Asosiy tarkibga o'tish

Asboblar (OpenClaw)

  1. OpenClaw brauzer, canvas, tugunlar va cron uchun birinchi darajali agent vositalarini taqdim etadi. These replace the old openclaw-* skills: the tools are typed, no shelling, and the agent should rely on them directly.

Disabling tools

  1. Siz openclaw.json dagi tools.allow / tools.deny orqali vositalarni global tarzda ruxsat berishingiz yoki taqiqlashingiz mumkin (taqiqlash ustun turadi). This prevents disallowed tools from being sent to model providers.
{
  tools: { deny: ["browser"] },
}
Notes:
  • Matching is case-insensitive.
  • * wildcards are supported ("*" means all tools).
  • If tools.allow only references unknown or unloaded plugin tool names, OpenClaw logs a warning and ignores the allowlist so core tools stay available.

Tool profiles (base allowlist)

tools.profile sets a base tool allowlist before tools.allow/tools.deny. Per-agent override: agents.list[].tools.profile.
  1. Profillar:
  • minimal: session_status only
  • coding: group:fs, group:runtime, group:sessions, group:memory, image
  • messaging: group:messaging, sessions_list, sessions_history, sessions_send, session_status
  • full: no restriction (same as unset)
Example (messaging-only by default, allow Slack + Discord tools too): 
{
  tools: {
    profile: "messaging",
    allow: ["slack", "discord"],
  },
}
Example (coding profile, but deny exec/process everywhere): 
{
  tools: {
    profile: "coding",
    deny: ["group:runtime"],
  },
}
Example (global coding profile, messaging-only support agent): 
{
  tools: { profile: "coding" },
  agents: {
    list: [
      {
        id: "support",
        tools: { profile: "messaging", allow: ["slack"] },
      },
    ],
  },
}

Provider-specific tool policy

Use tools.byProvider to further restrict tools for specific providers (or a single provider/model) without changing your global defaults. Per-agent override: agents.list[].tools.byProvider. This is applied after the base tool profile and before allow/deny lists, so it can only narrow the tool set. Provider keys accept either provider (e.g. google-antigravity) or provider/model (e.g. openai/gpt-5.2). Example (keep global coding profile, but minimal tools for Google Antigravity): 
{
  tools: {
    profile: "coding",
    byProvider: {
      "google-antigravity": { profile: "minimal" },
    },
  },
}
Example (provider/model-specific allowlist for a flaky endpoint): 
{
  tools: {
    allow: ["group:fs", "group:runtime", "sessions_list"],
    byProvider: {
      "openai/gpt-5.2": { allow: ["group:fs", "sessions_list"] },
    },
  },
}
Example (agent-specific override for a single provider): 
{
  agents: {
    list: [
      {
        id: "support",
        tools: {
          byProvider: {
            "google-antigravity": { allow: ["message", "sessions_list"] },
          },
        },
      },
    ],
  },
}

Tool groups (shorthands)

Tool policies (global, agent, sandbox) support group:* entries that expand to multiple tools. Use these in tools.allow / tools.deny. Available groups:
  • group:runtime: exec, bash, process
  • group:fs: read, write, edit, apply_patch
  • group:sessions: sessions_list, sessions_history, sessions_send, sessions_spawn, session_status
  • group:memory: memory_search, memory_get
  • group:web: web_search, web_fetch
  • group:ui: browser, canvas
  • group:automation: cron, gateway
  • group:messaging: message
  • group:nodes: nodes
    1. group:openclaw: barcha o‘rnatilgan OpenClaw vositalari (provayder plaginlari bundan mustasno)
  1. Misol (faqat fayl vositalari + brauzerga ruxsat berish):
3. {
  tools: {
    allow: ["group:fs", "browser"],
  },
}

29. Plaginlar + vositalar

  1. Plaginlar asosiy to‘plamdan tashqari qo‘shimcha vositalar (va CLI buyruqlari)ni ro‘yxatdan o‘tkazishi mumkin.
  2. O‘rnatish va sozlash uchun Plugins, hamda vositalardan foydalanish bo‘yicha yo‘riqnomalar promptlarga qanday kiritilishini bilish uchun Skills sahifalariga qarang. 7. Ayrim plaginlar vositalar bilan birga o‘zlarining skill’larini ham taqdim etadi (masalan, voice-call plagini).
  3. Ixtiyoriy plagin vositalari:
    1. Lobster: qayta tiklanadigan tasdiqlar bilan tiplangan workflow runtime (gateway xostida Lobster CLI talab qilinadi).
    1. LLM Task: strukturalangan workflow chiqishi uchun faqat JSON’li LLM bosqichi (ixtiyoriy sxema tekshiruvi).

