[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-5471":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":16,"stars7d":17,"stars30d":18,"stars90d":16,"forks30d":16,"starsTrendScore":19,"compositeScore":20,"rankGlobal":10,"rankLanguage":10,"license":21,"archived":22,"fork":22,"defaultBranch":23,"hasWiki":22,"hasPages":22,"topics":24,"createdAt":10,"pushedAt":10,"updatedAt":30,"readmeContent":31,"aiSummary":32,"trendingCount":16,"starSnapshotCount":16,"syncStatus":33,"lastSyncTime":34,"discoverSource":35},5471,"ironclaw","nearai\u002Fironclaw","nearai","IronClaw is an Agent OS focused on privacy, security and extensibility","https:\u002F\u002Fwww.ironclaw.com",null,"Rust",12438,1451,78,828,0,45,223,10,44.49,"Apache License 2.0",false,"main",[25,26,27,28,29],"codeact","openclaw","rlm","rust","wasm","2026-06-12 02:01:10","\u003Cp align=\"center\">\n \u003Cimg src=\"ironclaw.png?v=2\" alt=\"IronClaw\" width=\"200\"\u002F>\n\u003C\u002Fp>\n\n\u003Ch1 align=\"center\">IronClaw\u003C\u002Fh1>\n\n\u003Cp align=\"center\">\n \u003Cstrong>Your secure personal AI assistant, always on your side\u003C\u002Fstrong>\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n \u003Ca href=\"#license\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Flicense-MIT%20OR%20Apache%202.0-blue.svg\" alt=\"License: MIT OR Apache-2.0\" \u002F>\u003C\u002Fa>\n \u003Ca href=\"https:\u002F\u002Ft.me\u002FironclawAI\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FTelegram-%40ironclawAI-26A5E4?style=flat&logo=telegram&logoColor=white\" alt=\"Telegram: @ironclawAI\" \u002F>\u003C\u002Fa>\n \u003Ca href=\"https:\u002F\u002Fwww.reddit.com\u002Fr\u002FironclawAI\u002F\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FReddit-r%2FironclawAI-FF4500?style=flat&logo=reddit&logoColor=white\" alt=\"Reddit: r\u002FironclawAI\" \u002F>\u003C\u002Fa>\n \u003Ca href=\"https:\u002F\u002Fgitcgr.com\u002Fnearai\u002Fironclaw\">\n \u003Cimg src=\"https:\u002F\u002Fgitcgr.com\u002Fbadge\u002Fnearai\u002Fironclaw.svg\" alt=\"gitcgr\" \u002F>\n \u003C\u002Fa>\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n \u003Ca href=\"README.md\">English\u003C\u002Fa> |\n \u003Ca href=\"README.zh-CN.md\">简体中文\u003C\u002Fa> |\n \u003Ca href=\"README.ru.md\">Русский\u003C\u002Fa> |\n \u003Ca href=\"README.ja.md\">日本語\u003C\u002Fa> |\n \u003Ca href=\"README.ko.md\">한국어\u003C\u002Fa>\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n \u003Ca href=\"#philosophy\">Philosophy\u003C\u002Fa> •\n \u003Ca href=\"#features\">Features\u003C\u002Fa> •\n \u003Ca href=\"#installation\">Installation\u003C\u002Fa> •\n \u003Ca href=\"#configuration\">Configuration\u003C\u002Fa> •\n \u003Ca href=\"#security\">Security\u003C\u002Fa> •\n \u003Ca href=\"#architecture\">Architecture\u003C\u002Fa>\n\u003C\u002Fp>\n\n---\n\n## Philosophy\n\nIronClaw is built on a simple principle: **your AI assistant should work for you, not against you**.\n\nIn a world where AI systems are increasingly opaque about data handling and aligned with corporate interests, IronClaw takes a different approach:\n\n- **Your data stays yours** - All information is stored locally, encrypted, and never leaves your control\n- **Transparency by design** - Open source, auditable, no hidden telemetry or data harvesting\n- **Self-expanding capabilities** - Build new tools on the fly without waiting for vendor updates\n- **Defense in depth** - Multiple security layers protect against prompt injection and data exfiltration\n\nIronClaw is the AI assistant you can actually trust with your personal and professional life.