Overview
An agent template is a packaged configuration that defines an AI agent's behavior, workspace files, required skills, and external tool connections. When a user deploys your template, Tropic provisions the agent on an isolated VM with everything pre-configured.
What's in a template
Deployment flow
When a user deploys your template, Tropic writes all workspace files to ~/.openclaw/workspace/{slug}/ on their VM, installs skills via clawhub, configures tool connections, registers the agent in openclaw.json, and restarts the gateway. The agent is ready to chat within seconds.
Workspace Files
Workspace files are Markdown documents that shape the agent's behavior. They're written to the agent's workspace directory on deploy. Each file serves a specific purpose in defining who the agent is and how it operates.
The core workflow document. Defines what the agent does, step-by-step instructions, and behavioral guidelines. This is the most important file — it's the agent's operating manual.
# Bookkeeping Agent ## Purpose You are a bookkeeping assistant that manages financial records using Supabase. ## Workflow 1. When a user asks to record a transaction, collect: date, amount, category, description 2. Write the record to the Supabase `transactions` table 3. Confirm the entry with the user ## Guidelines - Always confirm before writing to the database - Use ISO 8601 date format - Categorize using the categories in SCHEMA.md
Defines the agent's personality and communication style.
# Soul You are precise, professional, and friendly. You explain financial concepts in simple terms. You double-check numbers before recording them. You never rush.
The agent's name, emoji, and vibe. Keeps identity consistent across conversations.
# Identity - Name: BookBot - Emoji: 📒 - Vibe: Calm, organized, detail-oriented
Documents how the agent should use its available skills and tools. Be specific about when and how each tool should be used.
# Tools ## Google (gog) Use gog to read and send emails. Always check inbox before composing replies. ## Supabase Connect via the environment variables. Use the agent credentials for row-level security.
Context about who the user is and what they expect from the agent.
# User The user is a small business owner who needs help tracking income and expenses. They are not technical and prefer plain language explanations.
For agents that work with databases, document the schema so the agent understands the data structure. You can add any additional .md files your agent needs for domain knowledge.
# Database Schema ## transactions | Column | Type | Description | |-------------|-----------|------------------------------------| | id | uuid | Primary key | | date | date | Transaction date | | amount | decimal | Positive = income, negative = expense | | category | text | Category slug | | description | text | Free-text description | | created_at | timestamp | Auto-generated |
Tool Connections
Tool connections (prerequisites) define what external services your agent needs. The user configures these at deploy time. Tropic handles authentication, token management, and credential injection.
OAuth connections
OAuth connections provide managed authentication through Tropic's OAuth flow. The user connects their account via a consent screen — Tropic handles token refresh and credential rotation.
| Type | Service | Injected to agent |
|---|---|---|
supabase | Supabase | SUPABASE_URL, SUPABASE_ANON_KEY, SUPABASE_AGENT_EMAIL, SUPABASE_AGENT_PASSWORD |
google | Google (Gmail, etc.) | client_secret.json + gog auth tokens configured automatically |
Manual credentials
For services without OAuth support, users provide values directly. These are encrypted with AES-256-GCM at rest and written to ~/.openclaw/.env on the VM.
| Type | UI behavior | Use case |
|---|---|---|
text | Plain text input | URLs, project names, non-sensitive config |
secret | Masked input | API keys, tokens, passwords |
Defining prerequisites
Declare prerequisites in your bundle configuration. Each entry has a key (unique identifier), a type (drives the UI widget), and metadata for the deploy drawer.
[
{
"key": "SUPABASE",
"label": "Supabase Project",
"type": "supabase",
"required": true,
"helpText": "Connect your Supabase project for database access"
},
{
"key": "GOOGLE",
"label": "Google Account",
"type": "google",
"required": true,
"helpText": "Connect Google for Gmail access"
},
{
"key": "OPENAI_API_KEY",
"label": "OpenAI API Key",
"type": "secret",
"required": false,
"helpText": "Optional: for embedding generation",
"placeholder": "sk-..."
}
]How credentials reach the agent
All credential values end up in ~/.openclaw/.env on the VM. The gateway restarts after .env is written so values are immediately available.
