Skip to content
News & StrategyIntermediate

The AI Agent Skills Marketplace: ClawHub, MCP Registry & the Skill Economy

The AI Agent Skills Marketplace — ClawHub, MCP Registry, and Anthropic Agent Skills
TG
Tijo Gaucher

April 19, 2026·13 min read

Every successful platform develops an app store. AI agents are no exception. In the last twelve months, three parallel marketplaces for agent skills went from experiments to production distribution channels \u2014 and they’re starting to reshape how teams build and buy agent capabilities.

TL;DR

An AI agent skills marketplace is a registry where developers publish reusable agent capabilities that any compatible host can install. Three platforms matter in 2026: ClawHub (OpenClaw, community-first), the MCP Registry (cross-vendor, portable via Model Context Protocol), and Anthropic Agent Skills (curated, first-party). Creators monetize via install fees, seat licenses, or usage-based revenue share. If you’re building an agent, treat skills like npm packages: pin versions, audit manifests, sandbox execution. If you’re shipping a capability, publish to the platform closest to your users.

Install ClawHub and MCP skills in one click.

Try Rapid Claw

Table of Contents

1. What Changed: From Plugins to Skills

The first generation of agent extensibility looked like the GPT Store in late 2023: a catalog of prompts with some light tool binding, distributed by one vendor, tied to one model. Useful, but the economics never worked. No one could depend on a plugin they didn’t own, and creators couldn’t reach users across ecosystems.

The skills paradigm solves both problems. A skill is a portable capability bundle: a manifest declaring the tools and permissions the agent needs, one or more tool implementations (often wrapped as an MCP server), and the prompt guidance that teaches the agent how to use them. Because the contract is standardized, the same skill can run on OpenClaw, on Hermes, inside Claude, or on a custom in-house agent \u2014 as long as the host speaks the protocol.

The broader context of open standards is worth reading alongside this post: see MCP, AAIF & the Open Agent Standard of 2026 for the interoperability layer these marketplaces are built on.

2. The Three Marketplaces That Matter

Any marketplace-tracking exercise in April 2026 lands on the same three platforms. They solve overlapping problems with different trade-offs, and most serious agent deployments end up installing from all three.

PlatformPrimary audienceStrengthTrade-off
ClawHubOpenClaw users, self-hostersCommunity velocity, free, Git-nativeQuality varies; curation is light
MCP RegistryCross-vendor agent buildersPortable across hosts, protocol-levelDiscovery still maturing
Anthropic Agent SkillsClaude API & Claude Code usersCurated, high trust, first-partyTied to one model vendor

ClawHub

ClawHub ships with OpenClaw and follows the npm / Homebrew playbook: skills are Git repos, a thin client resolves and installs them, manifests are YAML. The bar to publish is low and the catalog grew fast after the March 2026 release. If you’re already using OpenClaw, this is where to start \u2014 the building custom skills with Clawdhub walkthrough covers the publishing flow end to end. Context for what the March update actually shipped is in the OpenClaw March 2026 update post.

MCP Registry

The MCP Registry is the cross-vendor play. Anyone can publish an MCP server; anyone with an MCP-compatible host can install it. OpenClaw, Claude, Cursor, Windsurf, Zed, and most serious agent frameworks speak MCP, which means a well-written MCP server is the most portable shape a skill can take today. The trade-off is that discovery is still rough \u2014 the registry is more of an index than a curated store.

Anthropic Agent Skills

Anthropic’s skills marketplace launched in late 2025 and is deliberately curated. Skills are reviewed before publication, the UI is tightly integrated with Claude and Claude Code, and the trust level is high. The catch is that it’s tied to the Anthropic ecosystem \u2014 a skill there doesn’t automatically run on a self-hosted OpenClaw deployment. Great if your agent lives on Claude; less useful if you’re multi-model or self-hosting.

