Tools, Skills & MCP: Extending OpenClaw
A practical OpenClaw guide to turning a chat agent into a controlled workflow: use tools for actions, Skills for repeatable instructions, and MCP for structured external integrations.
The Simple Mental Model
Think of an extended OpenClaw workflow in three layers:
- Tools are the actions OpenClaw can take, such as reading files, browsing, or running an approved command.
- Skills are reusable instructions that tell OpenClaw how and when to use those tools for a specific task.
- MCP is a structured protocol that can make tools from an external system available to OpenClaw.
The important distinction is that a Skill does not grant new access by itself. It defines the workflow. Tools provide the actions, and an MCP server can supply additional actions from a connected service.
For a pull request review, a code-review Skill can define the checklist, local tools can read the diff and run tests, and a read-only GitHub MCP server can provide repository context. That is a workflow, not just a longer prompt.
Tools vs Skills vs MCP: What Is the Difference?
Use a tool when OpenClaw needs to take an action. Use a Skill when the task needs the same process and guardrails each time. Use MCP when that action comes from a structured external integration. A reliable workflow often uses all three.
| Layer | What It Does | Best For | Example |
|---|---|---|---|
| Tools | Give OpenClaw an action it can perform | Files, browser, commands, APIs | Read a diff, run tests, search documentation |
| Skills | Define the procedure, output, and guardrails | Repeatable workflows | PR review, bug triage, documentation update |
| MCP | Supplies tools through a standard external connection | Structured integrations | GitHub, a database, an internal API, a custom app |
Common Use Cases
Code Review
OpenClaw can review pull requests, inspect files, detect risky logic, find missing tests, and suggest fixes when the right tools and skills are available.
Useful setup:
- Code review skill
- File reading tool
- Terminal tool
- GitHub MCP connection
Example prompt: Review this pull request for bugs, security risks, missing tests, and performance issues.
Bug Investigation
OpenClaw can inspect logs, search through files, identify broken logic, and suggest likely fixes.
Useful setup:
- Bug investigation skill
- File access tool
- Terminal command tool
- Log reading access
Example prompt: Investigate this error. Check the related files, logs, and recent changes. Return the most likely cause and the safest fix.
Browser Automation
With browser tools or a browser MCP integration, OpenClaw can open pages, collect data, test forms, check website flows, and help with repetitive browser tasks. See the OpenClaw browser automation guide for practical examples and safety considerations.
Useful for:
- Competitor research
- Website testing
- Form checking
- Data collection
- Workflow validation
Example prompt: Open the pricing pages of these competitors and summarize their plans, limits, and positioning in a comparison table.
Research Workflows
OpenClaw can collect information, summarize sources, compare options, and prepare structured research notes.
Useful setup:
- Research summary skill
- Browser or search tool
- Document reading tool
Example prompt: Research the top alternatives for this tool. Compare pricing, use cases, and trade-offs.
Documentation Workflows
Skills are useful when you want OpenClaw to write documentation in a consistent structure.
Useful for:
- Setup guides
- API docs
- Troubleshooting pages
- Changelogs
- Internal runbooks
Example prompt: Create a troubleshooting guide for this error. Include symptoms, causes, and fixes.
Internal Business Automation
With MCP and tools, OpenClaw can connect to internal systems, query data, create reports, and prepare updates.
Useful for:
- Daily reports
- Support workflows
- CRM summaries
- Analytics updates
- Task follow-ups
Example prompt: Generate a daily status report from the latest project updates, open issues, and support tickets.
How to Add or Use Tools in OpenClaw
Tools are the action layer. They let OpenClaw interact with files, browsers, terminals, APIs, logs, and other systems. Before enabling a tool, define the exact action you want OpenClaw to perform.
Step 1: Decide What Action Is Needed
Ask:
- Does OpenClaw need to read files?
- Does it need to run commands?
- Does it need browser access?
- Does it need to call an API?
- Does it need access to logs or project folders?
Do not enable every tool just because it exists. That is not advanced setup. That is digital clutter with permissions.
