HybridClaw — Enterprise AI Digital Coworker

Release v0.6.0

Latest release highlights

Key improvements included in the latest tagged release.

💻

Local model backends

HybridClaw now supports local Ollama, LM Studio, and vLLM providers with hybridclaw local configure|status, live discovery, health monitoring, and local model selection across gateway, TUI, and Discord.

⏱️

Activity-based timeouts

The agent IPC timeout now extends when a model is still producing text or tool progress, which keeps slower local models alive as long as they continue making visible progress.

🗑️

Session reset workflow

Gateway, TUI, and Discord now share a confirmed reset flow that clears history, restores per-session defaults, and removes the active agent workspace without leaving stale session state behind.

🔧

Runtime stability fixes

Worker pools now restart on backend/auth changes, host-mode prompts use real filesystem paths instead of container-only mounts, and compaction budgets account for large system prompts correctly.

HybridAI Advantage

Enterprise platform advantage built in

HybridAI gives HybridClaw a strong enterprise foundation: security, compliance alignment, and document-grounded intelligence.

Select your bot. Unlock its knowledge.

Each bot can have its own focus, tone, and knowledge. Use one for deep research, one for support, and one for day-to-day team productivity.

🔒

Security

Built for teams that need trustworthy controls and secure operations by default.

🏢

Enterprise-Ready Stack

Designed for real business workflows, team governance, and operational reliability.

🇪🇺

EU Stack

Strong fit for organizations prioritizing EU-centric infrastructure and data posture.

🛡️

GDPR Alignment

Supports privacy-conscious deployment strategies and compliance-driven teams.

🔍

RAG Retrieval

Ground answers in your organization’s knowledge for higher relevance and confidence.

📄

Document Intelligence

Turn internal documents into practical, searchable context your digital coworker can use.

What it does

High-impact work, handled end-to-end

Core actions are grouped into six outcomes so teams can scan value quickly without feature overload.

📚

Answer with context

Blend workspace memory, semantic recall, and typed knowledge-graph relations with HybridAI grounding to produce actionable answers.

🔒

Execute safely

Run useful actions behind trust acceptance, runtime guardrails, sandbox controls, and instruction integrity checks so automation stays controlled.

🔄

Stay consistent across channels

Share one assistant behavior across Discord, web, and terminal without managing separate bot personalities.

🧠

Remember what matters

Persist and compact long-running conversations with canonical cross-channel continuity and configurable token-budget controls.

⏰

Follow through automatically

Schedule recurring or one-shot tasks with cron/interval/at semantics, and deliver proactive output to channels or webhooks.

📊

Operate with visibility

Track status, sessions, usage/cost aggregates, tamper-evident audit history, approval decisions, and observability export health from one runtime surface.

Comparison

Comparison & USPs

Area	HybridClaw	OpenClaw	NanoClaw	PicoClaw
Onboarding	Explicit trust acceptance	Strong default flow	Quick startup flow	Minimal setup path
Security & Trust	Trust-first policy posture	Solid baseline controls	Lean safeguards	Minimal guardrails
Runtime Control	Live config updates	Setup-dependent tuning	Simple control surface	Minimal controls
Digital Coworker Feel	Memory + proactive follow-up	Strong continuity model	Lightweight continuity	Short-turn focus
Enterprise Readiness	Hash-chained audit plus local instruction integrity controls	Strong base, extended per team	Lean core + add-ons	Minimal footprint strategy
Cross-Channel Consistency	One assistant brain across channels	Often one primary channel	Light multi-channel support	Mostly single-channel simplicity

Architecture

Built for reliability at scale

HybridClaw keeps one shared assistant brain across channels while running actions with safety guardrails.

Where people work

Discord / Web / Terminal

One shared user experience

→

HybridClaw Core

Shared Assistant Brain

Context, memory, and orchestration

→

Action Layer

Safe Execution

Useful actions with guardrails

→

Result

Back to your team

Fast, consistent responses

Fast by Design

HybridClaw is optimized for quick responses, even when your team uses it all day.

