[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"similar-qhkm--zeptoclaw":3,"tool-qhkm--zeptoclaw":64},[4,17,27,35,43,56],{"id":5,"name":6,"github_repo":7,"description_zh":8,"stars":9,"difficulty_score":10,"last_commit_at":11,"category_tags":12,"status":16},3808,"stable-diffusion-webui","AUTOMATIC1111\u002Fstable-diffusion-webui","stable-diffusion-webui 是一个基于 Gradio 构建的网页版操作界面，旨在让用户能够轻松地在本地运行和使用强大的 Stable Diffusion 图像生成模型。它解决了原始模型依赖命令行、操作门槛高且功能分散的痛点，将复杂的 AI 绘图流程整合进一个直观易用的图形化平台。\n\n无论是希望快速上手的普通创作者、需要精细控制画面细节的设计师，还是想要深入探索模型潜力的开发者与研究人员，都能从中获益。其核心亮点在于极高的功能丰富度：不仅支持文生图、图生图、局部重绘（Inpainting）和外绘（Outpainting）等基础模式，还独创了注意力机制调整、提示词矩阵、负向提示词以及“高清修复”等高级功能。此外，它内置了 GFPGAN 和 CodeFormer 等人脸修复工具，支持多种神经网络放大算法，并允许用户通过插件系统无限扩展能力。即使是显存有限的设备，stable-diffusion-webui 也提供了相应的优化选项，让高质量的 AI 艺术创作变得触手可及。",162132,3,"2026-04-05T11:01:52",[13,14,15],"开发框架","图像","Agent","ready",{"id":18,"name":19,"github_repo":20,"description_zh":21,"stars":22,"difficulty_score":23,"last_commit_at":24,"category_tags":25,"status":16},1381,"everything-claude-code","affaan-m\u002Feverything-claude-code","everything-claude-code 是一套专为 AI 编程助手（如 Claude Code、Codex、Cursor 等）打造的高性能优化系统。它不仅仅是一组配置文件，而是一个经过长期实战打磨的完整框架，旨在解决 AI 代理在实际开发中面临的效率低下、记忆丢失、安全隐患及缺乏持续学习能力等核心痛点。\n\n通过引入技能模块化、直觉增强、记忆持久化机制以及内置的安全扫描功能，everything-claude-code 能显著提升 AI 在复杂任务中的表现，帮助开发者构建更稳定、更智能的生产级 AI 代理。其独特的“研究优先”开发理念和针对 Token 消耗的优化策略，使得模型响应更快、成本更低，同时有效防御潜在的攻击向量。\n\n这套工具特别适合软件开发者、AI 研究人员以及希望深度定制 AI 工作流的技术团队使用。无论您是在构建大型代码库，还是需要 AI 协助进行安全审计与自动化测试，everything-claude-code 都能提供强大的底层支持。作为一个曾荣获 Anthropic 黑客大奖的开源项目，它融合了多语言支持与丰富的实战钩子（hooks），让 AI 真正成长为懂上",138956,2,"2026-04-05T11:33:21",[13,15,26],"语言模型",{"id":28,"name":29,"github_repo":30,"description_zh":31,"stars":32,"difficulty_score":23,"last_commit_at":33,"category_tags":34,"status":16},2271,"ComfyUI","Comfy-Org\u002FComfyUI","ComfyUI 是一款功能强大且高度模块化的视觉 AI 引擎，专为设计和执行复杂的 Stable Diffusion 图像生成流程而打造。它摒弃了传统的代码编写模式，采用直观的节点式流程图界面，让用户通过连接不同的功能模块即可构建个性化的生成管线。\n\n这一设计巧妙解决了高级 AI 绘图工作流配置复杂、灵活性不足的痛点。用户无需具备编程背景，也能自由组合模型、调整参数并实时预览效果，轻松实现从基础文生图到多步骤高清修复等各类复杂任务。ComfyUI 拥有极佳的兼容性，不仅支持 Windows、macOS 和 Linux 全平台，还广泛适配 NVIDIA、AMD、Intel 及苹果 Silicon 等多种硬件架构，并率先支持 SDXL、Flux、SD3 等前沿模型。\n\n无论是希望深入探索算法潜力的研究人员和开发者，还是追求极致创作自由度的设计师与资深 AI 绘画爱好者，ComfyUI 都能提供强大的支持。其独特的模块化架构允许社区不断扩展新功能，使其成为当前最灵活、生态最丰富的开源扩散模型工具之一，帮助用户将创意高效转化为现实。",107662,"2026-04-03T11:11:01",[13,14,15],{"id":36,"name":37,"github_repo":38,"description_zh":39,"stars":40,"difficulty_score":23,"last_commit_at":41,"category_tags":42,"status":16},3704,"NextChat","ChatGPTNextWeb\u002FNextChat","NextChat 是一款轻量且极速的 AI 助手，旨在为用户提供流畅、跨平台的大模型交互体验。它完美解决了用户在多设备间切换时难以保持对话连续性，以及面对众多 AI 模型不知如何统一管理的痛点。无论是日常办公、学习辅助还是创意激发，NextChat 都能让用户随时随地通过网页、iOS、Android、Windows、MacOS 或 Linux 端无缝接入智能服务。\n\n这款工具非常适合普通用户、学生、职场人士以及需要私有化部署的企业团队使用。对于开发者而言，它也提供了便捷的自托管方案，支持一键部署到 Vercel 或 Zeabur 等平台。\n\nNextChat 的核心亮点在于其广泛的模型兼容性，原生支持 Claude、DeepSeek、GPT-4 及 Gemini Pro 等主流大模型，让用户在一个界面即可自由切换不同 AI 能力。此外，它还率先支持 MCP（Model Context Protocol）协议，增强了上下文处理能力。针对企业用户，NextChat 提供专业版解决方案，具备品牌定制、细粒度权限控制、内部知识库整合及安全审计等功能，满足公司对数据隐私和个性化管理的高标准要求。",87618,"2026-04-05T07:20:52",[13,26],{"id":44,"name":45,"github_repo":46,"description_zh":47,"stars":48,"difficulty_score":23,"last_commit_at":49,"category_tags":50,"status":16},2268,"ML-For-Beginners","microsoft\u002FML-For-Beginners","ML-For-Beginners 是由微软推出的一套系统化机器学习入门课程，旨在帮助零基础用户轻松掌握经典机器学习知识。这套课程将学习路径规划为 12 周，包含 26 节精炼课程和 52 道配套测验，内容涵盖从基础概念到实际应用的完整流程，有效解决了初学者面对庞大知识体系时无从下手、缺乏结构化指导的痛点。\n\n无论是希望转型的开发者、需要补充算法背景的研究人员，还是对人工智能充满好奇的普通爱好者，都能从中受益。课程不仅提供了清晰的理论讲解，还强调动手实践，让用户在循序渐进中建立扎实的技能基础。其独特的亮点在于强大的多语言支持，通过自动化机制提供了包括简体中文在内的 50 多种语言版本，极大地降低了全球不同背景用户的学习门槛。此外，项目采用开源协作模式，社区活跃且内容持续更新，确保学习者能获取前沿且准确的技术资讯。如果你正寻找一条清晰、友好且专业的机器学习入门之路，ML-For-Beginners 将是理想的起点。",84991,"2026-04-05T10:45:23",[14,51,52,53,15,54,26,13,55],"数据工具","视频","插件","其他","音频",{"id":57,"name":58,"github_repo":59,"description_zh":60,"stars":61,"difficulty_score":10,"last_commit_at":62,"category_tags":63,"status":16},3128,"ragflow","infiniflow\u002Fragflow","RAGFlow 是一款领先的开源检索增强生成（RAG）引擎，旨在为大语言模型构建更精准、可靠的上下文层。它巧妙地将前沿的 RAG 技术与智能体（Agent）能力相结合，不仅支持从各类文档中高效提取知识，还能让模型基于这些知识进行逻辑推理和任务执行。\n\n在大模型应用中，幻觉问题和知识滞后是常见痛点。RAGFlow 通过深度解析复杂文档结构（如表格、图表及混合排版），显著提升了信息检索的准确度，从而有效减少模型“胡编乱造”的现象，确保回答既有据可依又具备时效性。其内置的智能体机制更进一步，使系统不仅能回答问题，还能自主规划步骤解决复杂问题。\n\n这款工具特别适合开发者、企业技术团队以及 AI 研究人员使用。无论是希望快速搭建私有知识库问答系统，还是致力于探索大模型在垂直领域落地的创新者，都能从中受益。RAGFlow 提供了可视化的工作流编排界面和灵活的 API 接口，既降低了非算法背景用户的上手门槛，也满足了专业开发者对系统深度定制的需求。作为基于 Apache 2.0 协议开源的项目，它正成为连接通用大模型与行业专有知识之间的重要桥梁。",77062,"2026-04-04T04:44:48",[15,14,13,26,54],{"id":65,"github_repo":66,"name":67,"description_en":68,"description_zh":69,"ai_summary_zh":69,"readme_en":70,"readme_zh":71,"quickstart_zh":72,"use_case_zh":73,"hero_image_url":74,"owner_login":75,"owner_name":75,"owner_avatar_url":76,"owner_bio":77,"owner_company":78,"owner_location":79,"owner_email":80,"owner_twitter":81,"owner_website":82,"owner_url":83,"languages":84,"stars":121,"forks":122,"last_commit_at":123,"license":124,"difficulty_score":10,"env_os":125,"env_gpu":126,"env_ram":127,"env_deps":128,"category_tags":131,"github_topics":132,"view_count":23,"oss_zip_url":82,"oss_zip_packed_at":82,"status":16,"created_at":137,"updated_at":138,"faqs":139,"releases":168},1274,"qhkm\u002Fzeptoclaw","zeptoclaw","Final form of claw family (Wannabe)","ZeptoClaw 是一款超轻量级的个人 AI 助手，专为高效、安全地执行各种任务而设计。它结合了多个知名 AI 工具的优点，去除了它们的缺点，最终打造了一个体积小巧、功能强大且运行迅速的工具。\n\nZeptoClaw 解决了传统 AI 助手在体积、启动速度、资源占用和安全性方面的诸多问题。相比其他工具，它仅需约 6MB 内存，启动时间不到 50 毫秒，同时支持多种沙箱环境和安全机制，如提示注入检测和电路断路器，有效防止潜在的安全威胁。\n\nZeptoClaw 适合开发者、研究人员以及需要快速部署 AI 助手的用户使用。它内置了 33 种工具、11 个通道和 16 个服务提供商，能够满足从代码分析到 API 安全审计等多种需求。其独特的技术亮点包括基于 Rust 的高性能架构、多种沙箱运行时支持以及极低的系统资源占用，使其能够在低成本硬件上稳定运行。","\u003Cp align=\"center\">\n  \u003Cimg src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fqhkm_zeptoclaw_readme_5c1eece1e2be.png\" width=\"200\" alt=\"Zippy — ZeptoClaw mascot\">\n\u003C\u002Fp>\n\u003Ch1 align=\"center\">ZeptoClaw\u003C\u002Fh1>\n\u003Cp align=\"center\">\n  \u003Cstrong>Ultra-lightweight personal AI assistant.\u003C\u002Fstrong>\n\u003C\u002Fp>\n\u003Cp align=\"center\">\n  \u003Ca href=\"https:\u002F\u002Fzeptoclaw.com\u002Fdocs\u002F\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fdocs-zeptoclaw.com-3b82f6?style=for-the-badge&logo=bookstack&logoColor=white\" alt=\"Documentation\">\u003C\u002Fa>\n\u003C\u002Fp>\n\u003Cp align=\"center\">\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Factions\u002Fworkflows\u002Fci.yml\">\u003Cimg src=\"https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Factions\u002Fworkflows\u002Fci.yml\u002Fbadge.svg\" alt=\"CI\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Freleases\u002Flatest\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fv\u002Frelease\u002Fqhkm\u002Fzeptoclaw?color=blue\" alt=\"Release\">\u003C\u002Fa>\n  \u003Ca href=\"LICENSE\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Flicense-Apache%202.0-blue\" alt=\"License\">\u003C\u002Fa>\n\u003C\u002Fp>\n\n---\n\n```\n$ zeptoclaw agent --stream -m \"Analyze our API for security issues\"\n\n🤖 ZeptoClaw — Streaming analysis...\n\n  [web_fetch]        Fetching API docs...\n  [shell]            Running integration tests...\n  [longterm_memory]  Storing findings...\n\n→ Found 12 endpoints, 3 missing auth headers, 1 open redirect\n→ Saved findings to long-term memory under \"api-audit\"\n\n✓ Analysis complete in 4.2s\n```\n\nWe studied the best AI assistants — and their tradeoffs. OpenClaw's integrations without the 100MB. NanoClaw's security without the TypeScript bundle. NemoClaw's governance without the 2GB Docker container. PicoClaw's size without the bare-bones feature set. One Rust binary with 33 tools, 11 channels, 16 providers, and 6 sandbox runtimes.\n\n\u003Cp align=\"center\">\n  \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fbinary-~6MB-3b82f6\" alt=\"~6MB binary\">\n  \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fstartup-~50ms-3b82f6\" alt=\"~50ms startup\">\n  \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FRAM-~6MB-3b82f6\" alt=\"~6MB RAM\">\n  \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Ftests-3%2C900%2B-3b82f6\" alt=\"3,900+ tests\">\n  \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fproviders-16-3b82f6\" alt=\"16 providers\">\n\u003C\u002Fp>\n\n## Why ZeptoClaw\n\nWe studied what works — and what doesn't.