OpenClaw Diff and Dry-Run Mode: Safer Workflow Automation Changes in 2026

TL;DR

OpenClaw now includes Diff and Dry-Run Mode so teams can preview edits, assess risk, and validate changes to workflow automation before anything touches production accounts. Diff generates a human readable plan that highlights connector scope changes, schedule expansions, and write operations. Dry-Run executes with no-op providers and shadow browser steps to capture payloads and screenshots without sending messages or publishing posts. Together they reduce rollbacks and review time, and they produce artifacts that you can attach to pull requests or CI checks for faster, safer approvals.

What shipped in this release

OpenClaw adds a full preview workflow that shows what will change, lets you validate side effects without sending real traffic, and produces artifacts you can attach to a pull request or change ticket.

Diff Mode in the editor and CLI

• Visual plan view in the editor highlights block-level edits, connector scope changes, and schedule updates.
• Inline risk badges summarize potential impact by looking at side effects, schedule expansion, and permission scope.
• CLI parity means you can export the same plan as JSON or Markdown for automation.

Example commands:

# Generate a human readable plan between the main branch and a PR branch
openclaw diff --from main --to pr-123 --format markdown > plan.md

# Export a machine readable plan for CI policies
openclaw diff --from main --to pr-123 --format json > plan.json

If you are new to ButterGrow and want to see this in action, start from the AI marketing automation features on the product page: the feature set.

Dry-Run execution with safe providers

Dry-Run Mode executes your automation without real world side effects. Email and ads actions are routed to no-op providers that record intended payloads and metadata. Webhooks and HTTP actions attach an identifying header and short circuit writes. Browser steps run in shadow mode where navigation, selectors, and screenshots are captured but forms are not submitted.

# Validate a workflow without sending traffic
openclaw run --dry-run workflows/email-campaign.oc.yaml \
  --env staging \
  --export artifacts/

Each dry run produces artifacts: the plan, structured logs with redacted secrets, sample payloads, and a connector compatibility report. Store these with your pull request so reviewers can comment on exactly what will change.

Variable snapshots and environment awareness

Every plan includes a snapshot of environment variables and secrets at evaluation time. This helps reviewers reason about what a template will render, which audience segment a query will pull, and how schedules expand in different time zones. Snapshots never include plaintext secrets. They include keys and hashes only.

Audit ready outputs

Diffs and dry runs generate immutable files that include the approver, the plan hash, and the run ID. Pair this with role based access control and audit logging to satisfy internal change control. For deeper security context, see how we improved governance in workspace roles and audit logs.

Why this matters

Previewing changes has been a proven reliability practice in infrastructure and software delivery for years. Marketing teams deserve the same safety net when automating campaigns, content operations, and reporting. Diff and Dry-Run Mode move automation from trial and error to planned changes with clear review points.

Here is a quick comparison.

Scenario	Without previews	With Diff and Dry-Run
Editing a weekly newsletter	Risk of sending to the wrong segment and broken personalization	Plan shows audience query diffs and template variable changes. Dry run captures a sample message for review
Updating a social scheduler	Possible duplicate posts or missed quiet hours	Plan shows new schedules and time zone shifts. Dry run verifies no posts would be sent during quiet windows
Replacing a CRM credential	Silent permission change can break sync or widen access	Plan flags connector scope change. Dry run tests read only calls and reports missing permissions before deploy
Adding a new browser step	Unintended form submissions	Shadow mode records navigation and selectors only, so you can confirm steps without touching production

How it works under the hood

Diff Mode parses the current workflow definition and the pending edit into an intermediate representation. It then compares the graph of blocks, connections, and parameters to produce a plan. The plan highlights adds, removes, and changes with context such as schedule expansion and connector scopes.

Dry-Run Mode uses preview providers for common channels. Email and ads route to no-op adapters that capture payloads and headers. HTTP blocks add an idempotency key and an identifying header so vendors can safely recognize sandbox calls when they allow it. Browser steps run in a container with network isolation and write protections. Retries are disabled during a dry run so that logs reflect a single pass for review.

Risk scoring looks at factors like schedule expansion, connector permissions, write operations, and data egress. The score is conservative by design to prompt review when anything could send or publish. You can tune thresholds in your workspace policies so CI can block high risk plans automatically.

Step-by-step rollout for your team

Step 1Turn on plan previews in your workspace

Open the editor for any automation and toggle Diff Mode. Save a small change to see the plan behave on a simple edit, such as updating a subject line or moving a block. If you are starting fresh, you can get started in minutes.

Step 2Establish a plan artifact in code review

Add a job in your CI pipeline that runs the diff command on every pull request. Publish the Markdown plan as a build artifact. Ask reviewers to approve only when the plan matches intent and the risk badge looks appropriate.

openclaw diff --from main --to "$PR_BRANCH" --format markdown > plan.md

Step 3Validate with Dry-Run in a staging environment

Run the workflow in dry-run mode against staging variables and secrets. Confirm connector compatibility and inspect captured payloads. Fix issues in the draft and regenerate the plan until the result is clean.

openclaw run --dry-run workflows/production-calendar.oc.yaml --env staging --export artifacts/

Step 4Promote with guardrails

When the plan is approved, merge the changes and promote the workflow to production. Keep the first production run under a temporary concurrency limit or schedule pause while monitoring logs. For tips on keeping agent context stable during production activity, keep session heartbeats enabled and watch for long running browser steps.

