56 ready-to-use skills that make your AI agent autonomous, self-healing, and self-improving.
A plug-and-play skill library for OpenClaw — the open-source AI agent runtime. Gives your agent structured thinking, security guardrails, persistent memory, cron scheduling, self-recovery, and the ability to write its own new skills during conversation.
Built for developers who want their AI agent to run autonomously 24/7, not just respond to prompts in a chat window.
Inspired by obra/superpowers. Extended for agents that never sleep.
Why this exists
Most AI agent frameworks give you a chatbot that forgets everything between sessions. OpenClaw is different — it runs persistently, handles multi-hour tasks, and has native cron scheduling. But out of the box, it doesn't know how to use those capabilities well.
openclaw-superpowers bridges that gap. Install 56 skills in one command, and your agent immediately knows how to:
- Think before it acts — brainstorming, planning, and systematic debugging skills prevent the "dive in and break things" failure mode
- Protect itself — 6 security skills detect prompt injection, block dangerous actions, audit installed code, and scan for leaked credentials
- Run unattended — 12 cron-scheduled skills handle memory cleanup, health checks, budget tracking, and community monitoring while you sleep
- Recover from failures — self-recovery, loop-breaking, and task handoff skills keep long-running work alive across crashes and restarts
- Never forget — DAG-based memory compaction, integrity checking, context scoring, and SQLite session persistence ensure the agent preserves critical information even in month-long conversations
- Improve itself — the agent can write new skills during normal conversation using
create-skill, encoding your preferences as permanent behaviors
The self-modifying agent
This is what makes openclaw-superpowers different from every other plugin library:
"Every time I do a code review, check for security issues first."
Your agent invokes create-skill, writes a new SKILL.md, and that behavior is live — immediately, permanently, no restart needed. The agent encodes your preferences as durable skills. You describe what you want. It teaches itself.
The community-skill-radar skill takes this further: it scans Reddit every 3 days for pain points and feature requests from the OpenClaw community, scores them by signal strength, and writes a prioritized PROPOSALS.md — so the agent (or you) always knows what to build next.
Quickstart
git clone https://github.com/ArchieIndian/openclaw-superpowers ~/.openclaw/extensions/superpowers cd ~/.openclaw/extensions/superpowers && ./install.sh openclaw gateway restart
install.sh symlinks all 56 skills, creates state directories for stateful skills, and registers cron jobs — everything in one step. That's it. Your agent now has superpowers.
Important: install does not force behavior
Installing these skills does not guarantee that OpenClaw will follow using-superpowers or any other skill on every turn.
Why:
SOUL.mdandAGENTS.mdare prompt inputs, not hard enforcement.- Skills are exposed as available capabilities, and the model decides whether to read and apply them.
- Changes to installed skills are safest to validate in a fresh OpenClaw session.
For best results:
-
Start a new OpenClaw session after installation.
-
Verify the skill is eligible:
openclaw skills list --eligible openclaw skills info using-superpowers
-
Put mandatory operating rules in
AGENTS.md, not onlySOUL.md. -
Keep
AGENTS.mdandSOUL.mdconcise so they are less likely to be truncated.
If you need deterministic behavior:
- Move critical workflow rules into
AGENTS.md. - Use OpenClaw hooks or plugins to enforce behavior at runtime.
- Do not rely on
SOUL.mdalone to force deterministic skill execution.
Skills included
Core (17 skills)
Methodology skills that work in any AI agent runtime. Adapted from obra/superpowers plus new additions for skill quality assurance.
| Skill | What it does | Script |
|---|---|---|
using-superpowers |
Bootstrap — teaches the agent how to find and invoke skills | — |
brainstorming |
Structured ideation before any implementation | — |
writing-plans |
Clear, reviewable implementation plans | — |
executing-plans |
Executes plans step-by-step with verification | — |
systematic-debugging |
4-phase root cause process before any fix | — |
verification-before-completion |
Ensures tasks are done, not just attempted | — |
test-driven-development |
Red-green-refactor discipline | — |
subagent-driven-development |
Parallel subagent execution for complex tasks | — |
create-skill |
Writes new skills during conversation | — |
skill-vetting |
Security scanner for ClawHub skills before installing | vet.sh |
project-onboarding |
Crawls a new codebase to generate a PROJECT.md context file |
onboard.py |
fact-check-before-trust |
Secondary verification pass for factual claims before acting on them | — |
skill-trigger-tester |
Scores a skill's description against sample prompts to predict trigger reliability | test.py |
skill-conflict-detector |
Detects name shadowing and description-overlap conflicts between installed skills | detect.py |
skill-portability-checker |
Validates OS/binary dependencies in companion scripts; catches non-portable calls | check.py |
pull-request-feedback-loop |
Handles PR review comments as grouped, verified fix loops | — |
skill-effectiveness-auditor |
Reviews whether a skill will trigger reliably and guide useful behavior | — |
OpenClaw-Native (38 skills)
Skills that require OpenClaw's persistent runtime — cron scheduling, session state, or long-running execution. These are the skills that make a 24/7 autonomous agent actually work reliably.
