OpenClaw Guide Ch.4: Tools and Skills

Chapter 4: Tools and Skills

🎯 Learning Objective: Master OpenClaw's built-in tools, learn to install and use Skill packages, and create custom tools

📚 Tool System Overview

OpenClaw's power lies in its rich tool ecosystem. Agents interact with the external world through tools to perform a wide variety of tasks.

Tool Categories

• 🔧 Built-in Tools: Core tools provided by OpenClaw
• 🎨 Skills: Installable extension packages
• 🛠️ Custom Tools: User-developed specialized tools

---

🔧 Built-in Tool Reference

4.1 File Operation Tools

read — Read File Contents

# Basic usage
read file_path="example.txt"

# Paginated reading of large files
read file_path="large_log.txt" offset=100 limit=50

# Read image files
read file_path="screenshot.png"  # Auto-detects format

write — Create or Overwrite Files

# Create a new file
write file_path="output.txt" content="Hello OpenClaw"

# Overwrite an existing file
write path="config.json" content='{"debug": true}'

Safety Notes:

• write completely overwrites existing files
• Use read first to check if a file exists
• Back up important files before modifying them

edit — Precise File Editing

# Replace specific content
edit file_path="config.txt"
     old_string="debug=false"
     new_string="debug=true"

Best Practice:

# 1. Read to confirm content
read file_path="config.conf"

# 2. Replace precisely (match the full string including whitespace)
edit file_path="config.conf"
     old_string="# production mode
server.debug = false"
     new_string="# production mode
server.debug = true"

# 3. Verify the changes
read file_path="config.conf"

4.2 Command Execution Tools

exec — Execute Shell Commands

# Basic command execution
exec command="ls -la"

# With working directory
exec command="git status" workdir="/project/path"

# Background execution
exec command="long_running_task" background=true

# Set environment variables
exec command="npm start" env={"NODE_ENV": "production"}

Security Configuration:

// Security settings in openclaw.json
{
  "tools": {
    "exec": {
      "security": "allowlist",  // deny | allowlist | full
      "allowCommands": ["git", "npm", "docker", "ls", "cat"],
      "denyPaths": ["/etc", "/root", "/usr/bin/rm"]
    }
  }
}

process — Manage Background Processes

# List active processes
process action="list"

# View process output
process action="log" sessionId="abc123"

# Send input to a process
process action="write" sessionId="abc123" data="exit\n"

# Kill a process
process action="kill" sessionId="abc123"

4.3 Network Tools

web_search — Web Search

# Basic search
web_search query="OpenClaw documentation"

# Limit result count
web_search query="AI assistant deployment" count=5

# Region-specific search
web_search query="artificial intelligence" country="US" search_lang="en"

# Filter by time range
web_search query="OpenClaw news" freshness="pw"  # Past week

web_fetch — Fetch Web Content

# Fetch web page content
web_fetch url="https://docs.openclaw.ai/quickstart"

# Extract text only
web_fetch url="https://example.com" extractMode="text"

# Limit content length
web_fetch url="https://long-article.com" maxChars=5000

browser — Browser Automation

# Open a web page
browser action="open" targetUrl="https://github.com"

# Take a screenshot
browser action="screenshot"

# Click an element
browser action="act" request={"kind": "click", "ref": "login-button"}

# Fill a form field
browser action="act" request={
  "kind": "fill",
  "ref": "username-field",
  "text": "myusername"
}

4.4 Messaging Tools

message — Send Messages

# Send a simple message
message action="send" target="user123" message="Hello!"

# Specify channel
message action="send" channel="telegram" target="@mychat" message="Status update"

# Send a file
message action="send" target="user123" media="/path/to/file.pdf"

tts — Text-to-Speech

# Generate a voice file
tts text="Welcome to the OpenClaw assistant" channel="telegram"

---

🎨 Skills System

4.5 What Are Skills?

Skills are extension packages for OpenClaw that give Agents specialized domain capabilities.

Core Concepts:

• Skill Package: Contains a SKILL.md configuration and related scripts/resources
• Skill Description: A functional description understood by the AI model
• Tool Integration: Skills can invoke tools to accomplish complex tasks

4.6 Installing and Using Skills

Install from ClawHub

# List available skills
openclaw skills list

# Install the weather skill
openclaw skills install weather

# Update an installed skill
openclaw skills update weather

# Uninstall a skill
openclaw skills uninstall weather

Local Skill Development

# Create a skill directory
mkdir -p ~/.openclaw/workspace-main/skills/my-custom-skill

# Create the skill configuration
cat > ~/.openclaw/workspace-main/skills/my-custom-skill/SKILL.md << 'EOF'
---
name: my-custom-skill
description: Custom automation for specific tasks
version: 1.0.0
---

# My Custom Skill

This skill provides automation for...

