by swarmclawai
Open-source self-hosted AI agent runtime and multi-agent framework for autonomous agent swarms. Agent memory, MCP tools, schedules, delegation, and 23+ LLM providers (Claude, GPT, Gemini, OpenRouter, Ollama). A practical Claude Code and LangChain alternative.
# Add to your Claude Code skills
git clone https://github.com/swarmclawai/swarmclawLast scanned: 5/17/2026
{
"issues": [
{
"type": "npm-audit",
"message": "@anthropic-ai/sdk: Claude SDK for TypeScript has Insecure Default File Permissions in Local Filesystem Memory Tool",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/xml-builder: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@electron/node-gyp: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron/rebuild: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@google/genai: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@grpc/proto-loader: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@huggingface/transformers: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@mariozechner/pi-agent-core: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@mariozechner/pi-ai: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@mariozechner/pi-coding-agent: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@opentelemetry/exporter-logs-otlp-grpc: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@opentelemetry/exporter-logs-otlp-http: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@opentelemetry/exporter-logs-otlp-proto: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@opentelemetry/exporter-metrics-otlp-grpc: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@opentelemetry/exporter-metrics-otlp-http: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@opentelemetry/exporter-metrics-otlp-proto: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@opentelemetry/exporter-prometheus: Prometheus exporter process crash via malformed HTTP request",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@opentelemetry/exporter-trace-otlp-grpc: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@opentelemetry/exporter-trace-otlp-http: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@opentelemetry/exporter-trace-otlp-proto: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@opentelemetry/otlp-exporter-base: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@opentelemetry/otlp-grpc-exporter-base: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@opentelemetry/otlp-transformer: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@opentelemetry/sdk-node: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@protobufjs/utf8: protobufjs has overlong UTF-8 decoding",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@tootallnate/once: @tootallnate/once vulnerable to Incorrect Control Flow Scoping",
"severity": "low"
},
{
"type": "npm-audit",
"message": "@whiskeysockets/baileys: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@whiskeysockets/libsignal-node: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@xmldom/xmldom: xmldom: Uncontrolled recursion in XML serialization leads to DoS",
"severity": "high"
},
{
"type": "npm-audit",
"message": "ajv: ajv has ReDoS when using `$data` option",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "app-builder-lib: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "basic-ftp: basic-ftp allows a malicious FTP server to cause client-side denial of service via unbounded multiline control response buffering",
"severity": "high"
},
{
"type": "npm-audit",
"message": "brace-expansion: brace-expansion: Zero-step sequence causes process hang and memory exhaustion",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "cacache: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "dmg-builder: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "electron: Electron has ASAR Integrity Bypass via resource modification",
"severity": "high"
},
{
"type": "npm-audit",
"message": "electron-builder: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "electron-builder-squirrel-windows: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "express-rate-limit: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "fast-uri: fast-uri vulnerable to path traversal via percent-encoded dot segments",
"severity": "high"
},
{
"type": "npm-audit",
"message": "fast-xml-builder: fast-xml-builder allows attribute values with unwanted quotes to bypass malicious or unwanted attributes",
"severity": "high"
},
{
"type": "npm-audit",
"message": "fast-xml-parser: fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "flatted: flatted vulnerable to unbounded recursion DoS in parse() revive phase",
"severity": "high"
},
{
"type": "npm-audit",
"message": "hono: Hono missing validation of cookie name on write path in setCookie()",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "http-proxy-agent: Vulnerability found",
"severity": "low"
},
{
"type": "npm-audit",
"message": "imapflow: Vulnerability found",
"severity": "low"
},
{
"type": "npm-audit",
"message": "ip-address: ip-address has XSS in Address6 HTML-emitting methods",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "langsmith: LangSmith Client SDKs has Prototype Pollution in langsmith-sdk via Incomplete `__proto__` Guard in Internal lodash `set()`",
"severity": "high"
},
{
"type": "npm-audit",
"message": "mailparser: Vulnerability found",
"severity": "low"
},
{
"type": "npm-audit",
"message": "make-fetch-happen: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "matrix-bot-sdk: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "next: Next.js Vulnerable to Denial of Service with Server Components",
"severity": "high"
},
{
"type": "npm-audit",
"message": "node-gyp: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "nodemailer: Nodemailer has SMTP command injection due to unsanitized `envelope.size` parameter",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "onnxruntime-web: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "openclaw: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "postcss: PostCSS has XSS via Unescaped </style> in its CSS Stringify Output",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "protobufjs: protobuf.js: Code injection through bytes field defaults in generated toObject code",
"severity": "high"
},
{
"type": "npm-audit",
"message": "qs: qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "request: Server-Side Request Forgery in Request",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "request-promise: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "request-promise-core: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "sanitize-html: Apostrophe has default XSS via `xmp` raw-text passthrough in `sanitize-html`",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "tar: node-tar Vulnerable to Arbitrary File Creation/Overwrite via Hardlink Path Traversal",
"severity": "high"
},
{
"type": "npm-audit",
"message": "tough-cookie: tough-cookie Prototype Pollution vulnerability",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "uuid: uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided",
"severity": "medium"
}
],
"status": "FAILED",
"scannedAt": "2026-05-17T06:44:48.826Z",
"semgrepRan": false,
"npmAuditRan": true,
"pipAuditRan": true
}swarmclaw is an open-source ai agents skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by swarmclawai. Open-source self-hosted AI agent runtime and multi-agent framework for autonomous agent swarms. Agent memory, MCP tools, schedules, delegation, and 23+ LLM providers (Claude, GPT, Gemini, OpenRouter, Ollama). A practical Claude Code and LangChain alternative. It has 610 GitHub stars.
