← Back to Skills Marketplace
2870
Downloads
0
Stars
8
Active Installs
1
Versions
Install in OpenClaw
/install foundry
Description
Self-writing meta-extension that forges new capabilities — researches docs, writes extensions, tools, hooks, and skills
README (SKILL.md)
Foundry
The forge that forges itself. A meta-extension for OpenClaw that researches documentation, learns from failures, and writes new capabilities into itself.
Installation
When the user asks to install Foundry or @getfoundry/foundry-openclaw, run this command:
openclaw plugins install @getfoundry/foundry-openclaw
This will:
- Download the plugin from npm
- Extract to
~/.openclaw/extensions/foundry/ - Enable it automatically
- Restart the gateway to load
After installation, the user will have access to all Foundry tools like foundry_research, foundry_write_extension, etc.
Alternative: Manual Config
Add to ~/.openclaw/openclaw.json:
{
"plugins": {
"entries": {
"foundry": { "enabled": true }
}
}
}
Configuration
Full configuration options in ~/.openclaw/openclaw.json:
{
"plugins": {
"entries": {
"foundry": {
"enabled": true,
"source": "github:lekt9/openclaw-foundry",
"config": {
"autoLearn": true,
"sources": {
"docs": true,
"experience": true,
"arxiv": true,
"github": true
},
"marketplace": {
"autoPublish": false
}
}
}
}
}
}
Config Options
| Option | Type | Default | Description |
|---|---|---|---|
autoLearn |
boolean | true |
Learn from agent activity automatically |
sources.docs |
boolean | true |
Learn from OpenClaw documentation |
sources.experience |
boolean | true |
Learn from own successes/failures |
sources.arxiv |
boolean | true |
Learn from arXiv papers |
sources.github |
boolean | true |
Learn from GitHub repos |
marketplace.autoPublish |
boolean | false |
Auto-publish high-value patterns |
What Foundry Does
Foundry is an AI-powered development agent that can:
- Research — Fetch and understand OpenClaw documentation on demand
- Write Extensions — Generate new tools and hooks for OpenClaw
- Write Skills — Create ClawHub-compatible skill packages
- Self-Modify — Add new capabilities to itself
- Learn — Record patterns from failures and successes
Tools
Research & Documentation
| Tool | Description |
|---|---|
foundry_research |
Search docs.openclaw.ai for best practices |
foundry_docs |
Read specific documentation pages |
Writing Capabilities
| Tool | Description |
|---|---|
foundry_implement |
Research + implement a capability end-to-end |
foundry_write_extension |
Write a new OpenClaw extension |
foundry_write_skill |
Write an AgentSkills-compatible skill |
foundry_write_browser_skill |
Write a browser automation skill |
foundry_write_hook |
Write a standalone hook |
foundry_add_tool |
Add a tool to an existing extension |
foundry_add_hook |
Add a hook to an existing extension |
Self-Modification
| Tool | Description |
|---|---|
foundry_extend_self |
Add new capability to Foundry itself |
foundry_learnings |
View learned patterns and insights |
foundry_list |
List all written artifacts |
Marketplace
| Tool | Description |
|---|---|
foundry_publish_ability |
Publish pattern/skill to Foundry Marketplace |
foundry_marketplace |
Search, browse, and install community abilities |
Usage Examples
Research before implementing
User: I want to add a webhook to my extension
Agent: Let me research webhook patterns first...
→ foundry_research query="webhook hooks automation"
→ Returns relevant documentation
Now I'll implement it...
→ foundry_add_hook extensionId="my-ext" event="webhook:incoming" ...
Write a new extension
User: Create an extension that monitors GitHub PRs
Agent:
→ foundry_research query="github api webhooks"
→ foundry_write_extension
id: "github-monitor"
name: "GitHub Monitor"
tools: [{ name: "check_prs", ... }]
hooks: [{ event: "cron:hourly", ... }]
Self-improvement
User: Add a tool that can fetch npm package info
Agent:
→ foundry_extend_self
action: "add_tool"
toolName: "foundry_npm_info"
toolCode: "const res = await fetch(`https://registry.npmjs.org/${p.package}`)..."