| Skill | What it does | Cron | Script |
|---|---|---|---|
long-running-task-management |
Breaks multi-hour tasks into checkpointed stages with resume | every 15 min | — |
persistent-memory-hygiene |
Keeps the agent's memory store clean and useful over time | daily 11pm | — |
task-handoff |
Gracefully hands off incomplete tasks across agent restarts | — | — |
agent-self-recovery |
Detects when the agent is stuck in a loop and escapes | — | — |
context-window-management |
Prevents context overflow on long-running sessions | — | — |
daily-review |
End-of-day structured summary and next-session prep | weekdays 6pm | — |
morning-briefing |
Daily briefing: priorities, active tasks, pending handoffs | weekdays 7am | run.py |
secrets-hygiene |
Audits installed skills for stale credentials and orphaned secrets | Mondays 9am | audit.py |
workflow-orchestration |
Chains skills into resumable named workflows with on-failure conditions | — | run.py |
quality-gate-orchestrator |
Tracks required validation gates and reports completion readiness | — | gate.py |
context-budget-guard |
Estimates context usage and triggers compaction before overflow | — | check.py |
prompt-injection-guard |
Detects injection attempts in external content before the agent acts | — | guard.py |
spend-circuit-breaker |
Tracks API spend against a monthly budget; pauses crons at 100% | every 4h | check.py |
dangerous-action-guard |
Requires explicit user confirmation before irreversible actions | — | audit.py |
loop-circuit-breaker |
Detects infinite retry loops from deterministic errors and breaks them | — | check.py |
workspace-integrity-guardian |
Detects drift or tampering in SOUL.md, AGENTS.md, MEMORY.md | Sundays 3am | guard.py |
multi-agent-coordinator |
Manages parallel agent fleets: health checks, consistency, handoffs | — | run.py |
cron-hygiene |
Audits cron skills for session mode waste and token efficiency | Mondays 9am | audit.py |
channel-context-bridge |
Writes a context card at session end for seamless channel switching | — | bridge.py |
skill-doctor |
Diagnoses silent skill discovery failures — YAML errors, path violations, schema mismatches | — | doctor.py |
installed-skill-auditor |
Weekly post-install audit of all skills for injection, credentials, and drift | Mondays 9am | audit.py |
skill-loadout-manager |
Named skill profiles to manage active skill sets and prevent system prompt bloat | — | loadout.py |
skill-compatibility-checker |
Checks installed skills against the current OpenClaw version for feature compatibility | — | check.py |
heartbeat-governor |
Enforces per-skill execution budgets for cron skills; auto-pauses runaway skills | every hour | governor.py |
community-skill-radar |
Scans Reddit for OpenClaw pain points and feature requests; writes prioritized PROPOSALS.md | every 3 days | radar.py |
memory-graph-builder |
Parses MEMORY.md into a knowledge graph; detects duplicates, contradictions, stale entries | daily 10pm | graph.py |
config-encryption-auditor |
Scans config directories for plaintext API keys, tokens, and world-readable permissions | Sundays 9am | audit.py |
openclaw-config-advisor |
Diagnoses provider, fallback, channel, MCP, and gateway config issues | — | advise.py |
tool-description-optimizer |
Scores skill descriptions for trigger quality — clarity, specificity, keyword density — and suggests rewrites | — | optimize.py |
mcp-health-checker |
Monitors MCP server connections for health, latency, and availability; detects stale connections | every 6h | check.py |
memory-dag-compactor |
Builds hierarchical summary DAGs from MEMORY.md with depth-aware prompts (d0 leaf → d3+ durable) | daily 11pm | compact.py |
large-file-interceptor |
Detects oversized files, generates structural exploration summaries, stores compact references | — | intercept.py |
context-assembly-scorer |
Scores how well current context represents full conversation; detects blind spots | every 4h | score.py |
compaction-resilience-guard |
Monitors compaction for failures; enforces normal → aggressive → deterministic fallback chain | — | guard.py |
memory-integrity-checker |
Validates summary DAGs for orphans, circular refs, token inflation, broken lineage | Sundays 3am | integrity.py |
session-persistence |
Imports session transcripts into SQLite with FTS5 full-text search; queryable message history | every 15 min | persist.py |
dag-recall |
Walks the memory DAG to recall detailed context on demand — query, expand, and assemble cited answers | — | recall.py |
expansion-grant-guard |
YAML-based delegation grant ledger — scoped permission grants with token budgets and auto-expiry | — | guard.py |
Community (1 skill)
Skills written by agents and contributors. Any agent can add a community skill via create-skill.