Reliable Operations

Clear runtime surfaces make it easier to monitor, maintain, and trust in production.

Safety by Default

Guardrails are built in so teams can unlock automation without sacrificing control.

Consistent Assistant Quality

Structured prompting keeps behavior stable, reliable, and aligned with your standards.

Technical Details

Engineering view

For technical teams who want to understand how HybridClaw is built and operated.

Core Runtime

Node.js gateway with persistent session state, scheduler metadata (`name`, `description`, `nextRunAt`), and HTTP endpoints for status, chat, and commands.

Audit Trail

Append-only wire logs are SHA-256 hash-chained for tamper-evident immutability, with searchable events, verification, and approval history.

Safety Model

Trust-model acceptance is required during onboarding, execution uses container or host sandbox modes with runtime guardrails, user-directed browser auth-flow testing is supported, and TUI blocks when runtime instruction copies drift from installed defaults.

Prompt Orchestration

Structured hook pipeline: bootstrap, memory, safety, and proactivity, plus history/token budgets and prompt-mode tiers for predictable context size control.

Configuration

Typed config.json with defaults, validation, and hot reload. Includes container isolation controls (container.sandboxMode, container.memorySwap, container.network), memory controls (memory.decayRate, memory.consolidationIntervalHours), compaction controls (sessionCompaction.tokenBudget, sessionCompaction.budgetRatio), Discord policy controls, and proactive scheduler.jobs[] automation. Secrets live in ~/.hybridclaw/credentials.json.

Memory Continuity

Persistent workspace memory, semantic memory, typed entity/relation knowledge graph, canonical cross-channel sessions, and long-session compaction keep context coherent across Discord/web/terminal channels.

SQLite Reliability

Schema evolution uses lightweight PRAGMA user_version migrations with forward-version guards, and runtime enables journal_mode=WAL + busy_timeout=5000 for safer concurrent reads.

Usage Analytics & Export

Per-turn usage events are aggregated by day/month, model, and agent via usage commands, and sessions can be exported as JSONL snapshots (export session [sessionId]) for debugging.

Discord Conversational UX

Edit-in-place streaming, chunk-safe long messages, phase-aware typing/reactions, dynamic self-presence, adaptive debounce/rate limits, and humanized pacing (night/weekend slowdown, exchange cooldown scaling, selective silence, read-without-reply reactions, reconnect staggering).

Proactive Scheduler Jobs

scheduler.jobs[] supports cron/every/at schedules with agent_turn or system_event actions and delivery to fixed channels, last-active channels, or webhooks. Metadata persists atomically and jobs auto-disable after repeated failures.

Skills Engine

OpenClaw/CLAUDE-compatible SKILL.md support with multi-tier discovery, prompt embedding modes (always/summary/hidden), eligibility checks, and trust-aware security scanning.

Personality Switcher

Command-driven persona switching via /personality updates a managed block in SOUL.md (Name, Definition, Rules) so style remains persistent across sessions without always-on prompt bloat.

Ralph Autonomous Loop

Autonomous iteration can run beyond a single turn via proactive.ralph.maxIterations, and operators can control it live with ralph on|off|set <n>|info without waiting for idle recycle.

Discord Context Enrichment

Discord replies can include pending guild-history context, participant alias memory, @name mention-to-ID rewrites, and optional per-channel presence snapshots for better grounded responses.

Runtime Self-Awareness

Prompt assembly now injects runtime metadata (version, UTC date, model/default model, chatbot/channel/guild IDs, node/OS/host/workspace) so answers stay aligned to the active runtime state.

Web Routing Intelligence

Read-first routing prefers web_fetch for static retrieval, emits escalation hints on JS/app-shell/bot-blocked pages, and guides browser extraction with full snapshots for dynamic content.