11. Vositalar inventari

12. apply_patch

  1. Bir yoki bir nechta fayllar bo‘ylab strukturalangan patch’larni qo‘llash. 32. Ko‘p-hunk tahrirlar uchun foydalaning.
  2. Eksperimental: tools.exec.applyPatch.enabled orqali yoqing (faqat OpenAI modellari). tools.exec.applyPatch.workspaceOnly standart bo‘yicha true (faqat workspace ichida). Uni false ga faqat apply_patch workspace katalogidan tashqariga yozishi/o‘chirishi kerak bo‘lsa, ataylab o‘rnating.

34. exec

  1. Ish maydonida shell buyruqlarini ishga tushirish.
Core parameters:
    1. command (majburiy)
    1. yieldMs (vaqt tugagach avtomatik fon rejimiga o‘tadi, standart 10000)
    1. background (darhol fon rejimi)
    1. timeout (soniyalar; oshib ketsa jarayon to‘xtatiladi, standart 1800)
    1. elevated (bool; elevated rejimi yoqilgan/ruxsat etilgan bo‘lsa xostda ishga tushiradi; agent sandbox qilinganida xulq-atvorni o‘zgartiradi)
  • host (sandbox | gateway | node)
  • security (deny | allowlist | full)
  • ask (off | on-miss | always)
    1. node (host=node uchun node id/nomi)
    1. Haqiqiy TTY kerakmi? 29. pty: true qilib sozlang.
Notes:
  • Fon rejimidagi exec sessiyalarini boshqarish.
  • Asosiy amallar:
    1. Agar process taqiqlangan bo‘lsa, exec sinxron ishlaydi va yieldMs/background ni e’tiborsiz qoldiradi.
    1. elevated tools.elevated hamda agents.list[].tools.elevated override’i bilan cheklanadi (ikkalasi ham ruxsat berishi kerak) va host=gateway + security=full uchun alias hisoblanadi.
    1. elevated faqat agent sandbox qilinganida xulq-atvorni o‘zgartiradi (aks holda ta’siri yo‘q).
    1. host=node macOS companion ilovasini yoki headless node xostni nishonga olishi mumkin (openclaw node run).
    1. gateway/node tasdiqlari va allowlist’lar: Exec approvals.

38. process

  1. Fon rejimidagi exec sessiyalarini boshqarish.
Core actions:
  • list, poll, log, write, kill, clear, remove
Notes:
    1. poll yakunlanganda yangi chiqishni va chiqish holatini qaytaradi.
    1. log qatorma-qator offset/limit ni qo‘llab-quvvatlaydi (offsetni qoldirsangiz oxirgi N qator olinadi).
    1. process har bir agent doirasida ishlaydi; boshqa agentlardagi sessiyalar ko‘rinmaydi.
  1. Brave Search API orqali vebni qidirish.
Core parameters:
  • URL manzildan o‘qilishi mumkin bo‘lgan kontentni olish va ajratib chiqarish (HTML → markdown/text).
  • Asosiy parametrlar:
Notes:
  • Eslatmalar:
    1. tools.web.search.enabled orqali yoqing.
    1. Javoblar keshlanadi (standart 15 daqiqa).
    1. Sozlash uchun Web tools ga qarang.

6. web_fetch

  1. URL manzildan o‘qilishi mumkin bo‘lgan kontentni olish va ajratib chiqarish (HTML → markdown/text).
Core parameters:
    1. url (majburiy)
  • extractMode (markdown | text)
    1. maxChars (uzun sahifalarni qisqartirish)
Notes:
    1. tools.web.fetch.enabled orqali yoqing.
    1. maxChars tools.web.fetch.maxCharsCap bilan cheklanadi (standart 50000).
    1. Javoblar keshlanadi (standart 15 daqiqa).
    1. JS-ga boy saytlar uchun brauzer vositasini afzal ko‘ring.
    1. Sozlash uchun Web tools ga qarang.
    1. Ixtiyoriy anti-bot zaxira varianti uchun Firecrawl ga qarang.

