MCPcopy
hub / github.com/builderz-labs/mission-control

github.com/builderz-labs/mission-control @v2.0.1 sqlite

repository ↗ · DeepWiki ↗ · release v2.0.1 ↗
2,431 symbols 6,474 edges 483 files 73 documented · 3%
README

Mission Control

The open-source dashboard for AI agent orchestration.

Manage agent fleets, track tasks, monitor costs, and orchestrate workflows — all from a single pane of glass.

License: MIT Next.js 16 React 19 TypeScript SQLite

Mission Control Dashboard


Alpha Software — Mission Control is under active development. APIs, database schemas, and configuration formats may change between releases. Review the known limitations and security considerations before deploying to production.

Why Mission Control?

Running AI agents at scale means juggling sessions, tasks, costs, and reliability across multiple models and channels. Mission Control gives you:

  • 32 panels — Tasks, agents, skills, logs, tokens, memory, security, cron, alerts, webhooks, pipelines, and more
  • Real-time everything — WebSocket + SSE push updates, smart polling that pauses when you're away
  • Zero external dependencies — SQLite database, single pnpm start to run, no Redis/Postgres/Docker required
  • Role-based access — Viewer, operator, and admin roles with session + API key auth
  • Quality gates — Built-in Aegis review system that blocks task completion without sign-off
  • Recurring tasks — Natural language scheduling ("every morning at 9am") with cron-based template spawning
  • Claude Code bridge — Read-only integration surfaces Claude Code team tasks and configs on the dashboard
  • Skills Hub — Browse, install, and security-scan agent skills from ClawdHub and skills.sh registries
  • Multi-gateway — Connect to multiple agent gateways simultaneously (OpenClaw, and more coming soon)

Quick Start

One-Command Install (Docker)

git clone https://github.com/builderz-labs/mission-control.git
cd mission-control
bash install.sh --docker

The installer auto-generates secure credentials, starts the container, and runs an OpenClaw fleet health check. Open http://localhost:3000 to create your admin account.

One-Command Install (Local)

git clone https://github.com/builderz-labs/mission-control.git
cd mission-control
bash install.sh --local

Requires Node.js 22.x (LTS, recommended) or 24.x, and pnpm (auto-installed via corepack if missing).

One-Command Install (Windows PowerShell)

git clone https://github.com/builderz-labs/mission-control.git
cd mission-control
.\install.ps1 -Mode local

Or with Docker:

.\install.ps1 -Mode docker

Additional options: -Port 8080, -SkipOpenClaw. Requires Node.js 22+ and pnpm (auto-installed via corepack if missing).

Manual Setup

Requires pnpm and Node.js 22.x (LTS, recommended) or 24.x. Mission Control is validated on Node 22 (primary CI/LTS) and supports Node 24 for local dev and deploys. Use nvm use 22 (or nvm use 24) before installing or starting the app.

git clone https://github.com/builderz-labs/mission-control.git
cd mission-control
nvm use 22            # or: nvm use 24
pnpm install
pnpm dev                # http://localhost:3000/setup

On first run, visit http://localhost:3000/setup to create your admin account. Secrets (AUTH_SECRET, API_KEY) are auto-generated and persisted to .data/.

For CI/automation, set AUTH_USER and AUTH_PASS env vars to seed the admin from environment instead.

Gateway Optional Mode (Standalone Deployment)

Mission Control can run in standalone mode without a gateway connection. This is useful when:

  • Deploying on a VPS with firewall rules blocking non-standard WebSocket ports (18789/18790)
  • Testing UI/core workflows without a running gateway
  • Running Mission Control primarily for project/task operations

Enable with:

NEXT_PUBLIC_GATEWAY_OPTIONAL=true

When enabled, the HUD status shows Gateway Optional (Standalone) instead of Disconnected.

Works without gateway: - Task board, projects, agents, sessions, scheduler, webhooks, alerts, activity/audit, cost tracking

Requires active gateway: - Real-time session updates - Agent-to-agent messaging - Gateway log streaming

For production VPS setups, you can also proxy gateway WebSockets over 443. See docs/deployment.md.

Docker Zero-Config

docker compose up

No .env file needed. The container auto-generates AUTH_SECRET and API_KEY on first boot and persists them across restarts. Visit http://localhost:3000 to create your admin account.

Release automation publishes multi-arch images to: - ghcr.io/builderz-labs/mission-control - docker.io/builderz-labs/mission-control when DOCKERHUB_USERNAME and DOCKERHUB_TOKEN are configured in GitHub Actions secrets

Docker Hardening (Production)

For production deployments, use the hardened compose overlay:

docker compose -f docker-compose.yml -f docker-compose.hardened.yml up -d

This adds read-only filesystem, capability dropping, log rotation, HSTS, and network isolation. See Security Hardening for the full checklist.

