openclaw plugins.
Typical CLI workflow: find a package, install it from ClawHub, npm, git, or a
local path, let the managed Gateway auto-restart (or restart it manually), then
verify the plugin’s runtime registrations.
Use the Control UI
Open Plugins in the Control UI, or use/settings/plugins relative to the
configured Control UI base path. For example, a base path of /openclaw uses
/openclaw/settings/plugins. The page has two tabs:
- Installed shows the full local inventory grouped by category (channels,
model providers, memory, tools). Each row opens a detail view; its overflow
(
…) menu enables or disables the plugin and, for externally installed plugins, offers Remove. The tab also lists the configured MCP servers with the same menu-driven enable, disable, and remove actions, editingmcp.serversin the Gateway configuration. - Discover is the store: featured plugins included with OpenClaw, official external plugins, and a curated connector shelf. Connector cards either add a hosted MCP server in one click (GitHub, Notion, Linear, Sentry, Home Assistant) or jump into a prefilled ClawHub search. Typing in the search box queries ClawHub inline and appends a From ClawHub section with download counts and source-verification badges.
operator.read. Install, enable, disable,
remove, and MCP server changes require operator.admin. A ClawHub install is
performed by the Gateway and preserves its trust, integrity, and plugin-install
policy checks. Enabling an installed plugin as an administrator also records
that explicit trust by adding the selected plugin to an existing restrictive
plugins.allow list. An explicit plugins.deny entry remains authoritative and
must be removed before enabling the plugin.
Installing or removing plugin code requires a Gateway restart. Enablement
changes can be applied without a restart when the installed plugin and current
Gateway runtime support it; otherwise the UI tells you a restart is required.
OAuth-backed MCP connectors still need a one-time openclaw mcp login <name>
from the CLI after they are added.
The Control UI does not install from arbitrary npm, git, or local-path sources,
update plugins, or expose rich plugin configuration. Use the CLI workflows
below for those operations.
List and search plugins
--json for scripts:
plugins list is a cold inventory check: what OpenClaw can discover from
config, manifests, and the persisted plugin registry. It does not prove an
already-running Gateway imported the plugin runtime. JSON output includes
registry diagnostics and each plugin’s dependencyStatus (whether declared
dependencies/optionalDependencies resolve on disk).
plugins search queries ClawHub for installable plugin packages and prints
an install hint (openclaw plugins install clawhub:<package>) per result.
Enable and disable plugins
enable after install.
Install plugins
clawhub:, npm:, git:, or
npm-pack: for deterministic source selection. OpenClaw’s bundled and official
catalog packages are trusted alongside ClawHub packages. New arbitrary npm,
git, local path/archive, npm-pack:, or marketplace sources require
--force in noninteractive installs after you review
and trust the source.
--force confirms a non-ClawHub source without prompting and overwrites an
existing install target when needed. For routine upgrades of a tracked npm,
ClawHub, or hook-pack install, use openclaw plugins update instead. With
--link, --force only confirms the source; the linked directory is not
copied or overwritten.
Restart and inspect
A running managed Gateway with config reload enabled restarts automatically after installing, updating, or uninstalling plugin code. If the Gateway is unmanaged or reload is disabled, restart it yourself before checking live runtime surfaces:inspect --runtime loads the plugin module and proves it registered runtime
surfaces (tools, hooks, services, Gateway methods, HTTP routes, plugin-owned
CLI commands). Plain inspect and list are cold manifest/config/registry
checks only.
Update plugins
@beta) and exact pinned versions carry over to later update <plugin-id>
runs.
openclaw plugins update --all is the bulk maintenance path. It still
respects ordinary tracked install specs, but trusted official OpenClaw
plugin records sync to the current official catalog target instead of
staying pinned to a stale exact official package; when update.channel is
beta, that sync prefers the beta release line. Use a targeted
update <plugin-id> to keep an exact or tagged official spec untouched.
For npm installs, pass an explicit package spec to switch the tracked
record:
openclaw plugins for the exact fallback and
pinning rules.
Uninstall plugins
plugins.load.paths entries when
applicable. The managed install directory is removed unless you pass
--keep-files. A running managed Gateway restarts automatically when the
uninstall changes plugin source.
In Nix mode (OPENCLAW_NIX_MODE=1), plugin install, update, uninstall,
enable, and disable are all disabled; manage those choices in the Nix source
for the install instead.
Choose a source
Managed local path installs must be plugin directories or archives. Put
standalone plugin files in
plugins.load.paths instead of installing them
with plugins install.
Publish plugins
ClawHub is the primary public discovery surface for OpenClaw plugins. Publish there when you want users to find plugin metadata, version history, registry scan results, and install hints before they install.openclaw.plugin.json) plus
package.json metadata before publishing:
package.json
- ClawHub publishing explains owners, scopes, releases, review, package validation, and package transfer.
- Building plugins shows the full plugin
package shape (including
openclaw.plugin.json) and first publish workflow. - Plugin manifest defines native plugin manifest fields.
clawhub: or npm: prefix to force one source.
Related
- Plugins - install, configure, restart, and troubleshoot
openclaw plugins- full CLI reference- Community plugins - public discovery and ClawHub publishing
- ClawHub - registry CLI operations
- Building plugins - create a plugin package
- Plugin manifest - manifest and package metadata