Anthropy Works

Progress and Demo Guide

Anthropy Works is an operations center for managed service providers. It helps teams see customer environments, deploy and manage OpenClaw, attach reusable capabilities, and prepare safe connections to business tools.

Phase TimelineWhat Works NowHow To Use ItDemo ScenariosSystem ArchitectureSystem GuaranteesProduction ReadinessSystem MonitoringOperator FlowKnown LimitationsWhat's Next
Current phasePhase 25.3 Operator Workflow Coherence + Exec Status Site Synchronization
Progress51 of 51 planned phases complete
Report statusOperator access workflow coherent
Versioninggit commit SHA via ANTHROPY_VERSION

System Summary

What Anthropy Works Is

Anthropy Works gives an MSP one place to understand customer organizations, managed machines, OpenClaw instances, reusable AI capabilities, and future SaaS connections. The platform is designed to make every important action visible, approved, and recorded. Workflow approvals now let work pause for a person before sensitive steps continue, and recovery checks help stale work fail safely after restarts.

Phase Timeline

From Empty Repo To Working Platform

Phase 0

Foundation

Created the local app, database, cache, and first login screen.

Complete
Phase 1

Mission Control Login

Added real sign-in, organization records, admin roles, and activity history.

Complete
Phase 2

Nodes

Added the first view of managed machines and their basic status.

Complete
Phase 3

Agent Check-In

Allowed a machine agent to register and send health updates.

Complete
Phase 4

Container Inventory

Added safe reporting of containers running on a managed machine.

Complete
Phase 5

OpenClaw Discovery

Started detecting likely OpenClaw environments without changing them.

Complete
Phase 6

OpenClaw Bundle

Prepared the standard OpenClaw package and readiness checks.

Complete
Phase 7

Deployment Planning

Added safe job requests and typed approval before deployment.

Complete
Phase 8

Lifecycle Actions

Added health checks, log viewing, and controlled gateway restart.

Complete
Phase 9

Safety Rules

Added stronger checks, warnings, and records for blocked actions.

Complete
Phase 10

Agent-Run Operations

Moved operations so the agent performs work on the managed machine.

Complete
Phase 11

Agent Identity

Added per-machine agent credentials and safer job access.

Complete
Phase 12

Real OpenClaw Deployment

Deployed the first controlled OpenClaw instance through the agent.

Complete
Phase 13

OpenClaw Takeover

Added safe promotion of discovered OpenClaw environments into managed records.

Complete
Phase 14

Capabilities

Added the catalog for skills, tools, policies, and reusable capability packs.

Complete
Phase 15

Connections

Added connection records and a safe placeholder for future SaaS integrations.

Complete
Phase 16

Workflows

Added step-by-step workflow definitions and simulated execution logs.

Complete
Phase 17

Workflow Rules

Added checks that stop workflow steps when capabilities or connections are not allowed.

Complete
Phase 17.5

Permission Controls

Added screens for admins to manage which capability actions are allowed.

Complete
Phase 18

First External Action

Added one safe Google Drive file-list action through workflow rules and connection policy.

Complete
Phase 18.6

Architecture Hardening

Documented core guarantees and added regression tests for safety rules.

Complete
Phase 19

Workflow Approvals

Added human confirmation pauses and safe resume for workflow steps.

Complete
Phase 20

Reliability and Recovery

Added safe recovery for stale jobs, stale agents, and interrupted workflows.

Complete
Phase 21

Tenancy and UI Design Lock

Locked tenancy, permissions, UI segmentation, and instance-type direction in docs with small UI clarity updates.

Complete
Phase 21.5

Browser E2E Tests

Added Playwright browser tests for login, core records, workflows, and the report site.

Complete
Phase 21.6

Production Readiness Gate

Added environment definitions, readiness checks, backup and restore scripts, and deployment runbooks.

Complete
Phase 21.61

Live Report Site

Deployed the product-facing status report to Cloudflare Pages with the canonical custom domain.

Complete
Phase 21.7

Self-Hosted Deploy Pipeline

Added repeatable Docker Compose deployment and guarded rollback scripts for Linux hosts.

