GoClaw is a multi-agent AI gateway that connects LLMs to your tools, channels, and data — deployed as a single Go binary with zero runtime dependencies. It orchestrates agent teams, inter-agent delegation, and quality-gated workflows across 13+ LLM providers with full multi-tenant isolation.

A Go port of OpenClaw with enhanced security, multi-tenant PostgreSQL, and production-grade observability.

• Agent Teams & Orchestration — Teams with shared task boards, inter-agent delegation (sync/async), conversation handoff, evaluate-loop quality gates, and hybrid agent discovery
• Multi-Tenant PostgreSQL — Per-user workspaces, per-user context files, encrypted API keys (AES-256-GCM), isolated sessions — the only Claw project with DB-native multi-tenancy
• Single Binary — ~25 MB static Go binary, no Node.js runtime, <1s startup, runs on a $5 VPS
• Production Security — 5-layer defense: rate limiting, prompt injection detection, SSRF protection, shell deny patterns, AES-256-GCM encryption
• 13+ LLM Providers — Anthropic (native HTTP+SSE with prompt caching), OpenAI, OpenRouter, Groq, DeepSeek, Gemini, Mistral, xAI, MiniMax, Cohere, Perplexity, DashScope (Qwen), Bailian Coding
• 5 Messaging Channels — Telegram, Discord, Zalo, Feishu/Lark, WhatsApp with /stop and /stopall commands

Resource Footprint:

Feature Matrix:

GoClaw unique strengths: Only project with multi-tenant PostgreSQL, agent teams, conversation handoff, evaluate-loop quality gates, runtime custom tools via API, and MCP protocol support.

graph TB
    subgraph Clients
        WEB["Web Dashboard<br/>(React SPA)"]
        TG["Telegram"]
        DC["Discord"]
        FS["Feishu/Lark"]
        ZL["Zalo"]
        API["HTTP API"]
    end

    subgraph Gateway["GoClaw Gateway"]
        direction TB
        WS["WebSocket RPC"] & REST["HTTP Server"] & CM["Channel Manager"]
        WS & REST & CM --> BUS["Message Bus"]
        BUS --> SCHED["Lane-based Scheduler<br/>main · subagent · delegate · cron"]
        SCHED --> ROUTER["Agent Router"]
        ROUTER --> LOOP["Agent Loop<br/>think → act → observe"]
        LOOP --> TOOLS["Tool Registry<br/>fs · exec · web · memory · delegate · team · mcp · custom"]
        LOOP --> LLM["LLM Providers<br/>Anthropic (native + prompt caching) · OpenAI-compat (12+)"]
    end

    subgraph Storage
        FILE["File-based<br/>(standalone)"]
        PG["PostgreSQL 18 + pgvector<br/>(managed · multi-tenant)"]
    end

    WEB --> WS
    TG & DC & FS & ZL --> CM
    API --> REST
    LOOP --> FILE & PG

GoClaw supports four orchestration patterns for agent collaboration, all managed through explicit permission links.

Agent delegation enables named agents to delegate tasks to other agents — each running with its own identity, tools, LLM provider, and context files. Unlike subagents (anonymous clones of the parent), delegation targets are fully independent agents.

flowchart TD
    USER((User)) -->|"Research competitor pricing"| SUPPORT

    subgraph TEAM["Agent Team"]
        SUPPORT["Support Bot<br/>(Claude Haiku)"]
        RESEARCH["Research Bot<br/>(GPT-4)"]
        WRITER["Content Writer<br/>(Claude Sonnet)"]
        BILLING["Billing Bot<br/>(Gemini)"]
    end

    SUPPORT -->|"sync: wait for answer"| RESEARCH
    RESEARCH -->|"result"| SUPPORT
    SUPPORT -->|"async: don't wait"| WRITER
    WRITER -.->|"announce when done"| SUPPORT
    SUPPORT -.-x|"no link"| BILLING

    SUPPORT -->|"final answer"| USER

    style USER fill:#e1f5fe
    style SUPPORT fill:#fff3e0
    style RESEARCH fill:#e8f5e9
    style WRITER fill:#f3e5f5
    style BILLING fill:#ffebee

Permission Links — Agents communicate through explicit agent links with access control:

# One-way: support-bot can delegate TO research-bot
agents.links.create {
  "sourceAgent": "support-bot",
  "targetAgent": "research-bot",
  "direction": "outbound",
  "maxConcurrent": 3
}

# Bidirectional: both agents can delegate to each other
agents.links.create {
  "sourceAgent": "support-bot",
  "targetAgent": "content-writer",
  "direction": "bidirectional"
}

Concurrency Control — Two layers prevent any agent from being overwhelmed:

Per-User Restrictions — The settings JSONB on agent links supports per-user deny/allow lists.

