From f5b0eca12a75f0388c867b4fa182cd176be07968 Mon Sep 17 00:00:00 2001 From: Kevin Lin Date: Mon, 11 May 2026 15:59:27 -0700 Subject: [PATCH] docs: reorganize tools automation nav (#80116) * docs: reorganize tools automation nav * docs: add nav spec glossary terms * docs: refresh nav spec validation * docs: keep capabilities nav grouped * docs: refactor tools overview * docs: restore tools overview coverage * add doc refactor skill * docs: mark refactored docs schema * docs: remove refactor specs from pr * docs: rename tools overview header --- .gitignore | 2 + CHANGELOG.md | 1 + docs/.i18n/glossary.zh-CN.json | 60 +++++ docs/automation/cron-jobs.md | 2 +- docs/automation/cron-vs-heartbeat.md | 2 +- docs/automation/index.md | 3 +- docs/automation/standing-orders.md | 2 +- docs/automation/tasks.md | 4 +- docs/docs.json | 4 +- docs/gateway/heartbeat.md | 4 +- docs/help/faq-first-run.md | 2 +- docs/help/faq.md | 4 +- docs/refactor/ingress-core.md | 4 +- docs/start/hubs.md | 2 +- docs/tools/index.md | 335 +++++++++++---------------- docs/tools/lobster.md | 2 +- 16 files changed, 219 insertions(+), 214 deletions(-) diff --git a/.gitignore b/.gitignore index 932dc39b7ac..f4507163ad8 100644 --- a/.gitignore +++ b/.gitignore @@ -118,6 +118,8 @@ USER.md !.agents/skills/gitcrawl/ !.agents/skills/gitcrawl/** !.agents/skills/openclaw-docs/** +!.agents/skills/openclaw-refactor-docs/ +!.agents/skills/openclaw-refactor-docs/** !.agents/skills/openclaw-debugging/ !.agents/skills/openclaw-debugging/** !.agents/skills/openclaw-ghsa-maintainer/ diff --git a/CHANGELOG.md b/CHANGELOG.md index 501f754071f..e555333802c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,7 @@ Docs: https://docs.openclaw.ai - Runtime/Fly: detect Fly Machines as container environments from their runtime env vars, so gateway bind and Bonjour defaults match remote container launches. (#80209) Thanks @liorb-mountapps. - Providers/fal: route GPT Image 2 and Nano Banana 2 reference-image edit requests to `/edit` with `image_urls` array, enforce NB2 edit geometry using `aspect_ratio` and `resolution` params, lift Fal edit mode input-image caps to 10 for GPT Image 2 and 14 for Nano Banana 2, and allow aspect-ratio hints in edit mode. (#77295) Thanks @leoge007. - Control UI: show a plain HTML recovery panel when the app module never registers, giving blank dashboard pages a retry path and browser-extension troubleshooting link. Fixes #44107. Thanks @BunsDev. +- Docs: rename the broad tools nav to Capabilities, keep automation and agent coordination as sections, and keep the tools overview focused on tools, skills, and plugins. https://docs.openclaw.ai/tools - Build: enable additional low-churn oxlint rules for promise, TypeScript, and runtime footgun checks. - Build: enable stricter Vitest lint rules for focused, disabled, conditional, hook, matcher, and expectation hazards. diff --git a/docs/.i18n/glossary.zh-CN.json b/docs/.i18n/glossary.zh-CN.json index 65ad8c14e75..5a70a9b936a 100644 --- a/docs/.i18n/glossary.zh-CN.json +++ b/docs/.i18n/glossary.zh-CN.json @@ -867,6 +867,66 @@ "source": "/cli/config", "target": "/cli/config" }, + { + "source": "Automation", + "target": "自动化" + }, + { + "source": "Tools, skills, and plugins", + "target": "工具、技能和插件" + }, + { + "source": "Capabilities", + "target": "能力" + }, + { + "source": "Overview", + "target": "概览" + }, + { + "source": "Tools, skills, and plugins overview", + "target": "工具、技能和插件概览" + }, + { + "source": "Tools overview", + "target": "工具概览" + }, + { + "source": "Automation overview", + "target": "自动化概览" + }, + { + "source": "Sub-agents", + "target": "子智能体" + }, + { + "source": "ACP agents", + "target": "ACP 智能体" + }, + { + "source": "Tools and custom providers", + "target": "工具和自定义提供商" + }, + { + "source": "Exec approvals", + "target": "Exec 审批" + }, + { + "source": "Elevated exec", + "target": "提升权限的 Exec" + }, + { + "source": "Sandbox vs tool policy vs elevated", + "target": "沙箱、工具策略和提升权限" + }, + { + "source": "Per-agent sandbox and tool restrictions", + "target": "按 Agent 配置的沙箱和工具限制" + }, + { + "source": "Agents", + "target": "智能体" + }, { "source": "fs-safe Cleanup Plan", "target": "fs-safe Cleanup