Ask OpenClaw to do something it has never seen before — “summarise every PDF I drop in a Dropbox folder and send me a WhatsApp digest every Friday” — and watch it realise that none of its installed skills cover the job. A minute later the Dropbox listener and weekly digest skill appear in ~/.openclaw/skills, npm installs roll by, and the agent retries the task, this time succeeding. You never wrote a line of code. That automatic gap-filling is exactly what people mean when they ask “how OpenClaw writes its own skills and what that means.”

What Counts as a “Skill” in OpenClaw?

Inside the codebase a skill is just a Node package with three required files:

  • openclaw.skill.json — manifest (name, permissions, triggers)
  • index.ts — entry point exposing run()
  • README.md — natural-language docs that the LLM can read

The manifest might grant "fs" for local file access, "browser" for Puppeteer, or tokens for Composio services. The gateway UI exposes these permissions so you can audit before enablement.

Capability Gap Detection: How the Agent Knows It Needs a New Skill

The gateway keeps an internal graph of verbs declared by every skill: send, fetch, parse, schedule, etc. When the user request is parsed, the planner maps sub-tasks to known verbs. If a mapping fails, that node in the plan is marked UNRESOLVED. Three attempts later the planner emits a missing_capability event:

{ "type": "missing_capability", "taskId": "req-91823", "verb": "listen_to_dropbox", "context": "incoming PDFs to folder /Receipts" }

This event hands control to the Skill Generator chain.

Under the Hood: The Skill Generator Chain

  1. Prompt builder — Feeds the missing capability, user goal, existing skill index, and coding guidelines into the model (gpt-4o at the time of writing).
  2. Code writer — Model returns a tarball-shaped JSON: manifest, TypeScript source, tests, README.
  3. Static guardrail — A local eslint + ts-node sandbox runs npm run lint && npm test. No network egress allowed. If tests fail the agent halts.
  4. Security scanner — OWASP dependency check against the generated package.json. High CVSS? Skill rejected.
  5. User consent gate (configurable)autowrite.autoApprove=true skips this, otherwise the UI prompts the operator to approve permissions.
  6. Install & load — Skill saved under ~/.openclaw/skills/<name>, npm i executed, daemon reloads.

Default Prompts Matter

The official gateway ships with prompts/skill_writer.md. Community members have posted custom versions forcing strict FP style or company coding standards. You can point the generator to your own prompt file:

claw config set skillWriter.promptFile ~/company/prompts/skill_guidelines.md

Example Walkthrough: Dropbox PDFs → Weekly WhatsApp Digest

Here’s the actual log from my agent (OpenClaw 0.18.3, Node 22.2) on ClawCloud free tier.

USER> Summarise every PDF I put in /Receipts (Dropbox) and send me a WhatsApp summary every Friday 17:00. AGENT> Planning tasks… - retrieve_new_pdfs [UNRESOLVED] - summarise_pdfs - schedule_digest - send_whatsapp missing_capability fired: listen_to_dropbox > Generating new skill... Skill "claw-dropbox-listener" generated (12 files, 5 tests) Lint/test passed in 4.3s Dependency scan: 0 vulns Installed. Reloading daemon… Retrying main task with new skill Task chain completed ✅ in 36.2s

The generated openclaw.skill.json looked like this:

{ "name": "claw-dropbox-listener", "version": "0.0.1", "description": "Watch a Dropbox folder and emit file.create events", "permissions": ["composio:dropbox.read"], "triggers": [ { "verb": "retrieve_new_pdfs", "args": ["folderPath"], "returns": "File[]" } ] }

I didn’t touch anything. Next Friday the digest arrived.

Guardrails, Testing, and Sandboxing

Autonomous code generation sounds reckless, so let’s get specific about the guardrails:

  • Resource limits — The Skill Generator chain runs in a Firecracker micro-VM (same as Lambda). CPU and memory quotas stop crypto-mining shenanigans.
  • No outbound network during generation — Prevents the LLM from pulling arbitrary code or calling home. Only the npm registry mirror (read-only, private) is mounted.
  • Permission review — Skills can’t elevate themselves. They must declare explicit Composio scopes. The gateway diff-highlights new scopes against existing policy.
  • Unit tests are non-negotiable — The prompt instructs the model to write Jest tests. The daemon refuses to load a skill with zero passing tests.

Disabling Auto-Approval

# ~/.openclaw/config.toml [autowrite] autoApprove = false

On ClawCloud this is a toggle in Settings → Safety. Enterprise tenants usually keep it off and funnel approvals through Slack.

Implications for Self-Improving AI Agents

Why does this matter beyond the cool demo factor?

  1. Long-tail tasks get covered automatically. The community can’t ship plugins for every SaaS or edge-case. Skill auto-write fills those gaps in real time.
  2. Faster iteration loops. The agent corrects itself in minutes instead of waiting for a human to code, publish, and update a package.
  3. Risk surface expands. You basically have an on-device junior developer with root access to its own runtime. That calls for ops-level thinking: CI, policy, logging.
  4. Shifts the developer role. Instead of writing code, you write prompts, unit tests, and guardrails. “PromptOps” is becoming a thing in bigger teams.

There’s an ongoing GitHub thread (#4128) where users debate whether skills should be committed back to the repo automatically. The maintainer stance for now: the generator lives per-agent; upstream contribution remains manual.

When It Fails and How to Debug

Failures fall into predictable buckets:

  • Model hallucinated an API. Example: generated code assumed Dropbox SDK had onNewFile(). The tests passed because they were mocked. Fix: nudge the prompt or pin SDK versions.
  • Package install times out. ClawCloud free tier gives 256 MB RAM. Large skills with Puppeteer blow past that. Solution: mark the skill as needs_runtime=browserless so it spins a remote browser.
  • Permission denied. If you forgot to approve the new Composio scope, the skill crashes at runtime. Logs live in ~/.openclaw/logs/skill-errors.log.

Debug Commands

# List auto-generated skills auto ls # Show source of a skill auto cat claw-dropbox-listener/index.ts # Re-run tests auto test claw-dropbox-listener

Use auto remove <skill> to uninstall if things go sideways.

Getting Started: Enabling Autowrite on ClawCloud

  1. Sign in → New Agent → choose “Allow self-writing skills”.
  2. Pick your base model (gpt-4o or claude-3-sonnet supported).
  3. Optionally upload a corporate coding style guide. The UI converts it to a prompt chunk.
  4. Hit Create. The agent boots in ~60 s with openclaw@0.18.3.

You can toggle autowrite later:

claw config set autowrite.enabled true

If you run on-prem, the only extra flag is:

npm install -g openclaw && openclaw --enable-autowrite

That’s it. Next time the agent blanks on a capability, it will try to author its own fix.

Takeaway

OpenClaw’s skill autowrite transforms the agent from a static bundle of plugins into a living system that patches its own missing features. It’s powerful, occasionally terrifying, and — with the right guardrails — genuinely useful. Turn it on, watch the logs, and decide how much autonomy you’re comfortable handing over. Your backlog of integration requests might finally shrink.