Agent Discovery — Each agent has a frontmatter field for discovery. With ≤15 targets, auto-generated AGENTS.md is injected into context. With >15 targets, agents use delegate_search for hybrid FTS + semantic search.

Teams enable coordinated multi-agent workflows with a shared task board and peer-to-peer messaging.

flowchart TD
    USER((User)) -->|message| LEAD

    subgraph TEAM["Agent Team"]
        LEAD["Lead Agent<br/>(orchestrator)"]
        A1["Specialist A"]
        A2["Specialist B"]
        A3["Specialist C"]
    end

    subgraph BOARD["Shared Task Board"]
        T1["Task 1: pending"]
        T2["Task 2: in_progress<br/>owner: A1"]
        T3["Task 3: blocked_by T2"]
    end

    subgraph MAIL["Team Mailbox"]
        M1["A1 → LEAD: status update"]
        M2["LEAD → ALL: broadcast"]
    end

    LEAD -->|"create tasks"| BOARD
    A1 -->|"claim"| T2
    T2 -.->|"auto-unblocks"| T3
    A1 -->|"send message"| MAIL
    LEAD -->|"broadcast"| MAIL
    LEAD -->|final answer| USER

    style USER fill:#e1f5fe
    style LEAD fill:#fff3e0
    style A1 fill:#e8f5e9
    style A2 fill:#e8f5e9
    style A3 fill:#e8f5e9

• Team roles — Lead agent orchestrates work, member agents execute tasks
• Shared task board — Create, claim, complete, search tasks with blocked_by dependencies. Atomic claiming prevents double-assignment
• Team mailbox — Direct peer-to-peer messaging (send, broadcast, read unread)
• Tools: team_tasks for task management, team_message for mailbox

Handoff transfers conversation control from one agent to another. Unlike delegation (where A stays in control), handoff means B completely takes over the user conversation.

flowchart LR
    subgraph Delegation["Delegation (A stays in control)"]
        direction TB
        DA["Agent A"] -->|"delegate task"| DB["Agent B"]
        DB -->|"return result"| DA
        DA -->|"reply to user"| DU((User))
    end

    subgraph Handoff["Handoff (B takes over)"]
        direction TB
        HA["Agent A"] -->|"handoff"| HB["Agent B"]
        HB -->|"now handles user"| HU((User))
    end

• Routing override — Sets a routing rule so all future messages go to the target agent
• Context transfer — Conversation context is passed to the new agent
• Revert — handoff(action="clear") returns routing to the original agent

The evaluate loop orchestrates a generator-evaluator feedback cycle between two agents for quality-gated output.

flowchart LR
    TASK["Task + Criteria"] --> GEN["Generator<br/>Agent"]
    GEN -->|"output"| EVAL{"Evaluator<br/>Agent"}
    EVAL -->|"APPROVED"| RESULT["Final Output"]
    EVAL -->|"REJECTED + feedback"| GEN
    EVAL -.->|"max rounds hit"| WARN["Last output + warning"]

• Configurable rounds — Default 3, max 5 revision cycles
• Custom pass criteria — Define what "approved" means for the evaluator
• Tool: evaluate_loop(generator="writer-bot", evaluator="qa-bot", task="...", pass_criteria="...")