\n\n**OpenClaw** proved an AI assistant can handle 12 channels and 100+ skills. But it costs 100MB and 400K lines. **NanoClaw** proved security-first is possible. But it's still 50MB of TypeScript. **NemoClaw** proved enterprise governance matters — policy-locked sandboxes, federated inference routing. But it's a 2GB Docker container wrapping OpenClaw underneath, with zero built-in tools. **PicoClaw** proved AI assistants can run on $10 hardware. But it stripped out everything to get there.\n\n**ZeptoClaw** took notes. The integrations, the security, the governance, the size discipline — without the tradeoffs each one made. One 6MB Rust binary that starts in 50ms, uses 6MB of RAM, and ships with container isolation, prompt injection detection, and a circuit breaker provider stack.\n\n| | OpenClaw | NemoClaw | NanoClaw | PicoClaw | **ZeptoClaw** |\n|---|---|---|---|---|---|\n| **Size** | ~100MB | ~2GB (Docker) | ~50MB | \u003C1MB | **~6MB** |\n| **Language** | JS\u002FTS | JS\u002FTS\u002FPython | TypeScript | Go | **Rust** |\n| **Built-in tools** | 100+ skills | 0 (inference only) | ~20 | ~5 | **33** |\n| **Providers** | 5 | NVIDIA-first | 3 | 2 | **16** |\n| **Channels** | 12 | 0 (uses OpenClaw) | 3 | 0 | **11** |\n| **Sandbox** | None | Landlock + seccomp | Basic | None | **6 runtimes** |\n| **Runs on $10 HW** | No | No (needs GPU) | No | Yes | **Yes** |\n\n## Security\n\nAI agents execute code. Most frameworks trust that nothing will go wrong.\n\nThe OpenClaw ecosystem has seen CVE-2026-25253 (CVSS 8.8 — cross-site WebSocket hijacking to RCE), ClawHavoc (341 malicious skills, 9,000+ compromised installations), and 42,000 exposed instances with auth bypass. ZeptoClaw was built with this threat model in mind.\n\n| Layer | What it does |\n|-------|-------------|\n| **6 Sandbox Runtimes** | Docker, Apple Container, Landlock, Firejail, Bubblewrap, or native — per request |\n| **Prompt Injection Detection** | Aho-Corasick multi-pattern matcher (17 patterns) + 4 regex rules |\n| **Secret Leak Scanner** | 22 regex patterns catch API keys, tokens, and credentials before they reach the LLM |\n| **Policy Engine** | 7 rules blocking system file access, crypto key extraction, SQL injection, encoded exploits |\n| **Input Validator** | 100KB limit, null byte detection, whitespace ratio analysis, repetition detection |\n| **Shell Blocklist** | Regex patterns blocking reverse shells, `rm -rf`, privilege escalation |\n| **SSRF Prevention** | DNS pinning, private IP blocking, IPv6 transition guard, scheme validation |\n| **Chain Alerting** | Detects dangerous tool call sequences (write→execute, memory→execute) |\n| **Tool Approval Gate** | Require explicit confirmation before executing dangerous tools |\n\nEvery layer runs by default. No flags to remember, no config to enable.\n\n## Install\n\n```bash\n# One-liner (macOS \u002F Linux)\ncurl -fsSL https:\u002F\u002Fraw.githubusercontent.com\u002Fqhkm\u002Fzeptoclaw\u002Fmain\u002Finstall.sh | sh\n\n# Homebrew\nbrew install qhkm\u002Ftap\u002Fzeptoclaw\n\n# Docker\ndocker pull ghcr.io\u002Fqhkm\u002Fzeptoclaw:latest\n\n# Build from source\ncargo install zeptoclaw --git https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\n```\n\n## Uninstall\n\n```bash\n# Remove ZeptoClaw state (~\u002F.zeptoclaw)\nzeptoclaw uninstall --yes\n\n# Also remove a direct-install binary from ~\u002F.local\u002Fbin or \u002Fusr\u002Flocal\u002Fbin\nzeptoclaw uninstall --remove-binary --yes\n\n# Package-managed installs still use their package manager\nbrew uninstall qhkm\u002Ftap\u002Fzeptoclaw\ncargo uninstall zeptoclaw\n```\n\n## Quick Start\n\n```bash\n# Interactive setup (walks you through API keys, channels, workspace)\nzeptoclaw onboard\n\n# Talk to your agent\nzeptoclaw agent -m \"Hello, set up my workspace\"\n\n# Stream responses token-by-token\nzeptoclaw agent --stream -m \"Explain async Rust\"\n\n# Use a built-in template\nzeptoclaw agent --template researcher -m \"Search for Rust agent frameworks\"\n\n# Process prompts in batch\nzeptoclaw batch --input prompts.txt --output results.jsonl\n\n# Start as a Telegram\u002FSlack\u002FDiscord\u002FWebhook gateway\nzeptoclaw gateway\n\n# With full container isolation per request\nzeptoclaw gateway --containerized\n```\n\n## Migrate from OpenClaw\n\nAlready running OpenClaw? ZeptoClaw can import your config and skills in one command.\n\n```bash\n# Auto-detect OpenClaw installation (~\u002F.openclaw, ~\u002F.clawdbot, ~\u002F.moldbot)\nzeptoclaw migrate\n\n# Specify path manually\nzeptoclaw migrate --from \u002Fpath\u002Fto\u002Fopenclaw\n\n# Preview what would be migrated (no files written)\nzeptoclaw migrate --dry-run\n\n# Non-interactive (skip confirmation prompts)\nzeptoclaw migrate --yes\n```\n\nThe migration command:\n- Converts provider API keys, model settings, and channel configs\n- Copies skills to `~\u002F.zeptoclaw\u002Fskills\u002F`\n- Backs up your existing ZeptoClaw config before overwriting\n- Validates the migrated config and reports any issues\n- Lists features that can't be automatically ported\n\nSupports JSON and JSON5 config files (comments, trailing commas, unquoted keys).\n\n## Deploy\n\n\u003Cp align=\"center\">\n  \u003Ca href=\"https:\u002F\u002Fcloud.digitalocean.com\u002Fapps\u002Fnew?repo=https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Ftree\u002Fmain\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FDigitalOcean-0080FF?style=for-the-badge&logo=digitalocean&logoColor=white\" alt=\"Deploy to DigitalOcean\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Frailway.com\u002Fdeploy?template=https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FRailway-0B0D0E?style=for-the-badge&logo=railway&logoColor=white\" alt=\"Deploy to Railway\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Frender.com\u002Fdeploy?repo=https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FRender-46E3B7?style=for-the-badge&logo=render&logoColor=white\" alt=\"Deploy to Render\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Ffly.io\u002Fdocs\u002Fhands-on\u002F\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FFly.io-6E42C1?style=for-the-badge&logo=fly.io&logoColor=white\" alt=\"Deploy to Fly.io\">\u003C\u002Fa>\n\u003C\u002Fp>\n\n### Any VPS\n\n```bash\ncurl -fsSL https:\u002F\u002Fzeptoclaw.com\u002Fsetup.sh | bash\n```\n\nInstalls the binary and prints next steps. Run `zeptoclaw onboard` to configure providers and channels.\n\n## Providers\n\nZeptoClaw supports 16 LLM providers. All OpenAI-compatible endpoints work out of the box.\n\n| Provider | Config key | Setup |\n|----------|------------|-------|\n| **Anthropic** | `anthropic` | `api_key` |\n| **OpenAI** | `openai` | `api_key` |\n| **OpenRouter** | `openrouter` | `api_key` |\n| **Google Gemini** | `gemini` | `api_key` |\n| **Groq** | `groq` | `api_key` |\n| **DeepSeek** | `deepseek` | `api_key` |\n| **xAI (Grok)** | `xai` | `api_key` |\n| **NVIDIA NIM** | `nvidia` | `api_key` |\n| **Azure OpenAI** | `azure` | `api_key` + `api_base` |\n| **AWS Bedrock** | `bedrock` | `api_key` |\n| **Kimi (Moonshot)** | `kimi` | `api_key` |\n| **Zhipu (GLM)** | `zhipu` | `api_key` |\n| **Qianfan (Baidu)** | `qianfan` | `api_key` |\n| **Novita AI** | `novita` | `api_key` |\n| **Ollama** | `ollama` | `api_key` (any value) |\n| **VLLM** | `vllm` | `api_key` (any value) |\n\nConfigure in `~\u002F.zeptoclaw\u002Fconfig.json` or via environment variables:\n\n```json\n{\n  \"providers\": {\n    \"openrouter\": { \"api_key\": \"sk-or-...\" },\n    \"ollama\": { \"api_key\": \"ollama\" }\n  },\n  \"agents\": { \"defaults\": { \"model\": \"anthropic\u002Fclaude-sonnet-4\" } }\n}\n```\n\n```bash\nexport ZEPTOCLAW_PROVIDERS_GROQ_API_KEY=gsk_...\n```\n\nAny provider's base URL can be overridden with `api_base` for proxies or self-hosted endpoints. See the [provider docs](https:\u002F\u002Fzeptoclaw.com\u002Fdocs\u002Fconcepts\u002Fproviders\u002F) for full details.