{"id":"ruilisi-lsbot","name":"lsbot","homepage":"https://lsbot.org","repo_url":"https://github.com/ruilisi/lsbot","category":"ai-ml","subcategories":[],"tags":["go","mcp","ai-agents","e2ee","websocket","local-first","enterprise-automation","browser-automation","tooling"],"what_it_does":"lsbot is a Go-based local-first AI bot/agent runtime that connects to external AI providers via a relay (cloud relay for certain chat platforms) and exposes local system capabilities to MCP-compatible clients. The README emphasizes E2EE-style relay traffic using a locally stored keypair and encrypted WebSocket transport, plus local storage of configuration/history/keys.","use_cases":["E2EE-focused AI assistant workflows with a local agent runtime","Using MCP clients (e.g., Claude Desktop/Cursor/Windsurf) to access local tools such as file operations and shell commands","Automating enterprise chat platforms (WeCom/Feishu/WeChat/Slack) via a cloud relay","Running a web chat UI and controlling multiple bot sessions locally","Browser automation and social platform automation (per README modules)"],"not_for":["Teams that require a documented public REST/GraphQL API surface for programmatic integration","Organizations that need enterprise-grade compliance certifications explicitly documented in the repository","Environments where running a powerful local agent with shell/browser automation is unacceptable","Users who cannot manage and protect local credentials (API keys, relay credentials, and local key material)"],"best_when":"You want a local-first agent that can be used from MCP clients and you need a design oriented around minimizing trust in relay infrastructure for chat relay traffic.","avoid_when":"You need strong governance controls over what the agent can do (e.g., strict sandboxing, allowlisted tool execution, or auditable policy enforcement) beyond what is described here.","alternatives":["Open-source/self-hosted agent frameworks with tool execution (e.g., LangChain/LangGraph-based local setups)","Other MCP servers/agent runtimes that expose tools to MCP clients (varies by implementation)","Commercial “agent desktop” tools that provide MCP-like integrations","Local automation agents without cloud relay components (custom setups)"],"af_score":48.2,"security_score":52.8,"reliability_score":22.5,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:32:36.223535+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Local persistent keypair for E2EE activation (public key fingerprint verification)","Provider API key (e.g., --api-key for configured AI providers)","Platform credentials for chat platforms (e.g., WeCom/Feishu/WeChat/Slack options shown in README)"],"oauth":false,"scopes":false,"notes":"Authentication is primarily via locally configured provider API keys and platform credentials; the README does not describe OAuth flows or fine-grained scopes for the bot/relay itself."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"README does not provide pricing for lsbot/relay usage; costs likely depend on chosen AI provider API usage."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":48.2,"security_score":52.8,"reliability_score":22.5,"mcp_server_quality":75.0,"documentation_accuracy":50.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":70.0,"rate_limit_clarity":20.0,"tls_enforcement":80.0,"auth_strength":55.0,"scope_granularity":25.0,"dependency_hygiene":40.0,"secret_handling":60.0,"security_notes":"README emphasizes E2EE-oriented relay transport (encrypted WebSocket traffic) and local storage of private key material and conversation/history. However, the provided content does not include concrete verification of cryptographic choices beyond README claims, nor does it document key lifecycle/rotation, threat models for metadata leakage, or tool-level authorization/sandboxing. No explicit mention of dependency scanning or CVE hygiene is present in the provided text.","uptime_documented":0.0,"version_stability":30.0,"breaking_changes_history":20.0,"error_recovery":40.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Tool execution is powerful (file/shell/browser automation); agent policies/guardrails may be required depending on environment.","Secure/E2EE activation depends on correct public-key fingerprint matching and local key storage.","Behavior differs by platform/channel integration mode (gateway vs relay)."]}}