Most "autonomous AI agents" online are demos that break the moment they leave the happy path. I wanted to build one I'd actually trust running 24/7 on my own hardware — not a chat wrapper, an operator.

Persistent memory. Scheduled tasks in natural language. Sandboxed tool execution. A structured audit log for every operation. The full boring layer that separates a demo from a daemon.

The bet: if that same engineering discipline worked on a personal agent, it would map directly to client-facing autonomous systems — same security gate, same audit trail, same idempotent retries, just larger surface area.

Built on the official Claude Agent SDK. Twenty-seven loosely-coupled subsystems — memory, scheduler, skills, telegram, web app, PC-bridge, watcher, workflows — talking through a small set of shared interfaces.

Every tool call routed through one security gate: command blocklist, filesystem restrictions, rate-limiting, input sanitization, owner-only access. Every operation written to a JSON audit log.

The result is an agent I can leave running unattended and actually trust — the boring layer most demos skip is what makes it a daemon instead of a toy.

Twenty-seven subsystems. Seventy-one tests. Runs unattended on PM2 or Docker. Cross-platform. Every command checked against a blocklist before execution; every operation logged.

It's not a demo — it's a daemon. The same boring engineering layer that makes a personal agent trustworthy unattended is what makes a client-facing autonomous system trustworthy at scale: the security gate, the audit trail, the idempotent retries, the layer between intent and action.

ClaudeBot is the reference build behind everything else on this site. If you've seen Claude Code shipped as a real production system, you've probably seen its fingerprints.