polyclaw v5.0.0

polyclaw

Your autonomous agent powered by the GitHub Copilot SDK. It messages you, uses plugins, and calls your phone for real-time voice when it needs you.

Get Started Architecture Responsible AI GitHub

Polyclaw is an independent, community-built tool -- not an official GitHub product. The agent runtime operates under its own Azure identity with least-privilege RBAC, but still uses your GitHub identity for the Copilot SDK. It acts with a high degree of autonomy -- executing code, managing Azure resources, sending messages, and making phone calls within the scope of its assigned roles. A built-in guardrails system lets you control what the agent can do, but it requires careful configuration to match your use case and risk appetite. Misconfiguration or unattended use can have real consequences. This project is intended for developers and technical users who understand the risks of running an autonomous agent.

GitHub Copilot SDK

Built natively on the Copilot SDK with streaming, tool execution, and multi-model support.

Learn more →

Persistent Workspace

Your agent's files, scripts, and data persist across sessions. Everything it creates today is still there tomorrow, ready to use.

Learn more →

Multi-Channel Messaging

Talk to your agent through Telegram, a web chat, or the terminal. Bot Framework powers rich cards and routing, with more channels in development.

Learn more →

Realtime Voice

Outbound phone calls via Azure Communication Services with OpenAI Realtime for live voice conversations.

Learn more →

Task Scheduler

The agent plans ahead on its own. Schedule recurring or one-shot tasks and let it proactively reach out when the time comes.

Learn more →

Extensibility

Extend the agent through Agent Skills and MCP servers. The agent can also create its own skills on the fly and share them via a built-in marketplace.

Learn more →

See polyclaw in Action

ResourceDescription
Getting StartedInstallation, prerequisites, and first run
ArchitectureSystem design, components, and data flow
ConfigurationEnvironment variables and secrets management
Security, Governance & RAIResponsible AI principles, security controls, governance
Runtime IsolationSeparated admin and agent runtime architecture
Plugins & MCPModel Context Protocol servers and plugin system
SkillsSkill authoring, marketplace, and built-in skills
API ReferenceREST endpoints and WebSocket protocol
DeploymentDocker, Azure, and CLI tools

What is polyclaw?

polyclaw web chat interface

polyclaw is an autonomous AI copilot built on the GitHub Copilot SDK. It messages you on Telegram, uses skills to get things done, and can even call your phone for a real-time voice conversation. Through the Copilot SDK it can write and execute code to solve problems on the spot. It comes with its own web browser that skills can drive to navigate websites and perform tasks. Under the hood the agent is powered by a cron-based scheduler, a plugin ecosystem, a self-extending skill system, and MCP servers.

Key Capabilities

  • Streaming AI responses with tool execution and multi-model support
  • Multi-channel bot with adaptive cards, media handling, and proactive messaging
  • Realtime voice using Azure Communication Services and OpenAI Realtime API
  • Persistent workspace – files, databases, and scripts the agent creates survive across sessions, like a personal drive for your agent
  • Built-in web browser that skills can use to navigate sites and automate web-based tasks
  • Code generation and execution – the agent writes and runs code to solve issues via sandboxed sessions
  • Model Context Protocol servers for browser automation, Azure management, GitHub integration
  • Autonomous scheduling with cron expressions and one-shot tasks
  • Memory system with idle-triggered consolidation and daily briefings
  • Key Vault integration for secure secret management
  • Cloudflare tunnel for zero-config public endpoint exposure
  • Flexible deployment – from hybrid (agent on a Raspberry Pi with cloud components) to full cloud on Azure Container Apps; deploy wherever it fits your setup

Hardening

  • Guardrails & HITL – defense-in-depth tool interception with allow/deny/HITL/PITL/AITL/filter strategies and per-model autonomy levels
  • Agent Identity – least-privilege managed identity with credential isolation between admin and runtime containers
  • Tool Activity – enterprise audit dashboard with automated scoring and Prompt Shield results
  • Runtime Isolation – separated admin and agent runtime architecture with independent credentials
  • Monitoring – OpenTelemetry integration with Azure Monitor (Application Insights, Log Analytics)

Session management