惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Hugging Face - Blog
Hugging Face - Blog
Microsoft Azure Blog
Microsoft Azure Blog
月光博客
月光博客
S
Securelist
J
Java Code Geeks
Recorded Future
Recorded Future
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
M
MIT News - Artificial intelligence
S
Secure Thoughts
Y
Y Combinator Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
D
Docker
Martin Fowler
Martin Fowler
The Last Watchdog
The Last Watchdog
WordPress大学
WordPress大学
The GitHub Blog
The GitHub Blog
Vercel News
Vercel News
O
OpenAI News
www.infosecurity-magazine.com
www.infosecurity-magazine.com
博客园_首页
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
PCI Perspectives
PCI Perspectives
N
News and Events Feed by Topic
H
Heimdal Security Blog
SecWiki News
SecWiki News
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
博客园 - 【当耐特】
T
Troy Hunt's Blog
L
LINUX DO - 最新话题
Hacker News: Ask HN
Hacker News: Ask HN
Hacker News - Newest:
Hacker News - Newest: "LLM"
N
Netflix TechBlog - Medium
A
Arctic Wolf
The Hacker News
The Hacker News
I
Intezer
S
Schneier on Security
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
Apple Machine Learning Research
Apple Machine Learning Research
L
Lohrmann on Cybersecurity
宝玉的分享
宝玉的分享
P
Privacy & Cybersecurity Law Blog
Stack Overflow Blog
Stack Overflow Blog
T
Tor Project blog
小众软件
小众软件
Simon Willison's Weblog
Simon Willison's Weblog
The Cloudflare Blog
Jina AI
Jina AI