\n\n## Features\n\n### Security First\n\n- **WASM Sandbox** - Untrusted tools run in isolated WebAssembly containers with capability-based permissions\n- **Credential Protection** - Secrets are never exposed to tools; injected at the host boundary with leak detection\n- **Prompt Injection Defense** - Pattern detection, content sanitization, and policy enforcement\n- **Endpoint Allowlisting** - HTTP requests only to explicitly approved hosts and paths\n\n### Always Available\n\n- **Multi-channel** - REPL, HTTP webhooks, WASM channels (Telegram, Slack), and web gateway\n- **Docker Sandbox** - Isolated container execution with per-job tokens and orchestrator\u002Fworker pattern\n- **Web Gateway** - Browser UI with real-time SSE\u002FWebSocket streaming\n- **Routines** - Cron schedules, event triggers, webhook handlers for background automation\n- **Heartbeat System** - Proactive background execution for monitoring and maintenance tasks\n- **Parallel Jobs** - Handle multiple requests concurrently with isolated contexts\n- **Self-repair** - Automatic detection and recovery of stuck operations\n\n### Self-Expanding\n\n- **Dynamic Tool Building** - Describe what you need, and IronClaw builds it as a WASM tool\n- **MCP Protocol** - Connect to Model Context Protocol servers for additional capabilities\n- **Plugin Architecture** - Drop in new WASM tools and channels without restarting\n\n### Persistent Memory\n\n- **Hybrid Search** - Full-text + vector search using Reciprocal Rank Fusion\n- **Workspace Filesystem** - Flexible path-based storage for notes, logs, and context\n- **Identity Files** - Maintain consistent personality and preferences across sessions\n\n## Installation\n\n### Prerequisites\n\n- Rust 1.92+\n- PostgreSQL 15+ with [pgvector](https:\u002F\u002Fgithub.com\u002Fpgvector\u002Fpgvector) extension\n- NEAR AI account (authentication handled via setup wizard)\n\n## Download or Build\n\nVisit [Releases page](https:\u002F\u002Fgithub.com\u002Fnearai\u002Fironclaw\u002Freleases\u002F) to see the latest updates.\n\n\u003Cdetails>\n \u003Csummary>Install via Windows Installer (Windows)\u003C\u002Fsummary>\n\nDownload the [Windows Installer](https:\u002F\u002Fgithub.com\u002Fnearai\u002Fironclaw\u002Freleases\u002Flatest\u002Fdownload\u002Fironclaw-x86_64-pc-windows-msvc.msi) and run it.\n\n\u003C\u002Fdetails>\n\n\u003Cdetails>\n \u003Csummary>Install via powershell script (Windows)\u003C\u002Fsummary>\n\n```sh\nirm https:\u002F\u002Fgithub.com\u002Fnearai\u002Fironclaw\u002Freleases\u002Flatest\u002Fdownload\u002Fironclaw-installer.ps1 | iex\n```\n\n\u003C\u002Fdetails>\n\n\u003Cdetails>\n \u003Csummary>Install via shell script (macOS, Linux, Windows\u002FWSL)\u003C\u002Fsummary>\n\n```sh\ncurl --proto '=https' --tlsv1.2 -LsSf https:\u002F\u002Fgithub.com\u002Fnearai\u002Fironclaw\u002Freleases\u002Flatest\u002Fdownload\u002Fironclaw-installer.sh | sh\n```\n\u003C\u002Fdetails>\n\n\u003Cdetails>\n \u003Csummary>Install via Homebrew (macOS\u002FLinux)\u003C\u002Fsummary>\n\n```sh\nbrew install ironclaw\n```\n\n\u003C\u002Fdetails>\n\n\u003Cdetails>\n \u003Csummary>Compile the source code (Cargo on Windows, Linux, macOS)\u003C\u002Fsummary>\n\nInstall it with `cargo`, just make sure you have [Rust](https:\u002F\u002Frustup.rs) installed on your computer.\n\n```bash\n# Clone the repository\ngit clone https:\u002F\u002Fgithub.com\u002Fnearai\u002Fironclaw.git\ncd ironclaw\n\n# Build\ncargo build --release\n\n# Run tests\ncargo test\n```\n\nFor **full release** (after modifying channel sources), run `.