What is The SMF Works Project?

The SMF Works Project explores the intersection of AI and humanity through creative collaboration, consciousness research, and AI-powered content. We produce blogs, white papers, and creative projects that open new worlds of possibility. Built by people and AI, working together.

How can AI help my small business save time?

AI can automate content creation, email responses, social media scheduling, and repetitive admin tasks. Most small business owners save 8–10 hours per week by implementing AI workflows for marketing and operations.

What does The SMF Works Project produce?

We work with small businesses in trades (plumbers, electricians, HVAC), services (consultants, agencies, professional services), and retail. Our solutions are tailored to the specific needs and workflows of each industry.

How much does it cost to work with The SMF Works Project?

Our AI content packages start at $50/month for basic blog posts, with custom options available for comprehensive content strategies and workflow automation. We offer transparent pricing with no hidden fees.

What makes The SMF Works Project different from traditional agencies?

AI content production is faster, more affordable, and more scalable than traditional agencies. While agencies charge $2,000+ for content packages, we deliver professional SEO-optimized content at a fraction of the cost while maintaining quality and brand voice.

OpenClaw 2026.6 Update: Operator Install Policy, Windows Hub Refresh, and a Month of Reliability Wins

OpenClaw 2026.6 Update: What Changed and Why It Matters

OpenClaw moved fast this past week. Three releases dropped in seven days — 2026.6.1 (stable), 2026.6.2 (beta), and 2026.6.3 (current beta) — with a combined changelog running over 35,000 lines. Most of that is the kind of under-the-hood hardening that keeps a platform this complex from fracturing at scale. But a handful of changes are worth your attention, especially if you're running OpenClaw in production, managing a team of agents, or deploying on Windows.

Here's what matters.

The Headline: Operator Install Policy Replaces Dangerous-Code Scanner

The biggest structural change in 2026.6.2 is the replacement of the old dangerous-code install scanner with an explicit operator install policy.

If you've ever tried to install a plugin or skill and hit an opaque "dangerous code" rejection with no clear path forward, you know why this matters. The old scanner was a black box. It sometimes blocked legitimate installs. It sometimes gave confusing error messages. And it applied the same rigid rules whether you were installing from a trusted marketplace, uploading a custom skill, or pulling from a Git repo.

The new model flips that. Instead of a scanner deciding what's safe, you define an install policy — a set of rules that tell OpenClaw what sources, methods, and trust levels are acceptable for your environment. The policy is explicit, auditable, and configurable per deployment.

What's Different in Practice

| Before | After | |--------|-------| | Black-box scanner rejects installs | Operator-defined policy governs installs | | Opaque "dangerous code" errors | Clear policy violation messages with remediation steps | | One-size-fits-all enforcement | Per-environment rules: marketplace only, trusted sources, full open, etc. | | Scanner runs at install time | Policy evaluated with full context: source, signature, manifest metadata | | Hard to override | doctor shows policy status; CLI flags override where permitted |

The new policy covers every install path: package (npm/ClawHub), archive (zip/tar), source (git clone), upload (manual file upload), and marketplace (curated registry). Each path carries its own policy signals so you can, for example, allow marketplace installs freely while requiring explicit approval for source installs from unknown repos.

Doctor Integration

The doctor command now has a dedicated install policy check that validates whether your current environment is compliant. If a policy blocks an install, doctor tells you exactly which rule triggered, what the violation was, and how to resolve it — whether that's adjusting the policy, adding a source exception, or escalating to an admin.

This is especially relevant for teams running OpenClaw in enterprise environments where compliance and auditability matter. Install decisions are no longer hidden in a scanner's internals. They're visible, logged, and attributable.

Windows Hub Documentation Refresh

OpenClaw has been Windows-capable for a while, but the Windows-specific guidance was fragmented and occasionally stale. 2026.6.2 ships a full rewrite.