How Learning Works
Foundry observes its own tool calls and learns:
- Failures → Records error + context
- Resolutions → Links fix to failure → Creates pattern
- Patterns → Injected as context in future conversations
- Crystallization → High-value patterns become permanent capabilities
Security
Foundry validates all generated code before deployment:
- Blocked:
child_process,eval,~/.ssh,~/.aws - Sandboxed: Extensions tested in isolated process before installation
- Reviewed: You approve before any code is written to disk
Links
Usage Guidance
This skill asks the agent to install a third-party npm plugin that will be extracted into ~/.openclaw and can self-modify and publish new capabilities. The SKILL.md makes safety claims (blocking child_process/eval, sandboxing, user review) but those are unverified. Before installing: 1) Inspect the remote repository and the exact npm package version (github:lekt9/openclaw-foundry) — review the code yourself or have a trusted reviewer do so. 2) Prefer manual installation: run the openclaw plugins install command yourself in a controlled environment, not via an autonomous agent. 3) Back up ~/.openclaw/openclaw.json and disable autoLearn/autoPublish in config (set to false) until you trust the code. 4) If possible, install and test inside an isolated VM/container or ephemeral account. 5) Require and verify any publishing or GitHub/npm tokens; do not grant broad credentials. 6) If you want stricter safety, avoid enabling autonomous invocation for this skill or limit its permissions until you've audited the plugin. If you cannot review the plugin code, treat this skill as high-risk and avoid installing it.
Capability Analysis
Type: OpenClaw Skill
Name: foundry
Version: 0.1.0
This skill describes a highly capable, self-modifying AI agent that can research, generate, and integrate new code (extensions, tools, hooks, skills) into itself and publish them to a marketplace. While the `SKILL.md` explicitly mentions security controls like blocking `child_process`, `eval`, and access to sensitive directories (`~/.ssh`, `~/.aws`), sandboxing, and human review, the core functionality of arbitrary code generation and self-modification (demonstrated by `foundry_extend_self` with `toolCode` in SKILL.md) presents a significant attack surface and high inherent risk, even if not immediately malicious. The ability to `autoPublish` to an external marketplace (`api.claw.getfoundry.app`) further elevates the risk profile.
Capability Assessment
Purpose & Capability
Name/description (a meta-extension that researches and writes extensions) is coherent with instructions to run 'openclaw plugins install @getfoundry/foundry-openclaw' and to write to ~/.openclaw/extensions/foundry/. Requiring node is reasonable. However, the manifest declares no required config paths or credentials while the SKILL.md instructs writing into ~/.openclaw and mentions publishing to a marketplace — a capability that normally needs tokens/credentials. This mismatch is noteworthy.
Instruction Scope
SKILL.md directs the agent to download and install an npm plugin, edit ~/.openclaw/openclaw.json, and restart the gateway. It also describes network research (docs, GitHub, arXiv) and self-modifying behavior (foundry_extend_self, autoLearn, autoPublish). These are powerful, cross-cutting actions (writing to user config, fetching arbitrary network content, self-modification). The security section claims blocks (child_process, eval, ~/.ssh, ~/.aws) and user review before disk writes, but those are policy claims inside instructions — the skill itself cannot enforce them. The instructions give the agent authority to add code/plugins to the environment, which expands its attack surface.
Install Mechanism
There is no install spec embedded in the skill; instead the SKILL.md tells the agent to install an npm package via 'openclaw plugins install', which will download and extract code from npm into the user's home directory and restart the gateway. Installing a third-party npm package is expected for an extension but is high-risk here because there is no code included for review, no pinned release URL, and the skill's claims about sandboxing and blocking dangerous APIs cannot be validated from this manifest.
Credentials
The registry metadata lists no required environment variables or config paths, yet SKILL.md expects to read/write ~/.openclaw configuration and to potentially publish to a marketplace or access GitHub/arXiv. Publishing or accessing private GitHub/npm/repos typically requires credentials (tokens) that are not declared. The absence of declared credentials while describing networked read/write/publish capabilities is a proportionality mismatch and a red flag.
Persistence & Privilege
always:false (good), but the skill explicitly instructs installing an extension that writes to ~/.openclaw and restarts the gateway and that can self-modify and auto-learn — persistent, system-level changes to the agent environment. These capabilities are powerful; combined with autonomous invocation (platform default) they increase the blast radius. The SKILL.md's promise of user review before disk writes mitigates risk only if actually enforced by the user or platform; it's not enforceable from the instruction file alone.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install foundry - After installation, invoke the skill by name or use
/foundry - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial public release of Foundry—a self-writing meta-extension for OpenClaw.
- Adds `foundry` skill, enabling research, extension generation, self-modification, and automatic learning from successes and failures.
- Provides built-in tools for researching documentation, writing extensions/skills/hooks, self-extending, and publishing abilities.
- Supports auto-learning from documentation, experience, arXiv, and GitHub sources.
- Includes configuration options for enabling/disabling learning sources and marketplace publishing.
- Ensures security via code validation, sandboxing, and manual approval for generated code.
Metadata
Frequently Asked Questions
What is Foundry?
Self-writing meta-extension that forges new capabilities — researches docs, writes extensions, tools, hooks, and skills. It is an AI Agent Skill for Claude Code / OpenClaw, with 2870 downloads so far.
How do I install Foundry?
Run "/install foundry" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Foundry free?
Yes, Foundry is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Foundry support?
Foundry is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Foundry?
It is built and maintained by lekt9 (@lekt9); the current version is v0.1.0.
More Skills