Deploy isolated, per-employee OpenClaw AI agent instances inside OpenComputer sandboxes. Each employee gets their own sandboxed agent accessible via Telegram, a web chat UI, or both.
- Instant provisioning — new employee agents spin up in seconds from a pre-built snapshot
- Full isolation — each agent runs in its own KVM-backed sandbox with dedicated resources
- Telegram integration — connect each agent to its own Telegram bot
- Web chat UI — built-in chat proxy so employees can talk to their agent from a browser
- Auto-hibernate — sandboxes sleep when idle, wake instantly on demand
- Zero infrastructure — no servers, DNS, reverse proxies, or certificates to manage
- Fleet management — health checks, rolling updates, and config changes across all agents
- Checkpoint & restore — snapshot full agent state, fork it for new employees
Browser (chat UI) Telegram
| |
v v
┌─────────────┐ ┌───────────┐
│ Chat Server │ │ TG Bot API│
│ (proxy via │ │ │
│ OC SDK) │ └─────┬─────┘
└──────┬──────┘ │
│ │
v v
┌──────────── OpenComputer API ────────────┐
│ │
│ ┌──────────┐ ┌──────────┐ ┌──────────┐ │
│ │ Sandbox │ │ Sandbox │ │ Sandbox │ │
│ │ emp-001 │ │ emp-002 │ │ emp-N │ │
│ │ │ │ │ │ │ │
│ │ OpenClaw │ │ OpenClaw │ │ OpenClaw │ │
│ │ Gateway │ │ Gateway │ │ Gateway │ │
│ │ (loopback│ │ (loopback│ │ (loopback│ │
│ │ only) │ │ only) │ │ only) │ │
│ └──────────┘ └──────────┘ └──────────┘ │
└──────────────────────────────────────────┘
The gateway binds to loopback only — no ports are exposed externally. All chat access goes through the proxy server, which connects to sandboxes via the OpenComputer SDK.
# Install dependencies
npm install
# Set environment
export OPENCOMPUTER_API_KEY="your-api-key"
# 1. Build the OpenClaw snapshot (one-time, ~3 min)
npx tsx src/build-snapshot.ts
# 2. Provision an employee agent
npx tsx src/provision-claw.ts \
--employee-id emp-001 \
--anthropic-api-key "sk-ant-..."
# 3. Start the chat server
npx tsx src/chat-server.ts
# Open http://localhost:3000/emp-001
# 4. (Optional) Add Telegram
npx tsx src/configure-telegram.ts \
--employee-id emp-001 \
--tg-bot-token "123456:ABC..." \
--tg-user-id "987654321"
# 5. Check fleet health
npx tsx src/fleet-health.tsnpx tsx src/provision-claw.ts \
--employee-id emp-001 \
--anthropic-api-key "sk-ant-..." \
--model "anthropic/claude-sonnet-4-6" \ # default
--timeout 600 \ # idle timeout in seconds
--memory 4096 # sandbox memory in MB| File | Purpose |
|---|---|
src/build-snapshot.ts |
Build a reusable OpenClaw snapshot with Node.js, OpenClaw, and Telegram deps pre-installed |
src/build-checkpoint.ts |
Alternative: build via checkpoint (step-by-step, more control) |
src/provision-claw.ts |
Provision a single employee's OpenClaw sandbox from snapshot |
src/provision-from-checkpoint.ts |
Provision from a checkpoint instead of snapshot |
src/configure-telegram.ts |
Add Telegram to an existing employee's agent |
src/chat-server.ts |
Web chat proxy — serves a chat UI per employee, proxies to sandbox via OC SDK |
src/chat-ui/index.html |
Chat UI frontend (served by chat-server) |
src/fleet-health.ts |
Health check all running agents |
src/fleet-update.ts |
Rolling update across the fleet |
src/manage-secrets.ts |
Create/update encrypted secret stores for employees |
src/registry.ts |
Fleet registry helpers (read/write fleet-registry.json) |
src/config.ts |
Shared configuration and constants |
- Gateway is loopback-only — no network ports exposed from any sandbox
- Chat proxy — browser never sees gateway URLs or tokens; all access goes through the server-side OC SDK
- Per-employee tokens — each sandbox gets a unique gateway auth token generated at provision time
- Tool auto-approval — exec commands are auto-approved since agents run in isolated sandboxes
- Idle timeout — sandboxes auto-hibernate after configurable idle period (default 10 min)