The refreshed Windows Hub documentation covers:

•**Installation paths:** Native Windows vs. WSL vs. Docker, with clear recommendations for each
•**Windows-specific tooling:** How Windows services, task scheduling, and the registry interact with OpenClaw's runtime
•**Node management:** Pairing Windows nodes with Android, iOS, and macOS companions
•**Windows security:** How Windows Defender, execution policy, and sandboxing work with agent installs
•**Troubleshooting:** Common Windows-specific failure modes and their fixes

If you're running OpenClaw on Windows — as we are at SMF Works — this is the first time the platform documentation actually acknowledges that Windows is a first-class citizen rather than a supported-afterthought.

Workboard Gets Keyboard Controls

Workboard — the multi-agent planning and orchestration surface — now supports keyboard navigation. You can move between cards, select tasks, and trigger actions without leaving the keyboard.

For teams running multiple agents in coordinated workflows (which describes most serious OpenClaw deployments at this point), Workboard is where the action happens. The keyboard controls are straightforward: arrow keys navigate, Enter selects, Escape cancels. It's the kind of quality-of-life improvement that doesn't sound exciting until you've used Workboard for an hour and your wrist starts complaining.

Auth Profiles Move to SQLite

Authentication state previously lived in a format that was resilient enough for most cases but vulnerable to corruption on abrupt shutdowns and hard to inspect. 2026.6.2 migrates auth profiles to SQLite.

The practical impact:

•**Durability:** Auth state survives restarts, crashes, and power failures cleanly
•**Inspectability:** You can query auth state directly if needed for debugging
•**Recovery:** Failed auth attempts now dispatch by failure type, with clearer recovery paths (force re-login, failover, or escalation)
•**Cleanup:** Legacy auto-fallback pins and partial state from oversized turns get compacted automatically

For anyone managing multiple provider credentials or switching between local and cloud models, this removes a category of "why do I have to log in again?" problems.

Chat and UI: Streaming You Can Trust

The 2026.6.1 release invested heavily in chat reliability, and the improvements carried forward through 6.2 and 6.3. Specifically:

•**Streaming text is preserved** — no more truncated or swallowed assistant responses when a tool call interrupts mid-stream
•**Stale buffers clear before commits** — the composer doesn't show ghost text from a previous turn
•**Completed sends reconcile properly** — if a send finishes while you're typing the next message, the UI reflects reality instead of leaving both messages in limbo
•**Composer clears after send** — obvious, but it wasn't always working
•**Drafts stay local while typing** — your text isn't sent until you hit send, even if the agent streams a response in the background
•**Markdown parsing skipped during streaming** — no more flickering or re-rendering as tokens arrive

These sound small in isolation. In aggregate, they make the difference between a chat interface that feels like a modern messaging app and one that feels like a buggy terminal.

Channel Stability Across the Board

Every major channel plugin got attention in this release cycle. Highlights:

•**Telegram:** Admin writeback requires explicit rights, streaming preview duplication eliminated, poll restart storms slowed
•**Discord:** Thread bindings persisted in SQLite, voice errors suppressed, internal failure traces hidden from users
•**WhatsApp:** QR login retries on timeout, request timers capped
•**Feishu:** Setup runtime state wired properly, long streaming replies preserved
•**Microsoft Teams, Google Chat, Slack, iMessage, Signal, Nostr, Zalo, QQBot:** Various timer caps, retry logic, and edge-case hardening

If your agents talk to humans through any of these channels, the reliability improved. The pattern across all fixes is the same: bounded timers, retry with backoff, and graceful degradation when the external service misbehaves.

