Deploy AI agents that actually work — on your own infrastructure.
No cloud lock-in. No data leaks. No vendor dependency.
$ docker compose up -d
✓ pinchy-gateway started
✓ pinchy-web started
✓ pinchy-db started
🦞 Pinchy is running at https://pinchy.yourcompany.com
3 agents active · 12 users connected The Problem
ChatGPT Enterprise, Copilot, Claude — your data leaves your servers. GDPR, CLOUD Act, industry regulations make this a non-starter for serious companies.
Every team builds their own solution. No standards, no oversight, no audit trail. Your CTO has nightmares about what's running in production.
n8n, Dify, Make — they execute visual flows. But you need agents that think, adapt, and work autonomously. Dragging boxes on a canvas doesn't get you there.
"You need agents that think, not workflows that execute."
The Solution
The enterprise AI agent platform that runs on your infrastructure. Built on the open-source OpenClaw engine, designed for companies that take data sovereignty seriously.
Docker Compose. Your servers. Up and running in minutes.
Manage users, agents, and permissions from a single interface. Role-based access included.
Every employee gets their own AI assistant. Company-wide agents handle shared tasks. Each with its own personality, avatar, and context.
Slack, Teams, Email, CRM, ERP — agents work where your team works.
Enterprise Governance
OpenClaw gives agents powerful raw tools — shell access, file system, API calls. Great for individuals. Terrifying for enterprises. Pinchy wraps these in plugins with configuration and authorization layers.
An agent doesn't get the raw "exec" tool. It gets a "Create Jira Ticket" plugin with defined parameters, boundaries, and access rights. The plugin decides what the agent can do — not the agent itself.
Customer email comes in → agent looks up the CRM → summary lands in your internal Slack channel. Support ticket in Jira → agent analyzes → draft reply sent via email. Input on one channel, output on another.
Marketing uses the CRM agent to read contacts. Sales uses it to update deals. Finance can't access it at all. One agent, scoped per team through the plugin layer.
Features
Runs on your infrastructure. Pair with Ollama or llama.cpp for fully air-gapped deployments. No data leaves your server. Ever.
Role-based access control, user deactivation/reactivation, per-user agent assignments. SSO/LDAP integration coming soon.
Every agent action is logged with HMAC-signed integrity verification. Filter, export to CSV, verify the chain hasn't been tampered with.
Agents get scoped plugins, not raw tools. A "Create Jira Ticket" plugin with defined parameters — not unrestricted shell access.
Token consumption, costs, activity metrics. Know exactly what your AI spend looks like.
Human-in-the-loop where it matters. Agents draft, humans approve. Full control, zero risk.
Personal and organizational context, centrally managed. Agents know who they're talking to and what your company does. One source of truth, not copy-pasted prompts.
Built FOR agents, not bolted on. llms.txt, structured data, agent-to-agent communication.
Security
Not a marketing claim. An architecture decision.
Data never leaves your jurisdiction. No transatlantic data transfers. No DPAs needed with third-party AI providers.
Your servers, your rules. No US-based cloud provider can be compelled to hand over your data.
All credentials encrypted at rest. API keys, tokens, secrets — locked down with industry-standard encryption.
Banking, healthcare, legal, government — Pinchy meets the security requirements that cloud AI never will.
| Cloud AI | Pinchy | |
|---|---|---|
| Data Location | US/Global | Your servers |
| GDPR | Complex DPAs | Compliant by design |
| CLOUD Act Exposure | Yes | None |
| Audit Trail | Limited | HMAC-signed, tamper-proof |
| Air-Gap Capable | No | Yes |
| Custom Models | Vendor-locked | Any LLM |
| Fully Offline | Impossible | Yes (Ollama / llama.cpp) |
| Agent Governance | Trust the model | Plugin permission layer |
Use Cases
Automated monthly reports. Expense anomaly detection. Board presentation prep. Your finance team's new best friend.
Tracks regulatory changes. Updates documentation automatically. Keeps you audit-ready 24/7.
Code review prep. Deployment monitoring. Incident triage. Lets your engineers focus on building.
CRM hygiene on autopilot. Follow-up drafts with human approval. Competitor intelligence delivered daily.
Processes patient records, financial documents, legal filings — locally, with full audit trail. Built for regulated industries where cloud AI is a non-starter.
New hire starts → agent creates accounts, sends welcome emails, assigns training. Cross-channel: HR triggers in Teams, IT gets tasks in Jira, employee gets a welcome in Slack.
How It Works
docker compose up on your server. Three containers, one command, done.
Set up users, assign agents, define permissions. The admin dashboard makes it simple.
Your team uses agents via Slack, Teams, or the web UI. Like chatting with a very competent colleague.
Coming Soon
A curated catalog of agent plugins and templates. Every plugin goes through the permission layer. The vision: Atlassian publishes an official Jira agent, Salesforce a CRM agent, the community builds everything in between.
Inbox triage & drafts
Scheduling & prep
CRM automation
Channel management
Ticket triage
SDK & Docs
The Engine
Pinchy will run on OpenClaw — the open-source multi-channel AI agent open-source and community-driven. We didn't reinvent the wheel. We're making it team-ready.
FAQ
Not on its own. OpenClaw gives agents full system access with no built-in permission layer — that's why Pinchy exists. We add Docker container isolation, allow-list permissions, RBAC, and cryptographic audit trails. Read how our security model works →
You control the models, so you control the costs. Docker hosting is free (your own servers). API costs typically run $1–150/month per agent depending on model choice and usage volume. Sonnet vs Opus alone is a 10x cost difference. More on cost control →
Yes. Pair Pinchy with a local model via Ollama or llama.cpp and nothing ever leaves your network. Zero external connections. For teams that need cloud models, just add your API key — your choice.
You need to be comfortable with Docker Compose — that's it. Run one command, configure via the admin dashboard. Five minutes from zero to running agents. We're building a setup wizard to make it even easier.
Yes. Pinchy's core is licensed under AGPL-3.0. Full source code on GitHub. We follow an open-core model: the community edition is fully functional for small teams. Enterprise features like granular RBAC add capabilities for larger organizations. Inspect it, audit it, deploy it yourself.
Early Access
Pinchy is in active development. Open source core, enterprise features coming. Get early access and shape the product with us.
Book a Demo — Get Early Access →