ghostclaw
Health Pass
- License — License: MIT
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Community trust — 24 GitHub stars
Code Fail
- network request — Outbound network request in .claude/skills/add-discord/add/src/channels/discord.test.ts
- network request — Outbound network request in .claude/skills/add-discord/add/src/channels/discord.ts
- os.homedir — User home directory access in .claude/skills/add-discord/modify/src/config.ts
- process.env — Environment variable access in .claude/skills/add-discord/modify/src/config.ts
- process.env — Environment variable access in .claude/skills/add-slack/add/src/channels/slack.ts
Permissions Pass
- Permissions — No dangerous permissions requested
This tool is an AI agent designed to run directly on your computer. It acts as a personal assistant that connects to messaging platforms like Telegram and Slack, executing tasks autonomously using Claude AI.
Security Assessment
Overall risk: High. The tool is explicitly designed to operate with full, bare-metal system access, intentionally stripping away containerization like Docker. The code accesses the user's home directory and reads environment variables to configure third-party messaging channels. It also makes outbound network requests to APIs like Discord and Slack. Because the agent runs as a direct Node.js process and executes bash commands, any compromise could lead to full machine takeover or data theft. No hardcoded secrets were detected, but the setup relies on the user properly managing their own API keys.
Quality Assessment
The project is highly active, with its last code push occurring today. It uses the permissive MIT license and includes a comprehensive README with clear documentation. The tool currently has 24 GitHub stars, indicating an early-stage project with a small but growing user base.
Verdict
Use with caution — while well-maintained, its deliberate lack of sandboxing and full system access make it suitable only for dedicated or disposable machines.
an AI that lives on your computer and does stuff for you. Public beta.
GhostClaw
give it a machine. let it roam.
Website · Why GhostClaw · Install · Skills · Skill Repo
The OpenClaw alternative that actually works. A bare-metal fork of NanoClaw — containers stripped, full system access, Telegram-first. Give your spare computer its own accounts and let an AI agent run wild. 10 minutes to set up.
Why GhostClaw?
| GhostClaw | OpenClaw | NanoClaw | |
|---|---|---|---|
| Setup | 10 min | 30+ min | 15 min |
| Codebase | ~4K LOC | ~500K LOC | ~700 LOC |
| System access | Full (bare metal) | Full | Sandboxed (Docker) |
| Messaging | Telegram-first | 50+ channels | Telegram, WhatsApp, Slack |
| Containers | None | Required | Required |
| Best for | Solo devs, tinkerers, personal agents | Teams, enterprises | Security-first setups |
NanoClaw's simplicity. OpenClaw's freedom. None of the mess.
GhostClaw started as a NanoClaw fork with one question: what if you ripped out everything that makes self-hosting painful? No Docker, no container orchestration, no config maze. Agents run as direct Node.js child processes with full machine access — bash, files, web, email. That's the point.
Get started
You need a Claude account (Max or API keys) and a computer to run it on. Best on a dedicated machine — a Mac Mini, an old laptop, a VPS.
npm install -g @anthropic-ai/claude-code
git clone https://github.com/b1rdmania/ghostclaw.git
cd ghostclaw && npm install
claude
# then type: /setup-ghostclaw
The setup skill walks you through everything — Telegram bot, API keys, personality, service management. About 10 minutes.
Requirements: Node.js 20+, macOS or Linux, Claude Max or API keys.
What's included
Everything below ships with every install.
Channels
- Telegram — DM it like a person. In groups, responds when mentioned. Voice notes supported. This is the primary interface.
Core capabilities
- Full machine access — bash, files, web search, email. No sandbox, no permission prompts.
- Web research — Perplexity-powered search and deep research. Ask anything current, it searches and cites sources.
- Ralph loops — autonomous multi-task engine. Hand it a checklist, it works through tasks one by one overnight.
- Scheduled tasks — "check Hacker News every morning" or cron syntax. Natural language or precise.
- Per-group personality — each chat gets its own
CLAUDE.mddefining tone, memory, and rules. - Model selection — switch between Sonnet, Opus, Haiku from Telegram. Just type
/model.
Mission Control
Built-in dashboard at localhost:3333. Real-time activity feed, task scheduling, soul editing, research runs.
