Yggagentscope-ai/CoPaw
↗ GitHubYour Personal AI Assistant; easy to install, deploy on your own machine or on the cloud; supports multiple chat apps with easily extensible capabilities.
14,104
Stars
1,856
Forks
83
Watchers
611
Open Issues
Safety Rating A
No hardcoded secrets, malicious code patterns, dependency vulnerabilities, or prompt injection attempts were detected in the repository content. The project is a well-documented open source AI assistant framework under Apache 2.0, maintained by the AgentScope team. The README openly discloses telemetry behavior during init (opt-in, anonymous, version-scoped) and the curl-pipe installation pattern, while common, is standard practice for this type of project. The security features described (tool guard, file access guard, skill security scanning) indicate active attention to safe operation.
ℹAI-assisted review, not a professional security audit.
AI Analysis
CoPaw is a personal AI assistant framework built in Python that can be deployed locally or in the cloud. It supports multiple messaging channels (DingTalk, Feishu, WeChat, Discord, Telegram, QQ), extensible skills, multi-agent collaboration, long-term memory, and local LLM backends (llama.cpp, Ollama, LM Studio). It includes a web-based console UI, MCP client management, scheduled tasks, and multi-layer security features including tool guards, file access controls, and skill security scanning.
Use Cases
- Deploying a self-hosted personal AI assistant accessible via popular chat platforms
- Running LLMs locally with no API key using llama.cpp, Ollama, or LM Studio
- Automating productivity tasks such as email digests, news summaries, and file organization
- Building multi-agent workflows where specialized agents collaborate on complex tasks
- Extending assistant capabilities with custom or community skills (PDF processing, web search, calendar, etc.)
- Scheduling recurring AI-driven tasks such as daily hot-topic digests or content summaries
Tags
Project Connections
zeroleaks
→ZeroLeaks can be used to audit CoPaw's skill execution surface and LLM integration points for prompt injection and system prompt extraction vulnerabilities, complementing CoPaw's built-in skill security scanning.
murmure
→Murmure's local speech-to-text capability could serve as a voice input channel for CoPaw, enabling fully local voice-driven interactions with the personal assistant.
ComfyUI-Qwen-TTS
→CoPaw's roadmap includes voice/multimodal interaction; ComfyUI-Qwen-TTS (Alibaba's Qwen TTS) could complement CoPaw's voice output capabilities, both originating from the Alibaba/AgentScope ecosystem.
claude-scientific-skills
→CoPaw uses an extensible skills architecture; the Agent Skills standard used by claude-scientific-skills follows a similar SKILL.md pattern and could inform or directly supply skills for CoPaw's skill pool.