Skip to main content
The Gateway handles commands sent as standalone messages starting with /. Host-only bash commands use ! <cmd> (with /bash <cmd> as an alias). When a conversation is bound to an ACP session, normal text routes to the ACP harness. Gateway management commands remain local: /acp ... always reaches the OpenClaw command handler, and /status plus /unfocus stay local whenever command handling is enabled for the surface.

Three command types

Commands

Standalone /... messages handled by the Gateway. Must be sent as the only content in the message.

Directives

/think, /fast, /verbose, /trace, /reasoning, /elevated, /exec, /model, /queue — stripped from the message before the model sees it. Persist session settings when sent alone; act as inline hints when sent with other text.

Inline shortcuts

/help, /commands, /status, /whoami — run immediately and are stripped before the model sees the remaining text. Authorized senders only.
  • Directives are stripped from the message before the model sees it.
  • In directive-only messages (the message is only directives), they persist to the session and reply with an acknowledgement.
  • In normal chat messages with other text, they act as inline hints and do not persist session settings.
  • Directives only apply for authorized senders. If commands.allowFrom is set, it is the only allowlist used; otherwise authorization comes from channel allowlists/pairing plus commands.useAccessGroups. Unauthorized senders see directives treated as plain text.

Configuration

commands.text
boolean
default:"true"
Enables parsing /... in chat messages. On surfaces without native commands (WhatsApp, WebChat, Signal, iMessage, Google Chat, Microsoft Teams), text commands work even when set to false.
commands.native
boolean | "auto"
default:"\"auto\""
Registers native commands. Auto: on for Discord/Telegram; off for Slack; ignored for providers without native support. Override per-channel with channels.<provider>.commands.native. On Discord, false skips slash-command registration; previously registered commands may stay visible until removed.
commands.nativeSkills
boolean | "auto"
default:"\"auto\""
Registers skill commands natively when supported. Auto: on for Discord/Telegram; off for Slack. Override with channels.<provider>.commands.nativeSkills.
commands.bash
boolean
default:"false"
Enables ! <cmd> to run host shell commands (/bash <cmd> alias). Requires tools.elevated allowlists.
commands.bashForegroundMs
number
default:"2000"
How long bash waits before switching to background mode (0 backgrounds immediately).
commands.config
boolean
default:"false"
Enables /config (reads/writes openclaw.json). Owner-only.
commands.mcp
boolean
default:"false"
Enables /mcp (reads/writes OpenClaw-managed MCP config under mcp.servers). Owner-only.
commands.plugins
boolean
default:"false"
Enables /plugins (plugin discovery/status plus install + enable/disable). Owner-only for writes.
commands.debug
boolean
default:"false"
Enables /debug (runtime-only config overrides). Owner-only.
commands.restart
boolean
default:"true"
Enables /restart and external SIGUSR1 restart requests.
commands.ownerAllowFrom
string[]
Explicit owner allowlist for owner-only command surfaces. Separate from commands.allowFrom and DM pairing access.
channels.<channel>.commands.enforceOwnerForCommands
boolean
default:"false"
Per-channel: requires owner identity for owner-only commands. When true, sender must match commands.ownerAllowFrom or hold internal operator.admin scope. A wildcard allowFrom entry is not sufficient.
commands.ownerDisplay
"raw" | "hash"
Controls how owner ids appear in the system prompt.
commands.ownerDisplaySecret
string
HMAC secret used when commands.ownerDisplay: "hash".
commands.allowFrom
object
Per-provider allowlist for command authorization. When configured, it is the only authorization source for commands and directives. Use "*" for a global default; provider-specific keys override it.
commands.useAccessGroups
boolean
default:"true"
Enforces allowlists/policies for commands when commands.allowFrom is not set.

Command list

Commands come from three sources:
  • Core built-ins: src/auto-reply/commands-registry.shared.ts
  • Generated dock commands: src/auto-reply/commands-registry.data.ts
  • Plugin commands: plugin registerCommand() calls
Availability depends on config flags, channel surface, and installed/enabled plugins.

Core commands

Explicit /export-session paths replace existing files inside the workspace. Omit the path to generate a collision-safe filename.
Control UI intercepts typed /new to create and switch to a fresh dashboard session, except when session.dmScope: "main" is configured and the current parent is the agent’s main session — in that case /new resets the main session in place. Typed /reset still runs the Gateway’s in-place reset. Use /model default when you want to clear a pinned session model selection.
  • /verbose is for debugging — keep it off in normal use.
  • /trace reveals only plugin-owned trace/debug lines; normal verbose chatter stays off.
  • /fast auto|on|off persists a session override; use the Sessions UI inherit option to clear it.
  • /fast is provider-specific: OpenAI/Codex map it to service_tier=priority; direct Anthropic requests map it to service_tier=auto or standard_only.
  • /reasoning, /verbose, and /trace are risky in group settings — they may reveal internal reasoning or plugin diagnostics. Keep them off in group chats.
  • /model persists the new model immediately to the session.
  • If the agent is idle, the next run uses it right away.
  • If a run is active, the switch is marked pending and applied at the next clean retry point.

Dock commands

Dock commands switch the active session’s reply route to another linked channel. See Channel docking for setup and troubleshooting. Generated from channel plugins with native-command support:
  • /dock-discord (alias: /dock_discord)
  • /dock-mattermost (alias: /dock_mattermost)
  • /dock-slack (alias: /dock_slack)
  • /dock-telegram (alias: /dock_telegram)
Dock commands require session.identityLinks. The source sender and target peer must be in the same identity group.

