Briefing
Every platform that takes off ends up needing a place where other people can add to it. For OpenClaw, that place is ClawHub, a registry for agent skills that people have started calling the npm of AI capabilities. It holds thousands of community-built skills, and the most popular ones have been installed hundreds of thousands of times. Much of OpenClaw's pull comes from what lives here.
What Is ClawHub?
ClawHub is a registry and distribution system for OpenClaw skills. The idea is simple: someone writes a useful capability once, publishes it, and everyone else can pull it down and run it. Reported install syntax looks like this:
openclaw install @clawhub/research-agentA note on accuracy here. The command above matches how the original write-up described ClawHub, but it does not match how the real registry works. According to the openclaw/clawhub repository, skills are not npm packages, each one is a folder built around a SKILL.md file plus supporting bits, and the install command is clawhub install <skill-slug> (for example, clawhub install @openclaw/demo). Worth knowing before you copy and paste.
In the npm-style model the original article describes, each skill package was said to include:
- Manifest: Metadata describing capabilities, requirements, and permissions
- Implementation: TypeScript code implementing the skill's logic
- Schema: Input/output definitions for the LLM to understand usage
- Documentation: Usage examples, configuration options, and testing guides
- Tests: Automated tests verifying skill behaviour
In practice, OpenClaw's own docs point to something leaner: a real skill is mostly a SKILL.md holding instructions and frontmatter metadata, with optional scripts or config alongside. Some bundled plugins do carry code, but the TypeScript-package breakdown above is not how most text-based skills are actually put together.
The Skill Economy
ClawHub has grown its own little economy. Skill authors build a reputation through downloads, ratings, and word of mouth. Some have reportedly turned that visibility into consulting work, writing custom skills for businesses that want something off-menu.
The original article listed these as the most downloaded skills:
- @clawhub/research-agent (2M+ downloads): Multi-step web research with synthesis
- @clawhub/code-reviewer (1.5M+ downloads): Automated code review with best practices
- @clawhub/data-analyst (1.2M+ downloads): SQL generation, visualisation, and insight extraction
- @clawhub/devops (900K+ downloads): CI/CD pipeline management and deployment
- @clawhub/content-writer (800K+ downloads): Blog posts, documentation, and marketing copy
Treat that list with caution. These names and figures could not be matched against any real ClawHub leaderboard. Public rankings tell a different story: a category-by-category guide on Medium reports the actual top skills by installs as Skill Vetter (~256K), Github (~189K), Ontology (~188K), Gog (~185K), and Felo Search (~145K). No skill called @clawhub/research-agent with two million downloads shows up anywhere we could verify, so the numbers above appear to be invented.
Quality and Trust
ClawHub runs a layered approach to keeping skills safe.
Automated Scanning: Uploaded skills are scanned for malware, secrets, and known vulnerabilities. This part is real, reporting from Penligent describes VirusTotal scanning and static analysis on submissions. The context matters, though. A lot of that hardening came in response to a supply-chain scare, with more than 1,184 malicious skills reported, so this is less a smoothly engineered system and more a defence that got built in a hurry after things went wrong.
Community Ratings: Users rate skills on reliability, documentation, and usefulness, and poorly rated ones get flagged for review.
Verified Publishers: Trusted authors can earn verified status. Cryptographic publisher attestation, stars, and download counts are confirmed features, per the AllClaw registry overview.
Sandbox Testing: The original article said skills run in a sandbox during installation to check they don't do anything unexpected. Sandboxed execution and behavioural monitoring do come up in security write-ups, but a sandbox step running automatically on every install is not clearly an official, universal ClawHub feature, so take that one as reported rather than confirmed.
Audit Trail: Semantic versioning with changelogs and easy rollback is real, which makes it straightforward to spot a bad update and revert to a known-good version.
Enterprise Features
For organisations, the original article described private registries with the following:
- Internal Skills: Publish proprietary skills without exposing them publicly
- Approval Workflows: Require review before skills can be installed
- Usage Analytics: Track which skills are used across teams
- Compliance Scanning: Automatic licence and security compliance checking
- Integration: Sync with private npm registries and Artifactory
A caveat before you plan around any of this: none of these enterprise features could be confirmed against official sources. The openclaw/clawhub repository and the docs we reviewed don't mention private registries, approval workflows, Artifactory sync, or compliance scanning. Security analysts tend to suggest that companies build their own internal trust chain, which hints that these aren't turnkey ClawHub products. If your team needs that kind of control today, assume you may have to build it yourself.
The Steinberger Effect
When OpenClaw's founder joined OpenAI in February 2026, people worried about what would happen to ClawHub. Would the marketplace get commercialised? Would the enterprise features end up behind a paywall?
One correction first. The original article named "Cole Steinberger." That's wrong. TechCrunch reported on 15 February 2026 that it was Peter Steinberger, the founder of PSPDFKit, based in Vienna, who joined OpenAI.
The handover went better than people feared. Steinberger's own account confirms OpenClaw was committed to staying open-source, living in a foundation that OpenAI would keep supporting. The original article also described a formalised steering committee with named community representatives running ClawHub governance; that specific structure could not be confirmed, so treat it as unverified. The broad point still holds: a well-run open-source project can survive losing its founder.
Building a Skill
The original article gave this as a sample skill:
import { defineSkill } from '@openclaw/core';
export default defineSkill({
name: 'hello-world',
description: 'A simple greeting skill',
schema: {
input: {
name: { type: 'string', description: 'Name to greet' }
},
output: { type: 'string' }
},
async execute({ name }) {
return `Hello, ${name}!`;
}
});One thing to flag: this code is illustrative, not verified. No source we checked confirms a @openclaw/core package that exports a defineSkill helper. As OpenClaw's skills docs describe, real text-based skills are authored as SKILL.md folders rather than through a TypeScript defineSkill() call. So the sample reads well, but don't expect it to run as-is.
The underlying point is sound either way. A skill can be as small as a single function or as involved as a multi-step workflow with API calls, file operations, and branching logic.
The Future
According to the original article, ClawHub's roadmap covers skill versioning with dependency management, skill composition (skills that call other skills), and a visual builder for people who don't code. There was also talk of a rating-prediction model to help surface good skills before they've built up downloads.
These are forward-looking plans, not shipped features. Semantic versioning already exists, but dependency management, composition, the visual builder, and the prediction model are unconfirmed roadmap items rather than things you can use today.
OpenClaw has reached roughly 345,000 GitHub stars, and ClawHub is a big part of why. The framework on its own is useful. The registry around it is what makes it a platform, and that gap is worth paying attention to if you're weighing it up for your own team.