\n\n## Features\n\n### Core\n\n| Feature | What it does |\n|---------|-------------|\n| **Multi-Provider LLM** | 16 providers with SSE streaming, retry with backoff + budget cap, auto-failover |\n| **33 Tools + Plugins** | Shell, filesystem, grep, find, web, git, stripe, PDF, transcription, Android ADB, and more |\n| **Tool Composition** | Create new tools from natural language descriptions — composable `{{param}}` templates |\n| **Agent Swarms** | Delegate to sub-agents with parallel fan-out, aggregation, and cost-aware routing |\n| **Library Facade** | Embed as a crate — `ZeptoAgent::builder().provider(p).tool(t).build()` for Tauri\u002FGUI apps |\n| **Batch Mode** | Process hundreds of prompts from text\u002FJSONL files with template support |\n| **Agent Modes** | Observer, Assistant, Autonomous — category-based tool access control |\n\n### Channels & Integration\n\n| Feature | What it does |\n|---------|-------------|\n| **11-Channel Gateway** | Telegram, Slack, Discord, WhatsApp Web + Cloud API, Lark, Email, Webhook, Serial, ACP — unified message bus |\n| **Persona System** | Per-chat personality switching via `\u002Fpersona` command with LTM persistence |\n| **Plugin System** | JSON manifest plugins auto-discovered from `~\u002F.zeptoclaw\u002Fplugins\u002F` |\n| **Hooks** | `before_tool`, `after_tool`, `on_error` with Log, Block, and Notify actions |\n| **Cron & Heartbeat** | Schedule recurring tasks, proactive check-ins, background spawning |\n| **Memory & History** | Workspace memory, long-term key-value store, conversation history |\n\n### Security & Ops\n\n| Feature | What it does |\n|---------|-------------|\n| **6 Sandbox Runtimes** | Docker, Apple Container, Landlock, Firejail, Bubblewrap, or native |\n| **Gateway Startup Guard** | Degrade gracefully after N crashes — prevents crash loops |\n| **Channel Supervisor** | Auto-restart dead channels with cooldown and max-restart limits |\n| **Tool Approval Gate** | Policy-based gating — require confirmation for dangerous tools |\n| **SSRF Prevention** | DNS pinning, private IP blocking, IPv6 transition guard, scheme validation |\n| **Shell Blocklist** | Regex patterns blocking reverse shells, rm -rf, privilege escalation |\n| **Token Budget & Cost** | Per-session budget enforcement, per-model cost estimation for 8 models |\n| **Rich Health Endpoint** | `\u002Fhealth` with version, uptime, RSS, usage metrics, component checks |\n| **Telemetry** | Prometheus + JSON metrics export, structured logging, per-tenant tracing |\n| **Self-Update** | `zeptoclaw update` downloads latest release from GitHub |\n| **Loop Guard** | SHA256 tool-call repetition detection with circuit-breaker stop |\n| **Context Trimming** | Normal\u002Femergency\u002Fcritical compaction tiers (70%\u002F90%\u002F95%) for context window management |\n| **Session Repair** | Auto-fixes orphan tool results, empty\u002Fduplicate messages, and alternation issues |\n| **Config Hot-Reload** | Gateway polls config mtime every 30s and applies provider\u002Fchannel\u002Fsafety updates live |\n| **Hands-Lite** | `HAND.toml` agent profiles with bundled presets (researcher, coder, monitor) and `hand` CLI |\n| **Multi-Tenant** | Hundreds of tenants on one VPS — isolated workspaces, ~6MB RAM each |\n\n> **Full documentation** — [zeptoclaw.com\u002Fdocs](https:\u002F\u002Fzeptoclaw.com\u002Fdocs\u002F) covers configuration, environment variables, CLI reference, deployment guides, and more.\n\n## Inspired By\n\nZeptoClaw is inspired by projects in the open-source AI agent ecosystem — OpenClaw, NemoClaw, NanoClaw, and PicoClaw — each taking a different approach to the same problem. NemoClaw's declarative policy model and digest-verified supply chain influenced our security thinking. ZeptoClaw's contribution is Rust's memory safety, async performance, and container isolation for production multi-tenant deployments — all in a 6MB binary that runs where Docker containers can't.\n\n## Usage\n\n```bash\n# CLI agent (one-shot or streaming)\nzeptoclaw agent -m \"Summarize this repo\"\nzeptoclaw agent --stream -m \"Explain async Rust\"\nzeptoclaw agent --template coder -m \"Add error handling to main.rs\"\n\n# Multi-channel gateway\nzeptoclaw gateway                    # Telegram, Slack, Discord, etc.\nzeptoclaw gateway --containerized    # With container isolation per request\n\n# Memory, secrets, profiles\nzeptoclaw memory set project:name \"ZeptoClaw\" --category project\nzeptoclaw secrets encrypt\nzeptoclaw hand activate researcher\n\n# Batch, diagnostics, self-update\nzeptoclaw batch --input prompts.txt --output results.jsonl\nzeptoclaw doctor                     # Diagnose config\u002Fprovider issues\nzeptoclaw update                     # Self-update to latest release\n```\n\n## Development\n\n```bash\n# Build\ncargo build\n\n# Run all tests (~3,900 total)\ncargo nextest run --lib\n\n# Lint and format (required before every PR)\ncargo clippy -- -D warnings\ncargo fmt -- --check\n```\n\nSee [CLAUDE.md](CLAUDE.md) for full architecture reference, [AGENTS.md](AGENTS.md) for coding guidelines, and [docs\u002F](docs\u002F) for benchmarks, multi-tenant deployment, and performance guides.\n\n## Zepto Stack\n\nZeptoClaw is part of the Zepto stack — a modular system for running AI agents in production.\n\n```\nZeptoPM        — orchestration, supervision, retries, job lifecycle\n    │\n    │  create(spec) + spawn(worker, args, env)\n    ▼\nZeptoCapsule   — capsule creation, process isolation, resource enforcement\n    │\n    │  fork\u002Fnamespace\u002FmicroVM + stdio transport\n    ▼\nZeptoClaw      — LLM calls, tool use, artifact production\n    │\n    └── JSON-line IPC over stdin\u002Fstdout back to ZeptoPM\n```\n\n| Layer | Repo | Role |\n|:------|:-----|:-----|\n| **ZeptoPM** | [qhkm\u002Fzeptopm](https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptopm) | Process manager — config-driven daemon, HTTP API, pipelines, orchestration |\n| **ZeptoCapsule** | [qhkm\u002Fzeptocapsule](https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptocapsule) | Sandbox — process\u002Fnamespace\u002FFirecracker isolation, resource limits, fallback chains |\n| **ZeptoRT** | [qhkm\u002Fzeptort](https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptort) | Durable runtime — journaled effects, snapshot recovery, OTP-style supervision |\n| **ZeptoClaw** | [qhkm\u002Fzeptoclaw](https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw) | Agent framework — 33 tools, 16 providers, 11 channels, container isolation |\n\n## Contributing\n\nWe welcome contributions! Please read **[CONTRIBUTING.md](CONTRIBUTING.md)** for:\n\n- How to set up your fork and branch from upstream\n- Issue-first workflow (open an issue before coding)\n- Pull request process and quality gates\n- Guides for adding new tools, channels, and providers\n\n## License\n\nApache 2.0 — see [LICENSE](LICENSE)\n\n## Disclaimer\n\nZeptoClaw is a pure open-source software project. It has no token, no cryptocurrency, no blockchain component, and no financial instrument of any kind. This project is not affiliated with any token or financial product.\n\n---\n\n\u003Cp align=\"center\">\n  \u003Cem>ZeptoClaw — Because your AI assistant shouldn't need more RAM than your text editor.\u003C\u002Fem>\n\u003C\u002Fp>\n\u003Cp align=\"center\">\n  Built by \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fqhkm\">Aisar Labs\u003C\u002Fa>\n\u003C\u002Fp>\n","\u003Cp align=\"center\">\n  \u003Cimg src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fqhkm_zeptoclaw_readme_5c1eece1e2be.png\" width=\"200\" alt=\"Zippy — ZeptoClaw mascot\">\n\u003C\u002Fp>\n\u003Ch1 align=\"center\">ZeptoClaw\u003C\u002Fh1>\n\u003Cp align=\"center\">\n  \u003Cstrong>超轻量级个人AI助手。\u003C\u002Fstrong>\n\u003C\u002Fp>\n\u003Cp align=\"center\">\n  \u003Ca href=\"https:\u002F\u002Fzeptoclaw.com\u002Fdocs\u002F\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fdocs-zeptoclaw.com-3b82f6?style=for-the-badge&logo=bookstack&logoColor=white\" alt=\"文档\">\u003C\u002Fa>\n\u003C\u002Fp>\n\u003Cp align=\"center\">\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Factions\u002Fworkflows\u002Fci.yml\">\u003Cimg src=\"https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Factions\u002Fworkflows\u002Fci.yml\u002Fbadge.svg\" alt=\"CI\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Freleases\u002Flatest\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fv\u002Frelease\u002Fqhkm\u002Fzeptoclaw?color=blue\" alt=\"发布\">\u003C\u002Fa>\n  \u003Ca href=\"LICENSE\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Flicense-Apache%202.0-blue\" alt=\"许可证\">\u003C\u002Fa>\n\u003C\u002Fp>\n\n---\n\n```\n$ zeptoclaw agent --stream -m \"分析我们的API是否存在安全问题\"\n\n🤖 ZeptoClaw — 流式分析...