HomeGet Started

Self-host your own governance control plane

Free to deploy. You own the data. Connect your first agent in under 10 minutes.

Download SkillView Live DemoSDK DocsOpen Source Repo

Cloud (recommended)

Vercel + Neon free tiers. Zero cost, accessible from any device, auto-HTTPS. Takes ~10 minutes.

Local

Docker + localhost. Good for development or if you want everything on your machine.

No OAuth required to get started. Use Quick Start to deploy solo in under 10 minutes. Switch to Team Setup when you're ready to invite teammates.

1

Create a free Neon database

Neon gives you a serverless Postgres database on their free tier — no credit card required.

  1. Sign up at neon.tech
  2. Create a new project (any name, e.g. "dashclaw")
  3. Copy the connection string — it looks like postgresql://user:pass@ep-xyz.neon.tech/neondb

You'll paste this as DATABASE_URL in the next step.

2

Deploy to Vercel

Fork the repo and import it into Vercel. Add the environment variables and deploy.

  1. Fork ucsandman/DashClaw to your GitHub account
  2. Go to vercel.com/new and import your fork
  3. Generate your secrets, then paste them into Vercel's environment variables:
About the API key: DASHCLAW_API_KEY is your bootstrap admin key — it authenticates agents and seeds your first organization. After you sign in, you can create and manage additional API keys from the dashboard at /api-keys.

Tables are created automatically on first request.

3

Set your admin password

No OAuth app required. Add one environment variable in Vercel and you can sign in immediately.

In your Vercel project → Settings → Environment Variables, add:

DASHCLAW_LOCAL_ADMIN_PASSWORD = your-strong-password-here

Then redeploy. Visit your app and sign in with your password on the login page.

Use a strong password. This grants full admin access. You can add OAuth later when you want to invite teammates.

4

Enable Live Updates (Redis)

Use Upstash Redis to bridge Vercel's serverless functions for real-time dashboard events.

  1. Sign up for a free account at upstash.com
  2. Create a new Redis database (Global or in the same region as your Vercel app)
  3. Copy the REST URL and REST Token, or the raw Redis URL
  4. Add these environment variables to Vercel:
    • REALTIME_BACKEND=redis
    • REDIS_URL=<redis-connection-string>
    • REALTIME_ENFORCE_REDIS=true
  5. Redeploy your Vercel app to apply the changes

The 30MB free tier at Upstash is more than enough for DashClaw's live event buffer.

5

Connect your agents

Agents only need a base URL + API key. Once connected, they can record decisions, enforce policies, score outputs, define quality profiles, manage prompts, and track learning -- all through the SDK.

View prompt

Agent environment

Agent environment
DASHCLAW_BASE_URL=https://your-app.vercel.app
DASHCLAW_API_KEY=<your-secret-api-key>
DASHCLAW_AGENT_ID=my-agent

Your Vercel app uses Vercel env vars. Your agent uses its own environment variables.

Quick integration (Node.js)

agent.js
import { DashClaw } from 'dashclaw';

const dc = new DashClaw({
  baseUrl: process.env.DASHCLAW_BASE_URL,
  apiKey: process.env.DASHCLAW_API_KEY,
  agentId: 'my-agent',
  guardMode: 'warn',
});

// Record a decision
const action = await dc.createAction({
  actionType: 'deploy',
  declaredGoal: 'Ship auth-service v2.1',
  riskScore: 40,
});

// Guard check (policy enforcement)
const decision = await dc.guard({
  actionType: 'deploy',
  content: 'Deploying to production',
  riskScore: 40,
});

// Score the output quality
await dc.scoreOutput({
  scorer_id: 'es_your_scorer',
  output: deployResult,
  action_id: action.action_id,
});

// Score against your custom quality profile
const profileScore = await dc.scoreWithProfile('sp_your_profile', {
  duration_ms: deployResult.duration,
  confidence: deployResult.confidence,
  action_id: action.action_id,
});

// Update outcome
await dc.updateOutcome(action.action_id, {
  status: 'completed',
  outputSummary: 'Deployed successfully',
});

Quick integration (Python)

agent.py
from dashclaw import DashClaw

dc = DashClaw(
    base_url=os.environ["DASHCLAW_BASE_URL"],
    api_key=os.environ["DASHCLAW_API_KEY"],
    agent_id="my-agent",
    guard_mode="warn",
)

# Record a decision
action = dc.create_action(
    action_type="deploy",
    declared_goal="Ship auth-service v2.1",
    risk_score=40,
)

# Guard check (policy enforcement)
decision = dc.guard(
    action_type="deploy",
    content="Deploying to production",
    risk_score=40,
)

# Score the output quality
dc.score_output(
    scorer_id="es_your_scorer",
    output=deploy_result,
    action_id=action["action_id"],
)

# Score against your custom quality profile
profile_score = dc.score_with_profile("sp_your_profile", {
    "duration_ms": deploy_result["duration"],
    "confidence": deploy_result["confidence"],
    "action_id": action["action_id"],
})

# Update outcome
dc.update_outcome(action["action_id"],
    status="completed",
    output_summary="Deployed successfully",
)

What you just deployed

Your DashClaw instance ships with 177+ SDK methods across 29 categories. Every feature works out of the box -- no LLM API key required.

