MCPcopy
hub / github.com/nextlevelbuilder/goclaw

github.com/nextlevelbuilder/goclaw @v3.14.0 sqlite

repository ↗ · DeepWiki ↗ · release v3.14.0 ↗
24,206 symbols 101,837 edges 3,210 files 10,396 documented · 43%
README

GoClaw

Multi-Tenant AI Agent Platform

Multi-agent AI gateway built in Go. 20+ LLM providers. 7 channels. Multi-tenant PostgreSQL.

Single binary. Production-tested. Agents that orchestrate for you.

DocumentationQuick StartTwitter / X

Go PostgreSQL Docker WebSocket OpenTelemetry Anthropic OpenAI License: CC BY-NC 4.0

🌐 Languages: 🇨🇳 简体中文 · 🇯🇵 日本語 · 🇰🇷 한국어 · 🇻🇳 Tiếng Việt · 🇵🇭 Tagalog · 🇪🇸 Español · 🇧🇷 Português · 🇮🇹 Italiano · 🇩🇪 Deutsch · 🇫🇷 Français · 🇸🇦 العربية · 🇮🇳 हिन्दी · 🇷🇺 Русский · 🇧🇩 বাংলা · 🇮🇱 עברית · 🇵🇱 Polski · 🇨🇿 Čeština · 🇳🇱 Nederlands · 🇹🇷 Türkçe · 🇺🇦 Українська · 🇮🇩 Bahasa Indonesia · 🇹🇭 ไทย · 🇵🇰 اردو · 🇷🇴 Română · 🇸🇪 Svenska · 🇬🇷 Ελληνικά · 🇭🇺 Magyar · 🇫🇮 Suomi · 🇩🇰 Dansk · 🇳🇴 Norsk

Core Features

  • 8-Stage Agent Pipeline — context → history → prompt → think → act → observe → memory → summarize. Pluggable stages, always-on execution
  • 4-Mode Prompt System — Full / Task / Minimal / None with section gating, cache boundary optimization, and per-session mode resolution
  • 3-Tier Memory — Working (conversation) → Episodic (session summaries) → Semantic (knowledge graph). Progressive loading L0/L1/L2
  • Knowledge Vault — Document registry with [[wikilinks]], hybrid search (FTS + pgvector), filesystem sync
  • Agent Teams & Orchestration — Shared task boards, inter-agent delegation (sync/async), 3 orchestration modes (auto/explicit/manual)
  • Self-Evolution — Metrics → suggestions → auto-adapt with guardrails. Agents refine their own communication style
  • Multi-Tenant PostgreSQL — Per-user workspaces, per-user context files, encrypted API keys (AES-256-GCM), RBAC, isolated sessions
  • 20+ LLM Providers — Anthropic (native HTTP+SSE with prompt caching), OpenAI, OpenRouter, Groq, DeepSeek, Gemini, Mistral, xAI, MiniMax, DashScope, Claude CLI, Codex, ACP, and any OpenAI-compatible endpoint
  • 7 Messaging Channels — Telegram, Discord, Slack, Zalo OA, Zalo Personal, Feishu/Lark, WhatsApp
  • Production Security — 5-layer permission system, rate limiting, prompt injection detection, SSRF protection, AES-256-GCM encryption
  • Single Binary — ~25 MB static Go binary, no Node.js runtime, <1s startup, runs on a $5 VPS
  • Observability — Built-in LLM call tracing with spans and prompt cache metrics, optional OpenTelemetry OTLP export

Desktop Edition (GoClaw Lite)

A native desktop app for local AI agents — no Docker, no PostgreSQL, no infrastructure.

macOS:

curl -fsSL https://raw.githubusercontent.com/nextlevelbuilder/goclaw/main/scripts/install-lite.sh | bash

Windows (PowerShell):

irm https://raw.githubusercontent.com/nextlevelbuilder/goclaw/main/scripts/install-lite.ps1 | iex

What's Included

  • Single native app (Wails v2 + React), ~30 MB
  • SQLite database (zero setup)
  • Chat with agents (streaming, tools, media, file attachments)
  • Agent management (max 5), provider config, MCP servers, skills, cron
  • Team tasks with Kanban board and real-time updates
  • Auto-update from GitHub Releases

Lite vs Standard

Feature Lite (Desktop) Standard (Server)
Agents Max 5 Unlimited
Teams Max 1 (5 members) Unlimited
Database SQLite (local) PostgreSQL
Memory FTS5 text search pgvector semantic
Channels Telegram, Discord, Slack, Zalo, Feishu, WhatsApp
Knowledge Graph Full
RBAC / Multi-tenant Full
Auto-update GitHub Releases Docker / binary

Building from Source

# Prerequisites: Go 1.26+, pnpm, Wails CLI (go install github.com/wailsapp/wails/v2/cmd/wails@latest)
make desktop-build                    # Build .app (macOS) or .exe (Windows)
make desktop-dmg VERSION=0.1.0        # Create .dmg installer (macOS only)
make desktop-dev                      # Dev mode with hot reload

Desktop Releases

Desktop uses independent versioning with lite-v* tags:

git tag lite-v0.1.0 && git push origin lite-v0.1.0
# → GitHub Actions builds macOS (.dmg + .tar.gz) + Windows (.zip)
# → Creates GitHub Release with all assets

Architecture

Multi-Tenant Architecture

3-Tier Memory

8-Stage Agent Pipeline

4-Mode Prompt System

Quick Start

Prerequisites: Go 1.26+, PostgreSQL 18 with pgvector, Docker (optional)

From Source

git clone -b main https://github.com/nextlevelbuilder/goclaw.git && cd goclaw
make build
./goclaw onboard        # Interactive setup wizard
source .env.local && ./goclaw

Note: The default branch is dev (active development). Use -b main to clone the stable release branch.