19. browser

  1. OpenClaw tomonidan boshqariladigan maxsus brauzerni nazorat qilish.
Core actions:
  • status, start, stop, tabs, open, focus, close
  • snapshot (aria/ai)
    1. screenshot (rasm bloki + MEDIA:<path> qaytaradi)
    1. act (UI amallari: click/type/press/hover/drag/select/fill/resize/wait/evaluate)
  • navigate, console, pdf, upload, dialog
  1. Profil boshqaruvi:
    1. profiles — holati bilan barcha brauzer profillarini ro‘yxatlash
    1. create-profile — avtomatik ajratilgan port bilan yangi profil yaratish (yoki cdpUrl)
    1. delete-profile — brauzerni to‘xtatish, foydalanuvchi ma’lumotlarini o‘chirish, konfiguratsiyadan olib tashlash (faqat lokal)
    1. reset-profile — profil portidagi yetim jarayonni to‘xtatish (faqat lokal)
  1. Umumiy parametrlar:
    1. profile (ixtiyoriy; sukut bo‘yicha browser.defaultProfile)
  • target (sandbox | host | node)
    1. node (ixtiyoriy; aniq node id/nomini tanlaydi) Eslatmalar:
    1. browser.enabled=true talab qilinadi (standart true; o‘chirish uchun false ga o‘rnating).
    1. Barcha amallar ko‘p instansiya qo‘llab-quvvatlashi uchun ixtiyoriy profile parametrini qabul qiladi.
    1. profile ko‘rsatilmasa, browser.defaultProfile ishlatiladi (standart “chrome”).
    1. Profil nomlari: faqat kichik harfli alfanumerik belgilar va defislar (maks. 64 belgi).
    1. Port diapazoni: 18800–18899 (taxm. 100 ta profil maksimal).
    1. Masofaviy profillar faqat ulanish uchun (start/stop/reset yo‘q).
    1. Agar brauzerga qodir node ulangan bo‘lsa, vosita avtomatik ravishda unga yo‘naltirishi mumkin (agar target ni mahkamlab qo‘ymasangiz).
    1. Playwright o‘rnatilganda snapshot sukut bo‘yicha ai; accessibility daraxti uchun aria dan foydalaning.
    1. snapshot shuningdek role-snapshot variantlarini (interactive, compact, depth, selector) qo‘llab-quvvatlaydi, ular e12 kabi havolalarni qaytaradi.
    1. act snapshot dan ref ni talab qiladi (AI snapshotlaridan raqamli 12, yoki role snapshotlardan e12); kamdan-kam CSS selektor ehtiyojlari uchun evaluate dan foydalaning.
    1. Odatiy holatda actwait dan qoching; uni faqat istisno holatlarda ishlating (kutiladigan ishonchli UI holati bo‘lmaganda).
    1. upload qurollantirilgandan so‘ng avtomatik bosish uchun ixtiyoriy ravishda ref uzatishi mumkin.
    1. upload shuningdek <input type="file"> ni bevosita sozlash uchun inputRef (aria ref) yoki element (CSS selektor) ni qo‘llab-quvvatlaydi.

49. canvas

  1. Node Canvas’ni boshqarish (present, eval, snapshot, A2UI).
Core actions:
  • present, hide, navigate, eval
  • snapshot (returns image block + MEDIA:<path>)
  • a2ui_push, a2ui_reset
Notes:
  • Uses gateway node.invoke under the hood.
  • If no node is provided, the tool picks a default (single connected node or local mac node).
  • A2UI is v0.8 only (no createSurface); the CLI rejects v0.9 JSONL with line errors.
    1. Tezkor smoke-test: openclaw nodes canvas a2ui push --node <id> --text "Hello from A2UI".