Plan" diff --git a/docs/automation/cron-jobs.md b/docs/automation/cron-jobs.md index 3c09c5b1174..e686711efec 100644 --- a/docs/automation/cron-jobs.md +++ b/docs/automation/cron-jobs.md @@ -486,7 +486,7 @@ openclaw doctor ## Related -- [Automation & Tasks](/automation) — all automation mechanisms at a glance +- [Automation](/automation) — all automation mechanisms at a glance - [Background Tasks](/automation/tasks) — task ledger for cron executions - [Heartbeat](/gateway/heartbeat) — periodic main-session turns - [Timezone](/concepts/timezone) — timezone configuration diff --git a/docs/automation/cron-vs-heartbeat.md b/docs/automation/cron-vs-heartbeat.md index a5a112fa422..4f2ebf54faa 100644 --- a/docs/automation/cron-vs-heartbeat.md +++ b/docs/automation/cron-vs-heartbeat.md @@ -3,7 +3,7 @@ summary: "Redirect to /automation" title: "Cron vs heartbeat" --- -The decision guide for cron vs heartbeat lives under [Automation and tasks](/automation). +The decision guide for cron vs heartbeat lives under [Automation](/automation). ## Related diff --git a/docs/automation/index.md b/docs/automation/index.md index abee5f81155..ed1a1f29cbc 100644 --- a/docs/automation/index.md +++ b/docs/automation/index.md @@ -1,10 +1,11 @@ --- +doc-schema-version: 1 summary: "Overview of automation mechanisms: tasks, cron, hooks, standing orders, and Task Flow" read_when: - Deciding how to automate work with OpenClaw - Choosing between heartbeat, cron, commitments, hooks, and standing orders - Looking for the right automation entry point -title: "Automation and tasks" +title: "Automation" --- OpenClaw runs work in the background through tasks, scheduled jobs, inferred diff --git a/docs/automation/standing-orders.md b/docs/automation/standing-orders.md index 51bb285ff39..46c9bf2916a 100644 --- a/docs/automation/standing-orders.md +++ b/docs/automation/standing-orders.md @@ -243,7 +243,7 @@ Each program should have: ## Related -- [Automation and tasks](/automation): all automation mechanisms at a glance. +- [Automation](/automation): all automation mechanisms at a glance. - [Cron jobs](/automation/cron-jobs): schedule enforcement for standing orders. - [Hooks](/automation/hooks): event-driven scripts for agent lifecycle events. - [Webhooks](/automation/cron-jobs#webhooks): inbound HTTP event triggers. diff --git a/docs/automation/tasks.md b/docs/automation/tasks.md index 707503940fb..6c0efd411a8 100644 --- a/docs/automation/tasks.md +++ b/docs/automation/tasks.md @@ -9,7 +9,7 @@ sidebarTitle: "Background tasks" --- -Looking for scheduling? See [Automation and tasks](/automation) for choosing the right mechanism. This page is the activity ledger for background work, not the scheduler. +Looking for scheduling? See [Automation](/automation) for choosing the right mechanism. This page is the activity ledger for background work, not the scheduler. Background tasks track work that runs **outside your main conversation session**: ACP runs, subagent spawns, isolated cron job executions, and CLI-initiated operations. @@ -367,7 +367,7 @@ A sweeper runs every **60 seconds** and handles four things: ## Related -- [Automation & Tasks](/automation) - all automation mechanisms at a glance +- [Automation](/automation) - all automation mechanisms at a glance - [CLI: Tasks](/cli/tasks) - CLI command reference - [Heartbeat](/gateway/heartbeat) - periodic main-session turns - [Scheduled Tasks](/automation/cron-jobs) - scheduling background work diff --git a/docs/docs.json b/docs/docs.json index 13c7482f3ea..71414fa8192 100644 --- a/docs/docs.json +++ b/docs/docs.json @@ -1179,7 +1179,7 @@ ] }, { - "tab": "Tools & Plugins", + "tab": "Capabilities", "groups": [ { "group": "Overview", @@ -1250,7 +1250,7 @@ ] }, { - "group": "Automation and tasks", + "group": "Automation", "pages": [ "automation/index", "automation/cron-jobs", diff --git a/docs/gateway/heartbeat.md b/docs/gateway/heartbeat.md index 5ea320ded43..e458fdddf11 100644 --- a/docs/gateway/heartbeat.md +++ b/docs/gateway/heartbeat.md @@ -8,7 +8,7 @@ sidebarTitle: "Heartbeat" --- -**Heartbeat vs cron?** See [Automation & Tasks](/automation) for guidance on when to use each. +**Heartbeat vs cron?