\n\n  [web_fetch]        获取API文档...\n  [shell]            运行集成测试...\n  [longterm_memory]  存储发现结果...\n\n→ 发现12个接口，其中3个缺少认证头，1个存在开放重定向\n→ 已将发现结果保存至长期记忆库，标签为“api-audit”\n\n✓ 分析在4.2秒内完成\n```\n\n我们研究了市面上最好的AI助手及其权衡取舍。OpenClaw的集成能力虽强，却需要占用100MB内存、包含40万行代码；NanoClaw强调安全性，但依然离不开50MB的TypeScript代码；NemoClaw注重企业级治理，如策略锁定的沙箱、联邦推理路由等，却要以2GB的Docker容器来运行OpenClaw，且几乎没有任何内置工具；PicoClaw则实现了在10美元硬件上运行AI助手的目标，但为了达到这一目标，它不得不大幅精简功能。\n\n而**ZeptoClaw**则吸取了这些经验教训：既保留了强大的集成能力、出色的安全性与完善的治理机制，又严格控制了体积——没有像其他产品那样做出任何妥协。它是一个仅6MB大小的Rust二进制文件，启动时间仅需50毫秒，内存占用仅为6MB，并内置了容器隔离、提示注入检测以及熔断器提供商栈等功能。\n\n\u003Cp align=\"center\">\n  \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fbinary-~6MB-3b82f6\" alt=\"约6MB的二进制文件\">\n  \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fstartup-~50ms-3b82f6\" alt=\"约50毫秒的启动时间\">\n  \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FRAM-~6MB-3b82f6\" alt=\"约6MB的内存占用\">\n  \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Ftests-3%2C900%2B-3b82f6\" alt=\"超过3900项测试\">\n  \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fproviders-16-3b82f6\" alt=\"16个提供商\">\n\u003C\u002Fp>\n\n## 为什么选择ZeptoClaw\n\n我们深入研究了哪些做法有效、哪些并不奏效。\n\n**OpenClaw**证明了AI助手可以同时处理12个渠道和100多项技能，但其体积高达100MB、代码量达40万行；**NanoClaw**表明以安全为先是可行的，但它仍然需要50MB的TypeScript代码；**NemoClaw**展示了企业级治理的重要性——包括策略锁定的沙箱、联邦推理路由等，然而它却是一个包裹着OpenClaw的2GB Docker容器，且几乎没有内置工具；**PicoClaw**则证明了AI助手可以在10美元的硬件上运行，但为了实现这一点，它不得不剔除所有不必要的功能。\n\n**ZeptoClaw**正是从这些经验中汲取了精华：无论是集成能力、安全性、治理机制，还是对体积的严格控制，都做到了兼顾，而无需在其中任何一项上做出妥协。它是一个仅6MB大小的Rust二进制文件，启动时间仅需50毫秒，内存占用仅为6MB，并配备了容器隔离、提示注入检测以及熔断器提供商栈等核心功能。\n\n| | OpenClaw | NemoClaw | NanoClaw | PicoClaw | **ZeptoClaw** |\n|---|---|---|---|---|---|\n| **体积** | ~100MB | ~2GB（Docker） | ~50MB | \u003C1MB | **~6MB** |\n| **语言** | JS\u002FTS | JS\u002FTS\u002FPython | TypeScript | Go | **Rust** |\n| **内置工具** | 100+技能 | 0（仅推理） | ~20 | ~5 | **33** |\n| **提供商** | 5 | NVIDIA优先 | 3 | 2 | **16** |\n| **渠道** | 12 | 0（使用OpenClaw） | 3 | 0 | **11** |\n| **沙箱** | 无 | Landlock + seccomp | 基础 | 无 | **6种运行时** |\n| **可在10美元硬件上运行** | 否 | 否（需GPU） | 否 | 是 | **是** |\n\n## 安全性\n\nAI代理会执行代码。大多数框架都默认认为不会出问题。\n\nOpenClaw生态系统曾遭遇CVE-2026-25253漏洞（CVSS评分8.8——跨站WebSocket劫持导致远程代码执行）、ClawHavoc事件（341个恶意技能、超过9000次被入侵的安装），以及4.2万个暴露实例因认证绕过而遭攻击。ZeptoClaw正是基于这样的威胁模型构建的。\n\n| 层 | 功能 |\n|-------|-------------|\n| **6种沙箱运行时** | Docker、Apple Container、Landlock、Firejail、Bubblewrap或原生——按需选择 |\n| **提示注入检测** | Aho-Corasick多模式匹配器（17种模式）+4条正则表达式规则 |\n| **密钥泄露扫描器** | 22条正则表达式模式可在API密钥、令牌和凭据到达LLM之前将其捕获 |\n| **策略引擎** | 7条规则阻止系统文件访问、加密密钥提取、SQL注入、编码后漏洞利用 |\n| **输入验证器** | 100KB限制、空字节检测、空白比例分析、重复检测 |\n| **Shell黑名单** | 正则表达式模式阻止反向Shell、`rm -rf`、权限提升 |\n| **SSRF预防** | DNS固定、私有IP屏蔽、IPv6过渡保护、协议验证 |\n| **链式警报** | 检测危险的工具调用序列（写入→执行、内存→执行） |\n| **工具审批门** | 执行危险工具前需明确确认 |\n\n每一层功能均默认启用，无需记住任何标志位、也无需额外配置即可使用。\n\n## 安装\n\n```bash\n# 单行命令（macOS \u002F Linux）\ncurl -fsSL https:\u002F\u002Fraw.githubusercontent.com\u002Fqhkm\u002Fzeptoclaw\u002Fmain\u002Finstall.sh | sh\n\n# Homebrew\nbrew install qhkm\u002Ftap\u002Fzeptoclaw\n\n# Docker\ndocker pull ghcr.io\u002Fqhkm\u002Fzeptoclaw:latest\n\n# 从源码构建\ncargo install zeptoclaw --git https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\n```\n\n## 卸载\n\n```bash\n# 删除ZeptoClaw状态（~\u002F.zeptoclaw）\nzeptoclaw uninstall --yes\n\n# 同时删除直接安装的二进制文件，位于~\u002F.local\u002Fbin或\u002Fusr\u002Flocal\u002Fbin\nzeptoclaw uninstall --remove-binary --yes\n\n# 使用包管理器安装的仍需通过相应包管理器卸载\nbrew uninstall qhkm\u002Ftap\u002Fzeptoclaw\ncargo uninstall zeptoclaw\n```\n\n## 快速入门\n\n```bash\n# 交互式设置（引导您完成API密钥、渠道、工作空间的配置）\nzeptoclaw onboard\n\n# 与您的代理对话\nzeptoclaw agent -m \"你好，帮我设置一下工作空间\"\n\n# 流式逐token返回响应\nzeptoclaw agent --stream -m \"解释异步Rust\"\n\n# 使用内置模板\nzeptoclaw agent --template researcher -m \"搜索Rust代理框架\"\n\n# 批量处理提示\nzeptoclaw batch --input prompts.txt --output results.jsonl\n\n# 作为Telegram\u002FSlack\u002FDiscord\u002FWebhook网关启动\nzeptoclaw gateway\n\n# 每次请求都采用完全容器隔离\nzeptoclaw gateway --containerized\n```\n\n## 从OpenClaw迁移\n\n已经在运行OpenClaw？ZeptoClaw只需一条命令即可导入您的配置与技能。\n\n```bash\n# 自动检测OpenClaw安装路径（~\u002F.openclaw、~\u002F.clawdbot、~\u002F.moldbot）\nzeptoclaw migrate\n\n# 手动指定路径\nzeptoclaw migrate --from \u002Fpath\u002Fto\u002Fopenclaw\n\n# 预览将被迁移的内容（不写入任何文件）\nzeptoclaw migrate --dry-run\n\n# 非交互式（跳过确认提示）\nzeptoclaw migrate --yes\n```\n\n迁移命令会：\n- 转换提供商API密钥、模型设置及渠道配置\n- 将技能复制到`~\u002F.zeptoclaw\u002Fskills\u002F`\n- 在覆盖原有ZeptoClaw配置前备份现有配置\n- 验证迁移后的配置并报告任何问题\n- 列出无法自动迁移的功能\n\n支持JSON和JSON5格式的配置文件（包括注释、尾随逗号、未加引号的键）。\n\n## 部署\n\n\u003Cp align=\"center\">\n  \u003Ca href=\"https:\u002F\u002Fcloud.digitalocean.com\u002Fapps\u002Fnew?repo=https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Ftree\u002Fmain\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FDigitalOcean-0080FF?style=for-the-badge&logo=digitalocean&logoColor=white\" alt=\"部署到 DigitalOcean\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Frailway.com\u002Fdeploy?template=https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FRailway-0B0D0E?style=for-the-badge&logo=railway&logoColor=white\" alt=\"部署到 Railway\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Frender.com\u002Fdeploy?repo=https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FRender-46E3B7?style=for-the-badge&logo=render&logoColor=white\" alt=\"部署到 Render\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Ffly.io\u002Fdocs\u002Fhands-on\u002F\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FFly.io-6E42C1?style=for-the-badge&logo=fly.io&logoColor=white\" alt=\"部署到 Fly.io\">\u003C\u002Fa>\n\u003C\u002Fp>\n\n### 任意 VPS\n\n```bash\ncurl -fsSL https:\u002F\u002Fzeptoclaw.com\u002Fsetup.sh | bash\n```\n\n安装二进制文件并输出后续步骤。运行 `zeptoclaw onboard` 来配置提供商和通道。\n\n## 提供商\n\nZeptoClaw 支持 16 家 LLM 提供商。所有兼容 OpenAI 的端点开箱即用。\n\n| 提供商 | 配置键 | 设置 |\n|----------|------------|-------|\n| **Anthropic** | `anthropic` | `api_key` |\n| **OpenAI** | `openai` | `api_key` |\n| **OpenRouter** | `openrouter` | `api_key` |\n| **Google Gemini** | `gemini` | `api_key` |\n| **Groq** | `groq` | `api_key` |\n| **DeepSeek** | `deepseek` | `api_key` |\n| **xAI (Grok)** | `xai` | `api_key` |\n| **NVIDIA NIM** | `nvidia` | `api_key` |\n| **Azure OpenAI** | `azure` | `api_key` + `api_base` |\n| **AWS Bedrock** | `bedrock` | `api_key` |\n| **Kimi (Moonshot)** | `kimi` | `api_key` |\n| **Zhipu (GLM)** | `zhipu` | `api_key` |\n| **Qianfan (Baidu)** | `qianfan` | `api_key` |\n| **Novita AI** | `novita` | `api_key` |\n| **Ollama** | `ollama` | `api_key`（任意值） |\n| **VLLM** | `vllm` | `api_key`（任意值） |\n\n在 `~\u002F.zeptoclaw\u002Fconfig.json` 中配置，或通过环境变量：\n\n```json\n{\n  \"providers\": {\n    \"openrouter\": { \"api_key\": \"sk-or-...\" },\n    \"ollama\": { \"api_key\": \"ollama\" }\n  },\n  \"agents\": { \"defaults\": { \"model\": \"anthropic\u002Fclaude-sonnet-4\" } }\n}\n```\n\n```bash\nexport ZEPTOCLAW_PROVIDERS_GROQ_API_KEY=gsk_...\n```\n\n任何提供商的基础 URL 都可以通过 `api_base` 覆盖，以用于代理或自托管端点。有关详细信息，请参阅 [提供商文档](https:\u002F\u002Fzeptoclaw.com\u002Fdocs\u002Fconcepts\u002Fproviders\u002F)。\n\n## 功能\n\n### 核心\n\n| 功能 | 作用 |\n|---------|-------------|\n| **多提供商 LLM** | 16 家提供商支持 SSE 流式传输、带退避的重试与预算上限、自动故障转移 |\n| **33 种工具+插件** | Shell、文件系统、grep、find、网络、git、stripe、PDF、转录、Android ADB 等 |\n| **工具组合** | 通过自然语言描述创建新工具——可组合的 `{{param}}` 模板 |\n| **代理集群** | 委派给子代理，支持并行扇出、聚合以及成本感知路由 |\n| **库封装** | 可嵌入为一个 crate——`ZeptoAgent::builder().provider(p).tool(t).build()` 用于 Tauri\u002FGUI 应用 |\n| **批量模式** | 通过模板支持从文本\u002FJSONL 文件中处理数百个提示 |\n| **代理模式** | 观察者、助手、自主——基于类别的工具访问控制 |\n\n### 通道与集成\n\n| 功能 | 作用 |\n|---------|-------------|\n| **11 通道网关** | Telegram、Slack、Discord、WhatsApp Web + 云 API、Lark、电子邮件、Webhook、串口、ACP——统一的消息总线 |\n| **人格系统** | 通过 `\u002Fpersona` 命令实现每聊天的人格切换，并持久化长期记忆 |\n| **插件系统** | JSON 清单插件会自动从 `~\u002F.zeptoclaw\u002Fplugins\u002F` 中发现 |\n| **钩子** | `before_tool`、`after_tool`、`on_error`，支持日志、阻止和通知操作 |\n| **定时任务与心跳** | 定期调度任务、主动签到、后台启动 |\n| **内存与历史** | 工作区内存、长期键值存储、对话历史 |\n\n### 安全与运维\n\n| 功能 | 作用 |\n|---------|-------------|\n| **6 种沙盒运行时** | Docker、Apple Container、Landlock、Firejail、Bubblewrap 或原生 |\n| **网关启动保护** | 在发生 N 次崩溃后优雅降级——防止崩溃循环 |\n| **通道监控器** | 自动重启失效通道，设置冷却时间和最大重启次数 |\n| **工具审批门** | 基于策略的准入控制——危险工具需确认方可使用 |\n| **SSRF 防护** | DNS 固定、私有 IP 阻止、IPv6 过渡保护、方案验证 |\n| **Shell 阻止列表** | 正则表达式模式阻止反向 shell、rm -rf、权限提升 |\n| **令牌预算与成本** | 每会话预算强制执行，针对 8 种模型进行成本估算 |\n| **丰富的健康端点** | `\u002Fhealth` 包含版本、运行时间、RSS、使用指标、组件检查 |\n| **遥测** | Prometheus + JSON 指标导出、结构化日志、按租户追踪 |\n| **自我更新** | `zeptoclaw update` 从 GitHub 下载最新版本 |\n| **循环保护** | SHA256 工具调用重复检测，配合熔断机制停止 |\n| **上下文修剪** | 普通\u002F紧急\u002F关键压缩等级（70%\u002F90%\u002F95%），用于上下文窗口管理 |\n| **会话修复** | 自动修复孤立工具结果、空\u002F重复消息以及交替问题 |\n| **配置热加载** | 网关每 30 秒轮询配置修改时间，并实时应用提供商、通道和安全更新 |\n| **轻量版** | `HAND.toml` 代理配置文件，附带预设（研究员、程序员、监控员）及 `hand` CLI |\n| **多租户** | 一台 VPS 上承载数百个租户——隔离的工作空间，每个约 6MB RAM |\n\n> **完整文档** — [zeptoclaw.com\u002Fdocs](https:\u002F\u002Fzeptoclaw.com\u002Fdocs\u002F) 涵盖配置、环境变量、CLI 参考、部署指南等内容。