Step 2: Check OpenClaw Status
Check the Gateway service, then check the wider OpenClaw status before testing a new tool:
openclaw gateway status
openclaw statusIf the Gateway is not running, start or restart it before testing.
openclaw gateway start
# or
openclaw gateway restartStep 3: Open the Control UI Safely
The local Control UI is normally available at http://127.0.0.1:18789/. It is an admin surface for chat, configuration, and approvals, so keep it on localhost or access it through a private network or SSH tunnel. Do not expose it publicly.
Step 4: Enable Only the Required Tool
Start small. For example, if your workflow only needs file reading, do not enable shell access.
Good approach: Enable file reading for project inspection. Keep write access disabled until the workflow is tested.
Risky approach: Enable file access, shell access, browser access, API write access, and production keys at once. That is how people accidentally build a tiny disaster with a chat interface.
Step 5: Test With a Small Task
Before running a full workflow, test one action. For example: read the README file and summarize the setup requirements. Or: run the test command and summarize any failures.
npm testFor Python projects:
pytestFor package checks:
npm install
npm run buildStep 6: Add Approval for Risky Actions
Require user approval before OpenClaw performs actions like:
- Editing files
- Deleting files
- Running deployment commands
- Calling production APIs
- Updating databases
- Sending messages
- Spending API credits heavily
A safe workflow should say: Do not edit files directly. First show the proposed changes and wait for approval. That one sentence can save a lot of regret.
Skip the setup, keep the extensibility.
Managed OpenClaw on Ampere.sh handles the gateway, tool wiring, and MCP servers so you can focus on one skill and one real workflow, not on port errors at 2am.
How Skills Improve OpenClaw Workflows
Skills make OpenClaw consistent without repeatedly pasting a long prompt. In OpenClaw, a Skill is a Markdown instruction package, usually centered on a SKILL.md file. It teaches the agent how and when to use the tools it already has.
Use a Skill when you repeat a workflow, need a predictable output, or want guardrails around a sensitive task. You can build a custom Skill for your process or review the best OpenClaw Skills for ideas.
What a Good Skill Should Include
A strong skill should define: task goal, required input, output format, rules and constraints, examples, failure handling, approval rules.
Bad skill: Write better code.
Good skill: Review this code for logic bugs, security risks, missing tests, and performance issues. Return findings by severity with suggested fixes. Do not modify files without approval. The second version works because it gives OpenClaw a clear process, not a vague motivational poster.
Example: Code Review Skill
Goal: Review code changes for bugs, security risks, missing tests, performance issues, and maintainability problems.
Input: Pull request diff, changed files, issue context, and test results if available.
Output:
- Critical issues
- Major issues
- Minor issues
- Suggested fixes
- Missing tests
- Final recommendation
Rules: Do not approve risky code. Do not edit files without user approval. Mention exact file names and functions when possible.
Example: SEO Article Skill
Goal: Create SEO-friendly article content that is clear, useful, and conversion-focused.
Input: Article title, target keyword, outline, product goal, and CTA.
Output:
- Short intro
- Section-by-section content
- Practical examples
- Soft CTA
- FAQs
Rules: Avoid keyword stuffing. Keep paragraphs short. Use simple language. Make the CTA natural.
How MCP Extends OpenClaw
MCP, short for Model Context Protocol, is a standard way to connect an agent with tools from an external system. An MCP server advertises its available capabilities, and OpenClaw can discover and use the permitted tools through that connection.
Use MCP when a workflow needs structured access to a service such as GitHub, a database, an internal API, an issue tracker, a documentation platform, or a custom business application. MCP is not required for every workflow: local tools and a clear Skill are often enough.
OpenClaw Can Use MCP in Two Directions
OpenClaw connects to configured MCP servers and exposes their allowed capabilities as tools during an agent run.
A compatible MCP client can connect to OpenClaw through the Gateway bridge, using openclaw mcp serve.
