AI & Technology

OpenClaw Agent Tools: Managing Tool Profiles (Full, Messaging, Coding, Minimal)

Control what OpenClaw agents can access with tool profiles. Use full, messaging, coding, or minimal profiles and allow/deny lists for safety and scope.

Huzaifa Tahir
5 min read
#OpenClaw#Tools#Security#Configuration#Tutorial
TwitterLinkedInFacebook

OpenClaw Agent Tools: Managing Tool Profiles (Full, Messaging, Coding, Minimal)


OpenClaw agents can use various “tools”—e.g., reading files, sending messages, or calling APIs. You control what each agent can do via tool profiles and allow/deny lists in `openclaw.json`.


Why Tool Profiles Matter


By default, an agent might have broad access. For security and clarity, you often want to limit what it can do:


  • Restrict file system or runtime access in production.
  • Give some agents only messaging tools (e.g., for customer-facing bots).
  • Give others coding tools for development tasks.
  • Use minimal tools when you only need status or simple responses.

    • Tool Profiles


    You can assign a profile to an agent (or globally) so it only gets a predefined set of tools:


  • `full`: No restrictions; agent can use all configured tools (file system, runtime, messaging, etc.). Use only when you trust the context.
  • `messaging`: Limited to messaging-related tools (e.g., send/receive in channels). Good for bots that should only talk, not read files or run code.
  • `coding`: File system and runtime access (e.g., read/write files, run commands). Useful for dev and automation agents that need to work with code or scripts.
  • `minimal`: Session status and very limited actions. Use when the agent should only report status or do minimal, safe operations.

    • Allow and Deny Lists


    Beyond profiles, you can use `tools.allow` and `tools.deny` to explicitly allow or block specific tools. You can set these globally or per agent. For example:


  • `tools.deny`: ["filesystem.write", "run_command"] to block file writes and command execution.
  • `tools.allow`: ["send_message", "get_status"] to allow only those tools.

    • This gives fine-grained control when a profile is too broad or too narrow.


    Configuration


    Tool settings live in `openclaw.json` (or your config file). Adjust profiles and allow/deny lists there, then restart or reload the gateway so changes take effect.


    Best Practices


  • Prefer the least privilege: start with `minimal` or `messaging` and add access only when needed.
  • Use `coding` or `full` only in trusted environments (e.g., local dev, secure CI).
  • Combine profiles with allow/deny for maximum safety and clarity.

    • Related Articles

    Share this article

    TwitterLinkedInFacebook

    Related Articles