DEV Community

Authentication Security Deep Dive: From Brute Force to Salted Hashing (With Java Examples) Why AI Systems Don’t Fail — They Drift Spilling beans for how i learn for exam😁"Reinforcement Learning Cheat Sheet" I Replaced Chrome with Safari for AI Browser Automation. Here's What Broke (and What Finally Worked) How Python Borrows Other People's Work The $40 Architecture: Processing 1 Billion API Requests with 99.99% Uptime Vibe Coding: A Workflow Guide (From Zero to SaaS) Most webhook security guides protect the wrong side. The scary part is delivery. Headless CMS for TanStack Start: Build a Blog with Cosmic EU Age Verification App "Hacked in 2 Minutes" — What Actually Happened Comfy Cloud’s delete function does not actually remove files Running AI Models on GPU Cloud Servers: A Beginner Guide Event-driven media intelligence with AWS Step Functions and Bedrock I scored 500 AI prompts across 8 quality dimensions — here's what broke How to Call Google Gemini API from Next.js (Free Tier, No Backend Needed) The Portal Protocol: Reclaiming Human Connection in the Age of AI How to Fix Your Team's Scattered Knowledge Problem With a Self-Hosted Forum Intro to tc Cloud Functors: A Graph-First Mental Model for the Modern Cloud Designing Multi-Tenant Backends With Both Ownership and Team Access I Built a Neumorphic CSS Library with 77+ Components — Here's What I Learned PostgreSQL Performance Optimization: Why Connection Pooling Is Critical at Scale Cómo construí un SaaS multi-rubro para gestionar expensas en Argentina con FastAPI + Vue 3 🚀 I Built an Ethical Hacking Scanner Tool – Open Source Project I Replaced /usage and /context in Claude Code With a Single Statusline A Pythonic Way to Handle Emails (IMAP/SMTP) with Auto-Discovery and AI-Ready Design I Collected 8.9 Million Polymarket Price Points — Here's What I Found About How Markets Really Move EcoTrack AI — Carbon Footprint Tracker & Dashboard Everyone's Using AI. No One Agrees How. 5 self-hosted ebook managers worth trying in 2026 Building Your First AI Agent with LangChain: From Chatbot to Autonomous Assistant Common SOC 2 Failures (Real World) Stop Vibe-Checking Your AI App: A Practical Guide to Evals How to Use SonarQube and SonarScanner Locally to Level Up Your Code Quality Your Next To-Do App Is Dead — I Replaced Mine with an OpenClaw AI Sign a Nostr event in 60 lines of Python using coincurve — no nostr-sdk, no nbxplorer, no rust toolchain ITGC Audit Explained Like You’re in Big 4 Patch Tuesday abril 2026: Microsoft parcha 163 vulnerabilidades y un zero-day en SharePoint Stop scraping everything: a better way to track competitor price changes Listing on MCPize + the Official MCP Registry while routing payments OUTSIDE the marketplace — how I kept 100% of my x402 revenue Building an AI-Powered Risk Intelligence System Using Serverless Architecture Why We Ripped Function Overloading Out of Our AI Toolchain Testing AI-Generated Code: How to Actually Know If It Works SaaS Churn Is Killing Your Business. Here Is What to Do About It (Without a Support Team) The Speed of AI Is No Longer Linear - And Self-Improving Models Are Why How to Implement RBAC for MCP Tools: A Practical Guide for Engineering Teams From Standard Quote to Persuasive Proposal: AI Automation for Arborists I built a CLI that scaffolds complete multi-tenant SaaS apps Axios CVE-2025–62718: The Silent SSRF Bug That Could Be Hiding in Your Node.js App Right Now The dashboard that ended our friendship Data Pipelines Explained Simply (and How to Build Them with Python) The Hidden Cost of AI Systems Nobody Talks About. undefined vs undeclared, and how typeof behaves Switching from file-based jobs to NATS/Kafka in Rust without changing code io_uring Adventures: Rust Servers That Love Syscalls Why Agentic AI is Killing the Traditional Database The POUR principles of web accessibility for developers and designers Quantum Neural Network 3D — A Deep Dive into Interactive WebGL Visualization How To Install Caveman In Codex On macOS And Windows Automation Pipeline Reliability: Why Your Workflow Breaks When Nobody Is Watching I Built an 'Open World' AI Coding Agent — It Works From ANY Folder From Freelancing to Product: A Tech Service Company's SaaS Transformation China's AI Giants: Adding Tencent Hunyuan & ByteDance Doubao to AI University (74 Providers) On the Vibe Coders and Their Lies clerk: Auto-Summarize Your Claude Code Sessions AI Weekly — 2026/04/10–04/17 | The Model Lockdown Is Here, but the Toolchain Is the Real Battleground AI 週報 — 2026/04/10–2026/04/17 模型封鎖潮來了,但工具鏈才是真戰場 Maybe this is how Open-Source apps are born... 🚀 Fine-Tune LLMs with LoRA and QLoRA: 2026 Guide tRPC v11 + Next.js App Router: End-to-End Type Safety Without the Boilerplate ShadCN UI in 2026: Why I Stopped Installing Component Libraries and Started Owning My Components SaaS Billing in React Server Components: Stripe + Supabase Without a Single `useEffect` Join our DEV Weekend Challenge — $1,000 in Prizes Across TEN winners! Submissions Due April 20 at 6:59 AM UTC. Implementing FSRS Spaced Repetition in Flutter + Supabase — Adding Memory Science to an AI Learning App "I Texted My Localhost From the Train — Claude Code Fixed the Bug Before I Got Home" I Built a Sales Prep AI and It Went Deeper Than Expected Design to Code #2: One JSON, Eleven Outputs Solving the 100M-Row Problem: A Summary Table Pattern for High-Volume Push Notification Logs Flutter Web With Wasm: What Actually Changes For Developers I Built 50 Royalty-Free Soundtracks for My Side Project in a Weekend Using AI Music Generation The Vibe Coding Security Checklist: 7 Things to Check Before You Ship Stop Letting Googlebot Guess Fix Your React App's SEO Right Desconstruindo o Streaming do LinkedIn: Como Criar um Engine de Extração de Vídeo de Alta Performance com HLS e FFmpeg (EDA Part-1) EDA (Exploratory Data Analysis) Explained With Real Life — Why Looking at Your Data Is the Most Important Step in Machine Learning Brand Relationship Management at Scale: Our 4-Touch Outreach System for 200+ Brands Why String.fromEnvironment() Might Return an Empty String in Dart JGuardrails 1.0.0 — Hardening Java LLM Apps Against Jailbreaks, Toxicity, and Prompt Injection Plan and Schedule a Full Week of Threads Content From One Claude Conversation Coding Cat Oran Ep3, Five Tables Changed Everything Updated: BFF Pattern I'm done watching freelancers get buried by 200 proposals. So I'm building the alternative. This is my first post BFS Algorithm in Java Step by Step Tutorial with Examples Tracking LLM Pricing Monthly: An Open Dataset for 22 AI Models How We Measure Content ROI on a Comparison Site: Revenue Attribution Without Perfect Data Introducing Nova AI Ops: The AI-Native Operating System for SRE Teams I built a free desktop video downloader for Windows — Grabbit How Talkie OCR Helps Vision-Impaired & Dyslexic Users Read the World Around Them VRCFaceTracking安装和iPhone面捕配置教程,有bug Even CrowdStrike Can't See Your Agents The Automation Gold Rush: What n8n Workflows and Claude Are Opening Up for Developers Right Now
Why Your OpenClaw Telegram Bot Goes Silent
sir'Alexande · 2026-05-12 · via DEV Community

