SageOx

The hivemind for agentic engineering

Back to Blog
Insights
7 min read
agentic engineeringopen claw

Lessons Learned from Implementing an Open Claw for Slack Integration

The SageOx Team

The SageOx Team

Building for Open Claw

Galex Yen shares insights on building a skill for Open Claw — from navigating Claw Hub security scans to optimizing token usage for hands-off automation.

Transcript

Milkana: Galex, can you talk about some of the work you've done recently with Open Claw and an implementation for a feature you're working on — what you've learned and problems you've run into?

Galex: Yeah. So we're working on this feature that we wanted to integrate with Slack, and we realized that it's very natural that we use Open Claw to actually do that integration — because Open Claw naturally has all of these different channels that integrate agentic workflows. So we started to set out figuring out how to actually set up a Claw, how to get our software on there, and how to then build a skill that would utilize our feature in Claw. That was probably the biggest learning for us — how to build that skill.

Milkana: So you said you had to write a Claw skill, and you used Claude to write the skills, right? Did you consider other options — like ChatGPT, for example — for writing the Claw skill? And what about writing the Claw skill was different from all the many skills you've written for Claude?

Galex: Yeah, I actually started using Claude chat to help investigate how to even go about building out the skill. It was different because it's a different environment from Claude itself. I didn't understand how to define things like prerequisites. How do you make sure that the software you need is running on your Claw? How do you make sure to set it up appropriately?

I went back and forth with Claude, and it helped brainstorm what are the right ways to go about doing this. When we got further into actually developing it, Claude was a really great resource because I could constantly ask it: "How do other people who are building skills solve these problems? How do they make sure the appropriate tools or credentials are available?"

One of the tricks was to ask it, "In April 2026, what is the right way to do this? What are people doing?" And we came up with very specific recommendations — use these declarations in the skill, which are very Claw-specific. Use these declarations to say you need these credentials. That back and forth was very productive.

What was interesting though — later on when I went to Claw Hub, that's the place where you publish your skills. I noticed they do a really great service: they do a security scan of the published skills, because it's kind of the wild west right now. There are all these skills out there, and they do a really good job scanning through to see if this looks like an abusive skill or a malicious skill trying to exfiltrate information.

Once I realized that was the case, we needed to figure out how to prepare for these scans. Again, Claude was really helpful. I asked it how to figure out if I'm going to get flagged from the scan. In this particular case, I was able to point Claude to the Claw Hub code and say, "Take a look — tell me what they're doing." It came up with a way to actually codify the scans. It helped scan our own skills. It found a bunch of things it flagged and said, "Hey, these will get flagged" — and it helped me correct all of those errors.

Milkana: That's a really good hack. But I'm curious — do you think the skill ended up being more secure or of better quality, or did it just prepare better to pass the exam? How effective is the Claw Hub at scanning?

Galex: That's a really good question. I think yes — it actually is better. They look for various things that look malicious. For example, if it looks like you're trying to install your tool in an opaque way that could actually be installing some malware, they flag those patterns.

In our case, because we wanted to make sure the ox CLI was being installed on the Open Claw instance, we had to think about the safe way to show that we're installing something legit — not potentially malicious and opaque about it.

The other thing is that they also look at the instructions in the actual skill itself. If it looks like you're doing something malicious — like trying to exfiltrate information — they'll flag it. In our case, I wanted to have an option where you could get the latest version of the ox CLI, so you could compile some code. I wanted to make sure that if that's in the skill, we do it in a way that's transparent and doesn't look malicious, even though we're actually executing code.

Milkana: So far I've heard a couple of takeaways. One is that you used Claude to help you define the Claw skill. The other is that you asked Claude to give you best practices or instructions as of April 2026 — because of course everything changes so fast. And then also you asked Claude to help you prepare for the scans of Claw Hub and ensure that the skill would present well.

Galex: Yeah. As a matter of fact, not only did it help me prepare for the scan on a surface level, but we ended up adding another skill within our own codebase that is an ongoing linter. So it actually codified some of the rules that it read in Claw Hub and turned that into a skill for constantly checking the skill that we're building.

Milkana: And I'm sure the rules in Claw Hub are also constantly changing themselves, so that skill needs to be refreshed. If you were to write your next Claw skill now, how would you go about it differently?

Galex: That's a good question. I think it was good to ask "what are the best practices from April 2026 going forward." I would ask Claude to look at various other repos. One of the things I would do differently is to ask Claude to search for what are the existing repos related to the space, update its instructions on how to go about reviewing and building out a new skill — kind of refining its own learning by constantly reviewing what are the current available repos out there.

Milkana: And what are the skills that are performing well?

Galex: Exactly. Take a look at Claw Hub itself. Look at the skills that are popular. Understand how they're structured. Learning by example — I think that would be one additional change.

Milkana: Curious if there are any things that stand out for you between writing a Claw skill and a Claude skill. Were there any patterns worth flagging?

Galex: Yeah, definitely. A Claude skill — you tend to assume there's quite a bit of tooling already, and you're working within the confines of a developer toolkit. You can tell the skill "here are some things to check for" and handle errors if those things aren't there. If you don't have the GitHub CLI, you can just tell the user "you should install the GitHub CLI."

With Open Claw — because it's more hands-off, that's the MO: you want more automation, the human is not necessarily in the loop every time the skill is running — you do have to think about these error conditions. You have to think about the preconditions your skill is built around. You have to think more about the robustness of the skill. I think that's some learnings and patterns that as a group we'll all begin to learn.

Milkana: Curious if token usage was a consideration as you were writing the Claw skill.

Galex: Yeah, glad you brought that up. It definitely was and is still a consideration. We were very intentional about creating a different API key for Open Claw so that we could monitor the skill and cap the usage on a daily basis.

There were a couple of things we learned — like to actually tell the skill when it should output things and when it should read the output, because all of those use tokens. If part of the skill doesn't require outputting to the Slack channel, it doesn't make sense for it to consume all those tokens. So it was important to think about the structure of the skill and how many tokens the commands would generate. There is some optimization. I'm still watching the token usage to make sure we're efficient. Definitely a concern.

Milkana: Anything else at this point?

Galex: I'm excited to show everybody eventually the features we've been building that we're using Claw for.

Milkana: Hopefully very soon — in the upcoming days.

Galex: Yeah.

Milkana: Awesome. Thank you so much, Galex!

Drop us a note if you'd like a specific topic covered: feedback@sageox.ai.

PreviousHow We Work: Source Code Management in Agentic Engineering