// MCP TOOL REFERENCE

OPENCLAW TOOLS

129 tools from the OpenClaw MCP Server, categorised by risk level.

// ALL 129 OPENCLAW TOOLS

READ 20 tools

Read ask off, on-miss, or always Read attachments_fetch List non-text attachments for a message in one OpenClaw conversation. Read commands List available commands. Read context Explain context usage (list|detail|json). Read conversation_get Get one OpenClaw conversation by session key. Read conversations_list List OpenClaw channel-backed conversations available through session routes. Read docs Search the live OpenClaw docs Read events_poll Poll queued OpenClaw conversation events since a cursor. Read exec-policy Show or synchronize requested exec policy with host approvals Read gateway-status Show gateway status summary Read health Fetch detailed health from the running Gateway Read help Show help and common commands. Read matrix Manage Matrix accounts, verification, devices, and profile state Read memory Search, inspect, and reindex memory files Read messages_read Read recent messages for one OpenClaw conversation. Read model Select a model (list|status|<name>). Read permissions_list_open List open OpenClaw exec or plugin approval requests visible through the Gateway. Read sessions List stored conversation sessions Read status Show Gateway, channel, model, and recent-session status Read whoami Show sender id (alias: /id).

WRITE 87 tools

Write activation Set group activation (mention|always). Write active-memory Enable, disable, or inspect Active Memory for this session. Write agents Manage isolated agents (workspaces, auth, routing) Write approvals Manage exec approvals (gateway or node host) Write backup Create and verify local backup archives for OpenClaw state Write browser Manage OpenClaw Write canvas Capture or render canvas content from a paired node Write cap queue cap Write card Send a rich card message (LINE). Write channel Voice channel to join Write chat Open a local terminal UI (alias for tui --local) Write clawbot Legacy clawbot command aliases Write command Shell command Write commitments List and manage inferred follow-up commitments Write compact Compact the session history. Write completion Generate shell completion script Write config Non-interactive config helpers (get/set/unset/file/validate). Default: starts guided setup. Write configure Interactive configuration for credentials, channels, gateway, and agent defaults Write crestodian Open the interactive setup and repair assistant Write cron Schedule and inspect Gateway background jobs Write daemon Manage the Gateway service (legacy alias) Write dashboard Open the Control UI with your current token Write debounce debounce duration (e.g. 500ms, 2s) Write debug Set runtime-only overrides (owner-only). Write devices Device pairing + token management Write directory Lookup contact and group IDs (self, peers, groups) for supported chat channels Write dns DNS helpers for wide-area discovery (Tailscale + CoreDNS) Write doctor Diagnose and repair config, Gateway, plugin, and channel problems Write dreaming Enable or disable memory dreaming. Write echo Echo input text. Write elev Alias for /elevated Write elevated Toggle elevated mode (on|off). Write exit Exit the TUI Write fast Set fast mode on/off Write gwstatus Alias for /gateway-status Write hooks Manage internal agent hooks Write host sandbox, gateway, or node Write id Alias for /whoami. Write input Skill input Write instructions Extra compaction instructions Write level Thinking level Write logs Tail Gateway logs locally or via RPC Write mcp Manage OpenClaw MCP config and channel bridge Write message Send, read, and manage channel messages Write messages_send Send a message back through the same OpenClaw conversation route. Write migrate Import state from another agent system Write mode compact or verbose Write models List, scan, and set model providers Write name Skill name Write note Optional note for Codex feedback upload Write onboard Interactive onboarding for gateway, workspace, and skills Write pair Generate setup codes and approve device pairing requests. Write pairing Secure DM pairing (approve inbound requests) Write path Inspect and edit workspace files via oc:// paths Write permissions_respond Allow or deny one pending OpenClaw exec or plugin approval request. Write phone Arm/disarm high-risk phone node commands (camera/screen/writes). Write ping Return OK. Write plugins Install, enable, disable, and inspect plugins Write policy Check policy requirements and emit audit evidence Write qr Generate mobile pairing QR/setup code Write queue Adjust queue mode and options. Write quit Exit the TUI Write reasoning Toggle reasoning output (on|off|stream). Write sandbox Manage sandbox containers for agent isolation Write secrets Audit, apply, and reload SecretRef-backed credentials Write security Security tools and local config audits Write send Set send mode (on|off|inherit). Write session Switch session (or open picker) Write settings Open settings Write setup Initialize local config and an agent workspace Write skills List, inspect, and install agent skills Write subagents List or manage sub-agents. Write system System events, heartbeat, and presence Write tasks Inspect durable background tasks and flows Write terminal Open a local terminal UI (alias for tui --local) Write text Goal objective or note Write think Set thinking level (off|minimal|low|medium|high|xhigh). Write trace Set plugin trace mode (on|off). Write transcripts Inspect stored transcripts Write tui Open a terminal UI connected to the Gateway Write update Update OpenClaw and inspect update channel status Write usage Toggle usage footer (off|tokens|full). Write value Provider, limit, or text Write verbose Set verbose mode (on|full|off). Write webhooks Webhook helpers and integrations Write wiki Inspect and initialize the memory wiki vault Write workboard List, create, inspect, and dispatch Workboard cards.

DESTRUCTIVE 5 tools

Destructive action status, start, pause, resume, complete, block, clear Destructive channels Add, remove, login, and inspect messaging channels Destructive drop drop policy Destructive reset Reset local config/state (keeps the CLI installed) Destructive uninstall Uninstall the gateway service + local data (CLI remains)

EXECUTE 17 tools

Execute abort Abort active run Execute acp Run and manage ACP-backed coding agents Execute agent Run one agent turn via the Gateway Execute auth Run provider auth/login flow Execute bash Run a host command (if enabled). Execute capability Run provider capability commands (fallback alias: infer) Execute events_wait Wait for the next queued OpenClaw conversation event. Execute gateway Run, inspect, and query the OpenClaw Gateway Execute infer Run provider-backed model, media, search, and embedding commands Execute new Reset the session (/reset). Execute node Run and manage the headless node host service Execute nodes Pair nodes and run node-host commands through the Gateway Execute proxy Run the OpenClaw debug proxy and inspect captured traffic Execute qa Run QA scenarios and launch the private QA debugger UI Execute restart Restart the gateway (if enabled). Execute stop Stop the current run. Execute target Run id, index, or session key

// RUNNING THIS SERVER

The managed route: connect OpenClaw through the PolicyLayer gateway — every tool call above is checked against your policy before it runs, with a full audit log.

DIRECT INSTALL (UNMANAGED) npx -y openclaw

// FAQ

How many tools does the OpenClaw MCP server have? +

The OpenClaw MCP server exposes 129 tools across 4 categories: Read, Write, Destructive, Execute.

How do I enforce policies on OpenClaw tools? +

Route the OpenClaw server through the PolicyLayer gateway. Define allow, deny, or approval rules per tool in the dashboard — they are enforced on every call before it reaches the server.

What risk categories do OpenClaw tools fall into? +

OpenClaw tools are categorised as Read (20), Write (87), Destructive (5), Execute (17). Each category has a recommended default policy.

Let agents act without letting them run wild.

Route your MCP servers through PolicyLayer and every tool call is checked against your policy before it runs — allow, deny, or require approval. Per-identity grants. Full audit log. Live in minutes.

SECURE YOUR MCP →

Free to start. No card required.

4,600+ MCP servers and 31,000+ tools scanned and risk-classified.