** See [Automation](/automation) for guidance on when to use each. Heartbeat runs **periodic agent turns** in the main session so the model can surface anything that needs attention without spamming you. @@ -485,7 +485,7 @@ Current heartbeats preserve the shared session's existing runtime model after th ## Related -- [Automation & Tasks](/automation) — all automation mechanisms at a glance +- [Automation](/automation) — all automation mechanisms at a glance - [Background Tasks](/automation/tasks) — how detached work is tracked - [Timezone](/concepts/timezone) — how timezone affects heartbeat scheduling - [Troubleshooting](/automation/cron-jobs#troubleshooting) — debugging automation issues diff --git a/docs/help/faq-first-run.md b/docs/help/faq-first-run.md index 964f0875f2f..8340cd1715e 100644 --- a/docs/help/faq-first-run.md +++ b/docs/help/faq-first-run.md @@ -74,7 +74,7 @@ and troubleshooting see the main [FAQ](/help/faq). In task mode, due timestamps are only advanced after a real heartbeat run completes. Skipped runs do not mark tasks as completed. - Docs: [Heartbeat](/gateway/heartbeat), [Automation & Tasks](/automation). + Docs: [Heartbeat](/gateway/heartbeat), [Automation](/automation). diff --git a/docs/help/faq.md b/docs/help/faq.md index 6467f2408fe..b55a57f8c98 100644 --- a/docs/help/faq.md +++ b/docs/help/faq.md @@ -258,7 +258,7 @@ lives on the [First-run FAQ](/help/faq-first-run). openclaw cron runs --id --limit 50 ``` - Docs: [Cron jobs](/automation/cron-jobs), [Automation & Tasks](/automation). + Docs: [Cron jobs](/automation/cron-jobs), [Automation](/automation). @@ -344,7 +344,7 @@ lives on the [First-run FAQ](/help/faq-first-run). - **Heartbeat** for "main session" periodic checks. - **Isolated jobs** for autonomous agents that post summaries or deliver to chats. - Docs: [Cron jobs](/automation/cron-jobs), [Automation & Tasks](/automation), + Docs: [Cron jobs](/automation/cron-jobs), [Automation](/automation), [Heartbeat](/gateway/heartbeat). diff --git a/docs/refactor/ingress-core.md b/docs/refactor/ingress-core.md index 30cdf374a51..5a7528f3003 100644 --- a/docs/refactor/ingress-core.md +++ b/docs/refactor/ingress-core.md @@ -335,7 +335,7 @@ Each work package records: - compatibility code is isolated to SDK/core seams - bundled plugins consume ingress projections or generic outcomes directly - plugin production LOC is at least 1,500 net negative against `origin/main` -- core production LOC is <= +1,500, or any excess is paid for while total stays - <= +2,000 +- core production LOC is `<= +1,500`, or any excess is paid for while total + stays `<= +2,000` - representative tests cover redaction, route, command/event, activation, access-group, and channel-specific fallback behavior diff --git a/docs/start/hubs.md b/docs/start/hubs.md index 45b939f78cb..6b414b8c896 100644 --- a/docs/start/hubs.md +++ b/docs/start/hubs.md @@ -109,7 +109,7 @@ Use these hubs to discover every page, including deep dives and reference docs t - [PDF tool](/tools/pdf) - [Elevated mode](/tools/elevated) - [Cron jobs](/automation/cron-jobs) -- [Automation & Tasks](/automation) +- [Automation](/automation) - [Thinking + verbose](/tools/thinking) - [Models](/concepts/models) - [Sub-agents](/tools/subagents) diff --git a/docs/tools/index.md b/docs/tools/index.md index ca70607619c..b38557eec6e 100644 --- a/docs/tools/index.md +++ b/docs/tools/index.md @@ -1,237 +1,178 @@ --- -summary: "OpenClaw tools and plugins overview: what the agent can do and how to extend it" +doc-schema-version: 1 +summary: "OpenClaw tools, skills, and plugins overview: what agents can call and how to extend them" read_when: - You want to understand what tools OpenClaw provides - - You need to configure, allow, or deny tools - You are deciding between built-in tools, skills, and plugins -title: "Tools and plugins" + - You need the right docs entry point for tool policy, automation, or agent coordination +title: "Overview" --- -Everything the agent does beyond generating text happens through **tools**. -Tools are how the agent reads files, runs commands, browses the web, sends -messages, and interacts with devices. +Use this page to choose the right