Complete
Phase 21.8

Backup and Restore Safety

Added compressed verified backups, confirmed restore, and temporary database restore testing.

Complete
Phase 21.9

Observability and Minimal Alerting

Added structured status summaries, dashboard issue surfacing, service log helpers, and cron-friendly health checks.

Complete
Phase 21.91

Dashboard Health Clarity

Refined the operator dashboard around one health answer, plain-English guidance, and technical detail on demand.

Complete
Phase 21.92

Operator UI Interaction Reset

Replaced cramped detail panes with modal detail views and calmer plain-English resource interactions.

Complete
Phase 21.93

Operational State Triage

Separated active operational issues from reviewed history and clearly labeled E2E or validation artifacts.

Complete
Phase 21.94

OpenClaw Runtime Health

Defined required OpenClaw runtime components, made CLI optional, and added repeatable lifecycle validation.

Complete
Phase 21.941

OpenClaw CLI Control Surface

Inventoried OpenClaw CLI commands, classified risk, and constrained read-only CLI usage through the agent.

Complete
Phase 22

Tenant Segmentation

Segmented MSP, organization, and user views with backend tenant-scoped API enforcement.

Complete
Phase 23

User Management and Assignments

Made users manageable in the UI and added explicit instance assignments for regular users.

Complete
Phase 24

OpenClaw Versioning and Upgrade Planning

Tracks OpenClaw version state, checks upgrade eligibility, and creates safe plan records without changing runtime containers.

Complete
Phase 24.5

Product UX Architecture and Command Map

Defines the product UX architecture and adds the MSP Operator Command Map as a live inspection surface.

Complete
Phase 24.6

Command Map Intelligence

Adds grouping, zoom levels, filters, focus mode, and search to make the Operator Command Map scalable.

Complete
Phase 24.7

Spatial Command Workspace

Transforms the MSP command map into a spatial workspace with roster, map, inspector, and activity panels.

Complete
Phase 24.71

Command Center Visual Fidelity

Refines the MSP Command Center visual system from the attached reference: calm glass panels, sparse labels, readable roster, softened relationships, and persistent context.

Complete
Phase 24.72

Command Center Interaction Parity

Adds reference-matched behavior for draggable and resizable panels, anchored zoom and legend controls, cursor-centered map zoom, map panning, and coordinated selection.

Complete
Phase 24.721

Command Center Reference Parity Correction

Corrects the MSP Command Center against the executable HTML spec with navstone, visual themes, design modes, node subtitles, hover tooltip cards, map-only zoom, and tighter segmented controls.

Complete
Phase 24.73

Global Spatial Shell Pilot

Introduces reusable spatial shell primitives and migrates Instances, Jobs, and Connections as pilot resource pages.

Complete
Phase 24.74

Complete Command Center Fidelity

Aligns the MSP Command Center with the executable reference: pocket-door navigation, navstone controls, map-only zoom and pan, hover cards, anchored controls, design modes, and read-only activity.

Complete
Phase 24.75

Unified Spatial UI

Unifies remaining operator pages under the same spatial navstone, glass shell, inspector, roster, and read-only activity language.

Complete
Phase 25

Access Layer + Node Registration

Adds redacted SSH access profiles, jumpbox routing, safe host discovery, plain-English access status, and access-verified node candidate registration without deploying OpenClaw.

Complete
Phase 25.1

Credential Confidence + Access Test Clarity

Clarifies credential storage, access-test status, last result timestamp, plain-English summaries, and next actions for jumpbox and host onboarding.

Complete
Phase 25.2

Real SSH Adapter + Jumpbox Execution

Replaces stubbed access checks with system OpenSSH, ProxyJump routing, multiplexed short-lived sessions, command allowlisting, and plain-English failure mapping.

Complete
Phase 25.3

Operator Workflow Coherence + Exec Status Site Synchronization

Makes access attempts distinct and readable, separates operator transcripts from raw SSH details, stores streamed discovery results, improves next-action guidance, and synchronizes the executive report.