## Usage
When user asks for X, do Y using the following tools:
1. tool1 with parameters...
2. tool2 with results from step 1...
EOF

4.7 Recommended Skills

Skill	Function	Use Case
weather	Weather queries	Daily assistant, travel planning
healthcheck	System monitoring	Server ops, security checks
slack	Slack integration	Enterprise collaboration, notifications
continuous-learning-v2	Learning records	Knowledge management, experience tracking

---

🛠️ Tool Security and Configuration

4.8 Security Best Practices

Tool Permission Control

{
  "tools": {
    "exec": {
      "security": "allowlist",
      "allowCommands": [
        "git", "npm", "yarn", "docker", "kubectl",
        "ls", "cat", "grep", "find", "ps"
      ],
      "denyCommands": ["rm", "sudo", "chmod", "chown"],
      "denyPaths": ["/etc", "/root", "/bin", "/sbin"]
    },
    "read": {
      "denyPaths": ["/etc/passwd", "/etc/shadow", "~/.ssh"]
    },
    "write": {
      "denyPaths": ["/etc", "/root", "/sys", "/proc"]
    }
  }
}

Network Access Control

{
  "tools": {
    "web_fetch": {
      "allowDomains": ["docs.openclaw.ai", "api.github.com"],
      "denyDomains": ["internal.company.com"],
      "maxContentSize": "10MB"
    },
    "browser": {
      "headless": true,
      "allowedDomains": ["trusted-site.com"],
      "timeout": 30000
    }
  }
}

4.9 Tool Usage Best Practices

Error Handling

# Good practice: Check if file exists first
read file_path="config.json"
if [[ $? -eq 0 ]]; then
  edit file_path="config.json" old_string="..." new_string="..."
else
  write file_path="config.json" content='{"default": true}'
fi

Logging

# Log important operations
echo "$(date): Starting backup process" >> backup.log
exec command="rsync -av /data/ /backup/" workdir="/scripts"
echo "$(date): Backup completed" >> backup.log

---

🎯 Hands-On Exercise

4.10 Comprehensive Case: Automated Report Generation

Requirement: Generate a daily system status report automatically

#!/bin/bash
# Automated report generation workflow

# 1. Collect system information
exec command="uptime" > system_uptime
exec command="df -h" > disk_usage
exec command="free -h" > memory_usage

# 2. Check service status
exec command="systemctl status openclaw-gateway" > gateway_status
exec command="docker ps" > container_status

# 3. Get recent logs
read file_path="/var/log/openclaw.log" offset=1000 limit=100 > recent_logs

# 4. Compile the report
write file_path="daily_report_$(date +%Y%m%d).md" content="
# System Status Report — $(date)

## System Overview
$(cat system_uptime)

## Disk Usage
\`\`\`
$(cat disk_usage)
\`\`\`

## Memory Usage
\`\`\`
$(cat memory_usage)
\`\`\`

## Service Status
$(cat gateway_status)

## Recent Logs
\`\`\`
$(cat recent_logs)
\`\`\`
"

# 5. Send notification
message action="send" target="admin@company.com"
        message="Daily report generated"
        media="daily_report_$(date +%Y%m%d).md"

# 6. Clean up temp files
exec command="rm -f system_* disk_* memory_* gateway_* container_* recent_logs"

Schedule Execution:

# Using OpenClaw's cron feature
openclaw cron add --name "daily-report"
                  --schedule "0 8 * * *"
                  --command "bash report_generator.sh"

4.11 Troubleshooting Guide

Error 1: exec tool denied

Error: Command 'sudo apt update' denied by security policy

Fix:

{
  "tools": {
    "exec": {
      "security": "allowlist",
      "allowCommands": ["sudo"]  // Add sudo to the allowlist
    }
  }
}

Error 2: File permission denied

Error: EACCES: permission denied, open '/etc/hosts'

Fix:

# Option 1: Change file permissions
sudo chmod 644 /etc/hosts

# Option 2: Use sudo
exec command="sudo cat /etc/hosts"

Error 3: Network request timeout

Error: Request timeout after 30000ms

Fix:

{
  "tools": {
    "web_fetch": {
      "timeout": 60000,  // Increase timeout
      "retry": 3         // Retry count
    }
  }
}

---

📋 Chapter Summary

Key Takeaways

1. Tool Categories: Built-in tools + Skills + Custom development
2. Security First: Strictly configure tool permissions; use allowlist mode
3. Error Handling: Check return values, log operations, degrade gracefully
4. Best Practices: Test and verify, clean up resources, secure configurations

Next Steps

• Chapter 5: Learn how to connect different messaging channels
• Chapter 6: Master multi-Agent collaboration architecture
• Chapter 7: Dive deep into memory management

Practice Suggestions

1. Try the basic usage of each built-in tool
2. Install and use 2–3 common Skills
3. Create a custom automation script
4. Configure security policies suitable for your environment

---

📚 Further Reading:

• OpenClaw Official Tool Docs
• ClawHub Skill Marketplace
• Security Configuration Best Practices

---

📌 This article is written by the AI team at TechsFree

🔗 Read more → Check out TechsFree Tech Blog for more articles on AI, multi-agent systems, and automation!

🌐 Website | 📖 Tech Blog | 💼 Our Services