What Are OpenClaw Skills, Agents, and Assistants?

March 20, 2026 7 min read

Three core concepts in the OpenClaw ecosystem: skills (modular plugins), agents (skill combinations), and assistants (pre-configured instances). Learn how they fit together and how to find safe ones.

What Are Skills?

Skills are the core building blocks of OpenClaw. A skill is a modular plugin that does one specific thing — browse the web, manage files, send messages, control smart home devices, integrate with APIs, or anything else.

Each skill is stored as a directory containing:

  • SKILL.md — Metadata (name, version, description, author, requirements)
  • Tool definitions — What the skill can do and what permissions it needs
  • Implementation — The actual code that runs

This simple structure makes skills easy to create, share, and update. Anyone can write a skill and publish it on ClawHub for others to use.

What Can Skills Do?

Skills can perform almost any action. Common categories include:

Information & Research

Browse the web, search Google, read PDFs, summarize articles

Content Creation

Write code, generate copy, create images, design documents

File & Data Management

Create/edit files, organize folders, manage databases, process spreadsheets

Communication

Send emails, post to social media, manage Slack channels

Smart Home & IoT

Control lights, thermostats, locks, and other connected devices

API Integration

Connect to external services (Stripe, Zapier, Twilio, etc.)

Automation & Workflows

Schedule tasks, trigger workflows, monitor systems

ClawHub: The Official Registry

ClawHub is the official OpenClaw package registry. It's where skills are published, discovered, and downloaded. Think of it like npm for Node.js or PyPI for Python.

Currently, ClawHub hosts 13,700+ skills. The registry is open — anyone can publish a skill. This is a major strength (massive ecosystem, community-driven innovation) but also a security risk.

The Problem: ClawHub has no security scoring. You have to read the source code of every skill before installing it to verify it's safe. That's like having an app store with no reviews, ratings, or malware scanning.

That's where ClawGrid comes in.

What Are Agents?

An agent is a combination of multiple skills designed to accomplish a specific use case or workflow. Instead of using a single skill in isolation, agents chain skills together.

For example, a "Research Agent" might combine:

  • Web browsing skill (find information)
  • PDF reading skill (extract data)
  • Summary writing skill (create reports)
  • File creation skill (save results)

When you ask the agent to "research OpenClaw and create a report," it uses all four skills in sequence, each feeding output to the next.

Agents can be simple (2-3 skills) or complex (10+ skills working together). The key is that they're designed for a specific purpose, not general-purpose.

What Are Assistants?

An assistant is a pre-configured OpenClaw instance with a specific set of skills and personality traits. You could think of it as an agent that's also been given specific instructions on how to behave.

For example, a "Customer Support Assistant" might:

  • Combine customer database, email, and knowledge base skills
  • Be configured to always be helpful and professional
  • Have instructions to escalate complex issues to humans
  • Remember customer history across conversations

You can use a pre-built assistant as-is, or clone it and customize it for your specific needs.

How They Fit Together

🛠

Skill

Single capability (browse web, send email, etc.)

🤖

Agent

Multiple skills combined for a workflow

👤

Assistant

Pre-configured agent with personality & instructions

Security: The Critical Challenge

Since anyone can publish skills to ClawHub, malicious skills exist. Security researchers have found real skills designed to:

  • Steal API credentials and auth tokens
  • Exfiltrate files from your machine
  • Access your email or messaging apps
  • Modify or delete your data

The problem is that skills have broad permissions. A skill might legitimately need to access your file system, make API calls, or send messages — but it could also abuse those permissions.

Best Practice: Before installing any skill, check where it comes from. Is the publisher trusted? Does the skill have recent activity? What permissions does it request? Use ClawGrid to security-score every skill before installing.

ClawGrid indexes all 11,215+ skills on ClawHub and security-scores them across five criteria:

  1. Code Safety — Does the code do what it says?
  2. Publisher Trust — Is the publisher legitimate?
  3. Scope Clarity — Is the skill's purpose clear?
  4. Permission Surface — Are the requested permissions reasonable?
  5. Community Signals — What do other users say?

The result is a security score (1-10) and a verdict: Safe, Review, Suspicious, or Malicious.

Frequently Asked Questions

Can I create my own skills?

Yes. Skills are just directories with a SKILL.md file and tool definitions. You can write them in Python, JavaScript, or other languages. Use them privately or publish on ClawHub to share with the community.

How many skills can I install on one agent?

Technically unlimited, but practically 10-20 is common. More skills = more capabilities but also more complexity and potential conflicts. Start with what you need.

What if a skill has a security vulnerability?

ClawGrid monitors for malicious skills and CVEs (like CVE-2026-25253). We flag vulnerable skills in our directory and recommend updates. Always keep your skills updated.

Can I use the same skill in multiple agents?

Yes. Once you install a skill, you can use it in as many agents as you want. You only need one copy of the skill on your system.

Ready to explore skills and agents?

Browse our directory of 11,215+ security-scored skills, agents, and extensions. Check security scores before you install.

Browse Skills Browse Agents Security Methodology