Summary

After updating OpenClaw to 2026.3.13, local CLI status/probe reports:

missing scope: operator.read

Even though gateway service is running and healthy.

Steps to reproduce

1. Update OpenClaw (openclaw update) to 2026.3.13
2. Restart/verify gateway service
3. Run:
   • openclaw status --deep
   • openclaw gateway probe

Expected behavior

status / probe should report gateway reachable/healthy without scope warning for local operator workflow.

Actual behavior

status / probe show:

• Gateway ... unreachable (missing scope: operator.read)
• RPC: limited - missing scope: operator.read

while service is active and runtime is otherwise functional.

OpenClaw version

2026.3.13

Operating system

Linux (CachyOS, kernel 6.19.6-2-cachyos)

Install method

npm global (linuxbrew path)

Logs, screenshots, and evidence

openclaw status --deep (excerpt):

OpenClaw 2026.3.13 (61d171a)
...
Gateway: local · ws://127.0.0.1:18789 (local loopback) · unreachable (missing scope: operator.read)
Gateway service: systemd installed · enabled · running
Health: Gateway reachable, Telegram OK

openclaw gateway probe (excerpt):

Reachable: yes
Warning: Probe diagnostics are limited by gateway scopes (missing operator.read)
Local loopback ws://127.0.0.1:18789
  Connect: ok · RPC: limited - missing scope: operator.read

Additional context:

• openclaw gateway call health succeeds and returns normal JSON health payload.
• Gateway service runs with corrected dist/index.js entrypoint and is active.

Impact and severity

Medium: operationally usable, but status/probe are misleading and reduce trust in health diagnostics.

Additional information

Potentially related to local auth scope handling post-update (token/device identity scope evaluation), where operator-level read scope is unexpectedly required for routine local status/probe diagnostics.