Station Doctor

Run diagnostics on your installation:

bash scripts/station-doctor.sh
bash scripts/security-audit.sh

Project Status

What Works

  • Agent management with full lifecycle (register, heartbeat, wake, retire)
  • Kanban task board with drag-and-drop, priorities, assignments, and comments
  • Real-time monitoring via WebSocket + SSE with smart polling
  • Token usage and cost tracking with per-model breakdowns
  • Multi-gateway connection management
  • Role-based access control (viewer, operator, admin)
  • Background scheduler for automated tasks
  • Outbound webhooks with delivery history, retry with exponential backoff, and circuit breaker
  • Webhook signature verification (HMAC-SHA256 with constant-time comparison)
  • Local Claude Code session tracking (auto-discovers from ~/.claude/projects/)
  • Quality review gates for task sign-off
  • Pipeline orchestration with workflow templates
  • Ed25519 device identity for secure gateway handshake
  • Agent SOUL system with workspace file sync and templates
  • Agent inter-agent messaging and comms
  • Skills Hub with ClawdHub and skills.sh registry integration (search, install, security scan)
  • Bidirectional skill sync — disk ↔ DB with SHA-256 change detection
  • Local agent discovery from ~/.agents/, ~/.codex/agents/, ~/.claude/agents/
  • Natural language recurring tasks — schedule parser converts "every 2 hours" to cron, spawns dated child tasks
  • Claude Code task bridge — read-only scanner surfaces team tasks and configs from ~/.claude/tasks/ and ~/.claude/teams/
  • Skill security scanner (prompt injection, credential leaks, data exfiltration, obfuscated content)
  • Update available banner with GitHub release check and one-click self-update
  • Framework adapter layer for multi-agent registration (OpenClaw, CrewAI, LangGraph, AutoGen, Claude SDK, generic)
  • Multi-project task organization with per-project ticket prefixes
  • Per-agent rate limiting with x-agent-name identity-based quotas
  • Agent self-registration endpoint for autonomous agent onboarding
  • Security audit panel with posture scoring, secret detection, trust scoring, and MCP call auditing
  • Four-layer agent eval framework (output, trace, component, drift detection)
  • Agent optimization endpoint with token efficiency, tool patterns, and fleet benchmarks
  • Hook profiles (minimal/standard/strict) for tunable security strictness
  • Guided onboarding wizard with credential setup, agent discovery, and security scan

Known Limitations

  • No major security limitations currently tracked here for CSP; policy now uses per-request nonces (no unsafe-inline / unsafe-eval).

Security Considerations

  • Change all default credentials (AUTH_USER, AUTH_PASS, API_KEY) before deploying
  • Deploy behind a reverse proxy with TLS (e.g., Caddy, nginx) for any network-accessible deployment
  • Review SECURITY.md for the vulnerability reporting process
  • Do not expose the dashboard to the public internet without configuring MC_ALLOWED_HOSTS and TLS

Features

Agent Management

Monitor agent status, configure models, view heartbeats, and manage the full agent lifecycle from registration to retirement. Agent detail modal with compact overview, inline model selector, and editable sub-agent configuration.

Mission Control Agents Panel

Task Board

Kanban board with six columns (inbox → assigned → in progress → review → quality review → done), drag-and-drop, priority levels, assignments, threaded comments, and inline sub-agent spawning.

Real-time Monitoring

Live activity feed, session inspector, and log viewer with filtering. WebSocket connection to OpenClaw gateway for instant event delivery.

Cost Tracking

Token usage dashboard with per-model breakdowns, trend charts, and cost analysis powered by Recharts.

Background Automation

Scheduled tasks for database backups, stale record cleanup, agent heartbeat monitoring, and recurring task spawning. Configurable via UI or API.

Natural Language Recurring Tasks

Create recurring tasks with natural language like "every morning at 9am" or "every 2 hours". The built-in schedule parser (zero dependencies) converts expressions to cron and stores them in task metadata. A template-clone pattern keeps the original task as a template and spawns dated child tasks (e.g., "Daily Report - Mar 07") on schedule. Each spawned task gets its own Aegis quality gate.

Direct CLI Integration

Connect Claude Code, Codex, or any CLI tool directly to Mission Control without requiring a gateway. Register connections, send heartbeats with inline token reporting, and auto-register agents.

Claude Code Session Tracking

Automatically discovers and tracks local Claude Code sessions by scanning ~/.claude/projects/. Extracts token usage, model info, message counts, cost estimates, and active status from JSONL transcripts. Scans every 60 seconds via the background scheduler.

Claude Code Task Bridge

Read-only integration that surfaces Claude Code team tasks and team configs on the Mission Control dashboard. Scans ~/.claude/tasks/<team>/<N>.json for structured task data (subject, status, owner, blockers) and ~/.claude/teams/<name>/config.json for team metadata (members, lead agent, model assignments). Visible in both the Task Board (collapsible section) and Cron Management (teams overview) panels.

GitHub Issues Sync

Inbound sync from GitHub repositories with label and assignee mapping. Synced issues appear on the task board alongside agent-created tasks.