nodes

  1. Juftlangan tugunlarni aniqlash va nishonga olish; bildirishnomalar yuborish; kamera/ekranni yozib olish.
Core actions:
  • status, describe
    1. pending, approve, reject (juftlash)
  • notify (macOS system.notify)
  • run (macOS system.run)
  • camera_snap, camera_clip, screen_record
  • location_get
Notes:
  • Camera/screen commands require the node app to be foregrounded.
  • Images return image blocks + MEDIA:<path>.
  • Videos return FILE:<path> (mp4).
  • Location returns a JSON payload (lat/lon/accuracy/timestamp).
  • run params: command argv array; optional cwd, env (KEY=VAL), commandTimeoutMs, invokeTimeoutMs, needsScreenRecording.
Example (run): 
{
  "action": "run",
  "node": "office-mac",
  "command": ["echo", "Hello"],
  "env": ["FOO=bar"],
  "commandTimeoutMs": 12000,
  "invokeTimeoutMs": 45000,
  "needsScreenRecording": false
}

image

Analyze an image with the configured image model. Core parameters:
  • image (required path or URL)
  • prompt (optional; defaults to “Describe the image.”)
  • model (optional override)
  • maxBytesMb (optional size cap)
Notes:
    1. Faqat agents.defaults.imageModel sozlanganida (asosiy yoki zaxira), yoki standart model + sozlangan autentifikatsiyadan yashirin tasvir modeli aniqlanishi mumkin bo‘lganda (eng yaxshi urinish bilan juftlash) mavjud.
  • Uses the image model directly (independent of the main chat model).

message

Send messages and channel actions across Discord/Google Chat/Slack/Telegram/WhatsApp/Signal/iMessage/MS Teams. Core actions:
  • send (text + optional media; MS Teams also supports card for Adaptive Cards)
  • poll (WhatsApp/Discord/MS Teams polls)
  • react / reactions / read / edit / delete
  • pin / unpin / list-pins
  • permissions
  • thread-create / thread-list / thread-reply
  • search
  • sticker
  • member-info / role-info
  • emoji-list / emoji-upload / sticker-upload
  • role-add / role-remove
  • channel-info / channel-list
  • voice-status
  • event-list / event-create
  • timeout / kick / ban
Notes:
  • send WhatsApp’ni Gateway orqali yo‘naltiradi; boshqa kanallar to‘g‘ridan-to‘g‘ri boradi.
  • poll WhatsApp va MS Teams uchun Gateway’dan foydalanadi; Discord so‘rovlari to‘g‘ridan-to‘g‘ri boradi.
  • Xabar vositasi chaqiruvi faol chat sessiyasiga bog‘langanda, yuborishlar kontekstlararo sizib chiqishni oldini olish uchun o‘sha sessiyaning manziliga cheklanadi.

cron

Asosiy amallar: Core actions:
  • status, list
  • add, update, remove, run, runs
  • wake (tizim hodisasini navbatga qo‘shish + ixtiyoriy darhol yurak urishi)
Notes:
  • add to‘liq cron ish obyektini kutadi (sxema cron.add RPC bilan bir xil).
  • update { jobId, patch } dan foydalanadi (id moslik uchun qabul qilinadi).

gateway

Asosiy parametrlar: Core actions:
  • restart (avtorizatsiya qiladi + jarayon ichida qayta ishga tushirish uchun SIGUSR1 yuboradi; openclaw gateway joyida qayta ishga tushiradi)
  • config.get / config.schema
  • config.apply (tekshirish + konfiguratsiyani yozish + qayta ishga tushirish + uyg‘otish)
  • config.patch (qisman yangilanishni birlashtirish + qayta ishga tushirish + uyg‘otish)
  • update.run (yangilanishni ishga tushirish + qayta ishga tushirish + uyg‘otish)
Notes:
    1. Amaldagi javobni to‘xtatib qo‘ymaslik uchun delayMs (standart 2000) dan foydalaning.
  • restart sukut bo‘yicha o‘chirilgan; commands.restart: true bilan yoqing.

sessions_list / sessions_history / sessions_send / sessions_spawn / session_status

