Build skills, bundle as OpenClaw
A skill isn't a prompt template — it's a full sandboxed computer. System packages, network policies, tool permissions, MCP servers, and integrations, all bundled into one installable unit.
Define your agent in files
Each skill declares its own packages, network access, tool permissions, and auth — the platform provisions a matching sandbox automatically.
IDENTITY.md
Who the agent is — persona, name, tone.
SOUL.md
Behavior rules. What the agent should always or never do.
USER.md
User-specific context — timezone, preferences.
lobu.toml
Providers, skills, network policy, platforms.
[agents.acme-support]
name = "acme-support"
description = "Customer support agent for Acme Corp"
dir = "./agents/acme-support"
# LLM providers (order = priority)
[[agents.acme-support.providers]]
id = "groq"
key = "$GROQ_API_KEY"
[[agents.acme-support.providers]]
id = "gemini"
key = "$GEMINI_API_KEY"
# Platform connection
[[agents.acme-support.connections]]
type = "telegram"
[agents.acme-support.connections.config]
botToken = "$TELEGRAM_BOT_TOKEN"
# Skills from the registry
[agents.acme-support.skills]
enabled = ["github", "google-workspace"]
# Custom MCP server
[agents.acme-support.skills.mcp.my-kb]
url = "https://mcp.acme.com/sse"
# Network sandbox
[agents.acme-support.network]
allowed = ["api.github.com", "registry.npmjs.org"]skills/ops-triage.md
Third-party app integrations, MCP, and sandbox config.
---
name: Ops Triage
description: Triage inbox, PRs, and issues
integrations:
- id: google
authType: oauth
- id: linear
authType: api-key
mcpServers:
github-mcp:
url: https://github-mcp.example.com
type: sse
nixConfig:
packages: [jq, gh, ripgrep]
networkConfig:
allowedDomains:
- api.github.com
- gmail.googleapis.com
- .linear.app
deniedDomains:
- "*.malicious.com"
toolsConfig:
allowedTools:
- Read
- Bash(git:*)
- mcp__github__*
deniedTools:
- Bash(rm:*)
- DeleteFile
strictMode: true
---
# Ops Triage
Prioritize by severity. Summarize blockers
first, then open reviews.
## Behavior
- Check inbox for urgent emails
- Review open PRs and flag blockers
- Summarize Linear issues by priority
## Rules
- Never auto-close issues without approval
- Always include links to source threads
- Escalate P0 issues immediatelyA skill is a full computer
System Packages
Declare Nix packages your skill needs (ffmpeg, poppler, gh, ripgrep). Installed once, persisted across sessions. Your agent gets a real Linux environment.
Network Policy
Agents start with zero internet access. Skills declare exactly which domains are allowed — nothing else gets through.
Tool Permissions
Allowlist and denylist which tools the agent can use. Bash commands, file operations, MCP tools — all scoped per skill.
MCP Servers
Connect to external APIs via MCP. Auth is handled by the gateway — workers never see real credentials.
Integrations
OAuth and API-key authenticated services. Users connect their own accounts via the settings page.
Instructions
System prompt, behavioral rules, and domain knowledge. The markdown body of SKILL.md becomes the agent's persona.
Any vertical, one platform
Build skills for your domain and ship them on Lobu. Users get a ready-made agent without touching infrastructure.
Legal
Draft contracts, search case law, review clauses
DevOps
Triage PRs, manage incidents, deploy services
Support
Route tickets, draft responses, escalate issues
Finance
Reconcile accounts, generate reports, flag anomalies
Built-in registry
System skills ship with every agent. Agents discover and install additional skills via SearchSkills / InstallSkill— users approve through a prefilled settings link.
Integrations
Memory
LLM Providers
Start building skills
Define your vertical. Bundle your integrations. Ship it on Lobu.