poco-claw

Poco is a self-hostable AI agent execution platform/web UI that runs agent tasks in an isolated container, supports project/task management and artifact viewing, and integrates agent tooling via MCP/Skills plus an embedded browser and IM integrations.

Evaluated Mar 30, 2026 (0d ago)

Homepage ↗ Repo ↗ Ai Ml ai-ml agent sandbox mcp skills web-ui self-hosted docker typescript python fastapi nextjs

⚙ Agent Friendliness

/ 100

Can an agent use this?

🔒 Security

/ 100

Is it safe for agents?

⚡ Reliability

/ 100

Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality

Documentation

Error Messages

Auth Simplicity

Rate Limits

🔒 Security

TLS Enforcement

Auth Strength

Scope Granularity

Dep. Hygiene

Secret Handling

From provided materials: claims of containerized/sandboxed execution and self-hosting. However, no concrete details are provided about auth, scope granularity, TLS configuration, secret handling, or dependency/security posture. Treat as unverified beyond the stated sandboxing concept.

⚡ Reliability

Uptime/SLA

Version Stability

Breaking Changes

Error Recovery

Best When

You want a local or Docker-deployed “coworker” style agent workflow with a UI and sandboxed execution, and you plan to integrate via MCP/Skills rather than a traditional REST API client.

Avoid When

You need a stable, documented REST/GraphQL/OpenAPI interface for reliable automation, or you require clearly specified auth/rate-limit/error-code behavior from a public API.

Use Cases

• Autonomous web research and task execution in a sandboxed environment
• Managing multi-step agent workflows with plan/queue/termination
• Uploading and processing files for agent-driven analysis or document generation
• Viewing and replaying agent artifacts and command/browser I/O sessions
• Integrating agent interactions through IM providers (DingTalk/Feishu/Telegram)
• Extending agent capabilities via MCP/Skills tooling

Not For

• Using as a low-effort managed SaaS without any self-hosting/ops considerations
• Handling workloads that require strong, explicitly documented enterprise security/compliance guarantees (not evidenced in provided materials)
• Scenarios needing a fully documented public developer API/SDK for programmatic integration (no such contracts shown)

Interface

REST API

GraphQL

gRPC

MCP Server

SDK

Webhooks

Authentication

OAuth: No Scopes: No

No authentication mechanisms, auth flows, or scope model are described in the provided README/snippets.

Pricing

Free tier: No

Requires CC: No

README mentions a 'cloud subscription' as coming soon, but no pricing/tier details are provided.

Agent Metadata

Pagination

none

Idempotent

False

Retry Guidance

Not documented

Known Gotchas

⚠ Sandboxed container execution can affect performance and persistence (state/files) depending on how sessions/containers are managed.
⚠ Agent tool-calling behavior can vary by imported Skills/MCP tooling; lack of documented tool contracts may require iterative testing.
⚠ Embedded browser/autonomous execution can produce long-running actions; without explicit documented limits/timeouts, automation may be harder to control.

Alternatives

OpenClaw (referenced as inspiration) Other agent orchestration platforms with documented APIs/SDKs (various OSS/self-hosted options) Managed agent execution services with explicit OpenAPI/SDKs

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for poco-claw.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo

API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-30.