2026 Must-Have OpenClaw Skills: The Most Complete List and Install Priority
If you already run—or are about to run—OpenClaw and feel lost among ClawHub, GitHub lists, and third-party directories shouting “must install,” here is the direct answer: do not install everything. Verify core bundled skills first, then add 3–5 high-value external skills for your workflow. This guide includes a four-tier decision matrix, scene bundles, a verify safety checklist, a Top 20 table, and a seven-step path (CLI per official OpenClaw Skills docs, checked 2026-05-29).
1. Bottom line: don’t install every OpenClaw skill—use priority tiers
In 2026, the easiest way to break an OpenClaw setup is not the gateway itself—it is Skills. ClawHub, official docs, GitHub repos, and third-party directories all label items “must have” or “Top 10.” Each one sounds like it will make your agent smarter. More skills, however, mean a larger audit surface and more accidental triggers—not necessarily better automation.
A workable strategy is four tiers. “Most complete” in this article means coverage of common directions, not install them all:
| Tier | Action | Typical examples | Before install |
|---|---|---|---|
| ① Verify bundled core | Confirm built-in/bundled skills are visible and sandboxed | web-search, browser, code-execution, file-operations | list + check; limit workspace |
| ② Fresh env priorities | Add 3–5 from ClawHub | GitHub, PDF, Playwright, Calendar, Email | verify + inspect |
| ③ Scene-specific | Install only when a real workflow needs it | SEO/GEO, Obsidian, Slack/Telegram, Google Workspace | minimal OAuth scope |
| ④ Install cautiously | Isolated agent; default off | shell/DevOps/cloud, password managers, mega skill packs | source review + least privilege |
Developers should verify search, code, files, and GitHub first; content/SEO users add scraping, document parsing, and keyword workflows; office automation users add Calendar, Email, Workspace, and chat channels last. Any skill that needs browser login state, secrets, or production repo write access must pass verify / inspect before you install it on a primary agent.
2. What OpenClaw Skills actually are
Skills are not a casual plugin list. They are capability packs that tell the agent how to call external tools, services, browsers, files, and automation flows when a matching task appears. Each skill ships with SKILL.md (and optional manifest/install scripts) describing triggers, steps, and CLI/API dependencies. The gateway loads that guidance on demand instead of stuffing every tool manual into the system prompt.
- Sources: bundled built-ins, the ClawHub registry,
git:owner/repo, or local./path. - Scope: default install target is the active agent workspace
<workspace>/skills/;--globalwrites to the shared directory (default~/.openclaw/skills) unless narrowed withagents.list[].skills. - Load order (simplified): workspace
/skills→ project/personal agents dirs →~/.openclaw/skills→ bundled →skills.load.extraDirs(see Skills config). - vs Channels / Cron: Channels are message ingress; Cron is scheduled triggers; Skills are “how to finish this kind of task with tools.”
Installing more skills does not automatically strengthen the gateway—disabled or allowlisted-out skills never reach the prompt. A misplaced high-permission skill in the wrong workspace can still read files, call outbound networks, or drive a logged-in browser when triggered.
3. Commands you need before installing anything
The table below follows the openclaw skills CLI reference (checked 2026-05-29). If subcommands change, run openclaw skills --help. Do not copy stale slugs—search, then verify/inspect, then install.
| Command | Purpose | How to use in this guide |
|---|---|---|
openclaw skills search "query" | Search ClawHub | Pick candidates—no batch installs |
openclaw skills list [--eligible] | Local visible/installed skills | Compare against bundled core |
openclaw skills info <name> | Metadata for one skill | Confirm name and deps after install |
openclaw skills check [--agent id] | Ready skills visible to an agent | Required on new environments |
clawhub inspect <slug> --files | Preview package files (clawhub CLI) | Required for external skills |
openclaw skills verify <slug> | ClawHub trust envelope JSON | If verify fails, delay install |
openclaw skills install <slug> | Install from ClawHub to workspace | Only after verify/inspect |
openclaw skills install git:owner/repo@ref | Install from Git | Trusted org/repo only |
openclaw skills install ./path --as name | Local directory | Your own workflow skills |
openclaw skills install --global | Shared dir, all local agents | Avoid for high-permission skills |
openclaw skills update --all | Update ClawHub-tracked installs | Maintenance window + config backup |
skills.entries.*.enabled (config) | Disable without deleting | Safer than leaving a bad skill callable |
agents.list[].skills (config) | Per-agent allowlist | Production agents: minimum surface |
Remove skills/<slug>/ | Physical uninstall | Plus enabled:false; new session |
Note: the official CLI docs do not expose a dedicated uninstall subcommand. Uninstall = delete the install directory + set enabled: false + tighten agent allowlists. If a skill does not appear in chat after install, open a new Gateway session or confirm skills.load.watch refreshed the snapshot.
4. Bundled skills you should verify first
These are capability directions; exact bundled names on your machine come from openclaw skills list --verbose. On a new environment, step one is not “install more”—it is confirming these show ready in openclaw skills check:
| Direction | Value | Best for | Verify | Risk |
|---|---|---|---|---|
| web-search | Fresh external context | Everyone | Search providers, citations | Medium |
| browser | Pages, forms, screenshots | Ops, QA, research | Login profiles, sensitive sites | High |
| code-execution | Scripts, data checks | Developers | Sandbox; not prod root | High |
| file-operations | Read/write workspace files | Everyone | Workspace root only | High |
| channels | Telegram, Slack, etc. | Always-on assistants | pairing, groupPolicy | High |
| cron / schedules | Patrols, digests | Ops, content | Stoppable, auditable jobs | High |
| memory | Cross-session recall | Personal assistants | No secrets in MEMORY | Medium |
| GitHub / repos | Issues, PRs, review | Developers | Low-scope tokens | High |
| MCP / tool bridge | More local services | Advanced users | Review each MCP server | High |
If bundled skills are off via skills.allowBundled or entries.*.enabled: false, re-enable them before adding ClawHub extensions. Path/snapshot issues: see our Workspace Skills loading runbook.
5. External skills to prioritize on a new 2026 environment
ClawHub slugs, maintainers, and verify policies change—this table lists directions only. Workflow: openclaw skills search … → clawhub inspect / openclaw skills verify → install (confirm the current slug on install day; do not hard-code examples from this post).
| Direction | Priority | Solves | Audience | Pre-install check | High privilege |
|---|---|---|---|---|---|
| GitHub | P0 | Issues, PRs, review | Developers | Token scope, repo allowlist | Yes |
| PDF / Documents | P0 | Contracts, papers | Research, legal, ops | No sensitive uploads to third parties | Medium |
| Playwright / Web test | P1 | E2E, visual regression | Frontend, QA | Test domains, browser context | Med–high |
| Web scraping / extraction | P1 | Structured excerpts | Research, SEO | robots, rate limits, copyright | Medium |
| Calendar | P1 | Schedules, reminders | Personal assistants | Read vs write boundaries | Medium |
| P1 | Summaries, drafts | Office automation | Read-only or draft-first; no bulk send | Yes | |
| Obsidian / Notion | P1 | Knowledge bases | PKM users | Vault/workspace scope | Med–high |
| SEO / GEO | P2 | Keywords, briefs, analytics | Sites, indie devs | No low-quality bulk publishing | Medium |
| Slack / Discord / Telegram | P2 | Team notifications | Small teams | Mis-send, spam risk | Yes |
| Google Workspace | P2 | Docs, Sheets, Drive | Office automation | Folder + service account scope | Yes |
| Image / Video generation | P2 | Assets, thumbnails | Content, design | Cost, copyright, brand | Medium |
| Skill creator / factory | P2 | Custom workflows | Long-term users | Generated shell scripts? | Med–high |
6. Scene bundles: which group fits your work
| Scene | Suggested stack (core + external) | Verify hardest |
|---|---|---|
| Developer | file-operations + code-execution + GitHub + MCP; optional Playwright | Repo write scope, sandbox |
| SEO / content site | web-search + extraction + SEO/GEO + PDF; avoid auto-posting | CMS/production DB writes |
| Research | web-search + scraping + PDF + Obsidian | Compliance, attribution |
| Personal knowledge base | file-operations + Obsidian/Notion + memory | Vault allowlist, backups |
| Office collaboration | Calendar + Email + Google Workspace + chat channel | OAuth scope, mis-send |
| Web testing | browser + Playwright + code-execution | Test URLs, credential isolation |
| Always-on assistant | channels + cron + Calendar + memory | Stoppable jobs, group policy |
| DevOps | GitHub + cron + MCP; shell/cloud only on isolated agents | Production kube/cloud creds |
| Security audit (defensive) | Dependency/config checks; no unauthorized scanning | Authorized targets only |
| Multi-agent routing | Split allowlists per agent; avoid --global for risky skills | agents.list[].skills boundaries |
| Smart home | Dedicated IoT/MCP bridge; separate workspace | LAN control plane, accidental actions |
7. Skills you should not install blindly
These belong in tier ④ by default—not banned, but requiring inspect, source review, and least privilege, and only for authorized, compliant use:
- High-privilege shell / DevOps / cloud: can run destructive commands or change production; use isolated agents and minimal IAM.
- Browser login state: cookies may persist in profiles; do not automate banking, mail, or social accounts without clear boundaries.
- Full mailbox / social APIs: fine for low-frequency personal assist—not for spam or bypassing platform limits.
- Payments / password managers / production repo write: avoid on a 24/7 primary gateway unless you have audit and review workflows.
- Third-party “one-click skill packs”: collections with hundreds or thousands of entries are for test environments—unpack and verify one by one, not for dumping into
~/.openclaw/skillson a production Mac. - Offensive red-team / jailbreak kits: authorized test labs only; never point at third-party services without permission.