Quality gates validate agent output before it reaches users. Configured in agent other_config:

{
  "quality_gates": [
    {
      "event": "delegation.completed",
      "type": "agent",
      "agent": "qa-reviewer",
      "block_on_failure": true,
      "max_retries": 2
    }
  ]
}

• Hook types: command (shell exit code: 0 = pass) or agent (delegate to reviewer agent)
• Blocking — Failed gates can block output and trigger automatic retry with feedback
• Recursion-safe — Quality gate evaluators skip their own gates to prevent infinite loops

• 13+ providers — OpenRouter, Anthropic, OpenAI, Groq, DeepSeek, Gemini, Mistral, xAI, MiniMax, Cohere, Perplexity, DashScope (Qwen), Bailian Coding, and any OpenAI-compatible endpoint
• Anthropic native — Direct HTTP+SSE integration with prompt caching (cache_control) for ~90% cost reduction on repeated prefixes
• OpenAI-compatible — Automatic prompt caching for OpenAI, MiniMax, OpenRouter (cache metrics tracked in traces)

• Agent loop — Think-act-observe cycle with tool use, session history, and auto-summarization
• Subagents — Spawn child agents with different models for parallel task execution
• Agent delegation — Sync/async inter-agent task delegation with permission links, concurrency limits, and per-user restrictions
• Agent teams — Shared task boards with dependencies, team mailbox, and coordinated multi-agent workflows
• Agent handoff — Transfer conversation control between agents with routing overrides
• Evaluate loop — Generator-evaluator feedback cycles for quality-gated output
• Quality gates — Hook-based output validation with command or agent evaluators
• Delegation history — Queryable audit trail of all inter-agent delegations
• Concurrent execution — Lane-based scheduler (main/subagent/delegate/cron), adaptive throttle for group chats

• 30+ built-in tools — File system, shell exec, web search/fetch, memory, browser automation, TTS, and more
• Custom tools — Define shell-based tools at runtime via HTTP API with JSON Schema parameters and encrypted env vars
• MCP integration — Connect external MCP servers via stdio, SSE, or streamable-http with per-agent/per-user grants

• Telegram — Full integration with streaming, rich formatting (HTML, tables, code blocks), reactions, media
• Discord, Zalo, Feishu/Lark, WhatsApp — Channel adapters with /stop and /stopall commands

• Skills — SKILL.md-based knowledge base with BM25 search + embedding hybrid search (managed mode)
• Long-term memory — SQLite FTS5 + vector embeddings (standalone) or pgvector hybrid search (managed)

• Cron scheduling — at, every, and cron expression syntax for scheduled agent tasks
• Browser automation — Headless Chrome via Rod for web interaction
• Text-to-Speech — OpenAI, ElevenLabs, Edge, MiniMax providers
• Docker sandbox — Isolated code execution in containers
• Tracing — LLM call tracing with cache metrics, span metadata, and optional OpenTelemetry OTLP export
• Tailscale — Optional VPN mesh listener for secure remote access (build-tag gated)

• Rate limiting — Token bucket per user/IP, configurable RPM
• Prompt injection detection — 6-pattern regex scanner (detection-only, never blocks)
• Credential scrubbing — Auto-redact API keys, tokens, passwords from tool outputs
• Shell deny patterns — Blocks curl|sh, reverse shells, eval $(), base64|sh
• SSRF protection — DNS pinning, blocked private IPs, blocked hosts
• AES-256-GCM — Encrypted API keys in database (managed mode)
• Browser pairing — Token-free browser auth with admin-approved pairing codes

• Agent management, traces & spans viewer, skills, teams, MCP servers, and pairing approval

git clone https://github.com/nextlevelbuilder/goclaw.git
cd goclaw

# Build
make build

# Interactive setup wizard
./goclaw onboard

# Start the gateway
source .env.local && ./goclaw

1. Prepare environment:

# Generate .env with auto-generated secrets (GOCLAW_ENCRYPTION_KEY, GOCLAW_GATEWAY_TOKEN)
chmod +x prepare-env.sh
./prepare-env.sh

The script creates .env from .env.example, auto-generates GOCLAW_ENCRYPTION_KEY and GOCLAW_GATEWAY_TOKEN, and checks for a provider API key. Add at least one GOCLAW_*_API_KEY to .env before starting.

2. Start services:

# Recommended: Managed mode + Web Dashboard (http://localhost:3000)
docker compose -f docker-compose.yml -f docker-compose.managed.yml -f docker-compose.selfservice.yml up -d --build

# Standalone mode (file-based, no database)
docker compose -f docker-compose.yml -f docker-compose.standalone.yml up -d --build

# Managed mode without dashboard
docker compose -f docker-compose.yml -f docker-compose.managed.yml up -d --build

# + OpenTelemetry tracing (Jaeger at http://localhost:16686)
docker compose -f docker-compose.yml -f docker-compose.managed.yml -f docker-compose.otel.yml up -d --build

# + Tailscale (secure remote access)
docker compose -f docker-compose.yml -f docker-compose.managed.yml -f docker-compose.tailscale.yml up -d --build

When GOCLAW_*_API_KEY environment variables are set, the gateway auto-onboards without interactive prompts — it detects the provider, generates a gateway token, and (in managed mode) connects to Postgres, runs migrations, and seeds default data.