Complete

What Works Now

  • Team members can sign in to the mission control interface.
  • Admins can create customer organizations.
  • Admins can add and review managed machines.
  • The local agent can register a machine and keep its status fresh.
  • The system can show container inventory from managed machines.
  • The system can detect likely OpenClaw environments without changing them.
  • Admins can deploy a new OpenClaw instance through an approved job.
  • Admins can take over an existing OpenClaw record after confirmation.
  • Admins can run health checks, view logs, and request a controlled gateway restart.
  • Admins can create reusable capability records and capability packs.
  • Admins can create connection records for tools like ServiceTitan, Google Drive, QuickBooks, and Composio.
  • Admins can create workflows, run them step by step in simulation, and review the results.
  • Workflow steps are checked against rules before they run, and unsafe steps are blocked.
  • Admins can manage capability permissions that control allowed actions and risk levels.
  • A workflow can run one approved Google Drive file-list action through a connected record.
  • External action results are labeled as Stub or Live Data so demos stay clear.
  • Workflows can pause for human confirmation and resume after the phrase is typed correctly.
  • Jobs show retry counts, timeout windows, recovery state, and clear failure reasons.
  • Machines with old check-ins are marked stale or offline instead of disappearing.
  • Interrupted workflows fail safely, while workflows waiting for approval stay paused.
  • Browser E2E tests now verify the most important user paths from the running web app.
  • Core architecture rules are documented and covered by backend regression tests.
  • Baseline production checks now verify configuration, database access, service readiness, bundle readiness, and secret redaction.
  • Backup and restore helpers now exist for the local database.
  • A deployment runbook explains startup, verification, restart, rollback, and recovery steps.
  • Self-hosted Linux deployment can now run through a repeatable script with health checks and validation.
  • Rollback can be dry-run first, then explicitly confirmed for a target commit.
  • Database backups are compressed, verified, retention-managed, and restore-tested safely.
  • Operators can now see system health, failed jobs, stale nodes, and workflow failures from the dashboard.
  • A local health-check script can be run manually or by cron to detect API, database, Redis, and status failures.
  • A local logs helper gives quick access to API, web, report, database, and Redis service logs.
  • The dashboard now starts with one clear System Health answer: Healthy, Degraded, or Critical.
  • Operators can open health details for plain-English issues, recommended human actions, and links to the right views.
  • Technical fields, IDs, logs, and JSON are hidden by default and available through Show details or Show technical details.
  • Major resource details now open in modal views instead of permanent right-side panes.
  • Jobs, instances, connections, workflows, nodes, capabilities, permissions, and packs use calmer selected-record detail views.
  • MSP operators can upload a shared SSH private key credential, connect a jumpbox, test host access through it, discover resources, and register an access-verified node candidate.
  • Access attempts now show a readable transcript with attempt id, route, status, where, why, next action, timestamps, and raw OpenSSH detail hidden until requested.

How To Use It

  1. Sign in to mission control.
  2. Create a customer organization.
  3. Add a managed machine for that customer or for shared infrastructure.
  4. Register the agent on the machine so it can check in.
  5. Deploy OpenClaw to a managed machine after approval.
  6. Manage the OpenClaw instance with safe health, logs, and restart actions.
  7. Attach capabilities that describe what the organization or instance is allowed to use.
  8. Attach connection records that prepare the system for future SaaS access.
  9. Create a workflow that uses capabilities and connections, then run it in simulation.
  10. For Google Drive, add the list files action to the workflow and review the returned file list.
  11. Turn on confirmation for a capability permission and run the workflow to see it pause.
  12. Type the displayed phrase to approve the step and continue the workflow.
  13. Review the Jobs page to see timeout and recovery details for operational work.
  14. Review the Nodes page to see whether a machine is online, stale, or offline.
  15. Open Access / Jumpboxes, upload an SSH private key as a shared MSP credential, and connect a jumpbox.
  16. Open Hosts / Node Onboarding, create a host profile, choose direct SSH or the jumpbox route, and run Test Access.
  17. Review the access transcript, discovered resources, Docker readiness, and next action before registering the host as a node candidate.
  18. Review any blocked workflow step to see which rule stopped it.
  19. Adjust capability permissions to control which actions workflows may simulate.
  20. Run the validation script before moving to another phase.
  21. Run the browser E2E script when the Docker Compose stack is already running.