Interfaces & Integrations

Shared assistant behavior across Discord, web, and terminal, powered by HybridAI bots and model selection.

Observability Export

Structured audit events are pushed to HybridAI observability ingest with cursor-based delivery, auto-managed bot-scoped ingest tokens, and per-turn token usage metrics.

Gateway Lifecycle

Runtime supports start, stop, and restart flows with graceful shutdown handling, explicit sandbox overrides (--sandbox=container|host), and status reporting for both managed and unmanaged gateway processes.

Command Surface

Operator-friendly command set across CLI and Discord, including hybridclaw --version, usage aggregation queries, and JSONL export workflows for session debugging.

Toolbox

13 built-in capabilities

From reading content to taking action, HybridClaw can complete real workflows end-to-end.

📄

read

Read file contents

✏️

write

Create or overwrite files

🔧

edit

Surgical string replace

🗑️

delete

Remove files safely

🔍

glob

Pattern-match file paths

🔎

grep

Regex search file contents

💻

bash

Shell commands (guarded)

🧠

memory

Durable workspace memory

🔍

session_search

Search past sessions

🌐

web_fetch

Static/read-only URL fetch & extraction

🖥️

browser_*

JS-rendered + interactive automation (auth, click, type, screenshot, PDF)

🧰

delegate

Push-based subagent orchestration (single/parallel/chain)

🕑

cron

Schedule recurring tasks

Personality

A workspace that shapes your agent

Bootstrap files give your agent identity, memory, and purpose. Each bot gets its own persistent workspace.

File	Purpose
SOUL.md	Personality and behavior
IDENTITY.md	Name, avatar, style
USER.md	Info about the user
MEMORY.md	Persistent memory across sessions
TOOLS.md	Tool usage notes and tips
HEARTBEAT.md	Tasks to check during heartbeat
BOOT.md	Startup instructions
AGENTS.md	Conventions and guidelines

Get Started

Get started in 60 seconds

Install, initialize trust, start the runtime, then connect your preferred interface.

1. Install CLI

npm install -g @hybridaione/hybridclaw

2. Initialize workspace

hybridclaw onboarding to accept trust model and generate config.json.

3. Start runtime

hybridclaw gateway to launch the core service with your configured bot/model. Use hybridclaw gateway start --sandbox=host when HybridClaw itself already runs inside a container.

4. Connect interface

Use Discord or run hybridclaw tui for a terminal-native chat experience. If runtime instruction copies drift from installed defaults, TUI asks you to restore them first.

5. Restart safely

Use hybridclaw gateway restart [--sandbox=container|host] when config or runtime placement changes and keep observability export aligned.

# 60-second flow
npm install -g @hybridaione/hybridclaw
hybridclaw onboarding
hybridclaw gateway
hybridclaw tui

FAQ

Common questions

Why does onboarding ask me to accept TRUST_MODEL.md?

HybridClaw enforces explicit trust-model acceptance before runtime starts. Acceptance is recorded in config.json with policy version and timestamp so operators can prove security acknowledgement. Technical runtime controls are documented separately in SECURITY.md.

Do I still configure everything through .env?

No. Runtime behavior lives in typed config.json and runtime secrets live in ~/.hybridclaw/credentials.json. If .env exists in the current working directory, supported secrets are imported into ~/.hybridclaw/credentials.json once for compatibility.

Is it safe to let the agent run shell commands?

By default, tools execute inside ephemeral Docker containers with read-only filesystems, memory caps, dropped capabilities, no-new-privileges, PID limits, and a deny-list of dangerous command patterns. When HybridClaw itself already runs inside a container, operators can switch to host sandbox mode to avoid Docker-in-Docker, trading container isolation for workspace fencing and command guardrails.

Can browser tools test real login flows?

Yes, when explicitly requested by the user for the intended site. Runtime guidance allows authenticated browser-flow testing, while sensitive credential values are redacted from structured audit tool-argument logs.