Auto-onboard detects the first available API key in priority order: OpenRouter → Anthropic → OpenAI → Groq → DeepSeek → Gemini → Mistral → xAI → MiniMax → Cohere → Perplexity. Override with GOCLAW_PROVIDER and GOCLAW_MODEL. Memory is auto-enabled with embedding support if an OpenAI, OpenRouter, or Gemini key is detected.

Minimum .env for managed mode:

GOCLAW_OPENROUTER_API_KEY=sk-or-your-key    # Required: at least one provider key
GOCLAW_GATEWAY_TOKEN=...                     # Auto-generated by prepare-env.sh
GOCLAW_ENCRYPTION_KEY=...                    # Auto-generated by prepare-env.sh
# GOCLAW_PROVIDER=openrouter                 # Optional: override default provider
# GOCLAW_MODEL=anthropic/claude-sonnet-4     # Optional: override default model
# POSTGRES_PASSWORD=your-secure-password     # Optional: defaults to "goclaw"

Recommendation: Use managed mode for the best experience. Most of GoClaw's advanced features — agent teams, delegation, handoff, evaluate loops, quality gates, tracing, skills with embedding search, MCP integration, and the web dashboard — require managed mode. Standalone mode is suitable for quick evaluation or single-user setups only.

File-based storage, no external database required. All users share the same workspace, sessions, and context files — no per-user isolation. Best suited for quick evaluation or single-user setups.

config.json          -> Non-secret settings
.env.local           -> Secrets (API keys, tokens)
~/.goclaw/
  |-- workspace/     -> Shared agent workspace (SOUL.md, AGENTS.md, etc.)
  |-- data/          -> Cron jobs, pairing data
  |-- sessions/      -> Chat session history (shared across users)
  +-- skills/        -> User-managed skills

All data in PostgreSQL with pgvector support. Designed for multi-user and multi-tenant deployments with per-user isolation — each user gets their own context files, session history, and workspace. Unlocks all advanced features.

# Set up database
export GOCLAW_MODE=managed
export GOCLAW_POSTGRES_DSN="postgres://user:pass@localhost:5432/goclaw?sslmode=disable"
export GOCLAW_ENCRYPTION_KEY=$(openssl rand -hex 32)

# Run database upgrade (schema migrations + data hooks)
./goclaw upgrade

# Start gateway
./goclaw

Managed mode adds:

• Per-user context files and workspaces (user_context_files table)
• Agent types: open (per-user workspace) vs predefined (shared context)
• Agent teams, delegation, handoff, evaluate loops, quality gates
• LLM call tracing with spans and prompt cache metrics
• MCP server integration with per-agent and per-user access grants
• Custom tools with JSON Schema and encrypted env vars
• Embedding-based skill search (hybrid BM25 + pgvector)
• Web dashboard for agents, traces, skills, teams, and MCP servers
• API key encryption (AES-256-GCM)

• Go 1.25+
• PostgreSQL 18 with pgvector (managed mode only)
• Docker (optional, for sandbox and containerized deployment)

# Production build (~25MB binary, static, stripped symbols)
CGO_ENABLED=0 go build -ldflags="-s -w" -o goclaw .

# With OpenTelemetry support (~36MB binary)
CGO_ENABLED=0 go build -ldflags="-s -w" -tags otel -o goclaw .

# With Tailscale support (~54MB binary)
CGO_ENABLED=0 go build -ldflags="-s -w" -tags tsnet -o goclaw .

# With both OTel + Tailscale
CGO_ENABLED=0 go build -ldflags="-s -w" -tags "otel,tsnet" -o goclaw .

Binary size comparison across the Claw ecosystem:

Optional features are gated behind build tags to avoid binary bloat. OTel adds ~11 MB (gRPC + protobuf). Tailscale adds ~20 MB (tsnet + WireGuard). The base build includes in-app tracing backed by PostgreSQL and localhost-only access.

