seclaw — Secure AI Agents in 60 Seconds

Quick Start

# Install and run in 60 seconds

npx seclaw

The CLI will guide you through setup: LLM provider, API key, Telegram bot token, Cloudflare Tunnel (optional), Composio integrations, and template selection.

Prerequisites

✓Docker Desktop (or Docker Engine on Linux)
✓Node.js 20+
✓LLM API key from Anthropic, OpenAI, Google, or OpenRouter
✓Telegram bot token from @BotFather

Architecture

seclaw deploys 4 Docker containers on your machine:

agent— Node.js runtime with Telegram bot, LLM calls, Composio integrations, and MCP client

inngest— Self-hosted workflow engine for scheduled tasks, durable execution, human-in-the-loop

desktop-commander— MCP server for file I/O + terminal access (sandboxed: read_only, cap_drop ALL)

cloudflared— Cloudflare Tunnel, outbound-only, zero inbound ports

Security Model

Every container runs with maximum isolation:

read_only: true — filesystem is immutable
no-new-privileges — cannot escalate permissions
cap_drop: ALL — zero Linux capabilities
memory: 512M — resource limits enforced
API keys are only in the agent's env — MCP servers cannot see them
Sensitive actions require Telegram approval — human-in-the-loop via Inngest

Inngest Dashboard

Every deployment includes the Inngest Dev Server with a built-in dashboard at http://localhost:8288. View registered functions, execution history, failed runs, pending human-in-the-loop events, and live event streams. Self-hosted, free forever, no execution limits.

CLI Commands

npx seclaw — Full interactive setup

npx seclaw add content-agent --key KEY — Add/switch template

npx seclaw templates — List all templates

npx seclaw integrations — Connect/disconnect Composio services

npx seclaw status — Check services & health

npx seclaw doctor — Auto-diagnose & fix issues

npx seclaw stop — Stop all containers

npx seclaw upgrade — Pull latest images & restart

Telegram Commands

/schedules — View scheduled tasks, approve/reject pending actions

/integrations — Connect/disconnect Composio services

Any other message is processed by the agent using your configured LLM with full tool access.

Built-in Agent Tools

8 built-in tools for scheduling, reminders, and human-in-the-loop workflows powered by Inngest. These work alongside Composio integrations and Desktop Commander — no setup required.

send_delayed_messagedelay

Send a Telegram message after a delay (1-3600s)

"remind me in 10 minutes to check the server health dashboard"

schedule_actiondelay + agent

Execute any action after a delay with full agent capabilities (file I/O, APIs, LLM)

"in 30 seconds, fetch today's YouTube uploads from my channels and create a digest"

request_confirmationHITL

Send Approve / Reject buttons. Executes action only on approval.

"draft an outreach email to the lead, but ask me before sending"

create_schedulecron

Create a new recurring cron schedule with LLM prompt

"every morning at 9am, summarize my unread newsletters and send me a digest"

delete_schedulecron

Remove a recurring schedule permanently

"stop the earnings tracker alerts"

list_schedulescron

List all configured schedules with status, cron, and timezone

"show me all my active cron jobs"

toggle_schedulecron

Enable or disable a schedule without deleting it

"pause the daily Reddit digest for this week"

trigger_schedule_nowcron

Run a scheduled task immediately instead of waiting for the next cron tick

"run the inbox declutter right now"

All tools are available via natural language — the agent picks the right tool based on your message. Schedules are persisted in /workspace/config/schedules.json and powered by Inngest cron functions.

Adding Paid Templates

Purchase a template at /templates
Receive your license key via email
Run: npx seclaw add template-name --key YOUR_KEY
Template is installed — system prompt, schedules, and integrations update automatically

Composio Integrations

12 services available via managed OAuth: Gmail, Google Calendar, Google Drive, Google Sheets, GitHub, Slack, Notion, Linear, Trello, Todoist, Dropbox, WhatsApp. Each template recommends specific integrations, but you can connect any service to any template.

Your agent never stores raw OAuth tokens — Composio manages token refresh and API auth. Connect via browser OAuth, disconnect instantly via CLI or Telegram.

Documentation