Because RowboatX runs locally with shell access, the agents can install tools, execute code, and automate anything you could do in a terminal with your explicit permission. It works with any compatible LLM, including open-source ones.
Our repo is https://github.com/rowboatlabs/rowboat, and there’s a demo video here: https://youtu.be/cyPBinQzicY
For example, you can connect RowboatX to the ElevenLabs MCP server and create a background workflow that produces a NotebookLM-style podcast every day from recent AI-agent papers on arXiv. Or you can connect it to Google Calendar and Exa Search to research meeting attendees and generate briefs before each event.
You can try these with: `npx @rowboatlabs/rowboatx`
We combined three simple ideas:
1. File system as state: Each agent’s instruction, memory, logs, and data are just files on disk, grepable, diffable, and local. For instance, you can just run: grep -rl '"agent":"<agent-name>"' ~/.rowboat/runs to list every run for a particular workflow.
2. The supervisor agent: A Claude Code style agent that can create and run background agents. It predominantly uses Unix commands to monitor, update, and schedule agents. LLMs handle Unix tools better than backend APIs [1][2], so we leaned into that. It can also probe any MCP server and attach the tools to the agents.
3. Human-in-the-loop: Each background agent can emit a human_request message when needed (e.g. drafting a tricky email or installing a tool) that pauses execution and waits for input before continuing. The supervisor coordinates this.
I started my career over a decade ago building spam detection models at Twitter, spending a lot of my time in the terminal with Unix commands for data analysis [0] and Vowpal Wabbit for modeling. When Claude Code came along, it felt familiar and amazing to work with. But trying to use it beyond code always felt a bit forced. We built RowboatX to bring that same workflow to everyday tasks. It is Apache-2.0 licensed and easily extendable.
While there are many agent builders, running on the user's terminal enables unique use cases like computer and browser automation that cloud-based tools can't match. This power requires careful safety design. We implemented command-level allow/deny lists, with containerization coming next. We’ve tried to design for safety from day one, but we’d love to hear the community’s perspective on what additional safeguards or approaches you’d consider important here.
We’re excited to share RowboatX with everyone here. We’d love to hear your thoughts and welcome contributions!
—
[0] https://web.stanford.edu/class/cs124/kwc-unix-for-poets.pdf [1] https://arxiv.org/pdf/2405.06807 [2] https://arxiv.org/pdf/2501.10132
jckahn•47m ago
segmenta•46m ago
thedangler•6m ago