Demo Scenarios

What You Can Show Today

Deploy a new OpenClaw instance

Pick a customer, pick a managed machine, request deployment, type the approval phrase, and watch the job become a managed instance.

Take over an existing OpenClaw

Start with a discovered OpenClaw record, confirm promotion, and turn it into a managed record without restarting or changing the customer environment.

Attach a SaaS connection

Create a placeholder connection for a provider, mark it connected for demo purposes, and link it to a capability or OpenClaw instance.

Run lifecycle operations

Open a managed instance, run a health check, request logs, or start a controlled gateway restart with approval.

Run a workflow simulation

Create a workflow with capability and connection steps, execute it, and review the step-by-step log. Try a disallowed action to see the workflow stop safely.

Approve a workflow step

Mark a capability action as requiring confirmation, run the workflow, type the displayed phrase, and watch the workflow continue.

Recover from stale work

Restart the platform or inspect old jobs and workflows to see stale work fail safely with a clear reason instead of sitting forever.

List Google Drive files safely

Link a Google Drive connection to an allowed capability, run the list files workflow step, and see either demo data or live read-only data depending on the environment.

Manage capability rules

Open capability permissions, choose a capability and organization, set allowed actions, and see workflow validation follow those rules.

Run browser validation

Use the Playwright suite to check login, records, workflows, and the report site from a real browser without triggering OpenClaw deployment.

Onboard a host safely

Upload an MSP SSH key, verify a jumpbox, test a target host through that route, read the transcript, and register the verified host as a node candidate without deploying OpenClaw or installing an agent.

System Architecture

How The Pieces Fit Together

Control plane and execution plane

The main app approves, records, and assigns work. The local agent performs approved work on the assigned machine and reports the result back.

Node and instance

A node is a machine managed or observed by the MSP. An instance is the customer environment running on a node, with OpenClaw as the current supported type.

Capability, connection, workflow

A capability describes what the platform can do. A connection represents access to a tool. A workflow combines approved capabilities and connections into ordered steps.

MSP, org, and user views

MSP operators see the full platform. Company admins see only their company's resources. Individual users see their own workflows and connections.

Version planning

Managed OpenClaw instances now track their current and desired version state. Anthropy Works can check readiness and create an update plan, but it does not run upgrades yet.

Operator command map

MSP operators now start from a live map of machines, agents, OpenClaw instances, active tasks, workflows, connections, and issue hotspots. Clicking an object opens a plain-English inspection view before drilling deeper.

Scalable map controls

The map now groups related objects by organization, supports zoom levels, filters, search, collapsible groups, and focus mode so operators can find the relevant problem without visual overload.

Spatial command workspace

The MSP home now keeps the map, resource roster, selected-object inspector, and recent activity visible together. Operators can inspect, decide, and drill deeper without losing the larger system context.

Command Center visual fidelity

The MSP workspace now uses the attached spatial reference as its visual standard: calm floating panels, sparse map labels, softened connection lines, readable resource rows, and technical detail only when requested.

Command Center interaction parity

Operators can now drag and resize the main panels, pan and zoom the map directly, use anchored zoom controls, and keep the legend fixed while the inspector, roster, map, and activity feed stay coordinated.

Command Center reference correction

The MSP workspace now follows the executable reference more closely: Works navstone, Tactical/Strategic/Flow controls, visual-only pause, light and dark appearances, Liquid/Uhuru/Luce design modes, node subtitles, hover cards, and map-only zoom.

Global spatial shell pilot

The same spatial language now begins to extend beyond the Command Center. Instances, Jobs, and Connections use a shared roster, work area, inspector, and activity pane while the rest of the app continues to work in the previous layout until later phases.