3. Anatomy of a Skill: Manifest, Tools, Permissions

The format varies slightly by platform but the ingredients are the same. Here’s a realistic ClawHub-style manifest for a Stripe refund skill. Note the permission surface \u2014 this is what the host enforces at runtime.

skill.yaml \u2014 ClawHub manifestYAML
name: stripe-refunds
version: 1.4.0
description: "Issue Stripe refunds with policy checks"
author: rapidclaw
license: MIT
homepage: https://github.com/rapidclaw/skill-stripe-refunds

# What the agent sees
prompt: |
  You can refund Stripe charges via the stripe_refund tool.
  Always verify the order first with lookup_order, and
  never refund > $500 without the escalate_to_human tool.

# Tools this skill exposes
tools:
  - name: stripe_refund
    description: "Issue a refund on a Stripe charge"
    schema: ./tools/refund.schema.json
  - name: lookup_order
    description: "Look up an internal order by ID"
    schema: ./tools/lookup.schema.json

# What the host must grant
permissions:
  secrets:
    - STRIPE_API_KEY       # read-only access
  network:
    egress_allow:
      - "api.stripe.com:443"
  data_categories:
    - payment_info
    - customer_pii

# Where the implementation lives
runtime:
  type: mcp-server
  entrypoint: "node ./server.js"
  health_check: "/healthz"

# Metadata for the marketplace
tags: [payments, stripe, refunds, customer-support]
compatibility:
  openclaw: ">=0.9"
  hermes: ">=0.4"
  mcp: ">=1.0"

The prompt block is the bit people often underestimate. A skill isn’t just code \u2014 it’s the code and the instructions that teach the agent when and how to use it. A well-written prompt block is often the difference between a skill that works once and a skill that works 95% of the time.

4. Monetization: Three Models That Actually Ship Revenue

In twelve months of public marketplace activity, three monetization patterns emerged. The rest are hypothetical.

1. Free and open source

The default. Most ClawHub and MCP Registry skills are free, MIT-licensed, and maintained by the community. Creators benefit through distribution, portfolio, consulting leads, and occasionally sponsorship. This is the right model if your skill is infrastructure \u2014 auth flows, common integrations, utility wrappers.

2. Paid install or seat license

Flat fee per install (”$49 one-time”) or monthly per seat (”$9/user/month”). Works well for polished, narrow skills with clear business value \u2014 a Salesforce connector with CRM-specific policies, a compliance-ready HR workflow. Anthropic’s store is where most paid installs land today; platforms take 15\u201330%.

3. Usage-based revenue share

The creator takes a cut of the tokens or API calls routed through their skill. Aligns incentives \u2014 better skills earn more \u2014 but requires tight integration with the host’s billing layer. Only a handful of platforms support it cleanly today. Expect it to grow as smart routing and per-skill metering become standard.

5. Discovery & Trust: How to Pick a Good Skill

Star counts are a bad proxy. A 1,200-star skill abandoned six months ago is worse than a 40-star skill updated yesterday \u2014 because agent APIs move fast, and stale code quietly breaks. Three signals matter more:

Last-commit recency. Under 90 days old, almost always. Anything older and assume it’s broken against current model APIs until proven otherwise.
Narrow permission manifest. A refund skill that asks for unrestricted network egress or admin scopes is a red flag. Good skills scope permissions tightly \u2014 if you can’t tell from the manifest exactly what the skill will touch, don’t install it.
Real usage evidence. A changelog, a test suite, issue responses that don’t read like boilerplate. Production skills look maintained; abandonware looks like a README and a PR from 2024.

Curated lists help. For self-hosted agents, arcane-bear/awesome-self-hosted-agents tracks actively maintained projects in the self-hosted ecosystem. The broader awesome-ai-agents list is useful as an index of what exists; treat it as a starting point, not an endorsement.

6. Publishing Your First Skill

The shortest viable publishing loop for an OpenClaw skill to ClawHub:

publish.sh \u2014 ClawHub submissionBash
# 1. Scaffold a new skill
clawhub init my-first-skill --template mcp-server
cd my-first-skill

# 2. Implement the tools (see ./server.js)
#    Write the skill.yaml manifest.

# 3. Validate locally against the current host
clawhub lint
clawhub test --runs 5

# 4. Tag and publish
git tag v0.1.0 && git push --tags
clawhub publish --registry ./skill.yaml

# 5. Verify install on a clean host
rapidclaw skill install my-first-skill@0.1.0
rapidclaw skill run my-first-skill --dry-run

Our general guidance: ship a v0.1 with a tight scope, run it against your own agent for a week, fix the three things that break, then write a README and tell people about it. The skills that survive past month three almost always started narrow.

