IronClaw - An open-source local security AI assistant from the NearAI team

IronClaw is an open source AI assistant launched by the NearAI team. It is implemented based on the Rust language and focuses on local priority and security controllability. IronClaw is executed using the WASM sandbox isolation tool and manages credentials through an encrypted vault to ensure that sensitive data is never exposed to LLM. The tool supports multiple models (OpenAI, local LLM, etc.), persistent memory, web interface and Docker sandbox, which is suitable for privacy-conscious individuals and team deployment. It also provides NEAR AI Cloud one-click cloud deployment solution.

IronClaw’s main features

• **security architecture WASM sandbox : Supports isolating untrusted tools from running in WebAssembly containers with capability permissions.
• Encrypted safe : Ensure credentials are injected at the host boundary and the original keys are never exposed to LLM.
• Prompt injection protection : Defeat attacks through pattern detection, content sanitization, and policy rules.
• Endpoint whitelist : Strictly restrict tool access to pre-approved HTTP hosts and paths. Intelligent interaction
• Multi-channel support : Covers REPL, HTTP Webhook, Telegram/Slack and real-time web gateway.
• lasting memory : Implement full-text and vector mixed search using PostgreSQL and pgvector.
• Dynamic tool building : Support users to generate customized WASM tools through natural language descriptions.
• MCP protocol integration : Extensible capabilities for connecting to external model context protocol servers. Automated deployment
• Scheduled task engine** : Support Cron timing, event triggering and Webhook to achieve background automation.
• Docker sandbox : Provides an isolated container environment to safely execute AI-generated code.
• Compatible with multiple models : Supports OpenAI, local LLM and various OpenAI compatible endpoints.
• Flexible deployment method :Includes single binaries, Docker, package managers and cloud TEE environments.

How to use IronClaw

• **Installation and deployment Quick installation : Install through Windows installation package, PowerShell script, Shell script, Homebrew or Cargo compilation.
• Database preparation : Create a PostgreSQL database and enable the pgvector extension as the data storage backend.
• Initial configuration :Run ironclaw onboard command to start the wizard and complete the database connection, NEAR AI authentication and key encryption settings. daily use
• interactive dialogue :Execute cargo run or ironclaw Start the REPL for command line interaction.
• Web interface access : Use your browser to chat, manage memories, and view task logs via the built-in web gateway.
• Backend automation : Configure Cron plans, event triggers or Webhooks to implement scheduled tasks and automatic responses. Function extension
• Access external models : Select an OpenAI compatible endpoint in the wizard, or set environment variables to connect to providers such as OpenRouter, Ollama, etc.
• Install custom tools : Install WASM tools from the registry or describe your requirements to have the system build new tools automatically.
• Deploy channel integration : Configure WASM channels such as Telegram and Slack to achieve multi-platform message access. Operation and maintenance debugging
• Log view** : Settings RUST_LOG=ironclaw=debug environment variables to get detailed debugging information.
• Test verification : use cargo test Run unit tests, or execute specific test cases to verify functionality.

IronClaw project address

• Project official website ：https://www.ironclaw.com/
• GitHub repository ：https://github.com/nearai/ironclaw

IronClaw application scenarios

• Privacy-first personal assistant : Handle schedules, notes, and sensitive conversations securely on your local device so your data never leaves your control.
• Enterprise security operation and maintenance : Manage server credentials through an encrypted vault, automate deployment and monitoring tasks, and prevent key leaks.
• Code security review : Run AI-generated code analysis tools in the WASM sandbox to isolate potentially malicious code and protect the development environment.
• Multi-channel intelligent customer service : Simultaneously access Telegram, Slack and web interfaces to provide personalized automatic reply services based on long-term memory.
• Sensitive data handling : Natively analyze medical records, financial data, or legal documents to meet compliance requirements such as HIPAA while leveraging AI capabilities. ©