# Standard image (~50MB Alpine)
docker build -t goclaw .

# With OpenTelemetry (~60MB)
docker build --build-arg ENABLE_OTEL=true -t goclaw:otel .

# With Tailscale (~75MB)
docker build --build-arg ENABLE_TSNET=true -t goclaw:tsnet .

# With both OTel + Tailscale (~85MB)
docker build --build-arg ENABLE_OTEL=true --build-arg ENABLE_TSNET=true -t goclaw:full .

./goclaw onboard

The wizard configures: provider, model, gateway port, channels, memory, browser, TTS, tracing, and database mode. It generates config.json (no secrets) and .env.local (secrets only).

When GOCLAW_*_API_KEY environment variables are set, the gateway automatically configures itself without interactive prompts. In managed mode, it retries Postgres connection (up to 5 attempts), runs migrations, and seeds default data.

goclaw                    Start gateway (default command)
goclaw onboard            Interactive setup wizard
goclaw version            Print version and protocol info
goclaw doctor             System health check (includes schema status)
                          In managed mode: reads providers and channels from DB
                          In standalone mode: reads from config.json + env vars

goclaw upgrade            Upgrade database schema and run data hooks
goclaw upgrade --status   Show current vs required schema version
goclaw upgrade --dry-run  Preview pending changes without applying

goclaw agent list         List configured agents
goclaw agent chat         Chat with an agent
goclaw agent add          Add a new agent
goclaw agent delete       Delete an agent

goclaw migrate up         Apply all pending migrations
goclaw migrate down       Roll back migrations
goclaw migrate version    Show current migration version
goclaw migrate force N    Force set migration version
goclaw migrate goto N     Migrate to specific version
goclaw migrate drop       Drop all tables (dangerous)

goclaw config show        Show current configuration
goclaw config path        Show config file path
goclaw config validate    Validate configuration

goclaw sessions list      List active sessions
goclaw sessions delete    Delete a session
goclaw sessions reset     Reset session history

goclaw cron list          List scheduled jobs
goclaw cron delete        Delete a job
goclaw cron toggle        Enable/disable a job

goclaw skills list        List available skills
goclaw skills show        Show skill details

goclaw models             List AI models and providers
goclaw channels           List messaging channels

goclaw pairing approve    Approve a pairing code
goclaw pairing list       List paired devices
goclaw pairing revoke     Revoke a pairing

Flags:

--config, -c    Path to config file (default: config.json)
--verbose, -v   Enable debug logging

See API Reference for HTTP endpoints, Custom Tools, and MCP Integration.

See WebSocket Protocol for the real-time RPC protocol (v3).

Eight composable files for different deployment scenarios:

# Prepare .env (auto-generates secrets, prompts for API key)
chmod +x prepare-env.sh && ./prepare-env.sh

# Standalone
docker compose -f docker-compose.yml -f docker-compose.standalone.yml up -d --build

# Managed (PostgreSQL)
docker compose -f docker-compose.yml -f docker-compose.managed.yml up -d --build

# Managed + Web Dashboard (http://localhost:3000)
docker compose -f docker-compose.yml \
  -f docker-compose.managed.yml \
  -f docker-compose.selfservice.yml up -d --build

# Managed + Web Dashboard + OpenTelemetry (Jaeger UI at http://localhost:16686)
docker compose -f docker-compose.yml \
  -f docker-compose.managed.yml \
  -f docker-compose.selfservice.yml \
  -f docker-compose.otel.yml up -d --build

# Managed + Tailscale (secure remote access via VPN mesh)
docker compose -f docker-compose.yml \
  -f docker-compose.managed.yml \
  -f docker-compose.tailscale.yml up -d --build

# Check health
curl http://localhost:18790/health

Simple upgrade — pull the latest code, rebuild, and restart. The entrypoint automatically runs goclaw upgrade (schema migrations + data hooks) before starting:

# Pull latest code
git pull

# Rebuild and restart (auto-upgrades database on start)
docker compose -f docker-compose.yml -f docker-compose.managed.yml \
  -f docker-compose.selfservice.yml up -d --build

Replace the compose files with whichever overlays you use (e.g. add -f docker-compose.otel.yml for OTel).

