Private Alpha

Start with a conversation.Go agentic when the task needs background work, connectors, or a real deliverable, without giving up the Mirror-protected route

MirrorClaw keeps prompts, files, and enterprise know-how on the Mirror service path while longer work moves into isolated runtime and returns with visible proof in the same workspace.

Enter alphaSee security model
Conversation first
Agentic when asked
Mirror protected
Visible proof

See how the workspace actually works

Route, runtime, connectors, and proof stay attached to the same agent flow

Agent workspace

Chat, context, memory, and task intent start in one workspace

Mirror route

Mirror Gateway

Encrypted inference and custody boundary

Core route
Delegate

Isolated Runtime

Delegated jobs, routines, and tool-heavy work execute off the main thread

Return

Memory + Artifacts

Results, saved context, policy signals, and evidence return to the workspace

205
Lifecycle cases
Security bench release gate
75
Workspace scenarios
ClawSafety-aligned supplemental suite
4
Security lanes
Bench, SkillAttack, PromptSecurity, agent-scan
24/7
Release gate
ClawArena validation in the loop

Security is part of the product surface

Real route, real runtime, real posture, and release-time validation

Encrypted inference on the primary path

MirrorClaw leads with the Mirror gateway route so encrypted inference is part of the product boundary, not a backend footnote.

Isolated execution when work leaves chat

Long-running work can move into isolated runtime instead of stretching the trust boundary of the main workspace thread.

Connector posture stays visible

Setup blockers, hosted readiness, secret custody, and confidential-runtime status are surfaced directly instead of hidden behind a connected badge.

Security-gated releases

ClawArena Security stays in the release loop so hosted builds are tested against real agent risks before they move forward.

Security tested against real agent attacks

Every hosted build is gated by lifecycle, workspace, prompt, and capability attack coverage before it moves forward.

Learn More
205
Lifecycle cases
ATT&CK-style lifecycle coverage before release
75
Workspace scenarios
Email, web, and skill-driven workspace attacks
4
Security lanes
Bench, SkillAttack, PromptSecurity, and agent-scan
Gate
Release policy
Hosted builds are blocked until the suite clears

Current ClawArena signal across the Claw ecosystem

We compare product shape, runtime behavior, and scenario coverage instead of pretending every framework solves the same problem.

MirrorClawWorkspace-first

Built around encrypted inference, isolated execution, connector posture, and visible proof in one hosted product shell.

Current signal: hosted product validation, policy and capability enforcement, connector readiness, and release-gated ClawArena coverage.
Encrypted inference routePolicy + capability enforcementConnector readiness surfaced
HermesRunner maturity

Strong sampled runtime behavior and more mature task-runner characteristics in our current ClawArena comparison runs.

Current signal: 13-case runtime security sample and 15 paired SkillAttack cases with lower sampled runtime exposure so far.
Sampled runtime safetyStable task-runner behaviorMessaging-first shape
OpenClawBaseline benchmark target

Useful as the baseline because it has the broadest direct runtime evidence in our bench, but the weakest measured runtime posture.

Current signal: 205-case lifecycle bench and 15 paired SkillAttack cases with high exposure on recon, discovery, and credential paths.
Full 205-case lifecycle runSkillAttack baseline targetHigh measured exposure

Access Surfaces

Start in the web workspace, then extend into API, CLI, and channel surfaces

Web workspace
active
API
active
CLI
active
Slack
coming
Discord
coming
Telegram
planned

Connectors & Capabilities

Use connectors, skills, and runtime capabilities with visible trust posture instead of hidden setup state

GmailConnector
active
Google CalendarConnector
active
GitHubDevOps
active
Google DriveConnector
coming
SlackConnector
coming
PostgreSQLData
planned

Domain-ready workspaces

The core product stays the same. The connectors, skills, policies, and artifacts change by domain.

Research workspace

Email, notes, follow-ups, and artifact generation in one thread so research does not die in disconnected tabs.

Inbox triageBrief generationFollow-up artifacts
DevOps workspace

GitHub, CLI, runtime jobs, and incident follow-through with delegated execution and returned operational artifacts.

GitHub tasksRunbooksDelegated jobs
Finance workspace

Structured approvals, spreadsheet and document flows, and policy-aware outputs with clearer review boundaries.

Sheets + docsApproval artifactsPolicy-aware outputs
Legal workspace

Matter-centric memory, document review, and evidence-backed outputs where traceability matters as much as speed.

Document reviewResearch notesEvidence trail

Pricing model

Charge for the workspace and runtime, not artificial seats. Confidential defaults should be part of the product, not a fake add-on tier.

Alpha

Freeinvite only
  • Private workspace access
  • Hosted runtime proof
  • Connector onboarding
  • Direct product feedback
Open alpha flow
Current target

Workspace

Base + usageper workspace
  • Encrypted inference included
  • Workspace runtime boundary
  • Connector policy controls
  • Health and readiness views
  • Usage-based execution and model spend
  • Shared workspace for a small team
See launch path

Dedicated

Customper workspace deployment
  • Dedicated VM or TDX-backed deployment
  • Per-workspace isolation
  • Advanced policy posture
  • Private deployment options
  • Longer retention and audit
Review security model

Ready to try the workspace we actually want to ship?

Join the private alpha and test encrypted inference, isolated execution, connectors, memory, artifacts, and visible proof in one hosted product.

Enter the alphaSee connector setup