Eslatmalar: Core parameters:
  • sessions_list: kinds?, limit?, activeMinutes?, messageLimit? (0 = yo‘q)
  • sessions_history: sessionKey (yoki sessionId), limit?, includeTools?
  • sessions_send: sessionKey (yoki sessionId), message, timeoutSeconds? (0 = yuborib unutish)
  • sessions_spawn: task, label?, agentId?, model?, runTimeoutSeconds?, cleanup?
  • session_status: sessionKey? (sukut bo‘yicha joriy; sessionId qabul qilinadi), model? (default bekor qilishni tozalaydi)
Notes:
  • gatewayUrl (standart ws://127.0.0.1:18789)
  • gatewayToken (agar autentifikatsiya yoqilgan bo‘lsa)
  • sessions_send timeoutSeconds > 0 bo‘lganda yakuniy tugashni kutadi.
  • Yetkazish/e’lon qilish yakunlangandan keyin sodir bo‘ladi va eng yaxshi sa’y-harakat asosida bajariladi; status: "ok" agent yugurishi tugaganini tasdiqlaydi, e’lon yetkazilganini emas.
  • sessions_spawn sub-agent yugurishini boshlaydi va so‘rovchi chatga e’lon javobini joylaydi.
  • sessions_spawn bloklanmaydi va darhol status: "accepted" ni qaytaradi.
  • sessions_send javob qaytarish ping‑pongini bajaradi (to‘xtatish uchun REPLY_SKIP bilan javob bering; maksimal aylanishlar session.agentToAgent.maxPingPongTurns orqali, 0–5).
  • Ping‑pongdan so‘ng, nishon agent e’lon bosqichini bajaradi; e’lonni bostirish uchun ANNOUNCE_SKIP bilan javob bering.

agents_list

Brauzer vositasi: Notes:
  • Natija har bir agent uchun ruxsat ro‘yxatlari bilan cheklanadi (agents.list[].subagents.allowAgents).
  • ["*"] sozlanganda, vosita barcha sozlangan agentlarni o‘z ichiga oladi va allowAny: true deb belgilaydi.

Parametrlar (umumiy)

Gateway-ga tayangan vositalar (canvas, nodes, cron):
  • gatewayUrl (standart ws://127.0.0.1:18789)
  • gatewayToken (agar autentifikatsiya yoqilgan bo‘lsa)
  • timeoutMs
Eslatma: gatewayUrl o‘rnatilganda, gatewayTokenni aniq ko‘rsatib kiriting. Vositalar sozlamalarni yoki muhit (environment) hisob ma’lumotlarini override uchun meros qilib olmaydi, va aniq ko‘rsatilmagan hisob ma’lumotlari xato hisoblanadi. Node nishonlash:
  • profile (ixtiyoriy; standart browser.defaultProfile)
  • target (sandbox | host | node)
  • node (ixtiyoriy; aniq node id/nomini biriktirish)

Xavfsizlik

Brauzer avtomatlashtirish:
  1. browserstatus / start
  2. snapshot (ai yoki aria)
  3. act (bosish/yozish/tugma bosish)
  4. Agar vizual tasdiq kerak bo‘lsa screenshot
Vositalar ikki parallel kanalda ochiladi:
  1. canvaspresent
  2. Vosita sxemasi: model API’ga yuboriladigan tuzilgan funksiya ta’riflari.
  3. snapshot
Node nishonlash:
  1. nodesstatus
  2. Tanlangan node’da describe
  3. notify / run / camera_snap / screen_record

Xavfsizlik

  • To‘g‘ridan-to‘g‘ri system.rundan qoching; faqat aniq foydalanuvchi roziligi bilan nodesrundan foydalaning.
  • Kamera/ekran yozib olish uchun foydalanuvchi roziligini hurmat qiling.
  • Media buyruqlarini chaqirishdan oldin ruxsatlarni tekshirish uchun status/describedan foydalaning.

Vositalar agentga qanday taqdim etiladi

Vositalar ikki parallel kanalda ochiladi:
  1. Tizim prompt matni: odam o‘qiy oladigan ro‘yxat + yo‘riqnoma.
  2. Vosita sxemasi: model API’ga yuboriladigan tuzilgan funksiya ta’riflari.
Bu shuni anglatadiki, agent ham “qaysi vositalar mavjud”ligini, ham “ularni qanday chaqirish”ni ko‘radi. Agar biror vosita