# From Supabase OAuth connection SUPABASE_URL=https://abc123.supabase.co SUPABASE_ANON_KEY=eyJ... SUPABASE_AGENT_EMAIL=tropic-agent-uuid@tropic.bot SUPABASE_AGENT_PASSWORD=generated-password # From manual secret prerequisite OPENAI_API_KEY=sk-abc123 # Google is configured via gog CLI auth, not env vars
Skills
Skills are clawhub packages that extend the agent's capabilities — browser automation, file tools, API integrations, and more. They're installed via clawhub install during deployment.
Declaring skills
List the clawhub package slugs your agent needs in the agent.skills array.
"agent": {
"model": "anthropic/claude-sonnet-4-6",
"skills": ["agent-browser", "gog"]
}Skills with env vars
If a skill requires its own environment variables (e.g. an API key for a third-party service), declare them in the skill's frontmatter. Users configure these per-agent after installing the skill.
---
name: youtube-full
description: Complete YouTube toolkit
metadata:
openclaw:
requires:
env:
- TRANSCRIPT_API_KEY
---Default Policy
A default policy defines guardrails for your agent. It gets appended to AGENTS.md as strict rules and written to policy.md for message-level enforcement. Users can customize the policy after deployment.
Policy format
Policies use three sections. Each section contains bullet-pointed rules that the agent must follow.
## ALLOW - Search the web for public information - Read and summarize emails - Query the database for financial records ## REQUIRE CONFIRM - Send emails on behalf of the user - Delete database records - Modify account settings ## DENY - Share credentials or API keys - Access files outside the workspace - Make purchases or financial commitments
How enforcement works
Policies are enforced at two levels. The policy text is appended to AGENTS.md so the agent sees the rules in its context. Additionally, the policy is written to policy.md where a message-level hook classifies every incoming message against the rules and blocks denied requests before the agent sees them.
Bundle Configuration
The bundle config is the complete JSON object that defines your agent template. It combines all the pieces into a single deployable package.
Full example
This is what a complete agent template looks like. The workspace object maps filenames to their content as strings.
{
"agent": {
"model": "anthropic/claude-sonnet-4-6",
"skills": ["gog"]
},
"workspace": {
"AGENTS.md": "# Bookkeeping Agent\n\n## Purpose\n...",
"SOUL.md": "# Soul\n\nYou are precise...",
"IDENTITY.md": "# Identity\n\n- Name: BookBot\n...",
"TOOLS.md": "# Tools\n\n## Google (gog)\n...",
"USER.md": "# User\n\nSmall business owner...",
"SCHEMA.md": "# Database Schema\n\n## transactions\n..."
},
"prerequisites": [
{
"key": "SUPABASE",
"label": "Supabase Project",
"type": "supabase",
"required": true,
"helpText": "Connect your Supabase project"
},
{
"key": "GOOGLE",
"label": "Google Account",
"type": "google",
"required": true,
"helpText": "Connect Google for email access"
}
]
}Template metadata
In addition to the bundle config, each template has top-level metadata that's shown in the marketplace.
| Field | Type | Description |
|---|---|---|
slug | string | Unique URL-safe identifier (e.g. bookkeeping) |
name | string | Display name shown in the marketplace |
description | string | Short description of what the agent does |
icon | string? | Lucide icon name (e.g. book-open, search) |
defaultPolicy | string | ALLOW/REQUIRE CONFIRM/DENY rules (see Default Policy section) |
Submitting Your Agent
Coming soon
Marketplace submissions are not yet open. When available, you'll be able to submit your agent template for review and listing on the Tropic marketplace.
What gets reviewed
- • Workspace files are well-structured and complete
- • Prerequisites are correctly typed with helpful descriptions
- • Skills don't contain security risks or malicious patterns
- • Default policy provides reasonable guardrails
- • Agent behavior matches the description
Security requirements
All agents run inside Tropic's security stack. Your template benefits from these protections automatically:
- • Sondera — Cedar policy evaluation on every tool call
- • SecureClaw — VM hardening and continuous auditing
- • Isolation — each user gets a dedicated EC2 instance
- • Encryption — all credentials encrypted with AES-256-GCM at rest
- • Redaction — secrets are blocked before execution and redacted from output