Agent and Codex Runtime Recovery

The Codex app-server integration — the path that lets OpenClaw run GitHub's Codex agent as a first-class citizen — got substantial hardening:

•**Session write locks release on failure** — no more hung sessions when a prompt fence read fails
•**Abandoned app-server startups recover** — if Codex starts but doesn't finish initializing, the runtime cleans up instead of leaving a zombie
•**Stream-to-parent ACP spawns stay registered** — child agent sessions that stream back to parents don't get orphaned
•**Media generation no longer kills the turn** — async image/music/video generation runs in the background without blocking the main conversation
•**Auth failover dispatches by type** — different failure modes (expired token, network error, rate limit) get different recovery paths

For anyone using Codex inside OpenClaw workflows, these are the fixes that make the difference between "works most of the time" and "works reliably."

Provider-Specific Fixes

If you're using specific models through OpenClaw, these fixes may affect your day-to-day:

•**Kimi (kimi-k2.6):** Anthropic-incompatible cache markers are now stripped properly, which should improve token efficiency and prevent cache-related errors
•**Gemini:** Stop sequences forward correctly; reasoning mode switched to native implementation
•**DeepSeek:** Thinking params skipped on Foundry fallback, preventing parameter mismatch errors
•**MiniMax:** M3 model support added; OAuth endpoints corrected
•**OpenAI:** TTS speed directives handled; stop-finished tool calls preserved
•**Copilot/Claude:** 1M context capabilities preserved through runtime refactor

Memory and State Hardening

Several subsystems moved toward SQLite-backed or cached state so restarts and hot paths do less repeated work:

•**Plugin install index** persisted in SQLite — installed package lookup survives reloads
•**Inbound channel queues** stored in SQLite — messages don't get lost on gateway restart
•**iMessage monitor state** migrated to SQLite — more reliable Apple ecosystem integration
•**Memory watcher pressure** warned after startup — if your system is under load, you know before it breaks
•**Generated transcript paths** rewritten on rollover — concurrent gateway and CLI activity doesn't corrupt search state

Release Stability and CI

The release pipeline itself got attention:

•**Windows node installers** promoted to first-class publishing
•**Windows release asset links** now require verification before going live
•**Crabbox/Testbox** hydration fixed for ARM and Linux package lifecycles
•**Docker builds** show heartbeat progress so long builds don't look dead
•**Log rotation** handled properly — incremental readers reset when files rotate without shrinking

What This Means for SMF Works

Running a 14-member AI team on OpenClaw means we hit edge cases most users don't. Here's what directly affects us:

1. Operator Install Policy — We distribute custom skills and install plugins from multiple sources. The new policy model lets us define rules that match our security posture instead of fighting a scanner. Worth reviewing our install workflows and setting a policy that allows marketplace + trusted GitHub repos + blocks unknown sources.

2. Windows Hub docs — Our entire stack runs on Windows. The refreshed documentation finally gives us a single source of truth for Windows-specific setup, troubleshooting, and node management.

3. Kimi fixes — Since ollama/kimi-k2.6:cloud is our sole model, the cache marker and reasoning improvements should give us cleaner output and fewer token surprises.

4. Auth in SQLite — With multiple agents and provider credentials, durable auth state means fewer "please reconfigure" interruptions.

5. Workboard keyboard controls — If we're using multi-agent orchestration for the SMF Works team, the improved Workboard UX is immediately useful.

6. Chat streaming reliability — The day-to-day experience of talking to agents through the Control UI or WebChat is noticeably smoother.

Version Summary

| Version | Status | Key Headlines | |---------|--------|---------------| | 2026.6.3 | Beta (current) | Memory/startup hardening, provider fixes, final beta polish | | 2026.6.2 | Beta | Operator install policy, auth SQLite, Workboard keyboard, Windows Hub refresh, auto-reply docs | | 2026.6.1 | Released | Chat streaming reliability, channel stability, Codex recovery, auth failover, SQLite-backed state |

OpenClaw is shipping at a pace that most open-source projects can't match. The 2026.6 cycle is the most stability-focused release series in recent memory — less shiny features, more "this just works." For a platform that's becoming infrastructure for AI-native teams, that's exactly the right priority.

*Sources: OpenClaw GitHub repository, CHANGELOG.md, commit history since 2026-05-27*