Capabilities surface. **Tools** are callable +actions, **skills** teach agents how to work, and **plugins** add runtime +capabilities such as tools, providers, channels, hooks, and packaged skills. -## Tools, skills, and plugins +This is an overview and routing page. For exhaustive tool policy, defaults, +group membership, provider restrictions, and configuration fields, use +[Tools and custom providers](/gateway/config-tools). -OpenClaw has three layers that work together: +## Start here + +For most agents, start with the built-in tool categories, then adjust policy +only when the agent should see fewer tools or needs explicit host access. + +| If you need to... | Use this first | Then read | +| ------------------------------------------- | ---------------------------------------------- | ----------------------------------------------------------------------- | +| Let an agent act with existing capabilities | [Built-in tools](#built-in-tool-categories) | [Tool categories](#built-in-tool-categories) | +| Control what an agent can call | [Tool policy](#configure-access-and-approvals) | [Tools and custom providers](/gateway/config-tools) | +| Teach an agent a workflow | [Skills](#choose-tools-skills-or-plugins) | [Skills](/tools/skills) and [Creating skills](/tools/creating-skills) | +| Add a new integration or runtime surface | [Plugins](#extend-capabilities) | [Plugins](/tools/plugin) and [Build plugins](/plugins/building-plugins) | +| Run work later or in the background | [Automation](/automation) | [Automation overview](/automation) | +| Coordinate multiple agents or harnesses | [Sub-agents](/tools/subagents) | [ACP agents](/tools/acp-agents) and [Agent send](/tools/agent-send) | +| Search a large PI tool catalog | [Tool Search](/tools/tool-search) | [Tool Search](/tools/tool-search) | + +## Choose tools, skills, or plugins - - A tool is a typed function the agent can invoke (e.g. `exec`, `browser`, - `web_search`, `message`). OpenClaw ships a set of **built-in tools** and - plugins can register additional ones. + + A tool is a typed function the agent can call, such as `exec`, `browser`, + `web_search`, `message`, or `image_generate`. Use tools when the agent + needs to read data, change files, send messages, call a provider, or operate + another system. Visible tools are sent to the model as structured function + definitions. - The agent sees tools as structured function definitions sent to the model API. + The model only sees tools that survive the active profile, allow/deny + policy, provider restrictions, sandbox state, channel permissions, and + plugin availability. - - A skill is a markdown file (`SKILL.md`) injected into the system prompt. - Skills give the agent context, constraints, and step-by-step guidance for - using tools effectively. Skills live in your workspace, in shared folders, - or ship inside plugins. + + A skill is a `SKILL.md` instruction pack loaded into the agent prompt. Use a + skill when the agent already has the tools it needs, but needs a repeatable + workflow, review rubric, command sequence, or operating constraint. - [Skills reference](/tools/skills) | [Creating skills](/tools/creating-skills) + Skills can live in a workspace, shared skill directory, managed OpenClaw + skill root, or plugin package. + + [Skills](/tools/skills) | [Creating skills](/tools/creating-skills) | [Skills config](/tools/skills-config) - - A plugin is a package that can register any combination of capabilities: - channels, model providers, tools, skills, speech, realtime transcription, - realtime voice, media understanding, image generation, video generation, - web fetch, web search, and more. Some plugins are **core** (shipped with - OpenClaw), others are **external** (published on npm by the community). + + A plugin can add tools, skills, channels, model providers, speech, realtime + voice, media generation, web search, web fetch, hooks, and other runtime + capabilities. Use a plugin when the capability has code, credentials, + lifecycle hooks, manifest metadata, or installable packaging. Existing + plugins can be installed from ClawHub, npm, git, local directories, or + archives. - [Install and configure