OpenClaw Skills Will Not Install? Fixing Blocked Skills from the Bazaar

You found the perfect skill on OpenClaw Bazaar, hit install, and got an error. The skill is blocked. No explanation in the UI, just a generic failure message. This happens more often than it should, and the fix depends on which of four distinct safeguards tripped.

OpenClaw has multiple layers of protection around skill installation. These safeguards exist for good reason -- skills can make API calls, access the filesystem, run commands, and interact with your agent's memory. But when a safeguard blocks a legitimate skill you need for your workflow, you need to know how to diagnose and resolve it.

The Four Reasons Skills Get Blocked

When a skill from the Bazaar or ClawHub fails to install, exactly one of these four causes is responsible. Each produces a different error in the logs and each has a different resolution.

Reason 1 -- Allowlist restriction. Your OPENCLAW_SKILLS_ALLOWLIST environment variable is set, and the skill you want is not on it. The log shows: "Skill [name] not in allowlist -- installation blocked."

Reason 2 -- VirusTotal flagging. ClawHub scanned the skill with VirusTotal and one or more antivirus engines flagged it. The log shows: "Skill [name] flagged by VirusTotal ([X] detections) -- installation blocked."

Reason 3 -- Version incompatibility. The skill requires a different OpenClaw version than what you are running. The log shows: "Skill [name] requires OpenClaw >= [version] -- current version [your version]."

Reason 4 -- ClawHub unavailable. The ClawHub marketplace is temporarily down or unreachable from your server. The log shows: "Failed to fetch skill from ClawHub -- connection refused / timeout."

Start by checking the logs to identify which cause applies:

docker logs openclaw --tail 100 | grep -i "skill"

Fixing Allowlist Blocks

The skills allowlist is a security feature that restricts which skills can be installed on your OpenClaw instance. When configured, it acts as a whitelist -- only skills from approved publishers or with approved IDs can be installed. Everything else is rejected.

The allowlist is controlled by an environment variable:

OPENCLAW_SKILLS_ALLOWLIST=publisher:openclaw-official,publisher:remote-openclaw,skill:custom-crm-sync

This configuration permits all skills from the "openclaw-official" publisher, all skills from the "remote-openclaw" publisher, and one specific skill called "custom-crm-sync" regardless of publisher.

When the allowlist is empty or not set (the default), every skill on ClawHub and the Bazaar is installable. This works fine for personal deployments. For production setups, the allowlist prevents unauthorized skill additions through the web UI.

To fix an allowlist block: Find the skill's publisher and ID on its Bazaar listing page or run docker exec openclaw openclaw skills search [skill-name]. Add the publisher or skill ID to your OPENCLAW_SKILLS_ALLOWLIST environment variable and restart OpenClaw. To disable the allowlist entirely, remove the variable or set it to empty.

Fixing VirusTotal False Positives

ClawHub runs every published skill through VirusTotal, which scans with 70+ antivirus engines. If any engine flags the skill, installation is blocked by default. The problem is that false positives are extremely common with OpenClaw skills.

Skills frequently trigger heuristic detections because they contain patterns that antivirus engines associate with malicious software:

• Network access patterns. Skills that fetch URLs or call external APIs look like network-accessing malware to some engines.
• Command execution. Skills that run shell commands trigger "potentially unwanted program" classifications.
• Filesystem operations. Skills that read or write files match file-manipulating malware heuristics.
• Encoded content. Skills with base64-encoded assets or minified code trigger obfuscation detections.

Many popular skills on the Bazaar have one or two false-positive detections. This does not mean they are dangerous.

Option 1 -- Raise the detection threshold. By default, a single detection blocks installation. Increase the threshold to allow skills with low detection counts:

OPENCLAW_SKILLS_VT_THRESHOLD=3

This allows skills with up to two detections. A threshold of three is reasonable for production -- a single false positive is common, but three or more detections suggests genuine concern.

Option 2 -- Disable VirusTotal entirely:

OPENCLAW_SKILLS_SKIP_VT=true

Only use this if you trust the skills you install and have other security measures in place.

Option 3 -- Manual install (see below).

Fixing Version Incompatibility

Skills on ClawHub declare minimum and sometimes maximum OpenClaw version requirements. If your version falls outside that range, installation is blocked.

The most common scenario is running an older OpenClaw version and trying to install a skill built for a newer release. The skill may use APIs or features that do not exist in your version.

Option 1 -- Update OpenClaw:

docker compose pull
docker compose up -d

Option 2 -- Force install. If you believe the skill will work despite the version check:

docker exec openclaw openclaw skills install [skill-name] --force

The --force flag bypasses the version check. The skill may or may not function correctly.

Option 3 -- Manual install. Download the skill file and place it in data/skills/. No compatibility check runs on manual installs.

The Manual Install Escape Hatch

Manual installation bypasses every automated check -- allowlist, VirusTotal, version compatibility, and network connectivity. It is your fallback when automated installation fails and you trust the skill.

Steps:

1. Download the skill's .md file from the Bazaar listing, ClawHub web interface, or the skill's GitHub repository.
2. Read the file. Skills are human-readable Markdown with embedded YAML configuration and prompt text. Understand what it does before installing.
3. Copy the file to your OpenClaw data directory:

cp my-skill.md ./data/skills/

4. Restart OpenClaw to load the new skill:

docker compose restart

5. Verify the skill loaded:

docker exec openclaw openclaw skills list

If the skill does not appear, check the logs for parsing errors. The most common issue is invalid YAML frontmatter -- the required fields (name, description, version) must be present and properly formatted.

Keeping Your Skill Library Secure

Skills are powerful extensions that interact with your agent's core systems. A careless installation can expose API keys, leak conversation data, or compromise your server. Follow these guidelines as your Bazaar library grows:

• Use the allowlist in production. Restrict installations to publishers you trust. Review new skills before adding them to the allowlist.
• Keep VirusTotal enabled. Raise the threshold if needed, but do not disable scanning entirely unless you have alternative security measures.
• Read before you install manually. Every skill is a readable Markdown file. Spending two minutes reviewing a skill before manual installation can prevent serious problems.
• Monitor new skills after installation. Watch the logs for unexpected network requests, file access, or command execution for the first few days after adding a skill.
• Enable sandboxing. OpenClaw 3.22+ supports sandboxed skill execution with OPENCLAW_SKILLS_SANDBOX=true. Sandboxed skills cannot access the host filesystem or make network requests outside whitelisted domains.

The Bazaar community rates and reviews skills, which provides a layer of social verification. Skills with high ratings and many installations have been vetted by other operators. When choosing between two skills that do similar things, prefer the one with a stronger community track record.

Browse the Skills Directory

Find the right skill for your workflow. The OpenClaw Bazaar skills directory has over 2,300 community-rated skills -- searchable, sortable, and free to install.

Browse Skills -->

Want a Pre-Built Setup?

If you would rather skip the browsing, OpenClaw personas come with curated skill sets already configured. Pick a persona that matches your role and start working immediately. Compare personas -->