Openclaw Superpowers
44 plug-and-play skills for OpenClaw β self-modifying AI agent with cron scheduling, security guardrails, persistent memory, knowledge graphs, and MCP health monitoring. Your agent teaches itself new behaviors during conversation.
Ask AI about Openclaw Superpowers
Powered by Claude Β· Grounded in docs
I know everything about Openclaw Superpowers. Ask me about installation, configuration, usage, or troubleshooting.
0/500
Reviews
Documentation
openclaw-superpowers
56 ready-to-use skills that make your AI agent autonomous, self-healing, and self-improving.
A plug-and-play skill library for OpenClaw β the open-source AI agent runtime. Gives your agent structured thinking, security guardrails, persistent memory, cron scheduling, self-recovery, and the ability to write its own new skills during conversation.
Built for developers who want their AI agent to run autonomously 24/7, not just respond to prompts in a chat window.
Inspired by obra/superpowers. Extended for agents that never sleep.
Why this exists
Most AI agent frameworks give you a chatbot that forgets everything between sessions. OpenClaw is different β it runs persistently, handles multi-hour tasks, and has native cron scheduling. But out of the box, it doesn't know how to use those capabilities well.
openclaw-superpowers bridges that gap. Install 56 skills in one command, and your agent immediately knows how to:
- Think before it acts β brainstorming, planning, and systematic debugging skills prevent the "dive in and break things" failure mode
- Protect itself β 6 security skills detect prompt injection, block dangerous actions, audit installed code, and scan for leaked credentials
- Run unattended β 12 cron-scheduled skills handle memory cleanup, health checks, budget tracking, and community monitoring while you sleep
- Recover from failures β self-recovery, loop-breaking, and task handoff skills keep long-running work alive across crashes and restarts
- Never forget β DAG-based memory compaction, integrity checking, context scoring, and SQLite session persistence ensure the agent preserves critical information even in month-long conversations
- Improve itself β the agent can write new skills during normal conversation using
create-skill, encoding your preferences as permanent behaviors
The self-modifying agent
This is what makes openclaw-superpowers different from every other plugin library:
"Every time I do a code review, check for security issues first."
Your agent invokes create-skill, writes a new SKILL.md, and that behavior is live β immediately, permanently, no restart needed. The agent encodes your preferences as durable skills. You describe what you want. It teaches itself.
The community-skill-radar skill takes this further: it scans Reddit every 3 days for pain points and feature requests from the OpenClaw community, scores them by signal strength, and writes a prioritized PROPOSALS.md β so the agent (or you) always knows what to build next.
Quickstart
git clone https://github.com/ArchieIndian/openclaw-superpowers ~/.openclaw/extensions/superpowers
cd ~/.openclaw/extensions/superpowers && ./install.sh
openclaw gateway restart
install.sh symlinks all 56 skills, creates state directories for stateful skills, and registers cron jobs β everything in one step. That's it. Your agent now has superpowers.
Important: install does not force behavior
Installing these skills does not guarantee that OpenClaw will follow using-superpowers or any other skill on every turn.
Why:
SOUL.mdandAGENTS.mdare prompt inputs, not hard enforcement.- Skills are exposed as available capabilities, and the model decides whether to read and apply them.
- Changes to installed skills are safest to validate in a fresh OpenClaw session.
For best results:
-
Start a new OpenClaw session after installation.
-
Verify the skill is eligible:
openclaw skills list --eligible openclaw skills info using-superpowers -
Put mandatory operating rules in
AGENTS.md, not onlySOUL.md. -
Keep
AGENTS.mdandSOUL.mdconcise so they are less likely to be truncated.
If you need deterministic behavior:
- Move critical workflow rules into
AGENTS.md. - Use OpenClaw hooks or plugins to enforce behavior at runtime.
- Do not rely on
SOUL.mdalone to force deterministic skill execution.
Skills included
Core (17 skills)
Methodology skills that work in any AI agent runtime. Adapted from obra/superpowers plus new additions for skill quality assurance.
| Skill | What it does | Script |
|---|---|---|
using-superpowers | Bootstrap β teaches the agent how to find and invoke skills | β |
brainstorming | Structured ideation before any implementation | β |
writing-plans | Clear, reviewable implementation plans | β |
executing-plans | Executes plans step-by-step with verification | β |
systematic-debugging | 4-phase root cause process before any fix | β |
verification-before-completion | Ensures tasks are done, not just attempted | β |
test-driven-development | Red-green-refactor discipline | β |
subagent-driven-development | Parallel subagent execution for complex tasks | β |
create-skill | Writes new skills during conversation | β |
skill-vetting | Security scanner for ClawHub skills before installing | vet.sh |
project-onboarding | Crawls a new codebase to generate a PROJECT.md context file | onboard.py |
fact-check-before-trust | Secondary verification pass for factual claims before acting on them | β |
skill-trigger-tester | Scores a skill's description against sample prompts to predict trigger reliability | test.py |
skill-conflict-detector | Detects name shadowing and description-overlap conflicts between installed skills | detect.py |
skill-portability-checker | Validates OS/binary dependencies in companion scripts; catches non-portable calls | check.py |
pull-request-feedback-loop | Handles PR review comments as grouped, verified fix loops | β |
skill-effectiveness-auditor | Reviews whether a skill will trigger reliably and guide useful behavior | β |
OpenClaw-Native (38 skills)
Skills that require OpenClaw's persistent runtime β cron scheduling, session state, or long-running execution. These are the skills that make a 24/7 autonomous agent actually work reliably.
| Skill | What it does | Cron | Script |
|---|---|---|---|
long-running-task-management | Breaks multi-hour tasks into checkpointed stages with resume | every 15 min | β |
persistent-memory-hygiene | Keeps the agent's memory store clean and useful over time | daily 11pm | β |
task-handoff | Gracefully hands off incomplete tasks across agent restarts | β | β |
agent-self-recovery | Detects when the agent is stuck in a loop and escapes | β | β |
context-window-management | Prevents context overflow on long-running sessions | β | β |
daily-review | End-of-day structured summary and next-session prep | weekdays 6pm | β |
morning-briefing | Daily briefing: priorities, active tasks, pending handoffs | weekdays 7am | run.py |
secrets-hygiene | Audits installed skills for stale credentials and orphaned secrets | Mondays 9am | audit.py |
workflow-orchestration | Chains skills into resumable named workflows with on-failure conditions | β | run.py |
quality-gate-orchestrator | Tracks required validation gates and reports completion readiness | β | gate.py |
context-budget-guard | Estimates context usage and triggers compaction before overflow | β | check.py |
prompt-injection-guard | Detects injection attempts in external content before the agent acts | β | guard.py |
spend-circuit-breaker | Tracks API spend against a monthly budget; pauses crons at 100% | every 4h | check.py |
dangerous-action-guard | Requires explicit user confirmation before irreversible actions | β | audit.py |
loop-circuit-breaker | Detects infinite retry loops from deterministic errors and breaks them | β | check.py |
workspace-integrity-guardian | Detects drift or tampering in SOUL.md, AGENTS.md, MEMORY.md | Sundays 3am | guard.py |
multi-agent-coordinator | Manages parallel agent fleets: health checks, consistency, handoffs | β | run.py |
cron-hygiene | Audits cron skills for session mode waste and token efficiency | Mondays 9am | audit.py |
channel-context-bridge | Writes a context card at session end for seamless channel switching | β | bridge.py |
skill-doctor | Diagnoses silent skill discovery failures β YAML errors, path violations, schema mismatches | β | doctor.py |
installed-skill-auditor | Weekly post-install audit of all skills for injection, credentials, and drift | Mondays 9am | audit.py |
skill-loadout-manager | Named skill profiles to manage active skill sets and prevent system prompt bloat | β | loadout.py |
skill-compatibility-checker | Checks installed skills against the current OpenClaw version for feature compatibility | β | check.py |
heartbeat-governor | Enforces per-skill execution budgets for cron skills; auto-pauses runaway skills | every hour | governor.py |
community-skill-radar | Scans Reddit for OpenClaw pain points and feature requests; writes prioritized PROPOSALS.md | every 3 days | radar.py |
memory-graph-builder | Parses MEMORY.md into a knowledge graph; detects duplicates, contradictions, stale entries | daily 10pm | graph.py |
config-encryption-auditor | Scans config directories for plaintext API keys, tokens, and world-readable permissions | Sundays 9am | audit.py |
openclaw-config-advisor | Diagnoses provider, fallback, channel, MCP, and gateway config issues | β | advise.py |
tool-description-optimizer | Scores skill descriptions for trigger quality β clarity, specificity, keyword density β and suggests rewrites | β | optimize.py |
mcp-health-checker | Monitors MCP server connections for health, latency, and availability; detects stale connections | every 6h | check.py |
memory-dag-compactor | Builds hierarchical summary DAGs from MEMORY.md with depth-aware prompts (d0 leaf β d3+ durable) | daily 11pm | compact.py |
large-file-interceptor | Detects oversized files, generates structural exploration summaries, stores compact references | β | intercept.py |
context-assembly-scorer | Scores how well current context represents full conversation; detects blind spots | every 4h | score.py |
compaction-resilience-guard | Monitors compaction for failures; enforces normal β aggressive β deterministic fallback chain | β | guard.py |
memory-integrity-checker | Validates summary DAGs for orphans, circular refs, token inflation, broken lineage | Sundays 3am | integrity.py |
session-persistence | Imports session transcripts into SQLite with FTS5 full-text search; queryable message history | every 15 min | persist.py |
dag-recall | Walks the memory DAG to recall detailed context on demand β query, expand, and assemble cited answers | β | recall.py |
expansion-grant-guard | YAML-based delegation grant ledger β scoped permission grants with token budgets and auto-expiry | β | guard.py |
Community (1 skill)
Skills written by agents and contributors. Any agent can add a community skill via create-skill.
| Skill | What it does | Cron | Script |
|---|---|---|---|
obsidian-sync | Syncs OpenClaw memory to an Obsidian vault nightly | daily 10pm | sync.py |
Security & guardrails
Six skills form a defense-in-depth security layer for autonomous agents:
| Threat | Skill | How it works |
|---|---|---|
| Malicious skill installs | skill-vetting | Pre-install scanner with 6 security flags β rates SAFE / CAUTION / DO NOT INSTALL |
| Prompt injection from external content | prompt-injection-guard | Detects 6 injection signal types at runtime; blocks on 2+ signals |
| Agent takes destructive action without asking | dangerous-action-guard | Pre-execution confirmation gate with 5-min expiry and full audit trail |
| Post-install tampering or credential injection | installed-skill-auditor | Weekly SHA-256 drift detection; checks for INJECTION / CREDENTIAL / EXFILTRATION |
| Silent skill loading failures | skill-doctor | 6 diagnostic checks per skill; surfaces every load-time failure |
| Plaintext secrets in config files | config-encryption-auditor | Scans for 8 API key patterns + 3 token patterns; auto-fixes permissions |
How it compares
| Feature | openclaw-superpowers | obra/superpowers | Custom prompts |
|---|---|---|---|
| Skills included | 56 | 8 | 0 |
| Self-modifying (agent writes new skills) | Yes | No | No |
| Cron scheduling | 16 scheduled skills | No | No |
| Persistent state across sessions | YAML state schemas | No | No |
| Security guardrails | 6 defense-in-depth skills | No | No |
| Companion scripts with CLI | 25 scripts | No | No |
| Memory graph / knowledge graph | Yes | No | No |
| SQLite session persistence + FTS5 search | Yes | No | No |
| Sub-agent recall with token-budgeted grants | Yes | No | No |
| MCP server health monitoring | Yes | No | No |
| API spend tracking & budget enforcement | Yes | No | No |
| Community feature radar (Reddit scanning) | Yes | No | No |
| Multi-agent coordination | Yes | No | No |
| Works with 24/7 persistent agents | Built for it | Session-only | Session-only |
Architecture
~/.openclaw/extensions/superpowers/
βββ skills/
β βββ core/ # 17 methodology skills (any runtime)
β β βββ brainstorming/
β β β βββ SKILL.md
β β βββ create-skill/
β β β βββ SKILL.md
β β β βββ TEMPLATE.md
β β βββ ...
β βββ openclaw-native/ # 38 persistent-runtime skills
β β βββ memory-graph-builder/
β β β βββ SKILL.md # Skill definition + YAML frontmatter
β β β βββ STATE_SCHEMA.yaml # State shape (committed, versioned)
β β β βββ graph.py # Companion script
β β β βββ example-state.yaml # Annotated example
β β βββ ...
β βββ community/ # Agent-written and contributed skills
βββ scripts/
β βββ validate-skills.sh # CI validation
βββ tests/
β βββ test-runner.sh
βββ install.sh # One-command setup
State model: Each stateful skill commits a STATE_SCHEMA.yaml defining the shape of its runtime data. At install time, install.sh creates ~/.openclaw/skill-state/<skill-name>/state.yaml on your machine. The schema is portable and versioned; the runtime state is local-only and never committed.
Companion scripts
Skills marked with a script ship a small executable alongside their SKILL.md:
- 25 Python scripts (
run.py,audit.py,check.py,guard.py,bridge.py,onboard.py,sync.py,doctor.py,loadout.py,governor.py,detect.py,test.py,radar.py,graph.py,optimize.py,compact.py,intercept.py,score.py,integrity.py,persist.py,recall.py,advise.py,gate.py) β run directly to manipulate state, generate reports, or trigger actions. No extra dependencies;pyyamlis optional but recommended. vet.shβ Pure bash scanner; runs on any system with grep.- Every script supports
--helpand--format json. Dry-run mode available on scripts that make changes. - See the
example-state.yamlin each skill directory for sample state and a commented walkthrough of cron behaviour.
Use cases
Solo developer with a persistent AI agent
Install superpowers, and your agent handles memory cleanup, security audits, and daily briefings on autopilot. You focus on building; the agent maintains itself.
Team running multiple OpenClaw agents
Use
multi-agent-coordinatorfor fleet health checks,skill-loadout-managerto keep system prompts lean per agent role, andheartbeat-governorto prevent runaway cron costs.
Open-source maintainer
community-skill-radarscans Reddit for pain points automatically.skill-vettingcatches malicious community contributions before they're installed.installed-skill-auditordetects post-install tampering.
Security-conscious deployment
Six defense-in-depth skills: pre-install vetting, runtime injection detection, destructive action gates, post-install drift detection, credential scanning, and silent failure diagnosis.
Contributing
- Open a Skill Proposal issue β or just ask your agent to write one using
create-skill - Run
./scripts/validate-skills.sh - Submit a PR β CI validates automatically
- Community skills may be promoted to core over time
Credits
- openclaw/openclaw β the open-source AI agent runtime
- obra/superpowers β Jesse Vincent's skills framework; core skills adapted under MIT license
- OpenLobster β inspiration for memory graph, config encryption auditing, tool-description scoring, and MCP health monitoring
- lossless-claw β inspiration for DAG-based memory compaction, session persistence, sub-agent recall, and delegation grants