Lobu is an open-source multi-tenant gateway for OpenClaw. One sandbox and filesystem per user/channel. Shared memory across contexts. Agents never see secrets.

OpenClaw is an incredible agent runtime (800k LOC) but it's single-tenant by design. Every user shares the same filesystem and bash session. Lobu rewrites only the gateway layer (~40k LOC) to be multi-tenant and keeps OpenClaw's Pi agent harness untouched inside each worker.

Embedded mode uses just-bash (virtual bash) + Nix for reproducible packages. Each user gets an isolated virtual filesystem and bash session at ~50MB memory footprint. We've tested 300 concurrent instances on a single machine. No Docker needed.

Embed OpenClaw-powered agents into your product, or give your team powerful agents without managing separate instances for everyone.

REST API — Programmatic agent creation, control, and state management.

Slack — Multi-channel/DM agents with rich interactivity.

Telegram — Long-polling bot integration with interactive agent workflows.

WhatsApp — WhatsApp Business Cloud API integration.

Discord — Bot integration with channel and DM support.

Teams — Microsoft Teams bot integration.

The quickest way to start is the CLI scaffold:

npx @lobu/cli@latest init my-bot
cd my-bot && npx @lobu/cli@latest run -d

• Docker Compose — docker compose up (One-click, production single-machine)
• Kubernetes — Install via OCI Helm chart (no clone needed):

helm install lobu oci://ghcr.io/lobu-ai/charts/lobu \
  --namespace lobu \
  --create-namespace

• Local Development — For contributing to Lobu itself:
  1. Clone this repo
  2. make setup
  3. make dev (Uses Docker Compose Watch for hot-reloading)

flowchart LR
  Slack[Slack] <--> GW[Gateway]
  Telegram[Telegram] <--> GW
  WhatsApp[WhatsApp] <--> GW
  Discord[Discord] <--> GW
  API[REST API] <--> GW

  GW <--> Redis[(Redis)]
  GW -->|spawn| W[Worker]

  subgraph Sandbox
    W
  end

  W -.->|HTTP proxy| GW
  W -.->|MCP proxy| GW
  GW -->|domain filter| Internet((Internet))
  GW -->|scoped tokens| MCP[MCP Servers]

Every Lobu agent comes equipped with a suite of tools for autonomous execution and persistence:

Workers access third-party APIs through MCP servers. OAuth and credential management is handled by Owletto:

• Productivity: Google Calendar, Slack, Jira, Notion
• Development: GitHub, GitLab, Postgres, Docker
• Knowledge: Wikipedia, Brave Search, YouTube, PDF Search

Gateway as single egress. All worker traffic — internet and MCP — routes through the gateway. Workers have no direct network access. Domain filtering controls which external services workers can reach.

MCP Proxy. Workers call MCP tools via the gateway. The gateway resolves ${env:VAR} secrets and routes to upstream MCP servers. OAuth credentials for third-party APIs are managed by Owletto — workers never see tokens directly.

Multi-platform, multi-tenant. One bot instance serves Slack, Telegram, WhatsApp, Discord, Teams, and REST API. Each channel/DM gets its own isolated runtime, model, tools, credentials, and Nix packages.

OpenClaw runtime. Workers run OpenClaw Pi Agent, with per-agent model selection via the settings page. Supports OpenClaw skills, IDENTITY.md, SOUL.md, and USER.md workspace files.

Multi-provider auth. 16 LLM providers (OpenAI, Gemini, Groq, DeepSeek, Mistral, etc.) via config-driven provider registry. API keys resolved at the gateway — workers never see credentials.

Lobu is the infrastructure layer for autonomous agents. Unlike frameworks (LangChain, CrewAI) that help you write agent logic, Lobu is the delivery mechanism that runs those agents at scale — handling the sandboxing, persistence, and messaging connectivity.

• No direct worker egress — all traffic routes through the gateway proxy.
• Secrets stay in gateway — Provider credentials and ${env:} substitution. OAuth for third-party APIs managed by Owletto.
• Defense-in-depth on K8s — NetworkPolicies, RBAC, and optional gVisor/Kata runtimes.
• Nix system packages — per-agent reproducible tooling and skills policy enforcement.

Lobu is designed for high-stakes, persistent agents. While the platform is open-source, the true value of an agent lies in its soul, identity, and integration.

If you want to deploy agents for your organization but need expert implementation and infrastructure maintenance, I provide end-to-end support for:

• Employee AI Assistants — Deploy persistent, sandboxed agents across Slack that have access to your internal tools and documentation.
• Automated Customer Support — Build agents that handle complex, multi-step support tickets autonomously while keeping a human in the loop.
• Autonomous Workflows — Use Lobu to automate background tasks that require persistent state, long-running execution, and scheduled cron jobs.
• Infrastructure Maintenance — Let me manage your private Lobu deployment on your own Kubernetes cluster, ensuring 99.9% uptime, security updates, and automated scaling.
• Custom Tooling & Skills — I build specialized MCP servers, Nix-powered runtimes, and OpenClaw skills tailored to your business needs.

Expert Implementation. I'm a second-time technical founder. Previously, I founded rakam.io, an enterprise analytics PaaS acquired by LiveRamp (NYSE: RAMP). I help organizations move beyond chatbots by building the secure, scalable infrastructure required for production-grade autonomous agents.