Step 5Close the loop with change records

Attach the plan and dry-run artifacts to your change record. If your team uses internal approvals, capture the approver and run ID in the ticket. This supports audits and gives future editors a clear history of why a change shipped.

What Dry-Run covers and what it cannot

Coverage includes template rendering, variable resolution, control flow, and all read operations. Email, ads, webhooks, and messenger actions record payloads through no-op or sandbox providers. Browser automation runs in shadow mode to avoid real submissions. Schedules are expanded to show expected run windows.

Gaps remain where a real world outcome is required. Inbox placement, ad auctions, and third party moderation cannot be simulated fully. Some vendors do not support safe previews. When a provider lacks a safe path, the run records a skipped write with a reason so you can decide whether to test in staging or request a lower scope token.

Practical examples

Updating a newsletter template safely

You change a subject line formula and add a dynamic block for a new product. The plan shows exactly which template variables changed and how the audience query differs. A dry run renders example messages and stores them as artifacts your editor can review before you schedule.

Rotating a CRM credential

Your ops team replaces a token. Diff Mode flags the scope change from read to read and write. A dry run verifies that read calls still succeed, and it records the blocked writes so you can seek approval before enabling them.

Adding a browser step for a partner portal

You add a step that pulls weekly stats from a partner dashboard. Shadow mode captures navigation, selectors, and the target report title. No forms are submitted and no settings are changed. Reviewers sign off based on the artifacts and you promote with confidence.

Governance and reliability

Plan previews and safe runs help two critical areas. They harden change management by generating an artifact trail that ties edits to approvals. They also improve reliability by catching misconfigurations before production traffic flows. Pair the feature with role based approvals and audit trails from the platform feature set so only authorized users can ship changes.

If you want a quick overview of what the product can do, the features page explains how channels, connectors, and schedules work together.

CI policies and risk gating

Diff and Dry-Run artifacts give you the data you need to enforce lightweight guardrails in continuous integration. A common pattern is to fail builds when the plan includes risky side effects, such as a widened audience query or a connector permission change. You can also require a human approval when the risk score crosses a threshold while still allowing low risk edits to merge automatically.

Here is an example policy that checks a machine readable plan and stops a merge if an edit expands a schedule or introduces a new write operation:

{
  "failOn": {
    "scheduleExpansion": true,
    "newWriteOperations": true,
    "connectorScopeWidened": true
  },
  "requireApprovalAbove": 70,
  "notify": ["#marketing-ops", "#release-review"]
}

Because the plan is deterministic for a given pair of workflow versions and environment variables, your policy remains stable across runs. This keeps code review focused on intent instead of guesswork about what a change might do in production.

Connector compatibility report

Dry-Run writes a compatibility summary for every provider used by the workflow. Use it to catch missing scopes, deprecations, or slow responses before a real send. Here is the shape you will see most often:

Connector	Mode during dry run	Writes blocked	Notes
Email provider	No-op adapter	Yes	Captures subject, HTML, and recipient sample
Ads manager	No-op adapter	Yes	Records targeting and budget payloads
HTTP webhook	Sandbox header	Yes for POST, PUT, DELETE	Validates response schema only
Browser	Shadow mode	Yes	Records navigation and selectors without form submits

When a provider lacks a safe preview path, Dry-Run records a skipped write with the exact endpoint and method. This gives reviewers a clear checklist for staging tests.

Troubleshooting dry runs

Step 1Resolve missing variables

If the plan shows undefined variables, add them to your staging environment and regenerate the plan. Missing variables often surface in template renderers and audience queries.

Step 2Tighten connector scopes

If a compatibility report flags a widened scope, rotate the token to the minimum required permissions. Run in dry mode again to confirm that reads succeed and writes are still blocked.

Step 3Fix slow shadow steps

If a browser step times out in shadow mode, add explicit waits on selectors or simplify the page path. Shadow mode captures page titles and selectors, which helps you tune reliability before real submissions.

Step 4Stabilize schedules

If the plan shows a larger than expected execution window, specify time zones and quiet hours in the schedule block. Re run Diff to confirm the plan matches your intent before merging.

Performance and scalability

Plan generation operates on an intermediate representation instead of executing actions, so it is fast even for large automations. Dry-Run parallelizes independent branches up to a workspace limit to keep end to end time reasonable. Artifacts are compressed by default, and logs redact secrets so files can be shared safely in tickets and pull requests.

Roadmap and next steps

We are exploring provider specific preview enhancements for messenger channels and deeper data lineage for complex audience queries. Our goal is to make previews more informative without increasing friction. Your feedback on where previews save the most time will help us prioritize the next set of improvements.

Ready to try safer previews and test runs in your own account? You can get started in minutes and have your first automated workflow under preview today. If questions come up during rollout, check answers to common questions or chat with the team inside the app.

References

• Terraform plan command: canonical example of previewing infrastructure changes before apply.
• Kubernetes API dry-run: official approach to request validation without persisting objects.
• Atlassian feature flags guide: background on progressive delivery and safe release practices.