\n\n## 灵感来源\n\nZeptoClaw 的灵感来自开源 AI 代理生态中的多个项目——OpenClaw、NemoClaw、NanoClaw 和 PicoClaw——它们各自以不同方式解决同一问题。NemoClaw 的声明式策略模型和经摘要验证的供应链影响了我们的安全理念。而 ZeptoClaw 的贡献在于 Rust 的内存安全、异步性能以及容器隔离技术，适用于生产环境下的多租户部署——所有这些都浓缩在仅 6MB 的二进制文件中，能够在 Docker 容器无法运行的地方运行。\n\n## 使用方法\n\n```bash\n# CLI 代理（一次性或流式）\nzeptoclaw agent -m \"总结这个仓库\"\nzeptoclaw agent --stream -m \"解释 async Rust\"\nzeptoclaw agent --template coder -m \"为 main.rs 添加错误处理\"\n\n# 多通道网关\nzeptoclaw gateway                    # Telegram、Slack、Discord 等\nzeptoclaw gateway --containerized    # 每请求独立隔离容器\n\n# 内存、密钥、个人资料\nzeptoclaw memory set project:name \"ZeptoClaw\" --category project\nzeptoclaw secrets encrypt\nzeptoclaw hand activate researcher\n\n# 批处理、诊断、自我更新\nzeptoclaw batch --input prompts.txt --output results.jsonl  \nzeptoclaw doctor                     # 诊断配置\u002F提供商问题  \nzeptoclaw update                     # 自我更新至最新版本  \n\n```bash\n# 开发\ncargo build\n\n# 运行所有测试（共计约3,900个）\ncargo nextest run --lib\n\n# 格式化与代码检查（每次提交前必做）\ncargo clippy -- -D warnings  \ncargo fmt -- --check\n```\n\n请参阅 [CLAUDE.md](CLAUDE.md) 获取完整的架构说明，[AGENTS.md](AGENTS.md) 获取编码指南，以及 [docs\u002F](docs\u002F) 获取基准测试、多租户部署和性能优化指南。\n\n## Zepto 堆栈\n\nZeptoClaw 是 Zepto 堆栈的一部分——一个用于在生产环境中运行 AI 代理的模块化系统。\n\n```\nZeptoPM        — 编排、监控、重试、任务生命周期  \n    │  \n    │  create(spec) + spawn(worker, args, env)  \n    ▼  \nZeptoCapsule   — 封装创建、进程隔离、资源限制  \n    │  \n    │  fork\u002Fnamespace\u002FmicroVM + 标准输入输出传输  \n    ▼  \nZeptoClaw      — LLM 调用、工具使用、产物生成  \n    │  \n    └── 通过标准输入\u002F输出进行 JSON 行式 IPC，回传至 ZeptoPM  \n```\n\n| 层级 | 仓库 | 角色 |\n|:------|:-----|:-----|\n| **ZeptoPM** | [qhkm\u002Fzeptopm](https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptopm) | 进程管理器 — 配置驱动的守护进程、HTTP API、流水线、编排 |\n| **ZeptoCapsule** | [qhkm\u002Fzeptocapsule](https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptocapsule) | 沙箱 — 进程\u002F命名空间\u002FFirecracker 隔离、资源限制、回退链 |\n| **ZeptoRT** | [qhkm\u002Fzeptort](https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptort) | 持久化运行时 — 日志化效果、快照恢复、OTP 式监督 |\n| **ZeptoClaw** | [qhkm\u002Fzeptoclaw](https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw) | 代理框架 — 33 种工具、16 种提供商、11 种渠道、容器隔离 |\n\n## 贡献\n\n我们欢迎贡献！请阅读 **[CONTRIBUTING.md](CONTRIBUTING.md)** 了解：\n\n- 如何从上游仓库设置您的分支和复刻  \n- 问题优先的工作流（先开 issue 再编码）  \n- Pull Request 流程与质量门控  \n- 添加新工具、渠道和提供商的指南  \n\n## 许可证\n\nApache 2.0 — 详见 [LICENSE](LICENSE)\n\n## 免责声明\n\nZeptoClaw 是一个纯开源软件项目。它不涉及任何代币、加密货币、区块链组件或任何形式的金融工具。本项目与任何代币或金融产品均无关联。\n\n---\n\n\u003Cp align=\"center\">\n  \u003Cem>ZeptoClaw — 因为你的 AI 助手不应该比你的文本编辑器占用更多内存。\u003C\u002Fem>\n\u003C\u002Fp>\n\u003Cp align=\"center\">\n  由 \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fqhkm\">Aisar Labs\u003C\u002Fa> 构建\n\u003C\u002Fp>","# ZeptoClaw 快速上手指南\n\n## 环境准备\n\n**系统要求：**\n- macOS 或 Linux 系统\n- 支持 x86_64 架构（ARM64 也基本兼容）\n- 推荐内存：至少 2GB RAM\n\n**前置依赖：**\n- 安装 `curl` 和 `sh` 命令行工具\n- 如果使用 Homebrew，需先安装 Homebrew\n- 如果使用 Docker，需安装 Docker 引擎\n\n> 📌 提示：国内用户可使用镜像源加速下载，如需要请参考后续安装步骤中的说明。\n\n---\n\n## 安装步骤\n\n### 方法一：一键安装（推荐）\n\n```bash\ncurl -fsSL https:\u002F\u002Fraw.githubusercontent.com\u002Fqhkm\u002Fzeptoclaw\u002Fmain\u002Finstall.sh | sh\n```\n\n> ⚠️ 注意：首次运行时可能会提示确认安装，按提示操作即可。\n\n### 方法二：Homebrew 安装（macOS 用户）\n\n```bash\nbrew install qhkm\u002Ftap\u002Fzeptoclaw\n```\n\n> 📦 国内用户可尝试使用 [Homebrew 镜像](https:\u002F\u002Fmirrors.tuna.tsinghua.edu.cn\u002Fhelp\u002Fhomebrew\u002F) 加速安装。\n\n### 方法三：Docker 安装\n\n```bash\ndocker pull ghcr.io\u002Fqhkm\u002Fzeptoclaw:latest\n```\n\n### 方法四：从源码编译安装（需 Rust 环境）\n\n```bash\ncargo install zeptoclaw --git https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\n```\n\n---\n\n## 基本使用\n\n### 启动交互式配置（首次使用推荐）\n\n```bash\nzeptoclaw onboard\n```\n\n该命令将引导你完成 API 密钥、通道和工作区的设置。\n\n### 与 AI 助理对话\n\n```bash\nzeptoclaw agent -m \"Hello, set up my workspace\"\n```\n\n### 流式输出响应（逐字显示结果）\n\n```bash\nzeptoclaw agent --stream -m \"Explain async Rust\"\n```\n\n### 使用内置模板（例如研究员模式）\n\n```bash\nzeptoclaw agent --template researcher -m \"Search for Rust agent frameworks\"\n```\n\n### 批量处理多个提示\n\n```bash\nzeptoclaw batch --input prompts.txt --output results.jsonl\n```\n\n### 启动网关服务（支持 Telegram\u002FSlack\u002FDiscord\u002FWebhook）\n\n```bash\nzeptoclaw gateway\n```\n\n### 启用容器隔离模式（更安全）\n\n```bash\nzeptoclaw gateway --containerized\n```\n\n---\n\n## 小结\n\nZeptoClaw 是一个轻量级、高性能、安全可靠的个人 AI 助理工具，适合开发者快速集成到自己的工作流中。通过简单的命令即可完成安装和使用，支持多种 LLM 提供商和丰富的功能模块，是构建智能助手的理想选择。","某初创公司的 DevOps 团队正在为一个即将上线的 Web 应用进行安全审计，他们需要快速识别 API 接口中的潜在漏洞，并生成可追溯的审计报告。\n\n### 没有 zeptoclaw 时\n- 团队需要手动检查每个 API 端点，耗时且容易遗漏关键问题。\n- 缺乏自动化工具支持，无法高效执行集成测试或检测认证头缺失等常见漏洞。\n- 安全审计结果无法自动保存和分类管理，导致后续追踪困难。\n- 使用传统安全扫描工具时，启动时间长、资源占用高，影响开发效率。\n- 需要依赖多个第三方工具完成不同任务，增加了操作复杂度和维护成本。\n\n### 使用 zeptoclaw 后\n- 通过命令行一键执行 API 安全分析，自动识别出如认证头缺失、开放重定向等漏洞。\n- 内置的集成测试功能与漏洞检测能力结合，显著提升了审计效率和准确性。\n- 所有发现的安全问题会自动存储到长期记忆中，并按项目分类，便于后续跟踪和修复。\n- 轻量级的二进制文件（仅 6MB）可在任意设备上快速启动，资源占用极低。\n- 提供统一的 AI 助手平台，整合了多种工具和运行时环境，简化了工作流程。\n\n核心价值：zeptoclaw 以轻量、高效、安全的方式，帮助开发团队实现自动化、精准化的 API 安全审计。","https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fqhkm_zeptoclaw_5c1eece1.png","qhkm","https:\u002F\u002Foss.gittoolsai.com\u002Favatars\u002Fqhkm_16430fce.jpg","AI product builder, aisar.ai, loyca.ai, zeptoclaw.com, superutils.app","Aisar.ai","Tokyo","qhkmdev90@gmail.com","qaiyyumhakimi9",null,"https:\u002F\u002Fgithub.com\u002Fqhkm",[85,89,93,97,101,105,108,112,115,118],{"name":86,"color":87,"percentage":88},"Rust","#dea584",95,{"name":90,"color":91,"percentage":92},"TypeScript","#3178c6",2.5,{"name":94,"color":95,"percentage":96},"HTML","#e34c26",1.6,{"name":98,"color":99,"percentage":100},"Shell","#89e051",0.6,{"name":102,"color":103,"percentage":104},"JavaScript","#f1e05a",0.1,{"name":106,"color":107,"percentage":104},"Makefile","#427819",{"name":109,"color":110,"percentage":111},"MDX","#fcb32c",0,{"name":113,"color":114,"percentage":111},"Dockerfile","#384d54",{"name":116,"color":117,"percentage":111},"Ruby","#701516",{"name":119,"color":120,"percentage":111},"CSS","#663399",569,85,"2026-04-05T05:56:13","Apache-2.0","Linux, macOS","未说明","6MB",{"notes":129,"python":126,"dependencies":130},"ZeptoClaw 是一个超轻量级的 AI 助手，基于 Rust 编写，支持多种 LLM 提供商，包含 33 个内置工具和 11 个通信渠道。安装方式包括脚本、Homebrew、Docker 和从源码编译。建议使用 Docker 或直接运行二进制文件进行部署，且支持在 $10 硬件上运行。",[],[15,14,13],[133,134,135,136],"ai","ai-assistant","open-source","rust","2026-03-27T02:49:30.150509","2026-04-06T07:14:58.065751",[140,145,150,155,160,164],{"id":141,"question_zh":142,"answer_zh":143,"source_url":144},5811,"如何解决 Telegram 用户不在允许列表中的问题？","此问题是由于在 v0.5.0 版本中引入的 `dptree` 依赖注入机制导致的。当添加 `\u002Fmodel` 功能时，新增的 `Vec\u003CString>` 类型覆盖了原有的允许列表配置。修复方法是使用 PR #109 中的新类型包装器来区分不同类型的依赖项。请升级到最新版本以获得修复。","https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fissues\u002F107",{"id":146,"question_zh":147,"answer_zh":148,"source_url":149},5812,"如何解决运行 `lint-container.sh` 脚本时出现的权限错误？","该错误通常与 Podman 的用户命名空间设置有关。`--userns=keep-id` 参数目前仅支持 `podman run`，不适用于 `podman build`。建议使用 Docker 或确保 Podman 的版本支持该参数。此外，脚本本身不需要写入主机文件，因此无需担心文件所有权问题。","https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fissues\u002F424",{"id":151,"question_zh":152,"answer_zh":153,"source_url":154},5813,"如何正确设置 ZeptoClaw 的时区以避免时间计算错误？","ZeptoClaw 支持通过配置文件或环境变量设置时区。系统会自动检测本地时区（如 TZ 环境变量、\u002Fetc\u002Flocaltime 或默认 UTC）。同时，系统提示中会动态显示当前时间，确保每次调用 LLM 时时间不会过期。用户消息也会带有时间戳，例如 `[Mon 2026-02-16 12:51 +08:00]`。","https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fissues\u002F31",{"id":156,"question_zh":157,"answer_zh":158,"source_url":159},5814,"如何在 ZeptoClaw 中实现代码编辑功能？","ZeptoClaw 的设计目标是适用于嵌入式和 IoT 设备，因此默认不包含 `grep`、`find` 等依赖系统二进制文件的工具。对于需要这些工具的开发场景，可以将其作为插件使用。