{"id":"kevinluosl-deepbot","name":"deepbot","homepage":"https://glint-mvt.com/deepbot/","repo_url":"https://github.com/kevinluosl/deepbot","category":"ai-ml","subcategories":[],"tags":["ai-agents","desktop","electron","multi-agent","tool-calling","automation","scheduling","memory","feishu","typescript","local-first"],"what_it_does":"DeepBot is a system-level, desktop-oriented multi-agent AI assistant (Electron/TypeScript) that supports multi-tab session management, tool execution (files/commands/browser/web search/fetch/memory/scheduling/Feishu doc operations), long-term memory, and external connector integration (notably Feishu). It is packaged to run locally (and via Docker) and uses a path allowlist for file/command access.","use_cases":["Internal knowledge work automation (document processing, summarization, research)","Multi-step workflows across teams/departments via multiple cooperating agents","File-backed productivity: read/write within an allowed workspace, store and reuse memory","Scheduled automations (cron-style jobs) with execution history","Feishu integration for chat-based assistance and Feishu document operations","Building/combining Skills to create reusable, tool-using workflows"],"not_for":["Running as an untrusted public-facing API service without hardening","Highly regulated deployments that require formal compliance attestations and detailed security documentation","Use cases requiring guaranteed idempotent side effects across retries unless the specific tools are designed for it","Environments where granting local command execution/file access is not acceptable"],"best_when":"When teams want a local, tool-using AI desktop/workflow system that can coordinate multiple agents and automate routine office tasks with a configured workspace allowlist.","avoid_when":"When you cannot safely allow tool access to the host filesystem/command execution surface, or when you need a clearly specified, externally callable API contract (REST/OpenAPI) for programmatic agent integration.","alternatives":["OpenAI/Anthropic SDK-based agent frameworks (custom build)","OpenClaw/openclaw-style local agents","LangChain/LangGraph (framework-level orchestration)","Self-hosted workflow automation tools (n8n/Temporal) combined with LLM APIs","Commercial enterprise AI assistants with SOC2/ISO documentation"],"af_score":30.0,"security_score":50.2,"reliability_score":28.8,"package_type":"skill","discovery_source":["openclaw"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:24:50.726098+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":false,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Local configuration of model API keys (Ali Qwen/OpenAI/Claude)","Feishu connector configuration (App ID/App Secret; robot pairing/authorization)"],"oauth":false,"scopes":false,"notes":"No explicit OAuth flow or first-class API auth described; authentication is mainly via local API keys for model providers and connector credentials for Feishu."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"README describes no product pricing; costs would primarily be external LLM/provider usage and any connected services (e.g., Feishu, Tavily, Gemini)."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":30.0,"security_score":50.2,"reliability_score":28.8,"mcp_server_quality":0.0,"documentation_accuracy":55.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":60.0,"rate_limit_clarity":0.0,"tls_enforcement":60.0,"auth_strength":45.0,"scope_granularity":50.0,"dependency_hygiene":40.0,"secret_handling":55.0,"security_notes":"Documented security mechanism includes a path allowlist/workspace isolation for file/command operations. Auth model keys and connector secrets are configured via .env/connector settings, but there is no explicit documentation of TLS/transport security details for local services, secret storage hygiene (e.g., vault vs plaintext), or fine-grained permission scopes for tools/operations. Dependency list includes general server/web packages and key JWT usage; without audit/CVE status in provided content, dependency hygiene is uncertain.","uptime_documented":0.0,"version_stability":40.0,"breaking_changes_history":30.0,"error_recovery":45.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["No documented public API/MCP contract for agents to call programmatically; interaction is via the desktop UI/IPC/websocket/connectors.","Tool surface includes command execution and browser automation; an agent must respect the path allowlist and any additional safety policies.","Scheduling and multi-agent coordination may require careful handling to avoid duplicate actions; doc only mentions anti-duplicate for Feishu messages, not global idempotency for all tools."]}}