lsbot

lsbot is a Go-based local-first AI bot/agent runtime that connects to external AI providers via a relay (cloud relay for certain chat platforms) and exposes local system capabilities to MCP-compatible clients. The README emphasizes E2EE-style relay traffic using a locally stored keypair and encrypted WebSocket transport, plus local storage of configuration/history/keys.

Evaluated Mar 30, 2026 (0d ago)
Homepage ↗ Repo ↗ Ai Ml go mcp ai-agents e2ee websocket local-first enterprise-automation browser-automation tooling
⚙ Agent Friendliness
48
/ 100
Can an agent use this?
🔒 Security
53
/ 100
Is it safe for agents?
⚡ Reliability
22
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
75
Documentation
50
Error Messages
0
Auth Simplicity
70
Rate Limits
20

🔒 Security

TLS Enforcement
80
Auth Strength
55
Scope Granularity
25
Dep. Hygiene
40
Secret Handling
60

README emphasizes E2EE-oriented relay transport (encrypted WebSocket traffic) and local storage of private key material and conversation/history. However, the provided content does not include concrete verification of cryptographic choices beyond README claims, nor does it document key lifecycle/rotation, threat models for metadata leakage, or tool-level authorization/sandboxing. No explicit mention of dependency scanning or CVE hygiene is present in the provided text.

⚡ Reliability

Uptime/SLA
0
Version Stability
30
Breaking Changes
20
Error Recovery
40
AF Security Reliability

Best When

You want a local-first agent that can be used from MCP clients and you need a design oriented around minimizing trust in relay infrastructure for chat relay traffic.

Avoid When

You need strong governance controls over what the agent can do (e.g., strict sandboxing, allowlisted tool execution, or auditable policy enforcement) beyond what is described here.

Use Cases

  • E2EE-focused AI assistant workflows with a local agent runtime
  • Using MCP clients (e.g., Claude Desktop/Cursor/Windsurf) to access local tools such as file operations and shell commands
  • Automating enterprise chat platforms (WeCom/Feishu/WeChat/Slack) via a cloud relay
  • Running a web chat UI and controlling multiple bot sessions locally
  • Browser automation and social platform automation (per README modules)

Not For

  • Teams that require a documented public REST/GraphQL API surface for programmatic integration
  • Organizations that need enterprise-grade compliance certifications explicitly documented in the repository
  • Environments where running a powerful local agent with shell/browser automation is unacceptable
  • Users who cannot manage and protect local credentials (API keys, relay credentials, and local key material)

Interface

REST API
No
GraphQL
No
gRPC
No
MCP Server
Yes
SDK
No
Webhooks
No

Authentication

Methods: Local persistent keypair for E2EE activation (public key fingerprint verification) Provider API key (e.g., --api-key for configured AI providers) Platform credentials for chat platforms (e.g., WeCom/Feishu/WeChat/Slack options shown in README)
OAuth: No Scopes: No

Authentication is primarily via locally configured provider API keys and platform credentials; the README does not describe OAuth flows or fine-grained scopes for the bot/relay itself.

Pricing

Free tier: No
Requires CC: No

README does not provide pricing for lsbot/relay usage; costs likely depend on chosen AI provider API usage.

Agent Metadata

Pagination
none
Idempotent
False
Retry Guidance
Not documented

Known Gotchas

  • Tool execution is powerful (file/shell/browser automation); agent policies/guardrails may be required depending on environment.
  • Secure/E2EE activation depends on correct public-key fingerprint matching and local key storage.
  • Behavior differs by platform/channel integration mode (gateway vs relay).

Alternatives

Open-source/self-hosted agent frameworks with tool execution (e.g., LangChain/LangGraph-based local setups) Other MCP servers/agent runtimes that expose tools to MCP clients (varies by implementation) Commercial “agent desktop” tools that provide MCP-like integrations Local automation agents without cloud relay components (custom setups)

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for lsbot.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

$3

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-30.

6533
Packages Evaluated
19870
Need Evaluation
586
Need Re-evaluation
Community Powered