核心工具应保持轻量，而 `read_file`、`write_file` 和 `edit_file` 等文件操作工具则可作为插件提供。","https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fissues\u002F282",{"id":161,"question_zh":162,"answer_zh":163,"source_url":154},5815,"如何解决 ZeptoClaw 提醒功能的时间偏差问题？","提醒功能的时间偏差问题源于系统无法实时获取当前时间。为了解决这个问题，ZeptoClaw 在系统提示中动态更新当前时间，并且每个用户消息都会附带时间戳。这样即使在多轮对话中，也能保证时间信息的准确性。请升级到包含 PR #37 的版本以获得修复。",{"id":165,"question_zh":166,"answer_zh":167,"source_url":154},5816,"如何处理 ZeptoClaw 中的时区配置问题？","ZeptoClaw 支持通过配置文件或环境变量设置时区。系统会自动检测本地时区（如 TZ 环境变量、\u002Fetc\u002Flocaltime 或默认 UTC），并可以在系统提示中动态显示当前时间。如果需要手动指定时区，可以通过 `agents.defaults.timezone` 配置字段进行设置。",[169,174,179,184,189,194,199,204,209,214,219,224,229,234,239,244,249,254,259,264],{"id":170,"version":171,"summary_zh":172,"released_at":173},105452,"v0.9.1","## What's Changed\n* fix(onboard): provider-first flow with filtered model selection by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F453\n* fix(providers): skip Claude CLI import when anthropic config is null by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F455\n\n\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fcompare\u002Fv0.9.0...v0.9.1","2026-03-26T18:49:41",{"id":175,"version":176,"summary_zh":177,"released_at":178},105453,"v0.9.0","## v0.9.0 — Vertex AI, Telegram UX, and bug fixes\n\n### Highlights\n\n- **Google Vertex AI provider** — First-class Gemini support via Vertex regional endpoints with ADC auto-refresh auth. Zero manual token management.\n- **Telegram reactions** — 👀 on receipt, ✅ on completion. Configurable via `telegram.reactions`.\n- **Telegram reply-to threading** — Outbound messages now thread back to the original inbound message.\n- **Telegram photo & image support** — Process photos and image documents from Telegram chats.\n- **Web search quiet output** — Users see \"Searching...\" status; full results go to LLM only.\n- **ACP (Agent Client Protocol)** — stdio + HTTP channel implementation for programmatic agent access.\n\n### Bug fixes\n\n- Fix day-of-week LLM hallucination (abbreviated → full name)\n- Fix NFC offset mapping drift on multi-composition Unicode edits\n- Fix output truncation byte count accuracy after char-boundary backtracking\n- Fix container engine detection (Podman-as-Docker alias handling)\n- Fix Discord text attachment handling\n- Remove unnecessary lint suppressions from Cargo.toml\n\n### Contributors\n\n@stuartbowness @rafaellin @starsy","2026-03-26T17:28:18",{"id":180,"version":181,"summary_zh":182,"released_at":183},105454,"v0.8.2","## What's Changed\n* chore(deps): bump Swatinem\u002Frust-cache from 2.8.2 to 2.9.1 by @dependabot[bot] in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F412\n* chore(deps): bump docker\u002Fmetadata-action from 5.10.0 to 6.0.0 by @dependabot[bot] in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F382\n* chore(deps-dev): bump @types\u002Fnode from 25.3.0 to 25.3.5 in \u002Fpanel by @dependabot[bot] in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F384\n* chore(deps): bump @astrojs\u002Fstarlight from 0.37.6 to 0.37.7 in \u002Flanding\u002Fzeptoclaw\u002Fdocs by @dependabot[bot] in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F383\n* chore(deps): bump @astrojs\u002Fstarlight from 0.37.6 to 0.37.7 in \u002Flanding\u002Fr8r\u002Fdocs by @dependabot[bot] in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F378\n* chore(deps): bump debian from `1d3c811` to `26f98cc` by @dependabot[bot] in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F374\n\n\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fcompare\u002Fv0.8.1...v0.8.2","2026-03-24T16:23:13",{"id":185,"version":186,"summary_zh":187,"released_at":188},105455,"v0.8.1","## What's Changed\n* fix(lib): harden embedded ZeptoAgent tool execution by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F402\n* feat(tools): conformance fixtures, edit fuzzy matching, output truncation by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F398\n* Telegram channel improvements + security hardening by @stuartbowness in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F396\n* fix(safety): prevent empty taint snippets from causing false positives by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F406\n* chore: fix all clippy warnings under --all-targets by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F405\n* chore: update vulnerable dependencies (aws-lc-sys, rustls-webpki) by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F408\n* feat(providers): add Novita AI provider by @Alex-wuhu in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F390\n* feat: model discoverability & provider auto-selection by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F407\n\n## New Contributors\n* @stuartbowness made their first contribution in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F396\n* @Alex-wuhu made their first contribution in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F390\n\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fcompare\u002Fv0.8.0...v0.8.1","2026-03-24T04:34:02",{"id":190,"version":191,"summary_zh":192,"released_at":193},105456,"v0.8.0","## What's Changed\n* feat: shimmer spinner + enhanced CLI UX for agent responses by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F337\n* feat: add deep-research skill with 4-phase methodology by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F344\n* feat: add ask_clarification tool with pause_for_input agent loop integration by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F343\n* fix: AgentLoop constructors respect config streaming default by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F349\n* feat: interactive approval prompts, streaming parity, safer defaults by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F353\n* feat: stream by default + response metadata footer by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F342\n* fix: discord channel ignores image only messages by @rafaellin in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F346\n* chore: validate Zhipu API keys during onboarding by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F335\n* fix: Dockerfile.dev with BuildKit cache mounts + lint-container.sh by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F358\n* fix(templates): coder template uses existing tests and edit_file by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F359\n* feat: r8r bridge WebSocket client + progressive disclosure CLAUDE.md by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F365\n* fix: image content handling in loop by @rafaellin in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F355\n\n## New Contributors\n* @rafaellin made their first contribution in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F346\n\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fcompare\u002Fv0.7.6...v0.8.0","2026-03-23T06:44:51",{"id":195,"version":196,"summary_zh":197,"released_at":198},105457,"v0.7.6","## What's Changed\n* fix: deduplicate Claude subscription token warning by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F320\n* feat: slash command suggestions in CLI interactive mode by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F323\n* fix: harden inbound auth and filesystem boundaries by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F324\n\n\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fcompare\u002Fv0.7.5...v0.7.6","2026-03-11T17:29:24",{"id":200,"version":201,"summary_zh":202,"released_at":203},105458,"v0.7.5","## What's Changed\n* feat(cli): add config reset command by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F306\n* feat: model-provider compatibility validation by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F311\n* feat(cli): add zeptoclaw uninstall command by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F315\n* fix(cli): default agent mode to warn-level logging by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F313\n* fix(config): sync validator with runtime schema by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F314\n* feat: Ollama cloud model support (keyless auth) by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F316\n* chore(deps): bump rustls from 0.23.36 to 0.23.37 by @dependabot[bot] in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F304\n* chore(deps): bump