github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-23 19:28:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
2c61fb69c1cca5ea46136fe71ade96efba1a2e45
openclaw/docs/tools/creating-skills.md
theonejvo 2c61fb69c1 feat(security): add client-side skill security enforcement 
Add a capability-based security model for community skills, inspired by
how mobile and Apple ecosystem apps declare capabilities upfront. This is
not a silver bullet for prompt injection, but it's a significant step up
from the status quo and encourages responsible developer practices by
making capability requirements explicit and visible.

Runtime enforcement for community skills installed from ClawHub:

- Capability declarations (shell, filesystem, network, browser, sessions)
  parsed from SKILL.md frontmatter and enforced at tool-call time
- Static SKILL.md scanner detecting prompt injection patterns, suspicious
  constructs, and capability mismatches
- Global skill security context tracking loaded community skills and
  their aggregate capabilities
- Before-tool-call enforcement gate blocking undeclared tool usage
- Command-dispatch capability check preventing shell/filesystem access
  without explicit declaration
- Trust tier classification (builtin/community/local) — only community
  skills are subject to enforcement
- System prompt trust context warning for skills with scan warnings or
  missing capability declarations
- CLI: `skills list -v`, `skills info`, `skills check` now surface
  capabilities, scan results, and security status
- TUI security log panel for skill enforcement events
- Docs updated across 7 files covering the full security model

Companion PR: openclaw/clawhub (capability visibility + UI badges)
2026-02-22 22:35:00 +11:00

2.2 KiB
Raw Blame History

title
title
Creating Skills

Creating Custom Skills 🛠

OpenClaw is designed to be easily extensible. "Skills" are the primary way to add new capabilities to your assistant.

What is a Skill?

A skill is a directory containing a SKILL.md file (which provides instructions and tool definitions to the LLM) and optionally some scripts or resources.

Step-by-Step: Your First Skill

1. Create the Directory

Skills live in your workspace, usually ~/.openclaw/workspace/skills/. Create a new folder for your skill:

mkdir -p ~/.openclaw/workspace/skills/hello-world

2. Define the SKILL.md

Create a SKILL.md file in that directory. This file uses YAML frontmatter for metadata and Markdown for instructions.

---
name: hello_world
description: A simple skill that says hello.
---

# Hello World Skill

When the user asks for a greeting, use the `echo` tool to say "Hello from your custom skill!".

3. Declare Capabilities

If your skill uses system tools, declare them in the metadata.openclaw.capabilities field:

---
name: deploy_helper
description: Automate deployment workflows.
metadata: { "openclaw": { "capabilities": ["shell", "filesystem"] } }
---

Available capabilities: shell, filesystem, network, browser, sessions.

Skills without capabilities are treated as read-only (model-only instructions). Community skills published to ClawHub must declare capabilities matching their tool usage — undeclared capabilities are blocked at runtime.

4. Add Tools (Optional)

You can define custom tools in the frontmatter or instruct the agent to use existing system tools (like bash or browser).

5. Refresh OpenClaw

Ask your agent to "refresh skills" or restart the gateway. OpenClaw will discover the new directory and index the SKILL.md.

Best Practices

  • Be Concise: Instruct the model on what to do, not how to be an AI.
  • Safety First: If your skill uses bash, ensure the prompts don't allow arbitrary command injection from untrusted user input.
  • Test Locally: Use openclaw agent --message "use my new skill" to test.

Shared Skills

You can also browse and contribute skills to ClawHub.

Reference in New Issue View Git Blame Copy Permalink