Command Center complete fidelity

The MSP home now follows the executable reference as the interaction standard: pocket-door navigation, centered Works navstone, anchored design and zoom controls, hover cards, map-only zoom, draggable panels, and a read-only activity console using real Anthropy Works data.

Unified spatial UI

The resource pages now share one product language. Organizations, Users, Nodes, Capabilities, Workflows, Audit Log, Bundle, Permissions, Packs, and Assignments use the same Works navstone, spatial glass surfaces, inspector model, roster treatment, and read-only activity area.

Access layer and mainstage

Access onboarding now uses the Kitsune stage correctly: forms and discovery summaries live in the mainstage, latest truth and next action live in the inspector, and attempt transcripts live in the activity panel.

Real SSH access path

The API runtime uses system OpenSSH for direct access or ProxyJump-style jumpbox routing. Each session is short lived, command allowlisted, audited, and limited to read-only discovery.

System Guarantees

Rules The Platform Now Protects

Safe deployment

OpenClaw deployment stays confirmation-gated, isolated by project, and executed only by the agent on the assigned machine.

Controlled execution

The API approves and records work. The agent performs operational commands and cannot take jobs for another machine.

Policy enforcement

Workflow steps must pass capability, connection, and usage rules before any step can run. Steps that require approval pause instead of running automatically.

No secret leakage

Secret-looking job data is redacted before display, and audit reasons redact keyed secret values.

No surprise host mutation

Access tests only run approved read-only SSH discovery commands. They do not install packages, upload files, change services, deploy OpenClaw, or start an agent.

Recovery without surprise reruns

Timed-out jobs and interrupted workflows are marked clearly. Risky work does not restart by itself after a service restart.

Production Readiness

What Is Ready Before A Real Launch

Environment rules

Local, staging, and production use the same system with different safeguards. The production setup rejects development passwords and placeholder secrets.

Readiness checks

Operators can check whether the app, database, service queue, and OpenClaw bundle are ready before relying on the system.

Recovery path

The runbook now explains how to start the platform, verify it, back up the database, restore from backup, restart services, and roll back a release.

Verified backups

Backup files are timestamped, compressed, checked after creation, and can be restored into a temporary database before anyone touches live data.

Repeatable deploys

A deployment script now checks the host, starts the Docker Compose stack, verifies health endpoints, and runs the validation suite before declaring success.

Version visibility

The running API reports the deployed git version so operators can confirm exactly what is live.

Secret protection

Secret-looking values are kept out of job results, audit messages, and recent service logs during validation.

System Monitoring

How Operators See Problems Early

Health checks

Operators can check the API, database, service queue, and full system status with a simple local command. The command exits with a failure code when something is wrong.

Dashboard signals

Mission Control now shows system health, failed jobs, stale machines, and failed workflows at the top of the dashboard.

Service logs

A local logs helper lets operators view recent or live logs for the API, web app, report site, database, and Redis without remembering Compose commands.

Failure details

Jobs and workflow executions already show error messages, blocked steps, retry counts, and recovery reasons, so operators can understand what happened quickly.

Local alerting

The health check can be scheduled every few minutes with cron. It does not send outside alerts yet, but it provides a clean failure signal for a self-hosted server.

Secret safety

Logs and operator displays continue to redact secret-looking values before showing them to people.

Operator Flow

Plain English First, Technical Detail On Demand

Start with health

Mission Control now answers the main question first: whether the system is healthy, degraded, or critical.

Understand why

The health details explain issues in plain English and point operators to Jobs, Workflows, Nodes, Bundle, or Audit Log.

Review recorded actions

The system shows only real recorded actions. It does not imply that an AI attempted fixes or invented remediation steps.

Separate current from historical

Health now distinguishes current issues from reviewed history and clearly labeled E2E or validation records.

Verify OpenClaw runtime

Managed OpenClaw health now means required components are running, healthy, and reachable. Optional support containers are reported separately.

Repeat the full cycle

A lifecycle validation script deploys OpenClaw, checks health, reads logs, restarts the gateway, checks health again, and removes the instance without deleting volumes.

