OpenClaw is a powerful agent runtime — but it's built for engineers. Setting it up means editing config files, managing processes, and juggling API keys from the terminal. For non-programmers (designers, operators, small business owners), that barrier is too high.
RivonClaw wraps OpenClaw into a desktop app that anyone can use: install, launch from the system tray, and manage everything through a local web panel. Write rules in plain language instead of code, configure LLM providers and messaging channels with a few clicks, and let the agent learn your preferences over time. No terminal required.
In short: OpenClaw is the engine; RivonClaw is the cockpit.
Features
- Natural Language Rules: Write rules in plain language—they compile to policy, guards, or skills and take effect immediately (no restart)
- Multi-Provider LLM Support: 20+ providers (OpenAI, Anthropic, Google Gemini, DeepSeek, Zhipu/Z.ai, Moonshot/Kimi, Qwen, Groq, Mistral, xAI, OpenRouter, MiniMax, Venice AI, Xiaomi/MiMo, Volcengine/Doubao, Amazon Bedrock, NVIDIA NIM, etc.) plus subscription/coding plans (Claude, Gemini, Zhipu Coding, Qwen Coding, Kimi Code, MiniMax Coding, Volcengine Coding) and Ollama for local models
- OAuth & Subscription Plans: Sign in with Google for free-tier Gemini access or connect Claude/Anthropic subscription—no API key needed. Auto-detects or installs CLI credentials
- Per-Provider Proxy Support: Configure HTTP/SOCKS5 proxies per LLM provider or API key, with automatic routing and hot reload—essential for restricted regions
- Multi-Account Channels: Configure Telegram, WhatsApp, Discord, Slack, Google Chat, Signal, iMessage, Feishu/Lark, LINE, Matrix, Mattermost, Microsoft Teams, and more through UI with secure secret storage (Keychain/DPAPI)
- Token Usage Tracking: Real-time statistics by model and provider, auto-refreshed from OpenClaw session files
- Speech-to-Text: Region-aware STT integration for voice messages (Groq, Volcengine)
- Visual Permissions: Control file read/write access through UI
- Zero-Restart Updates: API key, proxy, and channel changes apply instantly via hot reload—no gateway restart needed
- Local-First & Private: All data stays on your machine; secrets never stored in plaintext
- Chat with Agent: Real-time WebSocket chat with markdown rendering, emoji picker, image attachments, model switching, and persistent conversation history
- Skills Marketplace: Browse, search, and install community skills from a built-in marketplace; manage installed skills with one click
- Auto-Update: Client update checker with static manifest hosting
- Privacy-First Telemetry: Optional anonymous usage analytics—no PII collected
How File Permissions Work
RivonClaw enforces file access permissions through an OpenClaw plugin that intercepts tool calls before they execute. Here's what's protected:
- File access tools (read, write, edit, image, apply-patch): Fully protected—paths are validated against your configured permissions
- Command execution (exec, process): Working directory is validated, but paths inside command strings (like cat /etc/passwd) cannot be inspected
Coverage: ~85-90% of file access scenarios. For maximum security, consider restricting or disabling exec tools through Rules.
Technical note: The file permissions plugin uses OpenClaw's before_tool_call hook—no vendor source code modifications needed, so RivonClaw can cleanly pull upstream OpenClaw updates.