Skills Hub

Browse, install, and manage agent skills from local directories and external registries (ClawdHub, skills.sh). Bidirectional sync detects manual additions on disk and pushes UI edits back to SKILL.md files. Built-in security scanner checks for prompt injection, credential leaks, data exfiltration, obfuscated content, and dangerous shell commands before installation. Supports 5 skill roots: ~/.agents/skills, ~/.codex/skills, project-local .agents/skills and .codex/skills, and ~/.openclaw/skills for gateway mode.

Local Agent Discovery

Automatically discovers agent definitions from ~/.agents/, ~/.codex/agents/, and ~/.claude/agents/ directories. Detection looks for marker files (AGENT.md, soul.md, identity.md, config.json). Discovered agents sync bidirectionally — edit in the UI and changes write back to disk.

Agent SOUL System

Define agent personality, capabilities, and behavioral guidelines via SOUL markdown files. Edit in the UI or directly in workspace soul.md files — changes sync bidirectionally between disk and database.

Agent Messaging

Session-threaded inter-agent communication via the comms API (a2a:*, coord:*, session:*) with coordinator inbox support and runtime tool-call visibility in the agent-comms feed.

Memory Knowledge Graph

Explore agent knowledge through the Memory Browser, filesystem-backed memory tree, and interactive relationship graph for sessions, memory chunks, and linked knowledge files.

Mission Control Memory Graph

Onboarding Wizard

Guided first-run setup wizard that walks new users through five steps: Welcome (system capabilities detection), Credentials (verify AUTH_PASS and API_KEY strength), Agent Setup (gateway connection or local Claude Code discovery), Security Scan (automated configuration audit with pass/fail checks), and Get Started (quick links to key panels). Automatically appears on first login and can be re-launched from Settings. Progress is persisted per-user so you can resume where you left off.

Security Audit & Agent Trust

Dedicated security audit panel with real-time posture scoring (0-100), secret detection across agent messages, MCP tool call auditing, injection attempt tracking, and per-agent trust scores. Hook profiles (minimal/standard/strict) let operators tune security strictness per deployment. Auth failures, rate limit hits, and injection attempts are logged automatically as security events.

Agent Eval Framework

Four-layer evaluation stack for agent quality: output evals (task completion scoring against golden datasets), trace evals (convergence scoring — >3.0 indicates looping), component evals (tool reliability with p50/p95/p99 latency from MCP call logs), and drift

Extension points exported contracts — how you extend this code

FrameworkAdapter (Interface)
(no doc) [12 implementers]
src/lib/adapters/adapter.ts
OpenClawCronJob (Interface)
* OpenClaw cron jobs live in ~/.openclaw/cron/jobs.json * Format: { version: 1, jobs: [ { id, agentId, name, enabled, s
src/app/api/cron/route.ts
Session (Interface)
(no doc)
src/index.ts
NavItem (Interface)
(no doc)
src/nav-rail.tsx
WebSocketMessage (Interface)
(no doc)
src/types/index.ts
Props (Interface)
(no doc)
src/components/ErrorBoundary.tsx
Session (Interface)
(no doc)
src/store/index.ts
HSL (Interface)
(no doc)
src/styles/design-tokens.ts

Core symbols most depended-on inside this repo

error
called by 275
src/lib/client-logger.ts
getDatabase
called by 237
src/lib/db.ts
requireRole
called by 228
src/lib/auth.ts
warn
called by 78
src/lib/client-logger.ts
broadcast
called by 61
src/lib/event-bus.ts
createTestAgent
called by 56
tests/helpers.ts
logAuditEvent
called by 50
src/lib/db.ts
scanForInjection
called by 42
src/lib/injection-guard.ts

Shape

Function 1,891
Interface 470
Method 50
Class 20

Languages

TypeScript100%

Modules by API surface

src/components/panels/agent-detail-tabs.tsx50 symbols
src/components/layout/nav-rail.tsx46 symbols
src/components/panels/office-panel.tsx45 symbols
src/components/panels/task-board-panel.tsx40 symbols
src/components/panels/channels-panel.tsx36 symbols
src/components/panels/memory-browser-panel.tsx32 symbols
src/lib/auth.ts28 symbols
src/app/api/integrations/route.ts28 symbols
src/components/dashboard/widget-primitives.tsx27 symbols
src/components/panels/cron-management-panel.tsx26 symbols
src/nav-rail.tsx24 symbols
src/lib/super-admin.ts24 symbols

Dependencies from manifests, versioned

@playwright/test1.51.0 · 1×
@radix-ui/react-slot1.2.4 · 1×
@scalar/api-reference-react0.8.66 · 1×
@testing-library/dom10.4.0 · 1×
@testing-library/jest-dom6.6.3 · 1×
@testing-library/react16.1.0 · 1×
@types/node22.10.6 · 1×
@types/react19.0.8 · 1×
@types/react-dom19.0.3 · 1×
@types/ws8.18.1 · 1×
@vitejs/plugin-react4.3.4 · 1×

Datastores touched

(mongodb)Database · 1 repos
dbDatabase · 1 repos
mydbDatabase · 1 repos

For agents

$ claude mcp add mission-control \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact