Skip to content
/
Tier B A11 Governance

ClawManager

clawmanager · Yuan-lab-LLM/ClawManager · ★ 1.4k · last commit 2026-05-23

Primitive shape
No installable primitives
00

Summary

ClawManager — Summary

ClawManager is a Kubernetes-native control plane for AI agent instance management, built in Go (backend) and React 19 (frontend). It provides three stacked control planes: an AI Gateway for governed model access with audit trail and cost accounting; an Agent Control Plane for heartbeat-driven runtime orchestration; and a Resource Management layer for channels, skills, and security scanning. Agents run as Kubernetes Pods (OpenClaw or Hermes runtimes), each registered with the control plane via secure bootstrap. A Team Workspace MVP enables coordinated multi-agent workflows with a Redis-backed Team Bus, shared PVC, and dispatch panel. The web dashboard exposes admin console, portal access, AI Gateway analytics, and team workspace views. ClawManager is explicitly positioned for platform teams running AI agent infrastructure at scale — not a personal harness but an enterprise multi-tenant operator tool.

Differs from seeds: Closest to taskmaster-ai (central task management) but ClawManager operates at the infrastructure layer rather than the task-planning layer. Unlike claude-flow (npm package + MCP), ClawManager requires Kubernetes and deploys full container workloads. The AI Gateway (OpenAI-compatible API with audit trail) resembles enterprise gateway frameworks but is specifically tuned for AI agent runtimes. No seed framework operates at the K8s control plane level.

01

Overview

ClawManager — Overview

Origin

ClawManager is developed by Yuan-lab-LLM. Initially a K8s wrapper for OpenClaw instances, it evolved into a broader control plane for AI agent workspaces. The project is aimed at platform teams, operators, and builders who need governed AI access at scale.

Philosophy

From README:

"A Kubernetes-native control plane for AI agent instance management, with governed AI access, runtime orchestration, and reusable resources across multiple agent runtimes."

Designed for:

  • Platform teams running AI agent instances for multiple users
  • Operators who need runtime visibility, command dispatch, and desired-state control
  • Builders who want governed AI access and reusable resource injection instead of manual per-instance setup

Three Control Planes

  1. AI Gateway — Governance plane for model access: unified OpenAI-compatible entry, policy, audit, cost accounting, risk control
  2. Agent Control Plane — Runtime orchestration: heartbeat, desired-state sync, command dispatch
  3. Resource Management — Reusable assets: channel management, skill management, security scanning, bundle injection

Repo Facts

  • GitHub: https://github.com/Yuan-lab-LLM/ClawManager
  • Stars: 1,351 (2026-05-26)
  • Language: TypeScript (backend described as Go in README; TypeScript in GitHub language detection — likely React frontend dominant)
  • License: MIT
  • Last commit: 2026-05-23
  • Deploy targets: K8s or K3s
02

Architecture

ClawManager — Architecture

Distribution

  • Kubernetes deployment: deployments/k8s/clawmanager.yaml
  • K3s deployment: deployments/k3s/clawmanager.yaml
  • Namespace: clawmanager-system

Tech Stack

  • Backend: Go 1.21+ (API server, agent control plane, AI gateway logic)
  • Frontend: React 19 (web dashboard)
  • Database: MySQL (schema in k8s ConfigMap SQL migrations)
  • Message Bus: Redis (Team Bus for multi-agent coordination)
  • Storage: MinIO (S3-compatible, for skills/bundles)
  • Auth: JWT

Architecture Overview

ClawManager Control Plane
├── AI Gateway (OpenAI-compatible API)
│   ├── Model routing + policy
│   ├── Audit + trace records
│   └── Cost accounting + risk control
├── Agent Control Plane
│   ├── Agent registration (secure bootstrap)
│   ├── Heartbeat monitoring
│   ├── Desired-state synchronization
│   └── Command dispatch (start/stop/config/skills)
├── Resource Management
│   ├── Channel management (templates)
│   ├── Skill management + scanning (MD5 spec)
│   └── Bundle injection
└── Team Workspaces
    ├── Redis Team Bus (inbox/events/presence/DLQ)
    ├── Shared PVC (/team)
    └── Task dispatch + event history

Directory Structure

ClawManager/
├── backend/          # Go API server
├── frontend/         # React 19 dashboard
├── deployments/
│   ├── k8s/          # Standard Kubernetes YAML
│   └── k3s/          # Lightweight K3s YAML
└── docs/             # Guides: aigateway, agent-control-plane, etc.

Supported Runtime Integrations

  • OpenClaw — Default agent workspace runtime (Webtop-based desktop)
  • Hermes — Webtop-based runtime with persistent .hermes workspace

Required Runtime

  • Kubernetes or K3s
  • Go 1.21+
  • MySQL, Redis, MinIO
03

Components

ClawManager — Components

AI Gateway

Features:

  • Unified OpenAI-compatible API entry for all agent runtimes
  • Policy-aware model selection and routing
  • End-to-end audit and trace records
  • Cost accounting and usage analysis
  • Risk control rules (block/reroute requests)
  • Multi-provider backend (injected transparently)

Agent Control Plane

Features:

  • Agent registration with secure bootstrap and session lifecycle
  • Heartbeat-driven runtime status and health reporting
  • Desired-state synchronization (control plane ↔ instance)
  • Runtime command dispatch: start, stop, config apply, health checks, skill operations
  • Instance-level visibility: status, channels, skills, command history

Resource Management

Channel Management

  • Workspace connectivity templates
  • Integration templates for standard channel types

Skill Management

  • Reusable packaged capabilities
  • Skill Scanner for risk review and MD5-based content verification
  • Bundle-based resource composition
  • Injection snapshots and visibility into what was applied

Security / Skill Scanner

  • MD5-based skill content verification (see docs/skill-content-md5-spec.md)
  • Risk review workflow before injection

Team Workspaces (MVP)

  • One-click Team creation (leader + members)
  • Redis Team Bus: inbox, events, presence, DLQ keys
  • Shared PVC at /team for context, artifacts, snapshots, task results
  • Team detail view: leader desktop, team chat, member roster, dispatch panel, task progress, event/result history
  • DB-backed: Team, member, task, event records (Redis = bus, DB = source of truth)
  • Member runtime Pods with Team role, member id, control-plane URL, shared mount

Web Dashboard

  • Admin console (users, quotas, runtime ops, security, platform policies)
  • Portal access (workspace entry + runtime visibility)
  • AI Gateway analytics
  • Team workspace view
  • Agent instance management

Config

  • deployments/k8s/clawmanager.yaml — Full K8s manifest (Namespace, Secrets, ConfigMap with SQL, Deployments, Services)
  • MySQL secrets, MinIO credentials, JWT secret all in k8s Secrets
05

Prompts

ClawManager — Prompts

ClawManager is an infrastructure control plane, not a prompt-engineering framework. The system does not expose agent prompt files directly. The closest prompt-related artifacts are:

AI Gateway System Prompt (inferred)

The AI Gateway allows per-profile system prompts for agent runtimes. From docs/aigateway.md (not fetched directly, but referenced in README):

  • Model governance includes policy-based routing
  • Risk control rules can influence which model receives a request

Hermes Runtime Guide Excerpt (from README)

Runtime authors can follow the Hermes Runtime Guide, the Generic Runtime Agent 
Integration Guide, and the Skill Content MD5 Spec to build compatible agents.

The Skill Content MD5 Spec (docs/skill-content-md5-spec.md) defines how skill content is verified — a content-integrity approach rather than a prompt-engineering approach.

OpenClaw Bootstrap Verbatim (from k8s manifest)

apiVersion: v1
kind: ConfigMap
metadata:
  name: clawmanager-mysql-init
data:
  001_init_schema.sql: |
    CREATE TABLE IF NOT EXISTS instances (
      id INT AUTO_INCREMENT PRIMARY KEY,
      user_id INT NOT NULL,
      name VARCHAR(255) NOT NULL,
      type ENUM('openclaw', 'ubuntu', 'debian', 'centos', 'custom', 'webtop', 'hermes') DEFAULT 'ubuntu',
      ...
    )

Technique: ClawManager's "prompts" are infrastructure configuration (SQL schemas, K8s manifests, Redis bus keys) rather than LLM prompt files. The framework is at the infrastructure layer below the agent loop.

09

Uniqueness

ClawManager — Uniqueness & Positioning

differs_from_seeds

ClawManager has no seed equivalent. The seeds operate at the agent-workflow level (prompts, skills, specs); ClawManager operates at the infrastructure control plane level — Kubernetes Pod lifecycle, Redis message buses, MySQL audit trails, MinIO skill bundles. The closest seed in spirit is taskmaster-ai (central task management with multiple agents) but taskmaster-ai is an npm package managing task JSON files, while ClawManager is a K8s operator managing container workloads. The AI Gateway component is similar to enterprise MCP gateway frameworks but specialized for AI agent runtimes.

Distinctive Positioning

  1. Kubernetes-native at its core: ClawManager is not a container wrapper — it deploys agents as properly managed Kubernetes workloads with desired-state reconciliation. The control plane is a real K8s controller pattern.

  2. Separation of message bus and source of truth: "Redis remains the message bus, not the source of truth" — MySQL stores canonical state, Redis provides real-time routing. This is production-grade architecture.

  3. MD5-based skill content verification: The Skill Content MD5 Spec (docs/skill-content-md5-spec.md) provides content integrity verification before skill injection — a security primitive not found in other frameworks.

  4. AI Gateway as governed access layer: OpenAI-compatible endpoint with per-instance policy, audit trail, and cost accounting is an enterprise capability. Agents don't directly call LLM APIs — they go through the gateway.

  5. Multi-runtime support: OpenClaw and Hermes are distinct container runtimes with different desktop environments; ClawManager abstracts both behind the same control API.

Observable Failure Modes

  • Requires full Kubernetes cluster — massive operational overhead for small teams
  • No personal/individual use case — designed for platform teams
  • Webtop-based agent desktops are heavyweight (VNC/browser-based)
  • Redis Team Bus is a centralized SPOF for team coordination
  • No WASM or micro-VM isolation — relies on Kubernetes container security
  • Skill Scanner approval workflow could become a bottleneck
  • Not an AI coding agent framework per se — it manages agents but doesn't enhance their capabilities
04

Workflow

ClawManager — Workflow

Deployment Phase

Step Artifact Gate
Deploy to K8s/K3s ClawManager namespace + services Kubernetes cluster required
Configure secrets JWT, MySQL, MinIO, API credentials Manual
First admin login Admin account Manual

Agent Provisioning Flow

Step Artifact
Operator creates instance in portal Pod spec submitted to K8s
Agent runtime Pod spawned (OpenClaw/Hermes) Running Pod in cluster
Agent bootstrap registration Agent record in DB
AI Gateway injection OpenAI-compatible API endpoint wired
Channel + skill bundle injection Resources applied to instance

Team Workspace Flow

Step Artifact
Operator creates Team (leader + members) Team record in DB
Member runtime Pods created with Team config Redis Team Bus injected
Leader dispatches task Task record + Redis inbox message
Members execute, report events/results Event records in DB
Control plane shows task progress, event history Dashboard view

AI Gateway Request Flow

Step Artifact
Agent runtime makes LLM API call (OpenAI-compatible) Request to AI Gateway
Gateway applies policy (model selection, risk rules) Routing decision
Request forwarded to upstream provider Upstream API call
Response + audit record created Audit trace in DB
Cost accounting updated Usage record

Approval Gates

  • Skill Scanner review before bundle injection (human approval)
  • Risk control rules (automated block/reroute)
  • Admin console approval for user/quota changes
06

Memory Context

ClawManager — Memory & Context

State Architecture

ClawManager manages state at the infrastructure level, not the agent context level:

  • MySQL — Source of truth for Team, member, task, event, instance, user, quota records
  • Redis — Team Bus (inbox, events, presence, DLQ) — message bus, not source of truth
  • MinIO — S3-compatible storage for skill bundles, channel templates, injection snapshots
  • Shared PVC (/team) — Persistent Volume Claim mounted to all team member Pods

Agent-Side Memory

  • Not managed by ClawManager directly
  • Each agent runtime (OpenClaw/Hermes) maintains its own context
  • .hermes workspace (Hermes runtime) persists across container restarts via PVC

Injection Snapshots

  • Resource Management tracks what was applied to each instance
  • Injection snapshot = point-in-time record of channels + skills deployed
  • Used for drift detection and re-application

Cross-Session Handoff

  • Control plane provides heartbeat-based desired-state synchronization
  • If agent Pod restarts, control plane re-injects configuration
  • Team Bus persistence via MySQL (not just Redis) ensures task history survives restarts

Context Isolation

  • Each agent instance runs in its own Kubernetes Pod
  • Shared team context via PVC at /team — explicitly shared, not leaked
  • Redis Team Bus keys namespaced by Team ID
07

Orchestration

ClawManager — Orchestration

Multi-Agent

Yes — ClawManager's core purpose is multi-agent management. Each team can have one leader + multiple members, each in their own Pod.

Orchestration Pattern

Hierarchical:

  • Control plane (ClawManager) = operator/orchestrator
  • Agent Pods = workers
  • Team leader = directive authority
  • Team members = executors

Team Coordination:

  • Leader dispatches tasks via Team Bus
  • Members execute, publish events and results
  • Control plane tracks state, provides visibility

Isolation Mechanism

Container (Kubernetes Pod):

  • Each agent instance is a separate Kubernetes Pod
  • Kubernetes namespacing and RBAC for access control
  • Shared PVC for intentional team collaboration
  • No WASM or micro-VM isolation — K8s container isolation only

Execution Mode

Always-on / event-driven:

  • Agent Pods run continuously
  • Heartbeat-driven status reporting
  • Command dispatch on-demand from control plane

Multi-Model

Yes via AI Gateway:

  • Policy-aware model selection per instance/team
  • Can route different agent groups to different LLM backends
  • OpenAI-compatible API allows drop-in model swapping

Consensus Mechanism

None explicit. Team coordination is task-dispatch + result-collection, not algorithmic consensus.

Redis Team Bus

  • Inbox: incoming tasks per member
  • Events: published by members on state changes
  • Presence: member online/offline status
  • DLQ: dead letter queue for failed message delivery
08

Ui Cli Surface

ClawManager — UI & CLI Surface

Web Dashboard (Primary UI)

  • React 19 frontend
  • Full web application accessible via browser
  • Features:
    • Admin Console: users, quotas, runtime operations, security controls, platform policies
    • Portal: workspace entry, browser-based agent access
    • AI Gateway Dashboard: model routing analytics, cost accounting, audit traces
    • Team Workspace View: leader desktop, team chat, member roster, dispatch panel, task progress, event/result history
    • Agent Instance Management: status, channels, skills, command history
    • Security/Skill Scanner: risk review workflows

No CLI Binary

ClawManager does not ship a dedicated CLI. Operations are via the web dashboard or Kubernetes kubectl commands.

Kubernetes Access

  • All infrastructure operations via kubectl + YAML manifests
  • No dedicated CLI tool for ClawManager operations

Agent Runtimes (Webtop)

  • OpenClaw runtime: Webtop-based desktop accessible from browser portal
  • Hermes runtime: Webtop-based desktop with .hermes workspace

Observability

  • AI Gateway: end-to-end audit and trace records per request
  • Agent Control Plane: heartbeat status for all registered instances
  • Injection snapshots: track what was deployed to each instance
  • Team event history: full audit of team tasks and results
  • Cost accounting: per-user/per-instance usage tracking

MCP / API Integration

  • AI Gateway provides OpenAI-compatible API endpoint to all managed agent runtimes
  • Not an MCP server itself

Related frameworks

same archetype · same primary tool · same memory type

OpenHarness ★ 13k
A11 Governance

Open-source Python agent runtime providing complete harness infrastructure: tools, memory, governance, swarm coordination, and…

Trae Agent ★ 12k
A11 Governance

Research-friendly open-source CLI coding agent by ByteDance, designed for academic ablation studies and modular LLM provider…

Sweep AI ★ 7.7k
A11 Governance

Autonomous GitHub bot that converts issues to pull requests using a sequential multi-agent pipeline.

Agent Governance Toolkit (microsoft) ★ 2.3k
A11 Governance

Enterprise-grade AI agent governance: YAML policy enforcement, 12-vector prompt injection defense, zero-trust identity,…

TDD Guard ★ 2.1k
A11 Governance

Mechanically enforces the Red-Green-Refactor TDD cycle by blocking file writes that violate TDD principles via a PreToolUse hook…

Agentic Coding Flywheel Setup (ACFS) ★ 1.5k
A11 Governance

Take a complete beginner from laptop to three AI coding agents running on a VPS in 30 minutes via an idempotent manifest-driven…