With Docker

# Generate .env with auto-generated secrets
chmod +x prepare-env.sh && ./prepare-env.sh

# Add at least one GOCLAW_*_API_KEY to .env, then:
make up

# Web Dashboard at http://localhost:18790 (built-in)
# Health check: curl http://localhost:18790/health

# Optional: separate nginx for custom SSL/reverse proxy
# make up WITH_WEB_NGINX=1  → Dashboard at http://localhost:3000

make up creates a Docker network, embeds the correct version from git tags, builds and starts all services, and runs database migrations automatically.

Common commands:

make up                # Start all services (build + migrate)
make down              # Stop all services
make logs              # Tail logs (goclaw service)
make reset             # Wipe volumes and rebuild from scratch

Operator CLI:

The main goclaw binary can also inspect local or remote gateways:

goclaw traces list --status error
goclaw traces get <trace-id> -o json
goclaw --server https://goclaw.example.com --token "$GOCLAW_GATEWAY_TOKEN" traces follow --session <session-key>

Optional services — enable with WITH_* flags:

Flag Service What it does
WITH_BROWSER=1 Headless Chrome Enables browser tool for web scraping, screenshots, automation
WITH_OTEL=1 Jaeger OpenTelemetry tracing UI for debugging LLM calls and latency
WITH_SANDBOX=1 Docker sandbox Isolated container for running untrusted code from agents
WITH_TAILSCALE=1 Tailscale Expose gateway over Tailscale private network
WITH_REDIS=1 Redis Redis-backed caching layer

Flags can be combined and work with all commands:

# Start with browser automation and tracing
make up WITH_BROWSER=1 WITH_OTEL=1

# Stop everything including optional services
make down WITH_BROWSER=1 WITH_OTEL=1

When GOCLAW_*_API_KEY environment variables are set, the gateway auto-onboards without interactive prompts — detects provider, runs migrations, and seeds default data.

Docker image variants: | Image | Description | |-------|-------------| | latest | Backend + embedded web UI + Python (recommended) | | latest-base | Backend API-only, no web UI, no runtimes | | latest-full | All runtimes + skill dependencies pre-installed | | latest-otel | Latest + OpenTelemetry tracing | | goclaw-web | Standalone nginx + React SPA (for custom reverse proxy) |

For custom builds (Tailscale, Redis): docker build --build-arg ENABLE_TSNET=true ... See the Deployment Guide for details.

Updating

Docker

docker compose pull && docker compose up -d

Binary (with embedded web UI)

goclaw update --apply    # Downloads, verifies SHA256, swaps binary, restarts

Web Dashboard

Open About dialog → click Update Now (admin only). The update includes both backend and web dashboard when using the default latest image.

Multi-Agent Orchestration

Agent Orchestration

Each agent runs with its own identity, tools, LLM provider, and context files. Three delegation modes — sync (wait), async (fire-and-forget), bidirectional — connected through explicit permission links with concurrency limits.

Details: Agent Teams docs

Knowledge Vault

Knowledge Vault

Document registry with [[wikilinks]] for bidirectional linking. Hybrid search combines full-text (BM25) and semantic (pgvector) for precise retrieval. Filesystem sync keeps vault in sync with on-disk files.

Self-Evolution

Self-Evolution

Agents improve themselves through a 3-stage guardrailed pipeline: metrics collection → suggestion analysis → auto-adaptation. Can refine communication style and domain expertise (CAPABILITIES.md) — but never change identity, name, or core purpose.

Provider Adapters

Provider Adapters

20+ LLM providers unified through a single adapter interface. Capability-based routing, encrypted API keys (AES-256-GCM), extended thinking support per-provider, and prompt caching for Anthropic + OpenAI.

Event-Driven Architecture

DomainEventBus

Typed domain events power the consolidation pipeline — session summaries, knowledge graph extraction, and dreaming promotion all run asynchronously via worker pools with dedup and retry.

Built-in Tools

30+ tools across 8 categories:

Category Tools Description
Filesystem read_file, write_file, edit_file, list_files, search, glob File operations with virtual FS routing
Runtime exec, browser Shell commands (approval workflow) + browser automation
Web web_search, web_fetch Search (Brave, DuckDuckGo) + content extraction
Memory memory_search, memory_get, knowledge_graph_search 3-tier memory + KG traversal
Media create_image, create_audio, create_video, read_*, tts Generation + analysis (multi-provider)
Skills skill_search, use_skill, skill_manage BM25 + semantic hybrid search
Teams team_tasks, spawn, delegate, message Task board + orchestration + messaging
Automation cron, heartbeat, sessions_* Scheduling + session management

Full tool reference at docs.goclaw.sh

Webhook API

Trigger agents or send channel messages from external systems without the gateway token.

# Bearer auth — sync LLM call
curl -X POST https://example.com/v1/webhooks/llm \
  -H "Authorization: Bearer wh_..." \
  -H "Content-Type: application/json" \
  -d '{"input":"Summarize today metrics","mode":"sync"}'

# HMAC auth — sign with hmac_signing_key from create response
TS=$(date +%s); BODY='{"input":"hi","mode":"sync"}'
SIG=$(echo -n "${TS}.${BODY}" | openssl dgst -sha256 -mac HMAC \
      -macopt "hexkey:${WEBHOOK_HMAC_KEY}" | awk '{print $2}')
curl -X POST https://example.com/v1/webhooks/llm \
  -H "Content-Type: application/json" \
  -H "X-Webhook-Id: ${WEBHOOK_ID}" \
  -H "X-GoClaw-Signature: t=${TS},v1=${SIG}" \
  -d "$BODY"

See **[docs/webhooks.md](docs/webhooks.md

Extension points exported contracts — how you extend this code

Tool (Interface)
Tool is the interface all tools must implement. [51 implementers]
internal/tools/types.go
TokenSource (Interface)
TokenSource provides an OAuth access token (with auto-refresh). [8 implementers]
internal/providers/types.go
AgentLister (Interface)
AgentLister is the subset of AgentStore needed by VaultHandler (rescan agent_key→UUID mapping). [79 implementers]
internal/http/vault_handlers.go
SkillStore (Interface)
SkillStore manages skill discovery and loading. Backed by Postgres (PGSkillStore) or filesystem (FileSkillStore). [6 implementers]
internal/store/skill_store.go
BlockReplyChannel (Interface)
BlockReplyChannel is optionally implemented by channels that override the gateway-level block_reply setting. Returns nil [10 …
internal/channels/channel.go
TTSProvider (Interface)
---- TTS (implemented Phase 1) ---- TTSProvider synthesizes text into audio bytes. [18 implementers]
internal/audio/types.go
EntityExtractor (Interface)
EntityExtractor extracts knowledge graph entities from text. Defined at the consumer to allow test mocks without dependi [8 …
internal/consolidation/interfaces.go
GrantChecker (Interface)
GrantChecker verifies if an agent/user still has access to an MCP server tool. Used by BridgeTool.Execute to recheck gra [8 …
internal/mcp/grant_checker.go

Core symbols most depended-on inside this repo

String
called by 1892
internal/tools/shell.go
T
called by 1314
internal/i18n/i18n.go
writeJSON
called by 1181
internal/http/response_helpers.go
Set
called by 910
internal/cache/cache.go
Close
called by 765
internal/workstation/backend.go
Error
called by 735
internal/providers/retry.go
Info
called by 724
internal/gateway/update_check.go
SendResponse
called by 703
internal/gateway/client.go

Shape

Function 12,970
Method 7,640
Struct 2,160
Interface 1,297
TypeAlias 61
FuncType 56
Class 22

Languages

Go84%
TypeScript15%
Python1%

Modules by API surface

internal/tools/team_mock_backend_test.go120 symbols
internal/pipeline/stages_test.go120 symbols
internal/consolidation/workers_test.go92 symbols
internal/tools/context_keys.go89 symbols
internal/gateway/server.go86 symbols
internal/http/skills_upload_test.go85 symbols
internal/store/team_store.go80 symbols
internal/store/agent_store.go80 symbols
internal/channels/channel.go80 symbols
internal/http/webhooks_auth_test.go66 symbols
internal/tools/sessions_test.go58 symbols
internal/tools/skill_manage_files_test.go55 symbols

Dependencies from manifests, versioned

cel.dev/exprv0.25.1 · 1×
cloud.google.com/go/compute/metadatav0.9.0 · 1×
filippo.io/edwards25519v1.1.0 · 1×
github.com/adhocore/gronxv1.19.6 · 1×
github.com/akutz/memconnv0.1.0 · 1×
github.com/alexbrainman/sspiv0.0.0-2023101608002 · 1×
github.com/andybalholm/brotliv1.2.0 · 1×
github.com/antlr4-go/antlr/v4v4.13.1 · 1×
github.com/atotto/clipboardv0.1.4 · 1×
github.com/aws/aws-sdk-go-v2v1.41.5 · 1×
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstreamv1.7.8 · 1×
github.com/aws/aws-sdk-go-v2/configv1.32.14 · 1×

Datastores touched

goclaw_testDatabase · 1 repos
(mongodb)Database · 1 repos
dbDatabase · 1 repos
(mysql)Database · 1 repos
dbDatabase · 1 repos
dbnameDatabase · 1 repos
mydbDatabase · 1 repos
postgresDatabase · 1 repos

For agents

$ claude mcp add goclaw \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact