PhoneClaw

Stop setting things up.
Start getting things done.

An AI agent with its own email, phone number, and identity. Text it a task — from WhatsApp or Telegram — and it handles it. No hardware. No setup. No sysadmin.

Things you'll never do again
Why PhoneClaw

Same power as a self-hosted agent.
None of the setup.

A self-hosted AI agent is powerful. But running one means you become the security team, the sysadmin, and the on-call engineer — all at once.

When you run your own agent, you own every problem. An expired OAuth token at 2am — your problem. An update that breaks a workflow — your problem. A misconfiguration that exposes your credentials — your problem.

And then there's security. A self-hosted agent with access to your email, calendar, and files is a high-value target. Keeping it secure is a full-time job — firewall rules, sandboxing, patching, monitoring for exploits. Most people don't have the time or expertise to do it properly.

PhoneClaw takes all of that off your plate. We run the infrastructure. We maintain the security. We handle the updates. You just text your agent and it gets things done.

Self-hosted agent PhoneClaw
You buy & maintain hardware
We run the infrastructure
Weekend setup, ongoing config
Running in minutes
You are the security team
Security is our job
Monitor for exploits yourself
Sandboxed & monitored
Patch & update manually
We handle all updates
Locked to one AI model
Any provider, any time
Architecture

Built from the ground up.
Not glued together.

Not a wrapper around an LLM. A purpose-built agent system with its own sandbox, permission layer, and durable execution engine.

Channels
WhatsApp
Slack
Telegram
PhoneClaw Agent
plan → act → observe
Sandbox
isolated linux machine
Permissions
auto-approve or tap to allow
Integrations
Google Drive
Sheets
Todoist
Notion
GitHub
Isolated by default Every agent gets its own sandboxed computer with persistent storage. It can write code, install tools, process files — but nothing it does can touch your system.
Durable execution The agent works until the job is done. If it needs approval, it pauses, saves state, and resumes exactly where it left off. Long tasks survive across sessions.
You control what it can do Every external action passes through the permission layer. You choose what's auto-approved. Everything is logged with a full audit trail.
Delegate it

Capable enough to own a task.
Not just help with one.

Most AI tools assist you. PhoneClaw works for you. Your agent has a real email address, a real phone number, and the access to take real actions — the kind you'd normally need to hire someone to do.

🦞
Alex — your PhoneClaw agent
active · ready for tasks
Phone number +1 (415) 555-0192
Email alex@yourcompany.phoneclaw.com
Reachable via WhatsApp · Telegram · iMessage
Runs in isolated sandbox · permissioned · audited
Can be assigned as Executive Assistant · Marketing Manager · Ops Lead
Triggers & skills

Teach it once.
It acts forever.

A skill is a prompt that defines what your agent does, when it does it, and how. Set a trigger — a time, an event, an incoming message — and it runs. Every skill can use any of the 3,000+ integrations PhoneClaw connects to.

🗓️

Executive Assistant

Trigger: incoming email
"When I receive an email with a meeting request, check my calendar for availability in the next 5 business days. Send me a WhatsApp with 3 proposed slots and wait for my confirmation. Once I confirm, reply to the sender with the agreed time and create the calendar event."
Uses: Gmail · Google Calendar · WhatsApp
📈

Digital Marketing Assistant

Trigger: daily at 8am
"Every morning, pull yesterday's performance from Meta Ads and Google Ads. Identify the bottom 20% of campaigns by ROAS. Research what top-performing competitors are running, suggest 3 changes, then apply the budget reallocation after I approve over WhatsApp."
Uses: Meta Ads · Google Ads · WhatsApp

Project Manager

Trigger: after every meeting
"After each meeting ends, read the transcript or notes. Extract action items with owners and due dates. Create tasks in Linear and assign them to the right people. Then message each owner on Slack with their tasks and ask them to confirm."
Uses: Google Meet · Linear · Slack
📣

Social Media Manager

Trigger: every Sunday at 6pm
"Every Sunday, take this week's product updates and blog posts. Write 5 LinkedIn posts, 7 tweets, and 3 Instagram captions in my brand voice. Schedule them across the week at peak engagement times. DM me a summary of what's going out and when."
Uses: LinkedIn · Twitter · Instagram · Telegram
Integrations

3,000+ tools.
All connected.

PhoneClaw connects to over 3,000 services — the tools your business already runs on. Connect multiple accounts per integration, each independently permissioned. Skills can use any of them.

Multiple connectors per integration. Connect personal Gmail and work Gmail separately. Two Slack workspaces. Multiple ad accounts. Each connector runs in its own permission scope.

Communication
Gmail Outlook Slack WhatsApp Telegram iMessage Discord Teams Signal
Productivity & Docs
Google Drive Google Calendar Sheets Notion Airtable Asana Linear Jira Confluence
Marketing & Ads
Meta Ads Google Ads HubSpot Mailchimp Salesforce Apollo Instantly Klaviyo
Finance & Commerce
Stripe QuickBooks Shopify Xero PayPal WooCommerce Square
Developer & Automation
GitHub GitLab Zapier Webhooks REST APIs PostgreSQL MySQL

Skills can use any combination of these integrations. One skill, many tools, one result.

See all 3,000+ integrations →
Security

Powerful enough to act.
Safe enough to trust.

When you self-host an AI agent, security is entirely your responsibility. Misconfigured permissions. Exposed credentials. Unpatched exploits. No sandbox. No audit trail.

Most self-hosted setups have gaps — and you won't know until something goes wrong. You didn't sign up to be a security engineer. We handle it so you don't have to.

PhoneClaw's security model is rule-based and fully configurable in your dashboard. The agent has zero ability to circumvent permissions — it operates only within the rules you set. Every action is logged. Every permission is yours to control.

What self-hosting exposes you to
Credentials visible to agent logic — no separation of secrets
No sandbox — a compromised skill can access your whole system
OAuth tokens expire silently and leave gaps
No audit trail — you can't see what the agent actually did
Security patches require you to update and re-test manually
If it gets exploited, you find out when it's too late

Sandboxed by default

Every agent runs in an isolated environment. No shared state, no credential leakage, no way for one agent to affect another.

Rule-based, not agent-controlled

Permissions are defined by rules you set in the dashboard. The agent has no ability to override or circumvent them — security is not in the agent's hands.

Configurable to every detail

Every action type — reading, drafting, sending, deleting — can be individually allowed, set to ask first, or blocked. You can customise this for each agent.

Full audit trail, always

See every action taken, when, and why. Replay any run. Revoke any integration instantly. Kill switches are always on.

agent — inbox-triage · permissions
read_emailallowed
draft_replyallowed
send_emailask first
read_calendarallowed
create_eventask first
delete_filesblocked
access_paymentsblocked

Every rule is configurable in your PhoneClaw dashboard. The agent operates only within what you allow — nothing more.

Zero Data Retention

Your data is never stored. Anywhere.

PhoneClaw supports Zero Data Retention (ZDR) LLM providers — your data is processed in memory and never written to disk, never logged, never retained by the model provider. Not a byte. What you send stays yours.

Read more →
Enterprise

Deploy your own model. On your infrastructure.

Enterprise teams can deploy PhoneClaw with custom models on private infrastructure — your own fine-tuned models, on-premise or in your VPC. Ready-to-deploy packages available. Custom security policies, SSO, and compliance controls included.

Get in touch →
LLM freedom & pricing

Your agent. Your model.
Your choice.

Every other agent platform locks you to one AI provider. PhoneClaw doesn't. Use any model, switch any time — your skills and workflows stay exactly the same.

Pay as you go

Purchase PhoneClaw credits and use any supported provider. We handle routing and failover.

Credits per run
Any supported AI provider
Credits never expire
Full usage metrics per agent, per run

B Y O K

Bring Your Own Key — connect your API key and pay your provider directly.

Free to run + your API costs
OpenAI, Anthropic, Google, Groq, OpenRouter
Switch providers without rebuilding
Full usage metrics included
Get PhoneClaw

The AI that actually
does things. From your phone.

No hardware. No setup. No security headaches. Just delegate and get back to what matters.

prototype · free tier available · your feedback shapes what gets built