FastClaw is a single-tenant AI teammate platform you deploy as a service and connect to Slack and/or Telegram.
In Slack, you can mention it (the default agent name is Grail):
@Grail do so and so
In Telegram (DM or group), you can address it via /grail ... (or @mention in groups).
Re-record the assets: see the FastClaw-Demo-Video repo.
- Recap long threads into action items (and attach a markdown report).
- Coordinate incident response: summarize state, owners, next steps.
- Review PRs and call out risk areas with concrete suggestions.
- Triage support requests and propose the next best actions.
- Safely run operational commands with guardrails and in-Slack approvals.
FastClaw will:
- Acknowledge quickly (queues a job).
- Inject the last N recent messages as context (configurable).
- Work through tasks one-at-a-time from a SQLite-backed queue.
- Reply back in the originating thread/chat.
- Optionally use Slack MCP tools to fetch more context beyond the last N messages.
- Optionally use Web MCP tools (Brave search + fetch).
- Persist durable notes under
/data/context/and a rolling session memory summary. - Enforce local guardrails for risky actions and request human approval in-chat when needed.
This repo is Rust-first (server + Slack MCP server), and uses the open-source Codex CLI app-server for the agent runtime.
Note: the Dockerfile downloads a pinned Codex release (CODEX_VERSION build arg). Update that version periodically if you want newer Codex behavior.
- Create a new Railway project from this repo.
- Add a Volume mounted at
/data(required for persistence).- Keep replicas at 1. This template uses SQLite on the mounted volume and is intended to run single-replica.
- Set environment variables:
ADMIN_PASSWORD(required)- Slack (optional):
SLACK_SIGNING_SECRET(required if using Slack; can also be stored in SQLite ifGRAIL_MASTER_KEYis set)SLACK_BOT_TOKEN(required if using Slack; can also be stored in SQLite ifGRAIL_MASTER_KEYis set)
- Telegram (optional):
TELEGRAM_BOT_TOKEN(required if using Telegram; can also be stored in SQLite ifGRAIL_MASTER_KEYis set)TELEGRAM_WEBHOOK_SECRET(required if using Telegram; can also be stored in SQLite ifGRAIL_MASTER_KEYis set)
OPENAI_API_KEY(recommended)GRAIL_MASTER_KEY(optional; required only if you want to store secrets (OpenAI/Slack) via the dashboard, encrypted in SQLite). Generate with:openssl rand -hex 32BASE_URL(optional; used only to render full URLs in the dashboard, e.g. the Slack events URL)
- Deploy.
After deploy:
- Slack events endpoint is
POST /slack/events - Slack interactive endpoint is
POST /slack/actions(optional, for approval buttons) - Telegram webhook endpoint is
POST /telegram/webhook - Dashboard is
GET /admin(Basic Auth:admin:<ADMIN_PASSWORD>)
This template is intentionally “single workspace per deployment”.
- Create a Slack App in your workspace.
- Use the provided manifest:
slack-app-manifest.yaml - Set the request URL in the manifest to:
https://<your-railway-domain>/slack/events
- (Optional) If you want clickable approval buttons, set interactivity request URL:
https://<your-railway-domain>/slack/actions
- Install the app to your workspace.
- Copy:
- Signing Secret ->
SLACK_SIGNING_SECRET(or store it in/admin/settingsifGRAIL_MASTER_KEYis set) - Bot User OAuth Token ->
SLACK_BOT_TOKEN(or store it in/admin/settingsifGRAIL_MASTER_KEYis set)
- Signing Secret ->
- Create a bot with
@BotFather, copy the token. - Set
TELEGRAM_BOT_TOKEN(env var or/admin/settingsifGRAIL_MASTER_KEYis set). - In
/admin/settings, enable Telegram. - Set the Telegram webhook:
curl -sS "https://api.telegram.org/bot${TELEGRAM_BOT_TOKEN}/setWebhook" \
-d "url=https://<your-service-domain>/telegram/webhook" \
-d "secret_token=${TELEGRAM_WEBHOOK_SECRET}"Telegram history note: the Bot API can’t fetch arbitrary chat history, so FastClaw injects Telegram context from messages it has previously received (stored in SQLite).
/admin/settings lets you configure:
- Slack context size (last N messages)
- model + reasoning knobs
- permissions mode (
readvsfull) - command approval mode + guardrails behavior
- Slack user allow list + channel allow list
- Slack MCP tool enable/disable
- web MCP tool enable/disable
- context writes enable/disable
- shell network access toggle (full mode only)
- Telegram enable + allow list
If GRAIL_MASTER_KEY is set, you can also store OPENAI_API_KEY, SLACK_SIGNING_SECRET, and SLACK_BOT_TOKEN encrypted in SQLite from the dashboard.
Telegram secrets can also be stored the same way.
/admin/auth lets you optionally log in with ChatGPT via a device code flow (writes tokens to /data/codex/auth.json). This is useful if you don't want to provide an API key.
/admin/tasks shows the queue, and lets you cancel queued tasks and retry failed tasks.
/admin/approvals shows pending approvals (commands, cron proposals, guardrail proposals).
/admin/guardrails lets you edit command guardrails (allow/require_approval/deny).
/admin/memory shows per-conversation rolling memory summaries (and lets you reset them).
/admin/context lets you view/edit /data/context files (including AGENTS.md and INDEX.md).
Mount a volume at /data.
FastClaw stores:
/data/grail.sqlite(queue, settings, session mapping)/data/context/(durable notes)/data/context/AGENTS.md(default instruction “constitution” for the agent)/data/codex/(CODEX_HOMEfor Codex app-server rollouts/state)
read: no command execution; no context writes.full: command execution is allowed (with sandboxing); context writes allowed (restricted to/data/context).
Even in read, FastClaw can respond and (optionally) use Slack MCP tools to fetch more Slack context.
You’ll need:
- Rust toolchain
codexon your PATH (or setCODEX_BIN)- Slack + OpenAI credentials
Run:
cd grail
export ADMIN_PASSWORD=dev
export SLACK_SIGNING_SECRET=...
export SLACK_BOT_TOKEN=...
export OPENAI_API_KEY=...
cargo run -p grail-serverNeed a tailored agent setup, custom integrations, or help deploying FastClaw for your team? We build custom AI infrastructure.
Reach out: yash@grail.computer