OpenScopescoped, not open-ended
Download OpenScope
Documentation

OpenScope Docs

Architecture, setup, integrations, and operational guidance for brokered agent access.

Get started

OpenScope is easiest to understand when the docs are grouped by intent: start here, understand the architecture, extend it safely, and validate it in practice.

README

Start with the core architecture, CLI model, quick start, commands, policy model, and configuration layout.

OpenClaw workflow

Understand how OpenScope fits into the local OpenClaw workflow and why brokered actions are safer than raw local automation access.

NemoClaw install

Learn the client-only sandbox model, where the broker stays on the host and the sandbox uses a narrow client surface.

Architecture

These docs explain the conceptual model behind OpenScope: capability brokering, key containment, bypass resistance, and how OpenScope fits alongside gateways and other security controls.

Enterprise security model

Why AI gateways are not enough for high-risk workflows and where capability brokering becomes necessary.

OpenScope diagrams

Compact visual explanations for architecture difference, bypass risk, execution containment, and key containment.

Cylonix + OpenScope architecture

How OpenScope fits into the wider secure-reach plus brokered-action model.

Integration guides

OpenScope can broker both local app actions and external system actions through the same trust model.

Jira over HTTP

Keep the Jira token in a broker-owned HTTP profile while exposing narrow actions like get issue and search issues.

SSH target validation

Use named targets, scoped services, and explicit policy for SSH-backed operations.

Custom app manifests

Define new app actions in YAML with action-level parameters and outputs.

Packaging and operations

OpenScope has operational concerns that matter for real deployment: signed runtime packaging, broker startup, validation, and pilot readiness.

Packaging and signing

Signed macOS packaging, LaunchAgent layout, and installer shape.

Local validation runbook

Shared validation flows across packaged installs, OpenClaw, NemoClaw, and SSH paths.

Pilot guidance

Operational guidance for early rollout and validation.

Suggested reading order

A simple sequence for new visitors.

  1. Start with the README.
  2. Read the architecture overview.
  3. Understand why OpenScope differs from a gateway.
  4. Review one integration guide.
  5. Use the validation runbook to test the setup.

Want the full source and current docs tree?

Browse the repository directly on GitHub to inspect the broker model, docs sources, and the implementation behind each surface.

Download OpenScopeView Code on GitHub