Telegram chat with AI agent on a smartphone

The silent failures, the two-switch approval trap, and the config gaps that kept adding sessions.


TL;DR: The OpenClaw Telegram integration guide gives you five steps. They work. What they skip: groupPolicy: "allowlist" is the right setting for group chat access, but it needs a companion — groupAllowFrom, the actual sender allowlist. groupAllowFrom takes your numeric Telegram user ID, which the app never shows you. If groupAllowFrom is absent, OpenClaw falls back to allowFrom. If that is also empty, nobody can invoke the agent in groups — silently, with no error. The exec approval system is the other trap: it has two independent layers. I disabled the first and was still getting prompts. The fix is two steps, not one. None of this is documented in the setup guide. Correct config is in the second section.


I followed the Telegram integration guide for OpenClaw and connected the bot. Five steps, they worked. What the guide did not prepare me for: config keys with undocumented dependencies, an approval system with two independent layers that need to be disabled separately, and a config file that gives you near-zero diagnostic output when it breaks.

Each one cost a session I had not planned for.


The Five Steps

The guide covers getting the bot connected. Here is the sequence.

BotFather on Telegram — send /newbot, give it a name and a username, and BotFather hands you a token. Add it to ~/.openclaw/openclaw.json:

{
  "channels": {
    "telegram": {
      "enabled": true,
      "botToken": "YOUR_BOT_TOKEN",
      "dmPolicy": "pairing"
    }
  }
}

Enter fullscreen mode Exit fullscreen mode

Pair your account: send /start to the bot in Telegram. Then approve the pairing from the CLI:

openclaw pairing list telegram
openclaw pairing approve telegram <CODE> --notify

Enter fullscreen mode Exit fullscreen mode

Replace <CODE> with the code shown by pairing list. The --notify flag sends a confirmation back to you in Telegram. Once approved, messages you send to the bot route to your agent.

On the happy path — one user, direct messages, default config — this works. The gateway starts. The agent responds. The guide delivered.

What the guide did not give you:

  1. groupPolicy: "allowlist" — the default setting, but requires groupAllowFrom (or allowFrom) to have your user ID before it does anything
  2. groupAllowFrom — the sender allowlist; takes a numeric user ID the app never shows you; if absent, falls back to allowFrom; if both are empty, fails silently
  3. execApprovals — two independent systems; disabling only the first leaves the second still prompting
  4. Config file integrity — the gateway fails to start with near-zero diagnostic output if openclaw.json is structurally broken
  5. Schema migration — openclaw doctor --fix is a migration tool you have to know to run

Each of those is a session I did not expect to spend.


OpenClaw config file open in a code editor

The Correct Config — Before the Story

If you just need the answer, here it is.

In ~/.openclaw/openclaw.json:

"channels": {
  "telegram": {
    "botToken": "YOUR_BOT_TOKEN",
    "groupPolicy": "allowlist",
    "groupAllowFrom": ["YOUR_NUMERIC_TELEGRAM_USER_ID"],
    "execApprovals": {
      "enabled": false
    },
    "streaming": {
      "mode": "partial"
    }
  }
}

Enter fullscreen mode Exit fullscreen mode

In ~/.openclaw/exec-approvals.json (separate file — System 2):

{
  "version": 1,
  "defaults": {
    "security": "full",
    "ask": "off",
    "askFallback": "full"
  }
}

Enter fullscreen mode Exit fullscreen mode

One sentence per key:

  • botToken: your BotFather token — required, you have this already
  • groupPolicy: controls who can invoke the agent in group chats — "allowlist" is correct; requires groupAllowFrom or allowFrom to contain your numeric user ID
  • groupAllowFrom: the sender allowlist — your numeric Telegram user ID (not your @username); if absent, OpenClaw falls back to allowFrom
  • execApprovals.enabled: false: disables channel-level approval prompts — System 1 of two
  • defaults.security: "full" / ask: "off" / askFallback: "full" in exec-approvals.json: disables the host exec policy — System 2 of two
  • streaming.mode: "partial": object form; run openclaw doctor --fix if you have the older streaming: "partial" scalar

Here is what each of those actually means.


