owly

Name: owly
Author: Hesper-Labs

Warning

AI-powered customer support agent with WhatsApp, Email & Phone channels

100stars

57forks

TypeScript

Installation

# Add to your Claude Code skills
git clone https://github.com/Hesper-Labs/owly

Getting Started

Guides for using ai agents skills like owly.

Caveman: Cut Claude Token Use by 65%
How agent-side prompt compression works, when to use it, and when not to.
What is an AI Skills Marketplace?
Definitions, how marketplaces work, and how to choose between them in 2026.
Getting Started with AI Skills

Security ReportWarning

Last scanned: 6/26/2026

{
  "issues": [
    {
      "type": "npm-audit",
      "message": "@babel/core: @babel/core: Arbitrary File Read via sourceMappingURL Comment",
      "severity": "low"
    },
    {
      "type": "npm-audit",
      "message": "@hono/node-server: @hono/node-server: Middleware bypass via repeated slashes in serveStatic",
      "severity": "medium"
    },
    {
      "type": "npm-audit",
      "message": "@prisma/dev: Vulnerability found",
      "severity": "medium"
    },
    {
      "type": "npm-audit",
      "message": "axios: Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "basic-ftp: basic-ftp: Incomplete CRLF Injection Protection Allows Arbitrary FTP Command Execution via Credentials and MKD Commands",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "brace-expansion: brace-expansion: Large numeric range defeats documented `max` DoS protection",
      "severity": "medium"
    },
    {
      "type": "npm-audit",
      "message": "esbuild: esbuild allows arbitrary file read when running the development server on Windows",
      "severity": "low"
    },
    {
      "type": "npm-audit",
      "message": "fast-uri: fast-uri vulnerable to path traversal via percent-encoded dot segments",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "follow-redirects: follow-redirects leaks Custom Authentication Headers to Cross-Domain Redirect Targets",
      "severity": "medium"
    },
    {
      "type": "npm-audit",
      "message": "form-data: form-data: CRLF injection in form-data via unescaped multipart field names and filenames",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "hono: Hono missing validation of cookie name on write path in setCookie()",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "imap: Vulnerability found",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "ip-address: ip-address has XSS in Address6 HTML-emitting methods",
      "severity": "medium"
    },
    {
      "type": "npm-audit",
      "message": "js-yaml: JS-YAML: Quadratic-complexity DoS in merge key handling via repeated aliases",
      "severity": "medium"
    },
    {
      "type": "npm-audit",
      "message": "mailparser: Vulnerability found",
      "severity": "medium"
    },
    {
      "type": "npm-audit",
      "message": "next: Next.js has a Denial of Service with Server Components",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "nodemailer: Nodemailer Vulnerable to SMTP Command Injection via CRLF in Transport name Option (EHLO/HELO) ",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "postcss: PostCSS has XSS via Unescaped </style> in its CSS Stringify Output",
      "severity": "medium"
    },
    {
      "type": "npm-audit",
      "message": "prisma: Vulnerability found",
      "severity": "medium"
    },
    {
      "type": "npm-audit",
      "message": "qs: qs has a remotely triggerable DoS: qs.stringify crashes with TypeError on null/undefined entries in comma-format arrays when encodeValuesOnly is set",
      "severity": "medium"
    },
    {
      "type": "npm-audit",
      "message": "semver: semver vulnerable to Regular Expression Denial of Service",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "utf7: Vulnerability found",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "vite: launch-editor: NTLMv2 hash disclosure via UNC path handling on Windows",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "ws: ws: Uninitialized memory disclosure",
      "severity": "high"
    },
    {
      "file": "README.md",
      "line": 379,
      "type": "secret-exfiltration",
      "message": "Instruction appears to send credentials/secrets to an external endpoint",
      "severity": "medium"
    }
  ],
  "status": "WARNING",
  "scannedAt": "2026-06-26T07:53:48.395Z",
  "npmAuditRan": true,
  "pipAuditRan": true,
  "promptInjectionRan": true
}

README.md

Frequently Asked Questions

What is owly?

owly is an open-source ai agents skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by Hesper-Labs. AI-powered customer support agent with WhatsApp, Email & Phone channels. It has 100 GitHub stars.