Start With a Read-Only MCP Connection
For a first integration, choose a small workflow and read-only access. For example, let a GitHub integration read a pull request and its files, but do not allow it to comment, merge, or modify repository settings until you have tested the workflow.
openclaw mcp status --verbose
openclaw mcp doctor
openclaw mcp probe <server-name>Security Checklist Before Extending OpenClaw
Extending OpenClaw is powerful, but it also increases risk. A workflow agent with too much access can break things faster than a human, which is impressive in the worst possible way. For a deeper walkthrough, see OpenClaw security best practices.
Use this checklist before enabling tools, skills, or MCP.
Security Checklist
- Use the least permissions possible and start with read-only access.
- Keep API keys and tokens outside prompts, source files, and public logs.
- Do not expose unrestricted shell access or the Control UI to the public internet.
- Review an MCP server before installing it and limit the tools it exposes to OpenClaw.
- Use narrowly scoped tokens for each integration and separate test from production.
- Require approval before every write action, including file edits, messages, deployments, and database changes.
- Review logs after a new tool or MCP server runs, then disable capabilities you do not need.
- Rotate credentials when access changes or a secret may have been exposed.
Actions That Should Require Approval
Always require confirmation before OpenClaw edits files, deletes data, sends messages, changes production settings, runs deployment commands, updates customer records, or calls paid APIs heavily.
Example safety instruction: Before making any file changes, show the proposed patch and wait for my approval. For production systems: Use read-only access unless I explicitly approve a write action.
Common Problems and Fixes
| Problem | Likely Cause | Fix |
|---|---|---|
| Tool is not showing | Tool is not installed, enabled, or detected | Check config, restart OpenClaw, review logs |
| Tool exists but does not work | Missing permission or wrong path | Check access, paths, and environment variables |
| Skill is ignored | Skill is vague or not loaded correctly | Add clear rules, examples, and output format |
| Output is inconsistent | No reusable workflow instructions | Create a dedicated skill |
| MCP server fails | Wrong command, port, token, or config | Check MCP logs and credentials |
| OpenClaw uses the wrong tool | Tool names or task instructions are unclear | Rename tools or improve skill guidance |
| Workflow feels risky | Too many permissions are enabled | Use read-only mode and approval gates |
| Automation stops midway | Missing dependency or runtime issue | Check logs, installed packages, and service status |
Quick Commands
Check the Gateway and overall OpenClaw status:
openclaw gateway status
openclaw statusRestart the Gateway:
openclaw gateway restartInspect a configured MCP connection:
openclaw mcp status --verbose
openclaw mcp doctorCheck project dependencies (Node.js):
npm install
npm run build
npm testFor Python:
pip install -r requirements.txt
pytestCheck environment variables:
printenvDo not paste secrets into prompts or public logs. Somehow this still needs to be said in 2026.
When to Use Managed OpenClaw Hosting
You can extend OpenClaw yourself if you are comfortable managing tools, Skills, MCP servers, ports, Gateway health, logs, updates, and uptime. Self-hosting gives more control, but it also makes you responsible for operating and securing every connection.
If you want to focus on workflows rather than server setup, port issues, Gateway maintenance, and MCP operations, managed hosting can be a practical option. See the tradeoffs in managed vs self-hosted OpenClaw, then start with one tool, one Skill, and one real workflow.
- You want full control
- You are comfortable managing servers
- You can handle ports, logs, updates, and MCP setup
- You have time to debug infrastructure
- You want faster setup
- You do not want to manage gateway issues
- You need reliable uptime
- You want to focus on workflows instead of infrastructure
- You want to connect tools, skills, and MCP with less setup pain
Frequently Asked Questions
What are tools in OpenClaw?
What are skills in OpenClaw?
What is MCP in OpenClaw?
What is the difference between tools, skills, and MCP?
Is MCP required to use OpenClaw?
Should beginners start with tools, skills, or MCP?
How do I use MCP safely with OpenClaw?
Also Read
Extend OpenClaw the safe way
Managed OpenClaw on Ampere.sh gives you tools, skills, and MCP with permissions, approvals, and uptime handled - so your first workflow ships in days, not weeks.
Start Free Trial