The Keys, and What Happens Without Them

None of these are in the setup guide, the README, or the standard integration walkthrough. A fresh install will not warn you they are missing. You find them when something stops working — or when something is not working and you cannot tell why.

groupPolicy and groupAllowFrom — the policy needs a list

groupPolicy: "allowlist" is correct. It is also the default. What the guide does not explain is that this key needs a populated allowlist to do anything. "allowlist" means: only users on the allowlist may invoke the agent in group chats. The allowlist is groupAllowFrom. If groupAllowFrom is absent, OpenClaw falls back to allowFrom for group sender authorization. If neither contains your numeric user ID, nobody can invoke the agent in groups — including you — with no error and no log entry.

The guide shows the lock. It does not mention the key.

groupAllowFrom takes an array of numeric Telegram user IDs. Not @usernames — numeric IDs. A long integer Telegram assigns internally to every account. It does not appear in the app's profile screen, settings, or any menu.

Two ways to get it:

  1. Via gateway logs — send a message to your bot while running openclaw logs --follow. The log output includes from.id for each inbound message. That is your numeric ID. This works if your gateway is already running.
  2. Via the Bot API — works from any state, as long as the bot has received at least one message:
   curl "https://api.telegram.org/bot<YOUR_BOT_TOKEN>/getUpdates"

Enter fullscreen mode Exit fullscreen mode

The response includes message.from.id.

Once you have the number, put it in groupAllowFrom. A wrong value fails silently — the agent stops responding in group chats with no error and no log entry. If groupAllowFrom is absent, OpenClaw falls back to allowFrom; if that is also missing or wrong, same silent failure.

execApprovals — two switches, not one

This was the one I expected to solve in a single config change. It took two.

OpenClaw has two independent exec approval systems. Disabling only the first left the second still prompting.

System 1 — channels.telegram.execApprovals in openclaw.json

Controls channel-level approval prompts — the ones triggered when you send a message via Telegram or the web UI. Auto-enables when approvers are resolvable.

What that means in practice: the agent wants to open a browser — Approve? Navigate to a URL — Approve? Read the page — Approve? Run a command — Approve? Not once per task — once per step.

Ask the agent to summarize a webpage: approve the browser open, approve the navigation, approve the DOM read, potentially approve a redirect. Four approvals for thirty seconds of actual work.

Fix: set execApprovals.enabled: false in openclaw.json under channels.telegram.

System 2 — ~/.openclaw/exec-approvals.json

A separate file-based policy system. Its own file, its own config, completely independent of openclaw.json. When the file does not exist, the system defers to the tools.exec.* settings in openclaw.json. If those are also unset, the stricter of the two wins — which means you can still get prompted even after disabling System 1.

For a single-user personal setup, set it to allow everything and ask nothing:

{
  "version": 1,
  "defaults": {
    "security": "full",
    "ask": "off",
    "askFallback": "full"
  }
}

Enter fullscreen mode Exit fullscreen mode

Note: security: "full" is counterintuitive — it means all commands are permitted and the allowlist is bypassed entirely. It is the permissive setting, not the restrictive one. askFallback: "full" covers the case where no UI is available; without it, the default is deny.

If the file does not exist, create it at ~/.openclaw/exec-approvals.json with that content. If it already exists, update the defaults block. Restart the gateway.

YOLO mode also requires the gateway-side policy to match. The cleanest way to set both layers at once:

openclaw exec-policy preset yolo

Enter fullscreen mode Exit fullscreen mode

Or manually: openclaw config set tools.exec.security full and openclaw config set tools.exec.ask off.

After both layers are aligned: no approval prompts. If you ever open access to other users, re-enable both.


The Sessions I Didn't Plan For

Even with the config keys right, two incidents added sessions I hadn't budgeted for.

The AI wrote a config line outside the config file

Early in testing, the gateway entered a crash-loop that lasted three days. No response to messages. The logs offered almost nothing — the failure was happening before the gateway could initialise.