Explicit upgrade — if you want to preview changes or run the upgrade separately before restarting:

# Check current schema status
docker compose -f docker-compose.yml -f docker-compose.managed.yml \
  -f docker-compose.upgrade.yml run --rm upgrade --status

# Preview pending changes (dry-run)
docker compose -f docker-compose.yml -f docker-compose.managed.yml \
  -f docker-compose.upgrade.yml run --rm upgrade --dry-run

# Apply upgrade (schema migrations + data hooks), then remove container
docker compose -f docker-compose.yml -f docker-compose.managed.yml \
  -f docker-compose.upgrade.yml run --rm upgrade

# Then rebuild and restart the gateway with the new image
docker compose -f docker-compose.yml -f docker-compose.managed.yml up -d --build

Use the prepare-env.sh script to generate .env with auto-generated secrets:

./prepare-env.sh

This creates .env with GOCLAW_ENCRYPTION_KEY and GOCLAW_GATEWAY_TOKEN pre-filled. You only need to add your provider API key. See .env.example for all available variables.

Browser clients can authenticate without pre-shared tokens using a pairing code flow:

1. User opens the web dashboard and enters their User ID
2. Clicks "Request Access (Pairing)" — gateway generates an 8-character code
3. Code is displayed in the browser UI
4. An admin approves the code via CLI (goclaw pairing approve XXXX) or the web UI
5. Browser automatically detects approval and gains operator-level access
6. On subsequent visits, the browser reconnects automatically using the stored pairing (no re-approval needed)

Revoking access:

# List paired devices
goclaw pairing list

# Revoke a specific pairing
goclaw pairing revoke <sender_id>

After revocation, the browser falls back to the pairing flow on next visit.

GoClaw supports an optional Tailscale listener for secure remote access via VPN mesh. The Tailscale listener runs alongside the main gateway, serving the same routes on both listeners.

Build-tag gated: The tsnet dependency (~20 MB) is only compiled when building with -tags tsnet. The default binary is unaffected.

# Build with Tailscale support
go build -tags tsnet -o goclaw .

# Configure via environment variables
export GOCLAW_TSNET_HOSTNAME=goclaw-gateway
export GOCLAW_TSNET_AUTH_KEY=tskey-auth-xxxxx

# Start — both localhost:18790 and Tailscale listener are active
./goclaw

When Tailscale is enabled and the gateway is still bound to 0.0.0.0, a log suggestion recommends switching to 127.0.0.1 for localhost-only + Tailscale access:

GOCLAW_HOST=127.0.0.1 ./goclaw

This keeps the gateway inaccessible from the LAN while remaining reachable via Tailscale from any device on your tailnet.

Docker:

docker compose -f docker-compose.yml \
  -f docker-compose.managed.yml \
  -f docker-compose.tailscale.yml up -d

Requires GOCLAW_TSNET_AUTH_KEY in your .env file. Tailscale state is persisted in a tsnet-state Docker volume.

• Transport: WebSocket CORS validation, 512KB message limit, 1MB HTTP body limit, timing-safe token auth
• Rate limiting: Token bucket per user/IP, configurable RPM
• Prompt injection: Input guard with 6 pattern detection (detection-only, never blocks)
• Shell security: Deny patterns for curl|sh, wget|sh, reverse shells, eval, base64|sh
• Network: SSRF protection with blocked hosts + private IP + DNS pinning
• File system: Path traversal prevention, workspace restriction
• Encryption: AES-256-GCM for API keys in database (managed mode)
• Browser pairing: Token-free browser auth with admin approval (pairing codes, auto-reconnect)
• Tailscale: Optional VPN mesh listener for secure remote access (build-tag gated)

# Unit tests
go test ./...

# Integration tests (requires running gateway)
go test -v -run 'TestHealthHTTP|TestConnectHandshake' ./tests/integration/