Is owly safe to use?

owly returned warnings in SkillsLLM's automated security scan. It has no critical vulnerabilities, but review the flagged issues in the Security Report section before adding it to your workflow.

How do I install owly?

Clone the repository with "git clone https://github.com/Hesper-Labs/owly" and add it to your Claude Code skills directory (see the Installation section above).

What programming language is owly written in?

owly is primarily written in TypeScript. It is open-source under Hesper-Labs on GitHub, so you can review or fork the full source.

Are there alternatives to owly?

Yes. SkillsLLM lists many other AI Agents skills you can browse and compare side by side. Open the AI Agents category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh owly against similar tools.

Agentic AI for Beginners

Build your first AI agent from scratch - tool use, ReAct pattern, memory, deployment

41 minBeginner

Comments (0)

to leave a comment.

No comments yet. Be the first to share your thoughts!

Related Skills

superpowers

by obra

An agentic skills framework & software development methodology that works.

234,966

math-modeling-skills secure-claude-code

What is Owly?

Owly is a self-hosted AI customer support agent that small businesses and individuals can run on their own machines -- completely free. Connect your WhatsApp, Email, and Phone channels, add your business knowledge, and let the AI handle customer inquiries 24/7. Owly automatically identifies customers across channels -- someone who emails first and later calls gets a unified profile with full conversation history.

Features

Multi-Channel Support

Connect all your customer communication channels in one place.

AI-Powered Conversations

Owly uses OpenAI GPT (extensible to Claude, Ollama) with your knowledge base to provide accurate, on-brand responses. During conversations, the AI can autonomously:

Create tickets when customers report problems
Route issues to the right department based on expertise matching
Send internal emails to notify team members about urgent issues
Look up customer history for context-aware support
Trigger webhooks to notify external systems
Schedule follow-ups for proactive customer care

Customer CRM & Cross-Channel Continuity

Every customer gets a unified profile across all channels -- conversations, notes, tags, and contact history in one place. Owly automatically resolves customer identity when someone switches channels (WhatsApp to Email to Phone), keeping the full context available to both the AI and your team.

Knowledge Base

Train your AI with your business information. Organize entries into categories, set priorities, and test responses before going live.

Automation Engine

Automate repetitive tasks with rule-based automation, business hours, SLA tracking, and canned responses.

Team & Ticket Management

Organize your team into departments, track issues with a full ticket system, and monitor performance.

Analytics & Insights

Monitor your support performance with charts, metrics, and team performance tracking.

Administration & API

Manage users, API keys, webhooks, and explore the full REST API with interactive documentation.

Dark Mode

Full dark theme with persistent preference, applied across all 19 pages.

More Features

Quick Start

Prerequisites

Node.js 20+
PostgreSQL 16+

Option 1: npm

# Clone the repository
git clone https://github.com/hsperus/owly.git
cd owly

# Install dependencies
npm install

# Set up environment
cp .env.example .env
# Edit .env with your database URL and API keys

# Run database migrations
npx prisma migrate dev

# (Optional) Load sample data with a default admin account
npm run db:seed
# Default login: username=admin, password=admin123

# Start the development server
npm run dev

Option 2: Docker Compose

git clone https://github.com/hsperus/owly.git
cd owly

cp .env.example .env
# Edit .env with your API keys

docker compose up -d

Open http://localhost:3000 -- the setup wizard will guide you through the initial configuration.

Configuration

All configuration is done through the admin dashboard -- no config files to edit after initial setup:

Setting	Location	Description
Business profile	Settings > General	Name, description, welcome message, tone
AI provider	Settings > AI Configuration	OpenAI / Claude / Ollama, model, API key
Voice	Settings > Voice	ElevenLabs API key and voice selection
Phone	Settings > Phone	Twilio Account SID, auth token, phone number
Email	Settings > Email