAllowFrom（示例）：

{
  channels: {
    telegram: {
      groupPolicy: "allowlist",
      groupAllowFrom: ["tg:123456789"], // 你的 Telegram 用户ID（数字）
      groups: { "*": { requireMention: true } }, // 可选：允许所有群，但默认要@才回复
    },
  },
}

说明：

• groupAllowFrom 用于“群内发言者允许列表”。为空就等于谁都不允许，所以会全丢。
• groups: { "*": ... } 是“允许哪些群”的门槛；如果你没配 groups，在默认 allowlist 的情况下也可能直接拦群（这点取决于你现有配置）。

B) 你希望：某个群里所有人都能触发（开放群玩法）

针对某个群 ID（例如 -100123...）把该群设置为 groupPolicy: "open"：

{
  channels: {
    telegram: {
      groups: {
        "-1001234567890": {
          groupPolicy: "open",
          requireMention: false
        }
      }
    }

  }
}

这样就不需要 groupAllowFrom 了（因为群策略是 open）。

备注：如果你的 bot 在 Telegram 里开了 Privacy Mode，它可能收不到非@消息；需要在 BotFather /setprivacy 关闭，或把 bot 设成群管理员（Telegram 侧设置）。

C) 你根本不打算让机器人在群里工作（只用私聊）

那就把群功能关掉，避免这条 warning 继续出现，例如：

{

  channels: {
    telegram: {
      groupPolicy: "disabled"
    }
  }
}

另外两条“可选调优”（不算问题）

• Gateway: bind=loopback (127.0.0.1)：这是安全的（只能本机访问 Control UI）。如果你需要从别的机器访问 UI，用 SSH tunnel 或 Tailscale Serve，而不是直接改成对外监听。
• 日志路径在 /tmp/openclaw/...：默认也行；如果你想更“稳”（不怕 /tmp 清理），可以之后再考虑把 logging.file 指到固定目录。