How does HybridClaw choose web_fetch vs browser tools?

Default is web_fetch for static/read-only retrieval. HybridClaw escalates to browser automation for JavaScript-heavy apps, auth-gated flows, interaction steps, or when web_fetch reports hints like javascript_required, spa_shell_only, empty_extraction, boilerplate_only, or bot_blocked.

Is the audit trail immutable?

Audit logs are append-only and hash-chained per session, so modifications are tamper-evident. Use hybridclaw audit verify <sessionId> to validate integrity, and hybridclaw audit approvals --denied to review denied actions.

What happens if instruction files are changed?

HybridClaw keeps runtime copies of SECURITY.md and TRUST_MODEL.md under ~/.hybridclaw/instructions/. TUI checks them before startup. Use hybridclaw audit instructions to review drift and hybridclaw audit instructions --sync to restore them from installed sources. Sync actions are audit logged.

Can I use it without Discord?

Absolutely. Run hybridclaw tui for the terminal UI. The same assistant behavior and context model is shared across supported interfaces.

How are screenshots returned in Discord?

HybridClaw attaches generated screenshots directly to the reply and keeps the text concise (for example: "Here it is.") instead of exposing internal workspace file paths.

What is the heartbeat system?

A configurable periodic poll (default every 30 minutes) where the agent wakes up, checks its HEARTBEAT.md file for tasks, and proactively reaches out if something needs attention. Silent acknowledgments are discarded to avoid noise.

Can different Discord channels use different bots?

Yes. Each channel can be independently configured with its own HybridAI chatbot, model, and RAG setting using the bot set and model set commands. You can also control reply activation per channel with /channel-mode and guild policy via /channel-policy.

How do I allow free-response in only one Discord channel?

Set guild policy to allowlist using /channel-policy policy:allowlist, then run /channel-mode mode:free in the one channel you want active. Leave other channels unlisted (or set them to off).

How does HybridClaw avoid over-replying in busy channels?

In free-response channels, HybridClaw can selectively stay silent when a peer likely already answered, react instead of replying to short acknowledgments (for example "thanks"), and slow pacing during nights/weekends or long back-and-forth exchanges.

How does scheduling work?

Two layers: chat-created tasks (schedule add) and config-backed scheduler.jobs[]. Both support cron, one-shot at, and interval semantics. Config jobs also support agent_turn/system_event actions plus channel/last-channel/webhook delivery, with persisted metadata and auto-disable after repeated failures.

What is HybridAI?

HybridAI is the bot platform that powers HybridClaw. It provides managed chatbots with document knowledge bases, retrieval-augmented generation (RAG), and multi-model support through an OpenAI-compatible API. You create and configure bots on the HybridAI platform, then connect them to HybridClaw.

What AI models does it support?

HybridClaw works with any model available through the HybridAI API. You can list available models with model list and switch per channel at any time.

Does the agent remember things between conversations?

Yes. The agent writes daily memory files (memory/YYYY-MM-DD.md) and curates long-term insights into MEMORY.md. It also maintains canonical cross-channel context per user/agent pair so continuity survives channel switches. Before session compaction, a dedicated flush turn ensures durable notes are persisted. These files plus SOUL.md are injected into every request.

Can I switch the assistant personality at runtime?

Yes. Use /personality (or /personality list) to view profiles, /personality <name> to activate one, and /personality reset to go back to default. HybridClaw persists the active persona in SOUL.md as a managed block with Name, Definition, and Rules.

Can I use skills from CLAUDE.md or OpenClaw?

Yes. HybridClaw supports OpenClaw/CLAUDE-compatible SKILL.md frontmatter, including always, requires, and metadata fields. Skills can be loaded from workspace, project .agents/skills, personal (~/.codex/~/.claude/~/.agents), bundled, or enterprise extra directories; higher-priority tiers override lower ones. Trust-aware scanning blocks risky personal/community skills while allowing vetted bundled skills.