plugins](/tools/plugin) | [Build your own](/plugins/building-plugins) + [Install and configure plugins](/tools/plugin) | [Build plugins](/plugins/building-plugins) | [Plugin SDK](/plugins/sdk-overview) -## Built-in tools +## Built-in tool categories -These tools ship with OpenClaw and are available without installing any plugins: +The table lists representative tools so you can recognize the surface. It is +not the full policy reference. For exact groups, defaults, and allow/deny +semantics, use [Tools and custom providers](/gateway/config-tools). -| Tool | What it does | Page | -| ------------------------------------------ | --------------------------------------------------------------------- | ------------------------------------------------------------ | -| `exec` / `process` | Run shell commands, manage background processes | [Exec](/tools/exec), [Exec Approvals](/tools/exec-approvals) | -| `code_execution` | Run sandboxed remote Python analysis | [Code Execution](/tools/code-execution) | -| `browser` | Control a Chromium browser (navigate, click, screenshot) | [Browser](/tools/browser) | -| `web_search` / `x_search` / `web_fetch` | Search the web, search X posts, fetch page content | [Web](/tools/web), [Web Fetch](/tools/web-fetch) | -| `read` / `write` / `edit` | File I/O in the workspace | | -| `apply_patch` | Multi-hunk file patches | [Apply Patch](/tools/apply-patch) | -| `message` | Send messages across all channels | [Agent Send](/tools/agent-send) | -| `nodes` | Discover and target paired devices | | -| `cron` / `gateway` | Manage scheduled jobs; inspect, patch, restart, or update the gateway | | -| `image` / `image_generate` | Analyze or generate images | [Image Generation](/tools/image-generation) | -| `music_generate` | Generate music tracks | [Music Generation](/tools/music-generation) | -| `video_generate` | Generate videos | [Video Generation](/tools/video-generation) | -| `tts` | One-shot text-to-speech conversion | [TTS](/tools/tts) | -| `sessions_*` / `subagents` / `agents_list` | Session management, status, and sub-agent orchestration | [Sub-agents](/tools/subagents) | -| `session_status` | Lightweight `/status`-style readback and session model override | [Session Tools](/concepts/session-tool) | - -For image work, use `image` for analysis and `image_generate` for generation or editing. If you target `openai/*`, `google/*`, `fal/*`, or another non-default image provider, configure that provider's auth/API key first. - -For music work, use `music_generate`. If you target `google/*`, `minimax/*`, or another non-default music provider, configure that provider's auth/API key first. - -For video work, use `video_generate`. If you target `qwen/*` or another non-default video provider, configure that provider's auth/API key first. - -For workflow-driven audio generation, use `music_generate` when a plugin such as -ComfyUI registers it. This is separate from `tts`, which is text-to-speech. - -`session_status` is the lightweight status/readback tool in the sessions group. -It answers `/status`-style questions about the current session and can -optionally set a per-session model override; `model=default` clears that -override. Like `/status`, it can backfill sparse token/cache counters and the -active runtime model label from the latest transcript usage entry. - -`gateway` is the owner-only runtime tool for gateway operations: - -- `config.schema.lookup` for one path-scoped config subtree before edits -- `config.get` for the current config snapshot + hash -- `config.patch` for partial config updates with restart -- `config.apply` only for full-config replacement -- `update.run` for explicit self-update + restart - -For partial changes, prefer `config.schema.lookup` then `config.patch`. Use -`config.apply` only when you intentionally replace the entire config. -For broader config docs, read [Configuration](/gateway/configuration) and -[Configuration reference](/gateway/configuration-reference). -The tool also refuses to change `tools.exec.ask` or `tools.exec.security`; -legacy `tools.bash.