Architecture
You (Telegram) → GhostClaw → Claude (Agent SDK) → Response
One process. SQLite state. Claude runs as a direct child process. No containers, no Docker, no Kubernetes. Full system access — that's the point.
Optional skills
Add capabilities with a command. Each skill is a markdown file — security-scanned before install.
| Command | What it adds |
|---|---|
/add-gmail-agent |
Gmail read/send — verification codes, urgent flags, summaries |
/add-voice-transcription |
Voice note transcription (ElevenLabs Scribe) |
/add-voice-reply |
Bot replies with voice notes (ElevenLabs TTS) |
/add-heartbeat |
Periodic health checks — disk, logs, services |
/add-morning-briefing |
Daily or weekly briefings |
/add-slack |
Slack as an additional channel |
/add-telegram-swarm |
Multi-bot agent teams in Telegram |
/pr-babysitter |
Automated PR monitoring — CI fixes, review resolution |
/run-ralph |
Autonomous overnight task loop |
/update-ghostclaw |
Safe update: backup, pull, migrate, rebuild, restart |
Browse all 46 skills → including marketing, SEO, design, and community-built skills.
Build your own — skills are markdown files. Ask Claude to write one or create it yourself.
Telegram commands
| Command | What it does |
|---|---|
/reset |
Kill stalled agent, wipe session. Next message starts fresh. |
/status |
Active agents, queue depth, uptime. |
/model |
View or switch AI model (sonnet, opus, haiku). |
/skills |
List installed skills. |
/update |
Pull latest code, rebuild, restart — no SSH needed. |
/ping |
Check if the bot is online. |
Updating
Send /update in Telegram. No SSH required.
For a full safe update with backup and rollback tag:
/update-ghostclaw
On a version before v0.6.0? Update manually:
cd ghostclaw
git pull origin main
npm install
npm run build
# macOS: launchctl kickstart -k gui/$(id -u)/com.ghostclaw
# Linux: systemctl --user restart ghostclaw
Configuration
All config lives in .env. The setup wizard creates this.
| Variable | Required | Description |
|---|---|---|
CLAUDE_CODE_OAUTH_TOKEN |
Yes* | Claude Max subscription token |
ANTHROPIC_API_KEY |
Yes* | Or use an API key instead |
ASSISTANT_NAME |
Yes | Bot name (trigger word in groups) |
TELEGRAM_BOT_TOKEN |
Yes | From @BotFather |
GHOSTCLAW_MODEL |
No | Default: sonnet. Also: opus, haiku |
ELEVENLABS_API_KEY |
No | For voice transcription and replies |
TELEGRAM_ONLY |
No | Set true to skip WhatsApp |
GMAIL_MCP_ENABLED |
No | Set 1 for email integration |
*One of CLAUDE_CODE_OAUTH_TOKEN or ANTHROPIC_API_KEY is required.
FAQ
What does it cost?
Your Claude subscription (Max or API) and optionally ElevenLabs for voice. No platform fees.
Is this secure?
The bot has full access to its machine. That's the design — run it on dedicated hardware with fresh accounts, not your daily driver. Skills are security-scanned before install.
Can I run it on a Raspberry Pi?
Untested but should work on any Linux ARM/x64 box with Node.js 20+.
Community
Join the GhostClaw community on Telegram to share problems, suggestions, or see what others are building.
Credits
GhostClaw wouldn't exist without the work of others.
NanoClaw by qwibitai — the foundation. GhostClaw is a fork of NanoClaw. The core architecture, agent runner, skills engine (three-way merge, manifest system, replay/rebase), and the skill-based extensibility model are all their work. We stripped out containers and built on top, but the bones are theirs.
OpenClaw — the inspiration. Heartbeat monitoring, daily briefings, autonomous task loops, the idea of an agent with its own identity and accounts — these came from watching what OpenClaw pioneered.
NanoClaw contributors — Alakazam03, tydev-new, pottertech, rgarcia, AmaxGuan, happydog-intj, bindoon — whose contributions to NanoClaw's codebase carry forward into GhostClaw.
Licence
MIT
Reviews (0)
Sign in to leave a review.
Leave a reviewNo results found