Pre-install safety checklist (10 items)
- Source: ClawHub page or trusted GitHub org—avoid anonymous zip drops
openclaw skills verify <slug>andclawhub inspect --files- Read full
SKILL.mdand frontmattername - Scan
scripts/for shell, curl, rm, external domains - Secrets: does it read
.env, Keychain, or plaintext tokens? - Filesystem: confined to workspace / vault?
- Network: necessary outbound only; user data exfiltration?
- Browser: persistent login; payment pages?
- Maintenance: recent updates, issues, verify policy changes
- Reversible:
enabled:false, delete dir,updatepath works
8. My 2026 Top 20 (capability directions, not fixed slugs)
Order balances beginner usability, developer throughput, content research, office automation, browser power, security boundaries, and long-term maintenance. Always search + verify before install—this is not an official ranking.
| # | Direction | Type | Risk | Install note |
|---|---|---|---|---|
| 1 | web-search | Core | Med | Verify search providers |
| 2 | browser | Core | High | Limit sensitive sites |
| 3 | file-operations | Core | High | Workspace-bound |
| 4 | code-execution | Core | High | Sandbox first |
| 5 | GitHub | Ext / core | High | Low-scope token |
| 6 | Calendar | External | Med | Read/write boundaries |
| 7 | External | High | Read/draft first | |
| 8 | PDF/Documents | External | Med | Sensitive docs local |
| 9 | Obsidian/Notes | External | Med | Vault allowlist |
| 10 | Notion | External | Med | Database permissions |
| 11 | Playwright | External | Med | Test domains only |
| 12 | SEO/GEO | External | Med | No bulk low-quality posts |
| 13 | Web scraping | External | Med | robots / rate limits |
| 14 | Slack/Discord/Telegram | Ext / channel | High | Anti mis-send |
| 15 | Google Workspace | External | High | Folder scope |
| 16 | Image/Video gen | External | Med | Cost & copyright |
| 17 | Cron/Scheduled | Core / ext | High | Auditable, stoppable |
| 18 | MCP/Tool bridge | Core / ext | High | Per-server review |
| 19 | Skill creator | External | Med | Small workflows first |
| 20 | Security audit (defensive) | External | High | Isolated agent |
Reference numbers you can track: ClawHub’s public catalog grows with the community (check the site on install day); aim for ≤ 5 external ClawHub skills on a new gateway, expand after ~2 stable weeks; keep separate workspaces for production vs experiment agents.
9. Why “complete lists” mislead you
- Constraint: bigger lists feel like “install everything.” Community READMEs treat GitHub stars as proof you need Obsidian or browser automation—even when your workflow does not.
- Hidden cost: audit surface. Every skill that can read mail, post to channels, or drive a browser is another accidental trigger—worse on a 24/7 gateway.
- Stability: install without maintenance. Skipping
check/update, keeping dead high-permission skills, and never tightening allowlists leads to breakage after OpenClaw upgrades.
10. Seven-step path you can run today
- Accept the gateway itself: if OpenClaw is not installed yet, follow our Mac install guide and clear fatal items in
openclaw doctor. - List local skills:
openclaw skills listandopenclaw skills checkagainst section 4. - Pick one scene row: from section 6—add only 2–3 external directions.
- Review each candidate:
openclaw skills search …→clawhub inspect <slug> --file SKILL.md→openclaw skills verify <slug>using the section 7 checklist. - Install and trial in isolation:
openclaw skills install <slug>(skip--globalunless you truly need sharing); use a test workspace, not production repos. - New session check: restart Gateway or start a new agent session; confirm visibility with
check --agent. - Log maintenance: record slug, date, permission tier; weekly
list, monthlyupdate --all.
11. Post-install maintenance
- Update on a schedule:
openclaw skills update --all(back up~/.openclaw/openclaw.jsonand workspaces before major bumps). - Disable before delete when unsure:
skills.entries.<name>.enabled: false. - Remove unused high-permission skills: delete
skills/<slug>/and trim agent allowlists. - Ship your real workflows: use
install ./my-skillor the official “Creating skills” flow instead of hoarding ClawHub trending items.
12. Run OpenClaw Skills on Mac mini with less friction
Browser, Playwright, Obsidian, MCP, and a always-on gateway are simpler on native macOS: no WSL layer, Homebrew and launchd are first-class, and Unix tooling is consistent. Mac mini M4’s unified memory handles Gateway + browser automation + light local models reasonably well; ~4W-class idle power suits a 24/7 Skills lab node where you trial high-permission ClawHub packages away from your daily laptop.
Gatekeeper, SIP, and FileVault also give clearer boundaries for ~/.openclaw/ and workspace skills/ than a typical Windows workstation—pair that with verify/inspect and you get a sane place to validate ClawHub skills before team rollout. Comparing agent platforms? See Hermes vs OpenClaw vs OpenHuman.
If you want a quiet, always-on host for layered Skills—not full-disk experiments on your main machine—Mac mini M4 or a ZoneMac remote macOS node is a strong starting point.
Run your OpenClaw Skills workflow on Mac mini
Remote macOS nodes and low-power 24/7 uptime—ideal for Gateway trials and isolated high-permission skills.