| Skill | What it does | Cron | Script |
|---|---|---|---|
obsidian-sync |
Syncs OpenClaw memory to an Obsidian vault nightly | daily 10pm | sync.py |
Security & guardrails
Six skills form a defense-in-depth security layer for autonomous agents:
| Threat | Skill | How it works |
|---|---|---|
| Malicious skill installs | skill-vetting |
Pre-install scanner with 6 security flags — rates SAFE / CAUTION / DO NOT INSTALL |
| Prompt injection from external content | prompt-injection-guard |
Detects 6 injection signal types at runtime; blocks on 2+ signals |
| Agent takes destructive action without asking | dangerous-action-guard |
Pre-execution confirmation gate with 5-min expiry and full audit trail |
| Post-install tampering or credential injection | installed-skill-auditor |
Weekly SHA-256 drift detection; checks for INJECTION / CREDENTIAL / EXFILTRATION |
| Silent skill loading failures | skill-doctor |
6 diagnostic checks per skill; surfaces every load-time failure |
| Plaintext secrets in config files | config-encryption-auditor |
Scans for 8 API key patterns + 3 token patterns; auto-fixes permissions |
How it compares
| Feature | openclaw-superpowers | obra/superpowers | Custom prompts |
|---|---|---|---|
| Skills included | 56 | 8 | 0 |
| Self-modifying (agent writes new skills) | Yes | No | No |
| Cron scheduling | 16 scheduled skills | No | No |
| Persistent state across sessions | YAML state schemas | No | No |
| Security guardrails | 6 defense-in-depth skills | No | No |
| Companion scripts with CLI | 25 scripts | No | No |
| Memory graph / knowledge graph | Yes | No | No |
| SQLite session persistence + FTS5 search | Yes | No | No |
| Sub-agent recall with token-budgeted grants | Yes | No | No |
| MCP server health monitoring | Yes | No | No |
| API spend tracking & budget enforcement | Yes | No | No |
| Community feature radar (Reddit scanning) | Yes | No | No |
| Multi-agent coordination | Yes | No | No |
| Works with 24/7 persistent agents | Built for it | Session-only | Session-only |
Architecture
~/.openclaw/extensions/superpowers/
├── skills/
│ ├── core/ # 17 methodology skills (any runtime)
│ │ ├── brainstorming/
│ │ │ └── SKILL.md
│ │ ├── create-skill/
│ │ │ ├── SKILL.md
│ │ │ └── TEMPLATE.md
│ │ └── ...
│ ├── openclaw-native/ # 38 persistent-runtime skills
│ │ ├── memory-graph-builder/
│ │ │ ├── SKILL.md # Skill definition + YAML frontmatter
│ │ │ ├── STATE_SCHEMA.yaml # State shape (committed, versioned)
│ │ │ ├── graph.py # Companion script
│ │ │ └── example-state.yaml # Annotated example
│ │ └── ...
│ └── community/ # Agent-written and contributed skills
├── scripts/
│ └── validate-skills.sh # CI validation
├── tests/
│ └── test-runner.sh
└── install.sh # One-command setup
State model: Each stateful skill commits a STATE_SCHEMA.yaml defining the shape of its runtime data. At install time, install.sh creates ~/.openclaw/skill-state/<skill-name>/state.yaml on your machine. The schema is portable and versioned; the runtime state is local-only and never committed.
Companion scripts
Skills marked with a script ship a small executable alongside their SKILL.md:
- 25 Python scripts (
run.py,audit.py,check.py,guard.py,bridge.py,onboard.py,sync.py,doctor.py,loadout.py,governor.py,detect.py,test.py,radar.py,graph.py,optimize.py,compact.py,intercept.py,score.py,integrity.py,persist.py,recall.py,advise.py,gate.py) — run directly to manipulate state, generate reports, or trigger actions. No extra dependencies;pyyamlis optional but recommended. vet.sh— Pure bash scanner; runs on any system with grep.- Every script supports
--helpand--format json. Dry-run mode available on scripts that make changes. - See the
example-state.yamlin each skill directory for sample state and a commented walkthrough of cron behaviour.
Use cases
Solo developer with a persistent AI agent
Install superpowers, and your agent handles memory cleanup, security audits, and daily briefings on autopilot. You focus on building; the agent maintains itself.
Team running multiple OpenClaw agents
Use
multi-agent-coordinatorfor fleet health checks,skill-loadout-managerto keep system prompts lean per agent role, andheartbeat-governorto prevent runaway cron costs.
Open-source maintainer
community-skill-radarscans Reddit for pain points automatically.skill-vettingcatches malicious community contributions before they're installed.installed-skill-auditordetects post-install tampering.
Security-conscious deployment
Six defense-in-depth skills: pre-install vetting, runtime injection detection, destructive action gates, post-install drift detection, credential scanning, and silent failure diagnosis.
Contributing
- Open a Skill Proposal issue — or just ask your agent to write one using
create-skill - Run
./scripts/validate-skills.sh - Submit a PR — CI validates automatically
- Community skills may be promoted to core over time
Credits
- openclaw/openclaw — the open-source AI agent runtime
- obra/superpowers — Jesse Vincent's skills framework; core skills adapted under MIT license
- OpenLobster — inspiration for memory graph, config encryption auditing, tool-description scoring, and MCP health monitoring
- lossless-claw — inspiration for DAG-based memory compaction, session persistence, sub-agent recall, and delegation grants