Governance

  • *Decision audit trail with full action traces
  • *Behavior guard -- no-code policy enforcement
  • *Human-in-the-loop approval gates
  • *Prompt injection scanning

Quality & Evaluation

  • *5 scorer types (regex, keywords, range, custom, LLM judge)
  • *Batch evaluation runs across outputs
  • *Output quality tracking over time
  • *Action-linked scoring for root-cause analysis

Scoring Profiles

  • *User-defined weighted quality dimensions with custom scales
  • *3 composite methods (weighted avg, minimum, geometric mean)
  • *Risk templates replace hardcoded agent risk numbers
  • *Auto-calibration from real data (percentile analysis)

Prompt Management

  • *Version-controlled prompt templates
  • *Mustache variable rendering (server-side, no LLM)
  • *One-click rollback to any version
  • *Usage analytics per template

Observability

  • *Real-time SSE event stream
  • *Token usage and cost tracking
  • *Risk signal monitoring (7 signal types)
  • *Behavioral drift detection with z-score alerts

Compliance & Audit

  • *SOC 2, NIST AI RMF, EU AI Act, ISO 42001 mapping
  • *One-click compliance export bundles
  • *Evidence packaging (guard decisions + action records)
  • *Scheduled recurring exports on cron

Learning & Feedback

  • *Learning velocity -- rate of agent improvement
  • *6-level agent maturity model (Novice to Master)
  • *Per-skill learning curves
  • *User feedback with auto-sentiment and auto-tagging

Agent Operations

  • *Session handoffs with context preservation
  • *Inter-agent messaging and broadcasts
  • *Task routing with agent health monitoring
  • *Memory health scanning and stale fact detection

Security

  • *Verified agent identity (RSA signatures)
  • *Automatic secret redaction
  • *Assumption tracking and drift reports
  • *Content scanning for sensitive data

Platform

  • *Multi-tenant org isolation
  • *HMAC-signed webhooks
  • *Full activity audit log
  • *Docker + Vercel + any Node.js host

All features are free, self-hosted, and work without any external AI provider. The only optional LLM feature is the llm_judge scorer type in the Evaluation Framework.

DashClaw Platform Skill

Skills are an open standard for giving agents specialized capabilities. Any agent that supports the skill framework can load this skill and become a DashClaw platform expert -- with knowledge of 177+ SDK methods across 29 categories.

Works with Claude Code, and the growing ecosystem of skill-compatible agents.

What it does

  • Instruments any agent with DashClaw SDKs (Node.js or Python)
  • Designs guard policies for cost ceilings, risk thresholds, and action allowlists
  • Configures evaluation scorers to track output quality (5 built-in types)
  • Sets up prompt template registries with version control and rollback
  • Generates compliance export bundles for SOC 2, NIST AI RMF, EU AI Act
  • Configures behavioral drift detection with statistical baselines
  • Sets up learning analytics to track agent velocity and maturity
  • Troubleshoots 401, 403, 429, and 503 errors with guided diagnostics

What's inside

dashclaw-platform-intelligence/
|-- SKILL.md                          # 13 guided workflows (v2.1)
|-- scripts/
|   |-- validate-integration.mjs      # End-to-end connectivity test
|   |-- diagnose.mjs                  # 5-phase platform diagnostics
|   `-- bootstrap-agent-quick.mjs     # Agent workspace importer
`-- references/
    |-- api-surface.md                # 140+ routes, 29 categories
    |-- platform-knowledge.md         # Architecture, auth chain, ID prefixes
    `-- troubleshooting.md            # Error resolution guide

Skill workflows

The skill includes 13 guided workflows. Your agent picks the right one from the decision tree based on what you ask:

Instrument My Agent

Full SDK integration with action recording and guard checks

Configure Evaluations

5 scorer types: regex, keywords, numeric range, custom, LLM judge

Manage Prompts

Template registry with mustache variables and version history

Collect Feedback

Structured ratings with auto-sentiment and auto-tagging

Export Compliance

Multi-framework bundles with evidence packaging

Monitor Drift

Statistical baselines and z-score deviation alerts

Track Learning

Velocity scoring and 6-level maturity model

Configure Scoring

Weighted quality profiles and risk templates

Design Policies

Guard rules for cost ceilings and risk thresholds

Bootstrap Agent

Auto-discover and import existing agent workspace data

Add a Capability

Full-stack scaffold guide for adding new API routes

Generate Client

Generate a DashClaw SDK in any language from OpenAPI

Troubleshoot

Guided error resolution for auth and rate limits

Setup

  1. Download and extract the zip into your project's skills directory (e.g. .claude/skills/ for Claude Code)
  2. Point your agent at the skill directory -- it activates automatically
  3. Ask your agent anything DashClaw-related and it routes to the right workflow
Download Skill~28 KB · open standard, works with any skill-compatible agent
Alternative: Local Setup

Run locally with Docker

The installer generates secrets, writes .env.local, installs dependencies, and prints the API key your agents should use.

View prompt
Windows (PowerShell)
./install-windows.bat
Mac / Linux (bash)
bash ./install-mac.sh

When it finishes, open http://localhost:3000.

6

Optional: enable verified agents (one-click pairing)

If you want cryptographic identity binding, your agent generates a keypair and prints a one-click pairing URL. You approve once (or approve-all).

Agent environment (verified mode)
# Optional: sign actions with a private key
DASHCLAW_PRIVATE_KEY_PATH=./secrets/cinder-private.jwk

# Optional: server-side enforcement (set on the dashboard host)
ENFORCE_AGENT_SIGNATURES=true

The goal is: no manual public key uploads. Pairing registers the matching public key automatically.