7. Skill Composition: When One Agent Uses Ten Skills

Every production agent ends up composing multiple skills. A customer-service agent might install: Stripe refunds, Zendesk ticketing, Gmail sending, the company’s private knowledge-base skill, and a policy-enforcement skill. The interesting question stops being “does this skill work” and becomes “how do ten skills behave together?”

Two failure modes dominate. The first is tool collision: two skills register overlapping tool names (both have a send_email), and the agent picks the wrong one. The host has to namespace them \u2014 good platforms do this automatically, lesser ones make you rename. The second is context bloat: every installed skill adds prompt guidance to the system message, and at ten skills you’re already burning thousands of tokens before the user says anything.

The emerging pattern is lazy loading: skill manifests are scanned for relevance per request, and only the matching ones are injected into the context. This is the same idea as dynamic memory retrieval but applied to capabilities. Expect it to be table stakes by end of 2026.

8. Security: The Supply-Chain Risk Nobody Is Ready For

Installing a skill is installing code that your agent will execute with delegated authority. That’s closer to an npm dependency than an app install. And we know how npm supply-chain attacks go.

The agent ecosystem hasn’t had its first major supply-chain incident yet. It will. Prepare for it by treating skills the way careful teams treat third-party packages:

Pin exact versions. Never install @latest in production. A skill that auto-updates is a skill that can be silently replaced.
Sandbox execution. Run each skill in an isolated process with declared egress. If it asks to reach hosts not in its manifest, block the call and alert.
Audit before install. Review the manifest, scan the code if it’s small enough, check the author’s track record. A 20-minute audit catches most obvious issues.
Never grant broad secrets. If a skill asks for an unscoped API key, say no and use a scoped one. If a skill requires unscoped access, it’s poorly designed \u2014 find a better one.

For the defensive plumbing that makes sandboxing practical, our AI agent firewall setup guide covers network isolation, API key scoping, and permission boundaries. The OpenClaw security hardening checklist adds the host-level controls that back them up.

9. What This Means for Managed Hosting

The rise of a skill economy changes what a managed agent platform has to do. Infrastructure-level features \u2014 per-skill sandboxing, egress enforcement, version pinning, automatic security scanning \u2014 go from “nice to have” to “the product.” Teams don’t want to audit every skill they install; they want a host they trust to do that for them.

That’s the shape Rapid Claw has been building toward: install skills from ClawHub, the MCP Registry, or direct Git URLs; each one runs in an isolated sandbox with a declared egress policy; version pinning is automatic; compromised skills can be quarantined at the platform level. Self-hosting works too \u2014 you just own the plumbing yourself. The AI agent hosting guide walks through the trade-offs in detail.

Install skills without the supply-chain risk

Rapid Claw runs every ClawHub and MCP skill in an isolated sandbox with declared egress, pinned versions, and automated security scanning \u2014 so your agent can compose ten skills without compounding the risk.

Start Free Trial View Pricing

Related Reading

Building Custom Skills with ClawdhubOpenClaw March 2026 Update: ClawHub, Sub-Agents & What’s NextMCP, AAIF & the Open Agent Standard of 2026AI Agent Firewall Setup: Rate Limiting, API Keys & Network IsolationAI Agent Hosting: The Complete Guide to Deploying Agents in ProductionAI Agent Memory Management: Context, State & Persistence

Open-Source Resources Referenced

arcane-bear/awesome-self-hosted-agents \u2014 curated list of self-hosted agent projectsarcane-bear/awesome-ai-agents \u2014 broad index of autonomous agent projectsarcane-bear/agent-router \u2014 multi-agent task router with pluggable built-in agentsarcane-bear/agent-flow \u2014 define and execute multi-step agent workflows as a DAGarcane-bear/hermes-starter \u2014 one-command Docker Compose quickstart for Hermes Agent

10. Frequently Asked Questions

← Back to all posts