*` aliases normalize to the same protected exec paths. - -### Plugin-provided tools - -Plugins can register additional tools. Some examples: - -- [Canvas](/plugins/reference/canvas) — experimental bundled plugin for node Canvas control and A2UI rendering -- [Diffs](/tools/diffs) — diff viewer and renderer -- [LLM Task](/tools/llm-task) — JSON-only LLM step for structured output -- [Lobster](/tools/lobster) — typed workflow runtime with resumable approvals -- [Music Generation](/tools/music-generation) — shared `music_generate` tool with workflow-backed providers -- [OpenProse](/prose) — markdown-first workflow orchestration -- [Tokenjuice](/tools/tokenjuice) — compact noisy `exec` and `bash` tool results - -Plugin tools are still authored with `api.registerTool(...)` and declared in -the plugin manifest's `contracts.tools` list. OpenClaw captures the validated -tool descriptor during discovery and caches it by plugin source and contract, so -later tool planning can skip plugin runtime loading. Tool execution still loads -the owning plugin and calls the live registered implementation. - -[Tool Search](/tools/tool-search) is the compact surface -for large catalogs. Instead of putting every OpenClaw, MCP, or client tool -schema into the prompt, OpenClaw can give the model an isolated Node runtime -with `openclaw.tools.search`, `openclaw.tools.describe`, and -`openclaw.tools.call`. Calls still flow back through the Gateway, so tool -policy, approvals, hooks, and session logs remain authoritative. - -## Tool configuration - -### Allow and deny lists - -Control which tools the agent can call via `tools.allow` / `tools.deny` in -config. Deny always wins over allow. - -```json5 -{ - tools: { - allow: ["group:fs", "browser", "web_search"], - deny: ["exec"], - }, -} -``` - -OpenClaw fails closed when an explicit allowlist resolves to no callable tools. -For example, `tools.allow: ["query_db"]` only works if a loaded plugin actually -registers `query_db`. If no built-in, plugin, or bundled MCP tool matches the -allowlist, the run stops before the model call instead of continuing as a -text-only run that could hallucinate tool results. - -### Tool profiles - -`tools.profile` sets a base allowlist before `allow`/`deny` is applied. -Per-agent override: `agents.list[].tools.profile`. - -| Profile | What it includes | -| ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------- | -| `full` | All core and optional plugin tools; unrestricted baseline for broader command/control access | -| `coding` | `group:fs`, `group:runtime`, `group:web`, `group:sessions`, `group:memory`, `cron`, `image`, `image_generate`, `music_generate`, `video_generate` | -| `messaging` | `group:messaging`, `sessions_list`, `sessions_history`, `sessions_send`, `session_status` | -| `minimal` | `session_status` only | +| Category | Use when the agent needs to... | Representative tools | Read next | +| ---------------------- | ----------------------------------------------------------------------------- | -------------------------------------------------------------------- | ---------------------------------------------------------------------- | +| Runtime | Run commands, manage processes, or use provider-backed Python analysis | `exec`, `process`, `code_execution` | [Exec](/tools/exec), [Code execution](/tools/code-execution) | +| Files | Read and change workspace files | `read`, `write`, `edit`, `apply_patch` | [Apply patch](/tools/apply-patch) | +| Web | Search the web, search X posts, or fetch readable page content | `web_search`, `x_search`, `web_fetch` | [Web tools](/tools/web), [Web fetch](/tools/web-fetch) | +| Browser | Operate a browser session | `browser` | [Browser](/tools/browser) | +| Messaging and channels | Send replies or channel actions | `message` | [Agent send](/tools/agent-send) | +| Sessions and agents | Inspect sessions, delegate work, steer another run, or report status | `sessions_*`, `subagents`, `agents_list`, `session_status` | [Sub-agents](/tools/subagents), [Session tool](/concepts/session-tool) | +| Automation | Schedule work or respond to background events | `cron`, `heartbeat_respond` | [Automation](/automation) | +| Gateway and nodes | Inspect Gateway state or paired target devices | `gateway`, `nodes` | [Gateway