# Full integration (requires API key)
GOCLAW_OPENROUTER_API_KEY=sk-or-xxx go test -v ./tests/integration/ -timeout 120s

• Agent management & configuration — Create, update, delete agents via API and web dashboard. Agent types (open / predefined), agent routing, and lazy resolution all tested.
• Telegram channel — Full integration tested: message handling, streaming responses, rich formatting (HTML, tables, code blocks), reactions, media, chunked long messages.
• Seed data & bootstrapping — Auto-onboard, DB seeding, migration pipeline tested end-to-end in managed mode.
• User-scope & content files — Per-user context files (user_context_files), agent-level context files (agent_context_files), virtual FS interceptors, per-user seeding (SeedUserFiles), and user-agent profile tracking all implemented and tested.
• Core built-in tools — File system tools (read_file, write_file, edit_file, list_files, search, glob), shell execution (exec), web tools (web_search, web_fetch), and session management tools tested in real agent loops.
• Memory system — Long-term memory with search (FTS5 in standalone, pgvector hybrid in managed mode) implemented and tested with real conversations.
• Agent loop — Think-act-observe cycle, tool use, session history, auto-summarization, and subagent spawning tested in production.
• WebSocket RPC protocol (v3) — Connect handshake, chat streaming, event push all tested with web dashboard and integration tests.
• Store layer (PostgreSQL) — All PG stores (sessions, agents, providers, skills, cron, pairing, tracing, memory, teams) implemented and running in managed mode.
• Browser automation — Rod/CDP integration for headless Chrome, tested in production agent workflows.
• Lane-based scheduler — Main/subagent/delegate/cron lane isolation with concurrent execution tested. Group chats support up to 3 concurrent agent runs per session with adaptive throttle and deferred session writes for history isolation.
• Security hardening — Rate limiting, prompt injection detection, CORS, shell deny patterns, SSRF protection, credential scrubbing all implemented and verified.
• Web dashboard (core) — Channel management, agent management, pairing approval, traces & spans viewer all implemented and working well.
• Prompt caching — Anthropic (explicit cache_control), OpenAI/MiniMax/OpenRouter (automatic). Cache metrics tracked in trace spans and displayed in web dashboard.

• Agent delegation — Inter-agent task delegation with permission links, sync/async modes, per-user restrictions, concurrency limits, and hybrid agent search. Core implementation complete, needs E2E testing with real multi-agent workflows.
• Agent teams — Team creation with lead/member roles, shared task board (create, claim, complete, search, blocked_by dependencies), team mailbox (send, broadcast, read). Core implementation complete, needs E2E testing.
• Agent handoff — Conversation transfer between agents with routing overrides. Implementation complete, needs E2E testing.
• Evaluate loop — Generator-evaluator feedback cycles with configurable max rounds and pass criteria. Implementation complete, needs E2E testing.
• Quality gates — Hook-based output validation with command and agent evaluator types. Implementation complete, needs E2E testing.
• Delegation history — Queryable audit trail of inter-agent delegations. Implementation complete, needs validation at scale.
• Other messaging channels — Discord, Zalo, Feishu/Lark, WhatsApp channel adapters are implemented but have not been tested end-to-end in production. Only Telegram has been validated with real users.
• Skill system — BM25 search, ZIP upload, SKILL.md parsing, and embedding hybrid search are implemented. Basic functionality verified but no full E2E flow testing with real agent usage.
• Custom tools (runtime API) — Shell-based custom tools with JSON Schema params, encrypted env vars, and HTTP CRUD are implemented. Not yet tested in a production workflow.
• MCP integration — stdio, SSE, and streamable-http transports with per-agent/per-user grants implemented. Not tested with real MCP servers in production.
• Cron scheduling — at, every, and cron expression scheduling implemented. Basic functionality works but no long-running production validation.
• Text-to-Speech — OpenAI, ElevenLabs, Edge, MiniMax providers implemented. Not tested end-to-end.
• Docker sandbox — Isolated code execution container support implemented. Not tested in production.
• OpenTelemetry export — OTLP gRPC/HTTP exporter implemented (build-tag gated). In-app tracing works; external OTel export not validated in production.
• Tailscale integration — tsnet listener implemented (build-tag gated). Not tested in a real deployment.
• Browser pairing — Pairing code flow implemented with CLI and web UI approval. Basic flow tested but not validated at scale.
• HTTP API (/v1/chat/completions, /v1/agents, etc.) — Endpoints implemented. Used by web dashboard but not tested for third-party consumer use cases.
• Web dashboard (other pages) — Skills, MCP, custom tools, cron, sessions, teams, and config pages have basic rendering but UX not yet optimized for easy management and monitoring.

GoClaw is built upon the original OpenClaw project. We are grateful for the architecture and vision that inspired this Go port.

MIT