chrono from 0.4.43 to 0.4.44 by @dependabot[bot] in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F301\n* chore(deps): bump anyhow from 1.0.101 to 1.0.102 by @dependabot[bot] in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F298\n* chore(deps): bump actions\u002Fdownload-artifact from 7.0.0 to 8.0.0 by @dependabot[bot] in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F303\n* chore(deps): bump codecov\u002Fcodecov-action from 0561704f0f02c16a585d4c7555e57fa2e44cf909 to 671740ac38dd9b0130fbe1cec585b89eea48d3de by @dependabot[bot] in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F300\n* chore(deps-dev): bump @types\u002Fnode from 25.2.0 to 25.3.0 in \u002Fpanel by @dependabot[bot] in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F299\n* chore(deps): bump chromiumoxide from 0.9.0 to 0.9.1 by @dependabot[bot] in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F297\n* chore(deps): bump jsonwebtoken from 9.3.1 to 10.3.0 by @dependabot[bot] in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F296\n* chore(deps): bump actions\u002Fupload-artifact from 6.0.0 to 7.0.0 by @dependabot[bot] in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F302\n\n\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fcompare\u002Fv0.7.4...v0.7.5","2026-03-11T12:13:40",{"id":205,"version":206,"summary_zh":207,"released_at":208},105459,"v0.7.4","## What's Changed\n* feat: native WhatsApp Web channel via wa-rs by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F294\n\n\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fcompare\u002Fv0.7.3...v0.7.4","2026-03-10T10:57:18",{"id":210,"version":211,"summary_zh":212,"released_at":213},105460,"v0.7.3","## What's Changed\n* feat(auth): auto-import Claude CLI credentials as fallback by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F290\n\n\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fcompare\u002Fv0.7.2...v0.7.3","2026-03-10T08:08:40",{"id":215,"version":216,"summary_zh":217,"released_at":218},105461,"v0.7.2","## What's Changed\n* feat: add grep, find, and unified diff edit tools by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F283\n* fix(onboard): treat HTTP 429 as valid during API key validation by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F293\n\n\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fcompare\u002Fv0.7.1...v0.7.2","2026-03-10T05:59:12",{"id":220,"version":221,"summary_zh":222,"released_at":223},105462,"v0.7.1","## What's Changed\n* feat: per-template capability sandbox (#222) by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F279\n* fix(security): harden lightweight mount validation by @zpbrent in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F281\n\n\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fcompare\u002Fv0.7.0...v0.7.1","2026-03-07T17:41:30",{"id":225,"version":226,"summary_zh":227,"released_at":228},105463,"v0.7.0","## v0.7.0 — Security Hardening & New Integrations\n\nThis release focuses on hardening ZeptoClaw's security posture across shell execution, file access, network requests, and skill installation — while adding new provider integrations and channel improvements.\n\n### Security\n\n* security: harden path validation against dangling symlink escapes by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F278\n* security: add structured command parsing to shell.rs by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F269\n* security: add SSRF guardrails to skill installer with DNS pinning by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F267\n* enforces SSRF checks on the actual browser request chain by @zpbrent in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F272\n* Fix GHSA-5gqm-m96q-7h65 by @zpbrent in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F261\n\n### Features\n\n* feat(providers): add xAI (Grok) and Baidu Qianfan presets by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F247\n* feat(discord): add HTTP CONNECT proxy support for Gateway WebSocket by @starsy in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F262\n* feat(lark): enable Markdown rendering in Feishu\u002FLark by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F270\n* feat: track token usage in containerized agent mode by @papatinga81 in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F258\n* kernel convergence: safety scan rename, agent loop gate routing, provider status CLI by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F256\n\n### Fixes\n\n* fix(cron): audit and fix scheduler reliability (#246) by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F255\n* fix(channels): show configured provider models in \u002Fmodel list by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F216\n* fix: harden spawned task crash isolation by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F265\n\n### Infrastructure\n\n* chore: add code coverage with cargo-llvm-cov + Codecov by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F276\n* chore: switch to cargo-nextest for OOM-resistant test runs by @starsy in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F273\n\n### Test stats\n\n- 3046 lib tests passing\n\n## New Contributors\n\n* @starsy made their first contribution in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F262\n* @zpbrent made their first contribution in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F261\n* @papatinga81 made their first contribution in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F258\n\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fcompare\u002Fv0.6.2...v0.7.0","2026-03-07T11:27:55",{"id":230,"version":231,"summary_zh":232,"released_at":233},105464,"v0.6.2","## What's Changed\n* feat(mcp): add stdio transport and MCP tool registration by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F192\n* docs: add disclaimer — no token, no crypto, no blockchain by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F204\n* feat: add multimodal vision\u002Fimage input support by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F202\n* feat(auth): OpenAI OAuth \u002F Codex CLI auth login by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F205\n* feat(tools): add DOCX text extraction tool by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F206\n* feat(channels): add MQTT channel for IoT device communication by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F209\n* feat(providers): add DeepSeek and Kimi support by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F208\n* feat(quota): per-provider usage quota management (#200) by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F210\n* fix(safety): block destructive git operations in shell blocklist by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F195\n* feat(providers): add Azure OpenAI and Amazon Bedrock provider presets by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F211\n* fix(lark): use correct receive_id_type based on ID prefix by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F215\n* feat(tools): add SearXNG web search provider by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F214\n* refactor(kernel): extract thin kernel from create_agent_with_template() by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F224\n* chore: Update dependencies by @reneleonhardt in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F183\n* chore(deps): bump rust from `7e6fa79` to `c0a38f5` by @dependabot[bot] in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F226\n* chore(deps-dev): bump @types\u002Fnode from 24.10.14 to 25.2.0 in \u002Fpanel by @dependabot[bot] in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F227\n* chore(deps): bump futures from 0.3.31 to 0.3.32 by @dependabot[bot] in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F230\n* chore(deps): bump clap from 4.5.58 to 4.5.60 by @dependabot[bot] in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F231\n* feat(api): add OpenAI-compatible \u002Fv1\u002Fchat\u002Fcompletions endpoint by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F235\n* feat(agent): upgrade loop guard with multi-layer detection (#220) by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F236\n* feat(mcp): add MCP server mode (#217) by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F233\n* feat(safety): add