configuration](/gateway/configuration), [Nodes](/nodes) | +| Media | Analyze, generate, or speak media | `image`, `image_generate`, `music_generate`, `video_generate`, `tts` | [Media overview](/tools/media-overview) | +| Large PI catalogs | Search and call many eligible tools without sending every schema to the model | `tool_search_code`, `tool_search`, `tool_describe` | [Tool Search](/tools/tool-search) | -`tools.profile: "messaging"` is intentionally narrow for channel-focused -agents. It leaves out broader command/control tools such as filesystem, runtime, -browser, canvas, nodes, cron, and gateway control. Use `tools.profile: "full"` -as the unrestricted baseline for broader command/control access, then trim -access with `tools.allow` / `tools.deny` when needed. +Tool Search is an experimental PI-agent surface. Codex harness runs use +Codex-native code mode, native tool search, deferred dynamic tools, and nested +tool calls instead of `tools.toolSearch`. -`coding` includes lightweight web tools (`web_search`, `web_fetch`, `x_search`) -but not the full browser-control tool. Browser automation can drive real -sessions and logged-in profiles, so add it explicitly with -`tools.alsoAllow: ["browser"]` or a per-agent -`agents.list[].tools.alsoAllow: ["browser"]`. +## Plugin-provided tools - -Configuring `tools.exec` or `tools.fs` under a restrictive profile (`messaging`, `minimal`) does not implicitly widen the profile's allowlist. Add explicit `tools.alsoAllow` entries (for example `["exec", "process"]` for exec, or `["read", "write", "edit"]` for fs) when you want a restrictive profile to use those configured sections. OpenClaw logs a startup warning when a config section is present without a matching `alsoAllow` grant. - +Plugins can register additional tools. Plugin authors wire tools through +`api.registerTool(...)` and the manifest's `contracts.tools`; use +[Plugin SDK](/plugins/sdk-overview) and [Plugin manifest](/plugins/manifest) +for contract details. -The `coding` and `messaging` profiles also allow configured bundle MCP tools -under the plugin key `bundle-mcp`. Add `tools.deny: ["bundle-mcp"]` when you -want a profile to keep its normal built-ins but hide all configured MCP tools. -The `minimal` profile does not include bundle MCP tools. +Common plugin-provided tools include: -Example (broadest tool surface by default): +- [Diffs](/tools/diffs) for rendering file and markdown diffs +- [LLM Task](/tools/llm-task) for JSON-only workflow steps +- [Lobster](/tools/lobster) for typed workflows with resumable approvals +- [Tokenjuice](/tools/tokenjuice) for compacting noisy `exec` and `bash` tool + output +- [Tool Search](/tools/tool-search) for discovering and calling large tool + catalogs without putting every schema in the prompt +- [Canvas](/plugins/reference/canvas) for node Canvas control and A2UI + rendering -```json5 -{ - tools: { - profile: "full", - }, -} -``` +## Configure access and approvals -### Tool groups +Tool policy is enforced before the model call. If policy removes a tool, the +model does not receive that tool's schema for the turn. A run can lose tools +because of global config, per-agent config, channel policy, provider +restrictions, sandbox rules, owner-only gating, or plugin availability. -Use `group:*` shorthands in allow/deny lists: +- [Tools and custom providers](/gateway/config-tools) documents tool profiles, + allow/deny lists, provider-specific restrictions, loop detection, and + provider-backed tool settings. +- [Exec approvals](/tools/exec-approvals) documents host command approval + policy. +- [Elevated exec](/tools/elevated) documents controlled execution outside the + sandbox. +- [Sandbox vs tool policy vs elevated](/gateway/sandbox-vs-tool-policy-vs-elevated) explains which layer controls file and process access. +- [Per-agent sandbox and tool restrictions](/tools/multi-agent-sandbox-tools) + documents agent-specific restrictions for delegated runs. -| Group | Tools | -| ------------------ | --------------------------------------------------------------------------------------------------------- | -| `group:runtime` | exec, process, code_execution (`bash` is accepted as an alias