Bundled plugin commands

QQBot-only: /bot-ping, /bot-version, /bot-help, /bot-upgrade, /bot-logs

Skill commands

User-invocable skills are exposed as slash commands:
  • /skill <name> [input] always works as the generic entrypoint.
  • Skills may register as direct commands (e.g. /prose for OpenProse).
  • Native skill-command registration is controlled by commands.nativeSkills and channels.<provider>.commands.nativeSkills.
  • Names are sanitized to a-z0-9_ (max 32 chars); collisions get numeric suffixes.
By default, skill commands route to the model as a normal request.Skills can declare command-dispatch: tool to route directly to a tool (deterministic, no model involvement). Example: /prose (OpenProse plugin) — see OpenProse.
Discord uses autocomplete for dynamic options and button menus when required args are omitted. Telegram and Slack show a button menu for commands with choices. Dynamic choices resolve against the target session model, so model- specific options like /think levels follow the session’s /model override.

/tools: what the agent can use now

/tools answers a runtime question: what this agent can use right now in this conversation — not a static config catalog.
Results are session-scoped. Changing agent, channel, thread, sender authorization, or model can change the output. For profile and override editing, use the Control UI Tools panel or config surfaces.

/model: model selection

On Discord, /model and /models open an interactive picker with provider and model dropdowns. The picker respects agents.defaults.models, including provider/* entries.

/config: on-disk config writes

Owner-only. Disabled by default — enable with commands.config: true.
Config is validated before write. Invalid changes are rejected. /config updates persist across restarts.

/mcp: MCP server config

Owner-only. Disabled by default — enable with commands.mcp: true.
/mcp stores config in OpenClaw config, not embedded-agent project settings. /mcp show redacts credential-bearing fields, recognized credential flag values, and known secret-shaped arguments. When run from a group, the configuration is sent to the owner privately; if no private owner route is available, the command fails closed and asks the owner to retry from a direct chat.

/debug: runtime-only overrides

Owner-only. Disabled by default — enable with commands.debug: true. Overrides apply immediately to new config reads but do not write to disk.

/plugins: plugin management

Owner-only for writes. Disabled by default — enable with commands.plugins: true.
/plugins enable|disable updates plugin config and hot-reloads the Gateway plugin runtime for new agent turns. /plugins install restarts managed Gateways automatically because plugin source modules changed. Trusted ClawHub and official-catalog installs do not need extra acknowledgement. Arbitrary npm, git, archive, npm-pack:, and local path sources show a provenance warning and require a trailing --force after you review the source. This flag acknowledges the source and permits replacement of an existing install; it does not bypass security.installPolicy or installer security checks. ClawHub releases with risk warnings still require the separate shell-only --acknowledge-clawhub-risk flag. Marketplace, linked, and pinned installs also remain shell-only.

/trace: plugin trace output

/trace reveals session-scoped plugin trace/debug lines without full verbose mode. It does not replace /debug (runtime overrides) or /verbose (normal tool output).

/btw: side questions

/btw is a quick side question about the current session context. Alias: /side.
Unlike a normal message:
  • Uses the current session as background context.
  • In Codex harness sessions, runs as an ephemeral Codex side thread.
  • Does not change future session context.
  • Is not written to transcript history.
See BTW side questions for the full behavior.

Surface notes

  • Text commands: run in the normal chat session (DMs share main, groups have their own session).
  • Native Discord commands: agent:<agentId>:discord:slash:<userId>
  • Native Slack commands: agent:<agentId>:slack:slash:<userId> (prefix configurable via channels.slack.slashCommand.sessionPrefix)
  • Native Telegram commands: telegram:slash:<userId> (targets the chat session via CommandTargetSessionKey)
  • /login codex sends device pairing codes only through private chat or Web UI response paths. Telegram group/topic invocations ask the owner to DM the bot instead.
  • /stop targets the active chat session to abort the current run.
channels.slack.slashCommand supports a single /openclaw-style command. With commands.native: true, create one Slack slash command per built-in command. Register /agentstatus (not /status) because Slack reserves /status. Text /status still works in Slack messages.
  • Command-only messages from allowlisted senders are handled immediately (bypass queue + model).
  • Inline shortcuts (/help, /commands, /status, /whoami) also work embedded in normal messages and are stripped before the model sees the remaining text.
  • Unauthorized command-only messages are silently ignored; inline /... tokens are treated as plain text.
  • Commands accept an optional : between the command and args (/think: high, /send: on).
  • /new <model> accepts a model alias, provider/model, or a provider name (fuzzy match); if no match, the text is treated as the message body.
  • /allowlist add|remove requires commands.config: true and honors channel configWrites.

Provider usage and status

  • Provider usage/quota (e.g., “Claude 80% left”) shows in /status for the current model provider when usage tracking is enabled.
  • Token/cache lines in /status can fall back to the latest transcript usage entry when the live session snapshot is sparse.
  • Execution vs runtime: /status reports Execution for the effective sandbox path and Runtime for who is running the session: OpenClaw Default, OpenAI Codex, a CLI backend, or an ACP backend.
  • Per-response tokens/cost: controlled by /usage off|tokens|full.
  • /model status is about models/auth/endpoints, not usage.

Skills

How skill slash commands are registered and gated.

Creating skills

Build a skill that registers its own slash command.

BTW

Side questions without changing session context.

Steer

Guide the agent mid-run with /steer.