Trustclaw

What is Trustclaw?

Trustclaw is a self-hostable personal AI agent that can perform recurring tasks while you’re away. It connects to Composio tool integrations via OAuth, executes tool calls in a sandboxed remote environment, and provides a chat experience through a web dashboard (Next.js) and a Telegram bot.

The project is built for secure operation compared with running AI agents directly on a local machine: it avoids handing raw API keys to the agent and avoids running code on the user’s device during tool execution. It also includes long-term memory backed by Postgres and pgvector, using a multi-step context management approach.

Key Features

• Self-hostable web app and Telegram bot: Use the Next.js interface or interact through Telegram for daily chat and task handling.
• OAuth-only tool access (Composio integrations): Tool calls are authorized through the user’s connected accounts rather than distributing passwords to the agent.
• Sandboxed execution for tool actions: Each action runs in an isolated remote environment and is removed when the task is done, reducing the risk of local code execution.
• Long-term memory with Postgres + pgvector: Stores and retrieves memory for longer-running conversations using 3-layer context management (pruning, memory flush, summarization/compaction).
• Automated recurring work via cron: A cron-scheduled agent runtime supports recurring tasks on autopilot.
• Big tool surface via Composio (1000+ integrations): Integrations include services such as Gmail, GitHub, Slack, Notion, Linear, Calendar, Drive, Stripe, and HubSpot (among others), gated by the user’s connected accounts.

How to Use Trustclaw

1. Deploy quickly (Vercel template) or use the CLI: The repo describes deploying via a Vercel template or running npx @composio/trustclaw deploy.
2. Set prerequisites once: The CLI flow expects you to have a Vercel account (npx vercel login once) and a GitHub account (gh auth login once).
3. Install the Trustclaw CLI tooling: Install the CLI using the provided install command (curl -fsSL https://composio.dev/install | bash).
4. Provide a Composio API key: The instructions call for a free Composio API key to be used with the CLI.
5. Use the agent: After deployment, chat through the web dashboard or Telegram, and schedule recurring tasks using the agent runtime.

Notes on LLM/embeddings routing from the source: LLM and embedding calls are routed through Vercel AI Gateway, and the project states that no Anthropic or OpenAI API keys are required for this setup.

Use Cases

• Recurring inbox or email-related workflows: Use the agent’s Gmail integration to automate ongoing tasks with cron scheduling rather than manual checking.
• Software workflow support for developers: Connect GitHub (and related tools such as Slack or Linear) and let the agent execute scheduled actions or respond to requests over time.
• Personal productivity assistant with document and calendar context: Use integrations like Notion and Calendar to help coordinate recurring activities and retain relevant details using long-term memory.
• Operational tasks that touch payments or CRM tooling: Use Stripe and HubSpot integrations for automated recurring processes, constrained to the user’s connected accounts.
• Hands-on experimentation with a secure agent setup: For developers evaluating safer agent patterns, Trustclaw provides an architecture that emphasizes OAuth tool access and remote sandboxed execution.

FAQ

• Is Trustclaw truly self-hostable? The project describes itself as self-hostable and provides a deployment path via Vercel (including a template) as well as a CLI flow.

• Does the agent need raw API keys for every tool? The source states the design avoids handing raw API keys to the agent; tool access is brokered via Composio OAuth for each integration.

• Where does tool execution happen? Tool calls execute in an isolated remote sandboxed environment; the source also notes there is no long-lived shell access on the user’s machine.

• How does long-term memory work? Memory is backed by Postgres with pgvector, and the agent uses 3-layer context management (pruning, memory flush, and summarization/compaction).

• Are there deployment limits on Vercel free (Hobby) plan? Yes. The source warns that on Vercel Hobby, cron jobs run once per day (with a 60-minute window) and cron expressions more frequent than daily fail deploy time; functions are capped at 300 seconds. The CLI adjusts vercel.json to daily when on Hobby, and higher precision requires upgrading.

Alternatives

• Local AI agent frameworks with tool calling: These typically run more logic on the user’s machine; compared with Trustclaw, they may require more configuration and may not provide the same remote sandboxing and OAuth-only tool brokerage approach.
• Hosted personal automation/chat assistants: Cloud services can offer scheduling and tool integrations without self-hosting. Compared with Trustclaw, you trade self-hosting control for a more turnkey setup.
• Other open-source agent runtimes with persistence: Look for projects that combine tool execution with a persistence layer (vector database/memory) and agent scheduling. Differences typically come down to how they handle credentials (OAuth vs keys) and where code/tool calls execute (local vs sandboxed remote).