Back to Blog

Most OpenClaw Skills Are Wrappers. The Ones That Matter Aren't.

Adam Rutkowski
March 19, 2026
8 min read
ai-agentsopenclawclawhubragproduct

Jensen Huang stood on the GTC stage on March 16th and said every company needs an OpenClaw strategy. He compared its adoption to Linux. He called it “the operating system for personal AI.”

He’s not wrong. OpenClaw crossed 325,000 GitHub stars in about four months — faster than React accumulated in 13 years. ClawHub, the public skill registry, hosts over 29,000 community-built skills. NVIDIA announced NemoClaw, an enterprise security layer that adds network guardrails and policy enforcement on top of OpenClaw. The ecosystem is real, it’s moving fast, and it’s attracting serious infrastructure investment.

But there’s a problem hiding inside the growth numbers.

The Wrapper Problem

Browse ClawHub for ten minutes and a pattern emerges. The vast majority of skills are thin wrappers around existing APIs. A skill that calls the GitHub API. A skill that queries a weather service. A skill that wraps a Google Workspace endpoint. One prolific publisher has uploaded OAuth API wrappers in bulk.

These skills aren’t useless — they save the agent from figuring out authentication and request formatting. But they don’t give the agent any capability it couldn’t already approximate by reading API docs and making HTTP calls. They’re convenience, not capability.

A Snyk security audit flagged 13.4% of ClawHub skills for critical issues. A separate security scan found 341 skills actively stealing user data. The ClawHavoc campaign distributed hundreds of malicious skills using typosquatted names. OpenClaw has since partnered with VirusTotal and every published skill gets a SHA-256 hash check — but the quality signal remains noisy. When the barrier to publishing is low and the incentive is visibility, you get volume. Volume is not value.

This isn’t a criticism of OpenClaw or ClawHub. It’s the natural lifecycle of every package registry. npm went through it. The Chrome Web Store went through it. The pattern is predictable: explosive growth, a long tail of low-effort entries, and eventually the cream rises. And right now, with AI as the defining topic of the moment, that cycle is running at 10x speed.

But it’s worth asking: what does a skill look like when it actually changes what an agent can do?

What Makes a Skill Worth Installing

A wrapper skill gives an agent a shortcut. A meaningful skill gives an agent a capability it fundamentally cannot replicate on its own.

The distinction matters because of what agents are bad at. An LLM can write code, summarize text, answer questions, and reason about structured data that fits in its context window. What it cannot do:

  • Process binary files. An agent would struggle to OCR a scanned PDF, extract images from a DOCX, or parse a Parquet file. Some of these it can’t open at all.
  • Work across thousands of documents. A corpus of 10,000 files doesn’t fit in any context window. The agent needs something else to have already indexed, extracted, and structured that data. This is the problem RAG was supposed to solve — chunk documents, embed them, retrieve relevant pieces at query time. But RAG gives you text fragments with similarity scores. It doesn’t extract entities, build relationship graphs, or tell you how two people are connected across 500 documents. It retrieves. It doesn’t understand.
  • Build durable state. An agent’s context resets between sessions. If you need entity extraction across a corpus that grows over time, the agent needs infrastructure that persists.
  • Do compute-intensive NLP. Named entity recognition, relationship graphing, co-occurrence analysis — these require processing pipelines, not prompt engineering. And not just pipelines, but custom-built logic for handling edge cases across dozens of entity types, format-specific extraction rules, and deduplication across documents that an LLM would never encounter in a single session.

A skill that bridges one of these gaps gives the agent a genuine new capability. A skill that wraps a REST API gives it a slightly shorter path to something it could already do.

The Infrastructure Gap

The interesting skills on ClawHub are the ones that sit on top of real infrastructure. A skill backed by a search engine. A skill backed by a processing pipeline. A skill backed by a database that the agent can query but couldn’t build.

This is the pattern that Jensen Huang’s “agent-as-a-service” prediction points toward. The value isn’t in the skill file itself — it’s in what’s running behind it. The SKILL.md is a thin interface. The infrastructure is the product.

When you look at it this way, the question for anyone building a ClawHub skill isn’t “what API can I wrap?” It’s “what can my infrastructure do that an LLM fundamentally cannot?”

What This Looks Like in Practice

We recently published two skills on ClawHub — one positioned for investigative intelligence, one for general document ETL and entity extraction. Before publishing, we had an OpenClaw agent test the platform end-to-end with zero prior knowledge of how it worked.

The agent picked up the developer guide from the API (a self-teaching pattern where the platform serves its own documentation to the agent at runtime), authenticated, and ran an investigation against a corpus of several hundred documents.

In about ten minutes, the agent had identified over 3,000 entities across the corpus and:

  • Searched across all documents and identified relevant hits
  • Pulled entity profiles for people, organizations, and crypto addresses
  • Traced relationship paths between entities through co-occurring documents
  • Mapped a financial network involving wire transfers and a 28-wallet Bitcoin cluster
  • Retrieved the source documents backing each connection

The agent graded the experience. Search quality and performance: A+. Relationship graphing: A+. API design: A+. Upload experience: B (great feedback that resulted in immediate improvements to that experience going forward). Overall: A, 9.3 out of 10.

The interesting part wasn’t the grades. It was watching the agent do something that would have taken a human investigator months or years — not because the agent is smarter, but because it had access to infrastructure that had already done the heavy lifting. The documents were already ingested, the entities already extracted, the graph already built. The agent just queried it.

That’s the difference between a wrapper and a capability.

Where the Ecosystem Goes From Here

OpenClaw is four months old. ClawHub will probably double in size by summer. NemoClaw will move from alpha to production and bring enterprise security controls that make the ecosystem viable for regulated industries. The skill count will keep climbing.

But the skills that matter — the ones that survive the inevitable quality shakeout — will be the ones backed by real infrastructure. The ones that give agents access to capabilities that don’t fit in a context window. Document processing. Data pipelines. Search indices. Knowledge graphs. Compute-intensive analysis.

The wrapper skills will keep getting published. Some will be useful. Many will be noise. The ecosystem needs better quality signals, and that’s a problem ClawHub and the community will have to solve together.

In the meantime, if you’re building a skill, ask yourself: does this give an agent something it couldn’t do before? Or does it just give it a shortcut to something it already could?

The answer to that question is the difference between a skill that matters and one that doesn’t.

We publish Ingestigate and CorpusGraph skills on ClawHub. If you’re building agents that need to work with real-world document collections, the Agents page has details on what’s available and how to connect.