\u002Fscripts\u002Fbuild-all.sh` to rebuild channels first.\n\n\u003C\u002Fdetails>\n\n### Database Setup\n\n```bash\n# Create database\ncreatedb ironclaw\n\n# Enable pgvector\npsql ironclaw -c \"CREATE EXTENSION IF NOT EXISTS vector;\"\n```\n\n## Configuration\n\nRun the setup wizard to configure IronClaw:\n\n```bash\nironclaw onboard\n```\n\nThe wizard handles database connection, NEAR AI authentication (via browser OAuth),\nand secrets encryption (using your system keychain). Settings are persisted in the\nconnected database; bootstrap variables (e.g. `DATABASE_URL`, `LLM_BACKEND`) are\nwritten to `~\u002F.ironclaw\u002F.env` so they are available before the database connects.\n\n### Alternative LLM Providers\n\nIronClaw defaults to NEAR AI but supports many LLM providers out of the box.\nBuilt-in providers include **Anthropic**, **OpenAI**, **GitHub Copilot**, **Google Gemini**, **MiniMax**,\n**Mistral**, and **Ollama** (local). OpenAI-compatible services like **OpenRouter**\n(300+ models), **Together AI**, **Fireworks AI**, and self-hosted servers (**vLLM**,\n**LiteLLM**) are also supported.\n\nSelect your provider in the wizard, or set environment variables directly:\n\n```env\n# Example: MiniMax (built-in, 204K context)\nLLM_BACKEND=minimax\nMINIMAX_API_KEY=...\n\n# Example: OpenAI-compatible endpoint\nLLM_BACKEND=openai_compatible\nLLM_BASE_URL=https:\u002F\u002Fopenrouter.ai\u002Fapi\u002Fv1\nLLM_API_KEY=sk-or-...\nLLM_MODEL=anthropic\u002Fclaude-sonnet-4\n```\n\nSee [docs\u002Fcapabilities\u002Fllm-providers.md](docs\u002Fcapabilities\u002Fllm-providers.md) for a full provider guide.\n\n## Security\n\nIronClaw implements defense in depth to protect your data and prevent misuse.\n\n### WASM Sandbox\n\nAll untrusted tools run in isolated WebAssembly containers:\n\n- **Capability-based permissions** - Explicit opt-in for HTTP, secrets, tool invocation\n- **Endpoint allowlisting** - HTTP requests only to approved hosts\u002Fpaths\n- **Credential injection** - Secrets injected at host boundary, never exposed to WASM code\n- **Leak detection** - Scans requests and responses for secret exfiltration attempts\n- **Rate limiting** - Per-tool request limits to prevent abuse\n- **Resource limits** - Memory, CPU, and execution time constraints\n\n```\nWASM ──► Allowlist ──► Leak Scan ──► Credential ──► Execute ──► Leak Scan ──► WASM\n Validator (request) Injector Request (response)\n```\n\n### Prompt Injection Defense\n\nExternal content passes through multiple security layers:\n\n- Pattern-based detection of injection attempts\n- Content sanitization and escaping\n- Policy rules with severity levels (Block\u002FWarn\u002FReview\u002FSanitize)\n- Tool output wrapping for safe LLM context injection\n\n### Data Protection\n\n- All data stored locally in your PostgreSQL database\n- Secrets encrypted with AES-256-GCM\n- No telemetry, analytics, or data sharing\n- Full audit log of all tool executions\n\n## Architecture\n\n```\n┌────────────────────────────────────────────────────────────────┐\n│ Channels │\n│ ┌──────┐ ┌──────┐ ┌─────────────┐ ┌─────────────┐ │\n│ │ REPL │ │ HTTP │ │WASM Channels│ │ Web Gateway │ │\n│ └──┬───┘ └──┬───┘ └──────┬──────┘ │ (SSE + WS) │ │\n│ │ │ │ └──────┬──────┘ │\n│ └─────────┴──────────────┴────────────────┘ │\n│ │ │\n│ ┌─────────▼─────────┐ │\n│ │ Agent Loop │ Intent routing │\n│ └────┬──────────┬───┘ │\n│ │ │ │\n│ ┌──────────▼────┐ ┌──▼───────────────┐ │\n│ │ Scheduler │ │ Routines Engine │ │\n│ │(parallel jobs)│ │(cron, event, wh) │ │\n│ └──────┬────────┘ └────────┬─────────┘ │\n│ │ │ │\n│ ┌─────────────┼────────────────────┘ │\n│ │ │ │\n│ ┌───▼─────┐ ┌────▼────────────────┐ │\n│ │ Local │ │ Orchestrator │ │\n│ │Workers │ │ ┌───────────────┐ │ │\n│ │(in-proc)│ │ │ Docker Sandbox│ │ │\n│ └───┬─────┘ │ │ Containers │ │ │\n│ │ │ │ ┌───────────┐ │ │ │\n│ │ │ │ │Worker \u002F CC│ │ │ │\n│ │ │ │ └───────────┘ │ │ │\n│ │ │ └───────────────┘ │ │\n│ │ └─────────┬───────────┘ │\n│ └──────────────────┤ │\n│ │ │\n│ ┌───────────▼──────────┐ │\n│ │ Tool Registry │ │\n│ │ Built-in, MCP, WASM │ │\n│ └──────────────────────┘ │\n└────────────────────────────────────────────────────────────────┘\n```\n\n### Core Components\n\n| Component | Purpose |\n|-----------|---------|\n| **Agent Loop** | Main message handling and job coordination |\n| **Router** | Classifies user intent (command, query, task) |\n| **Scheduler** | Manages parallel job execution with priorities |\n| **Worker** | Executes jobs with LLM reasoning and tool calls |\n| **Orchestrator** | Container lifecycle, LLM proxying, per-job auth |\n| **Web Gateway** | Browser UI with chat, memory, jobs, logs, extensions, routines |\n| **Routines Engine** | Scheduled (cron) and reactive (event, webhook) background tasks |\n| **Workspace** | Persistent memory with hybrid search |\n| **Safety Layer** | Prompt injection defense and content sanitization |\n\n## Usage\n\nEngine v2 is opt-in right now. If you want to run the new engine instead of the legacy agent loop, start IronClaw with `ENGINE_V2=true`. See [Engine v2 architecture](docs\u002Finternal\u002Fengine-v2-architecture.md#enabling-engine-v2) for more details.\n\n```bash\n# First-time setup (configures database, auth, etc.)\nironclaw onboard\n\n# Start interactive REPL\ncargo run\n\n# Start interactive REPL with engine v2\nENGINE_V2=true cargo run\n\n# Engine v2 with debug logging\nENGINE_V2=true RUST_LOG=ironclaw=debug cargo run\n```\n\n## Development\n\n```bash\n# Format code\ncargo fmt\n\n# Lint\ncargo clippy --all --benches --tests --examples --all-features\n\n# Run tests\ncreatedb ironclaw_test\ncargo test\n\n# Run specific test\ncargo test test_name\n```\n\n- **Channels**: See [docs\u002Fchannels\u002Foverview.mdx](docs\u002Fchannels\u002Foverview.mdx) for setup of Telegram, Discord, and other channels.\n- **Changing channel sources**: Run `.\u002Fchannels-src\u002Ftelegram\u002Fbuild.sh` before `cargo build` so the updated WASM is bundled.\n\n## OpenClaw Heritage\n\nIronClaw is a Rust reimplementation inspired by [OpenClaw](https:\u002F\u002Fgithub.com\u002Fopenclaw\u002Fopenclaw). See [FEATURE_PARITY.md](FEATURE_PARITY.md) for the complete tracking matrix.\n\nKey differences:\n\n- **Rust vs TypeScript** - Native performance, memory safety, single binary\n- **WASM sandbox vs Docker** - Lightweight, capability-based security\n- **PostgreSQL vs SQLite** - Production-ready persistence\n- **Security-first design** - Multiple defense layers, credential protection\n\n## License\n\nLicensed under either of:\n\n- Apache License, Version 2.0 ([LICENSE-APACHE](LICENSE-APACHE))\n- MIT License ([LICENSE-MIT](LICENSE-MIT))\n\nat your option.\n","IronClaw 是一个专注于隐私、安全和可扩展性的个人AI助手操作系统。它采用Rust语言开发,通过WASM沙箱技术运行不受信任的工具,并提供基于能力的权限控制以增强安全性;同时,IronClaw确保所有数据本地存储且加密处理,防止数据泄露。此外,该项目还支持多渠道接入(如REPL、HTTP Webhooks等)、Docker容器隔离执行以及Web网关等功能,使得用户能够轻松地在各种场景下部署并使用自己的AI助手。IronClaw适用于需要高度保护个人信息安全但又希望利用AI提升工作效率的个人或企业环境。",2,"2026-06-11 03:03:32","top_language"]