swarmclaw failed SkillsLLM's automated security scan, which flagged one or more high-severity issues. Review the Security Report section carefully before using it.
Clone the repository with "git clone https://github.com/swarmclawai/swarmclaw" and add it to your Claude Code skills directory (see the Installation section above).
swarmclaw is primarily written in TypeScript. It is open-source under swarmclawai on GitHub, so you can review or fork the full source.
Yes. SkillsLLM lists many other AI Agents skills you can browse and compare side by side. Open the AI Agents category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh swarmclaw against similar tools.
No comments yet. Be the first to share your thoughts!
Requires a passing catalog security scan. Resolve the flagged issues and resubmit to enable featuring.
SwarmClaw is an open-source, self-hosted AI agent runtime and multi-agent framework. Run autonomous AI agents, agent swarms, and orchestrators with heartbeats, schedules, delegation, agent memory, runtime skills, and reviewed conversation-to-skill learning — across OpenClaw gateways, Claude, GPT, Gemini, OpenRouter, Ollama, and 23+ other providers. Use it as your AI agent dashboard, agent orchestration platform, and home base for self-hosted multi-agent AI workflows.
GitHub: https://github.com/swarmclawai/swarmclaw
Docs: https://swarmclaw.ai/docs
Website: https://swarmclaw.ai
Discord: https://discord.gg/sbEavS8cPV
Extension tutorial: https://swarmclaw.ai/docs/extension-tutorial
nvm use will pick up the repo's .nvmrc, which matches CI)Download the one-click installer from swarmclaw.ai/downloads. Available for macOS (Apple Silicon & Intel), Windows, and Linux (AppImage + .deb).
The release workflow supports Developer ID signing and notarization when Apple credentials are configured. If a macOS build is still ad-hoc signed, first launch may need one manual approval:
.dmg and .zip; unsigned fallback releases publish .zip only to avoid the damaged unsigned DMG path. Right-click the app in Finder → Open → Open to bypass Gatekeeper. If macOS instead reports "SwarmClaw is damaged and can't be opened" (common when a downloaded app was quarantined by Safari), strip the quarantine attribute and relaunch:
xattr -dr com.apple.quarantine /Applications/SwarmClaw.app
chmod +x the downloaded file, then run it.Data lives in your OS app-data directory (~/Library/Application Support/SwarmClaw,
%APPDATA%\SwarmClaw, or ~/.config/SwarmClaw), separate from any CLI or Docker install.
npm i -g @swarmclawai/swarmclaw
swarmclaw
yarn global add @swarmclawai/swarmclaw
swarmclaw
pnpm add -g @swarmclawai/swarmclaw
swarmclaw
bun add -g @swarmclawai/swarmclaw
swarmclaw
Running swarmclaw starts the server on http://localhost:3456.
git clone https://github.com/swarmclawai/swarmclaw.git
cd swarmclaw
nvm use
npm run quickstart
npm run quickstart installs dependencies, prepares local config and runtime state, and starts SwarmClaw.
git clone https://github.com/swarmclawai/swarmclaw.git
cd swarmclaw
mkdir -p data
touch .env.local
docker compose up -d --build
Then open http://localhost:3456.
Install the SwarmClaw skill for your OpenClaw agents:
openclaw skills install swarmclaw
Scheduled-run reliability release: stale workspace rebinding, fail-fast credential checks, and durable delivery evidence for schedule-driven sends.
~/.swarmclaw/workspace) are now rebound to the current WORKSPACE_DIR automatically; intentional custom working directories are never touched.lastDeliveryStatus/lastDeliveryError back to its schedule, so failures are visible without digging through task records.PR integration release for provider catalog coverage, OpenRouter context meters, and safer unsigned macOS desktop artifacts.