Constrain CLI operations

The OpenClaw CLI is treated as a control surface. Anthropy Works only allows inventoried read commands through the agent today.

Use the right workspace

The app now routes people into MSP, organization, or personal workspaces and hides sections they are not allowed to use.

Prevent cross-company data leaks

The API filters records by role and organization before sending data to the browser. The UI is clearer, but the server remains the security boundary.

Manage users directly

MSP admins can manage all users. Organization admins can create users only inside their own company. Individual users see their own profile.

Assign instances explicitly

Regular users see OpenClaw instances only after an admin assigns access. Unassigned instances stay hidden and blocked by the API.

Map channels safely

OpenClaw channels map to Anthropy Works connections, capabilities, and workflow context, but channel setup and removal remain blocked until they are fully validated.

Focus the map

Operators can search for an organization, node, or OpenClaw instance, jump into focus mode, and see nearby relationships emphasized while unrelated objects stay available for context.

Stay in context

The MSP command workspace now uses persistent panels: roster on the left, live map in the center, inspector on the right, and recent activity along the bottom.

No command terminal

The activity panel is for recorded events and safe navigation only. Anthropy Works does not expose arbitrary command execution from the operator workspace.

Trace access attempts

SSH access tests show a step-by-step operator transcript by default. Raw transport details are still available, but they sit behind Show technical details so the main answer stays understandable.

Keep technical access

Raw fields, IDs, logs, and JSON are still available through Show details or Show technical details when an operator needs deeper troubleshooting.

Open details when needed

Resource lists stay readable. Selecting a job, instance, connection, workflow, node, capability, permission, or pack opens a focused detail view with a clear close button.

Use simpler labels

The operator UI now favors words like Waiting, Complete, Needs review, View logs, and Take over existing OpenClaw instead of internal command names.

Known Limitations

  • Production readiness is a baseline, not a replacement for a full launch checklist.
  • Secrets still come from environment configuration until a vault is added.
  • Rollback steps are documented, but full rollback is not automated yet.
  • The OpenClaw CLI is a control surface, not a background health component. Only health and channel listing are allowlisted today.
  • Some CLI commands that look read-only still create device pairing state, so they remain blocked until they can be run without side effects.
  • SaaS sign-in is not connected yet, so there is no OAuth flow.
  • Only one outside action exists today: Google Drive file listing.
  • Google Drive returns demo data unless a development-only read token is configured.
  • Workflow approvals are single-person, step-level approvals only.
  • Recovery runs during startup and normal status views, not as a separate background monitor yet.
  • Monitoring is local and script-based; there is no external alert delivery yet.
  • There is no long-term metrics storage or dashboard charting yet.
  • The health model summarizes recorded conditions; it does not perform automatic repair.
  • Technical details are hidden by default, so operators must expand them when debugging deeply.
  • Retry information is visible, but automatic retry buttons are not available yet.
  • Capability permissions can be edited, but not deleted or disabled yet.
  • Connection records still do not contain real credentials.
  • Composio support remains prepared, not a broad live integration.
  • Browser tests do not run real OpenClaw deployment yet; that remains backend and manual validated.
  • Credential storage is encrypted for local development, but broad production use still needs Vault or KMS-backed secret management.
  • Access verification stops at node candidate readiness. Agent installation and OpenClaw deployment are intentionally not available from this workflow yet.

What's Next

  • Add the approved agent installation and registration phase after access-verified host onboarding is stable.
  • Add the later OpenClaw deployment workflow only after the node candidate has a registered agent and explicit confirmation path.
  • Expand from one safe external action to a small set of approved provider actions.
  • Add real OAuth and Composio account handshakes.
  • Add secure credential handling with one-time secret capture and protected storage.
  • Add automation so routine work can be scheduled, monitored, and reviewed.
  • Add richer recovery controls such as manual retry for safe jobs and stronger agent health monitoring.
  • Add optional notification channels for local health-check failures.
  • Add historical metrics after the self-hosted monitoring baseline proves stable.
  • Expand browser coverage as the future org and user interfaces are split out.