taint tracking for data-flow safety (#219) by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F241\n* fix(tests): stabilize plugin and doctor tests for Docker\u002Fact (#238) by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F242\n* chore(deps): bump gog-gmail from `b2cb233` to `d30a532` by @dependabot[bot] in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F228\n* chore(deps): bump gog-core from `b2cb233` to `d30a532` by @dependabot[bot] in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F229\n* chore(deps): bump gog-calendar from `b2cb233` to `d30a532` by @dependabot[bot] in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F232\n* fix(security): patch shell blocklist bypass and Android rm flag permutation by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F248\n\n## New Contributors\n* @reneleonhardt made their first contribution in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F183\n* @dependabot[bot] made their first contribution in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F226\n\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fcompare\u002Fv0.6.1...v0.6.2","2026-03-04T17:28:24",{"id":235,"version":236,"summary_zh":237,"released_at":238},105465,"v0.6.1","## Added\n- **Control panel web UI** — axum API server with REST routes, WebSocket event streaming, JWT auth, CSRF protection; React + Vite + Tailwind frontend with Dashboard, Logs, Sessions, Cron\u002FRoutines, Kanban (drag-and-drop), and live Agent Office pages; `zeptoclaw panel` CLI command (#180)\n- **Google Workspace tools** — Gmail search\u002Fread\u002Fsend\u002Freply + Calendar list\u002Fcreate\u002Ffreebusy via gogcli-rs; feature-gated behind `--features google` (#162)\n\n## Fixed\n- **Per-message memory injection** — LLM now receives query-matched relevant memories (not just pinned) in every message, including tool-loop follow-up calls (#188)\n- Shared single LTM instance between agent injection and `longterm_memory` tool (eliminates duplicate initialization)\n- Per-skill install from multi-skill repos (#169)\n- Per-provider model mapping for fallback chains (#166)\n- Added `version` spec to `gog-*` git dependencies for crates.io publishing compatibility\n\n## Changed\n- Test count: 2,612 lib tests","2026-02-26T18:52:34",{"id":240,"version":241,"summary_zh":242,"released_at":243},105466,"v0.6.0","**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fcompare\u002Fv0.5.9...v0.6.0","2026-02-26T05:46:51",{"id":245,"version":246,"summary_zh":247,"released_at":248},105467,"v0.5.9","## What's Changed\n* feat(web): DOM-based extraction with scraper by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F146\n* feat(gateway): startup guard — degrade after N crashes by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F147\n* feat(peripherals): bring RPi peripheral to parity with ESP32 by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F152\n* feat(tools): parallel fan-out for multi-agent aggregate by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F150\n* feat(agent): ZeptoAgent library facade for embedding as crate by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F154\n* feat(web): DuckDuckGo free search fallback by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F151\n* fix: upgrade teloxide 0.12→0.17 and tokio-tungstenite 0.21→0.28 by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F156\n* feat(agent): improve ZeptoAgent facade — sequential exec, callback, repair by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F157\n\n\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fcompare\u002Fv0.5.8...v0.5.9","2026-02-25T08:09:34",{"id":250,"version":251,"summary_zh":252,"released_at":253},105468,"v0.5.8","## What's Changed\n* feat(health): rich health endpoint with version, memory, usage by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F145\n\n\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fcompare\u002Fv0.5.7...v0.5.8","2026-02-24T13:06:13",{"id":255,"version":256,"summary_zh":257,"released_at":258},105469,"v0.5.5","## What's New\n\n### Channel Supervision System (#117)\n- **Polling supervisor** in ChannelManager detects dead channels every 15s and auto-restarts them (60s cooldown, max 5 restarts)\n- **HealthRegistry integration** — `\u002Fready` endpoint now reflects actual channel health\n- **Fixed stale `is_running()` flags** in Discord, Slack, WhatsApp, and Telegram — spawned tasks now set `running = false` on exit\n\n### Stale State Fixes (#118)\n- **Cron**: set `running = false` on task exit\n- **Heartbeat**: set `running = false` on task exit\n- **Lark**: set `running = false` on spawn exit\n- **Gateway proxy\u002Fagent**: `set_ready(false)` now runs before error handling, clearing readiness even on panic\n\n### Bug Fixes\n- **Exclude benchmark binary from `cargo install`** (#120) — set `autobins = false` so only the `zeptoclaw` CLI is installed. Thanks @chenrui333 for the report! (#119)\n\n## Install \u002F Update\n\n```bash\ncargo install zeptoclaw\n\n# or self-update\nzeptoclaw update\n```\n\n## What's Changed\n* feat(channels): add supervisor to auto-restart dead channels by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F117\n* fix: prevent stale state on task exit in cron, heartbeat, lark, gateway by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F118\n* fix: exclude benchmark binary from cargo install by @qhkm in https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F120\n\n\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fcompare\u002Fv0.5.4...v0.5.5","2026-02-23T22:34:18",{"id":260,"version":261,"summary_zh":262,"released_at":263},105470,"v0.5.4","## What's Changed\n\n### New Features\n\n- **Self-update command** ([#111](https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F111)) — `zeptoclaw update` checks GitHub Releases for the latest version, downloads the matching platform binary, verifies its SHA256 checksum, and atomically replaces the running executable\n  ```\n  zeptoclaw update              # update to latest\n  zeptoclaw update --check      # check without downloading\n  zeptoclaw update --version v0.5.2  # specific version\n  zeptoclaw update --force      # re-download even if current\n  ```\n\n### Bug Fixes\n\n- **OpenAI token field** — `o1`, `o3`, `o4`, and `gpt-5` models require `max_completion_tokens` instead of `max_tokens`. Previously the provider sent the wrong field, received a rejection, then retried — wasting a round-trip on every agent call. Now selects the correct field upfront\n\n- **Tool execution race** ([#113](https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F113)) — When the LLM called `write_file` and `read_file` in the same batch, parallel execution caused a read-before-write race. Tool batches containing filesystem writers now execute sequentially in LLM-declared order; read-only batches remain parallel\n\n- **Scheduling & delivery** ([#113](https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fpull\u002F113)) — Four bugs in the cron\u002Fheartbeat pipeline:\n  - System prompt now instructs the LLM to deliver `Reminder: X` messages as friendly notifications and respond `HEARTBEAT_OK` to heartbeat pings\n  - One-shot cron job retain logic rewritten with a clear `should_remove` variable (was a confusing double-negative)\n  - `ZEPTOCLAW_HEARTBEAT_DELIVER_TO=channel:chat_id` config now actually wires through to `HeartbeatService`\n  - Unknown outbound channel logs downgraded from `warn` to `debug` (eliminates noisy spam on every heartbeat tick)\n\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fcompare\u002Fv0.5.3...v0.5.4","2026-02-23T13:35:47",{"id":265,"version":266,"summary_zh":267,"released_at":268},105471,"v0.5.3","## v0.5.3\n\nFirst release published to [crates.io](https:\u002F\u002Fcrates.io\u002Fcrates\u002Fzeptoclaw).\n\n### Changes\n- Published `zeptoclaw` to crates.io — install with `cargo install zeptoclaw`\n- Added `cargo release` commands to quick reference docs\n\n### Bug Fixes (carried from v0.5.2)\n- **Telegram allowlist**: Fixed dptree type collision that silently broke username-based allowlists since v0.5.0 (#109)\n\n**Full Changelog**: https:\u002F\u002Fgithub.com\u002Fqhkm\u002Fzeptoclaw\u002Fcompare\u002Fv0.5.2...v0.5.3","2026-02-23T11:24:41"]