for `exec`) | -| `group:fs` | read, write, edit, apply_patch | -| `group:sessions` | sessions_list, sessions_history, sessions_send, sessions_spawn, sessions_yield, subagents, session_status | -| `group:memory` | memory_search, memory_get | -| `group:web` | web_search, x_search, web_fetch | -| `group:ui` | browser, canvas when the bundled Canvas plugin is enabled | -| `group:automation` | heartbeat_respond, cron, gateway | -| `group:messaging` | message | -| `group:nodes` | nodes | -| `group:agents` | agents_list, update_plan | -| `group:media` | image, image_generate, music_generate, video_generate, tts | -| `group:openclaw` | All built-in OpenClaw tools (excludes plugin tools) | +## Extend capabilities -`sessions_history` returns a bounded, safety-filtered recall view. It strips -thinking tags, `` scaffolding, plain-text tool-call XML -payloads (including `...`, -`...`, `...`, -`...`, and truncated tool-call blocks), -downgraded tool-call scaffolding, leaked ASCII/full-width model control -tokens, and malformed MiniMax tool-call XML from assistant text, then applies -redaction/truncation and possible oversized-row placeholders instead of acting -as a raw transcript dump. +Choose the extension path by the job you need OpenClaw to do: -### Provider-specific restrictions +- Install or manage an existing plugin with [Plugins](/tools/plugin). +- Build a new integration, provider, channel, tool, or hook with + [Build plugins](/plugins/building-plugins). +- Add or tune reusable agent instructions with [Skills](/tools/skills) and + [Creating skills](/tools/creating-skills). +- Package reusable workflow material with + [Skill workshop](/plugins/skill-workshop) when the workflow belongs in a + plugin-distributed skill bundle. +- Use [Plugin SDK](/plugins/sdk-overview) and [Plugin manifest](/plugins/manifest) when you need implementation contracts. -Use `tools.byProvider` to restrict tools for specific providers without -changing global defaults: +## Troubleshoot missing tools -```json5 -{ - tools: { - profile: "coding", - byProvider: { - "google-antigravity": { profile: "minimal" }, - }, - }, -} -``` +If the model cannot see or call a tool, start with the effective policy for the +current turn: + +1. Check the active profile, `tools.allow`, and `tools.deny` in + [Tools and custom providers](/gateway/config-tools). +2. Check provider-specific restrictions in + [Tools and custom providers](/gateway/config-tools) and confirm the selected + [model provider](/concepts/model-providers) supports the tool shape. +3. Check channel permissions, sandbox state, and elevated access with + [Sandbox vs tool policy vs elevated](/gateway/sandbox-vs-tool-policy-vs-elevated) and [Elevated exec](/tools/elevated). +4. Check whether the owning plugin is installed and enabled in + [Plugins](/tools/plugin). +5. For delegated runs, check per-agent restrictions in + [Per-agent sandbox and tool restrictions](/tools/multi-agent-sandbox-tools). +6. For large PI catalogs, confirm whether the run uses direct tool exposure or + [Tool Search](/tools/tool-search). + +## Related + +- [Automation](/automation) for cron, tasks, heartbeat, commitments, hooks, standing orders, and Task Flow +- [Agents](/concepts/agent) for the agent model, sessions, memory, and multi-agent coordination +- [Tools and custom providers](/gateway/config-tools) for the canonical tool policy reference +- [Plugins](/tools/plugin) for plugin installation and management +- [Plugin SDK](/plugins/sdk-overview) for plugin author reference +- [Skills](/tools/skills) for skill load order, gating, and config +- [Tool Search](/tools/tool-search) for compact PI tool catalog discovery diff --git a/docs/tools/lobster.md b/docs/tools/lobster.md index e8e209ccbca..0154035eac6 100644 --- a/docs/tools/lobster.md +++ b/docs/tools/lobster.md @@ -360,6 +360,6 @@ One public example: a "second brain" CLI + Lobster pipelines that manage three M ## Related -- [Automation & Tasks](/automation) - scheduling Lobster workflows +- [Automation](/automation) - scheduling Lobster workflows - [Automation Overview](/automation) - all automation mechanisms - [Tools Overview](/tools) - all available agent tools