Opening ~/.openclaw/openclaw.json showed the problem. A groupAllowFrom value had been written as a bare property assignment after the closing } of the JSON5 file:

channels.telegram.groupAllowFrom = ["<user-id>"]

Enter fullscreen mode Exit fullscreen mode

Invalid JSON5. The gateway cannot parse the file on startup, so it cannot start.

Fix: delete everything after the final }, re-add the value correctly inside the channels.telegram block. Before restarting, run the doctor to confirm the config is valid:

openclaw doctor

Enter fullscreen mode Exit fullscreen mode

If it reports no errors, restart the gateway.

This is a different failure from the hallucinated config keys in my first post on this setup — there the AI added invented keys inside a structurally valid file; here it wrote a syntactically invalid line outside the file entirely. Same class of problem, different location. Lesson either way: after any AI-assisted config edit, run openclaw doctor before restarting.

The schema migration

A openclaw doctor run during a config hardening session flagged a format change:

Before: streaming: "partial"

After:

streaming: { mode: "partial" }

Enter fullscreen mode Exit fullscreen mode

Fix: openclaw doctor --fix migrated it in-place. Restart.

openclaw doctor --fix is a migration tool, not just a health check. If your config has drifted across versions, it catches and repairs format changes in one command. Run it after upgrades.


What It Becomes

After the config keys. After the two-system approval fix. After the schema migration. Telegram works — fully works.

And then Whisper.

OpenClaw routes incoming Telegram voice messages through a local Whisper server and passes the transcription to the agent as text, as if you had typed it. Three things make this work once Telegram is stable:

  • faster-whisper-server running locally: CPU inference, base model, port 8765
  • Two env vars in the gateway's systemd environment: OPENAI_BASE_URL=http://127.0.0.1:8765/v1 and OPENAI_API_KEY=local
  • One non-obvious requirement: the openai-whisper-api skill defaults to response_format=text in its transcribe.sh. Local Whisper servers require response_format=json — the text format fails silently. The gateway drops the voice message with no error, no log entry, no indication anything arrived. If voice messages are sending but nothing is responding, that value is the first thing to check. Editing it in the skill file is reset on upgrade, which is why the full installation walkthrough is in a dedicated video and follow-up post in this series.

With that in place: you record a voice note on your phone. Send it. The local Whisper instance transcribes it on your server — no cloud service involved. The agent responds to what you said out loud.

You are not at a keyboard. You are walking, in another room, hands full. You ask a question and your agent answers it.

That is what changes when Telegram is fully and correctly configured. The interface disappears. The phone becomes a terminal that listens.

Everything in this post — the config keys, the two approval systems, the schema migration — is the cost of admission to that experience. It is worth paying.


What I'd Do Differently From the Start

If I were setting this up again today, here is what I would do in the first ten minutes instead of discovering it across multiple sessions:

  1. Set groupAllowFrom (or allowFrom) alongside groupPolicy: "allowlist" — not the policy alone. Get your numeric Telegram user ID first via the gateway logs or the Bot API (both methods are in The Keys, and What Happens Without Them above), then put the number in groupAllowFrom. The policy without a populated allowlist — and with allowFrom also empty — silently locks everyone out of groups, including you.

  2. Disable both exec approval systems, not just one. System 1: channels.telegram.execApprovals.enabled: false in openclaw.json. System 2: ~/.openclaw/exec-approvals.json with defaults.security: "full", ask: "off", and askFallback: "full" — plus the gateway-side policy (openclaw exec-policy preset yolo sets both at once). Disabling only the first leaves the second still prompting. The session that revealed this was not short.

  3. Run openclaw doctor after every AI-assisted config edit. The AI will write outside the JSON5 structure at some point. openclaw doctor catches config problems before they become a gateway that refuses to start with no useful explanation.

  4. Run openclaw doctor after every upgrade. It is a migration tool. If your config has drifted across versions, --fix catches and repairs it in one command.

One open item: live Telegram-path verification on the 2026.4.21 runtime is still pending. The integration was confirmed working on the version before that upgrade. I will update this post when that test is complete.

If groupAllowFrom was your silent failure — or if you hit the two-system exec approval problem and only found one of the fixes — drop a comment. I want to know what the guides are missing.


Tags: AI, Self-Hosting, DevOps, Telegram, Software Engineering