What is ClawHub? OpenClaw's skill registry, explained
ClawHub is the public registry where OpenClaw skills and plugins are shared. How installing works, and the supply-chain caution every user should know.
ClawHub (clawhub.ai) is the official public registry for OpenClaw skills and plugins — free, open, and community-published. You search and install from it with openclaw skills search and openclaw skills install <name> (or the standalone clawhub CLI). Treat it like any open package registry: an enormous asset, published by strangers — read what you install and pin your versions.
What it is, precisely
ClawHub is to OpenClaw skills roughly what npm is to JavaScript packages: the shared public shelf. Anyone can publish; everything is public and visible; installing is one command. It’s an official part of the OpenClaw ecosystem (the registry code lives in the openclaw GitHub organization) — but official registry does not mean vetted contents, any more than npm’s existence vouches for every package on it. That single distinction organizes everything else worth knowing.
Using it
openclaw skills search <keyword> # find skills in the registry
openclaw skills install <name> # install one
openclaw skills install <name>@<ver> # install a pinned version
# or the standalone CLI:
clawhub install <skill>
clawhub pin <skill> clawhub unpin <skill>
clawhub list clawhub update --all
clawhub uninstall <skill>Installs land in your workspace’s skills directory (or ./skills where no workspace is configured) — which means installed skills are part of the state you back up, and you can open any of them and read exactly what they tell your agent to do.
The supply-chain caution, plainly
An open registry for agent instructions is a new kind of supply chain, and 2026 has already demonstrated the failure mode: security researchers auditing community skill registries found real malware among the listings — instructions crafted to exfiltrate data or misuse the agent’s capabilities, dressed as productivity skills. This isn’t a reason to avoid ClawHub; it’s a reason to use it the way experienced developers use npm:
- Skim before you install. A skill is a readable markdown file. If you wouldn’t paste its instructions into your agent’s chat yourself, don’t install it.
- Prefer known publishers and pin versions (
@version, orclawhub pin) — an update you didn’t review is an install you didn’t review. The built-in audit flags unpinned installs for exactly this reason. - Keep the blast radius honest. Registry skills plus an agent on your personal laptop multiply each other’s risks; the same skills on a dedicated machine are a contained experiment.
Our own posture, for what it’s worth: Everpod pods ship with pinned versions and allowlisted plugins, and we’d rather a customer install three skills they’ve read than thirty they haven’t. The registry is one of OpenClaw’s genuine superpowers — it just deserves the same adult respect as every other place strangers publish code.