AI agents that can't break themselves, your config, or your machine.

A local AI agent runtime built around a managed team of specialist agents, each in its own container. Configured by you, in a dashboard the agents can't rewrite. Built for people who want a reliable team — not a powerful AI loose on their laptop.

Bring your own LLM key

Try it

Talk to a real agent team. No sign-up.

A simple agent setup below — chat with any of them right now. The expert knows dispatchmy.ai inside out. The researcher digs up answers from the web. The comparison agent handles X vs Y questions by running the researcher on each side in parallel, then merging the answers — you can watch the whole thing unfold in the chat.

dispatchmy.ai — live demo, chat with the agents

Demo sessions are recorded for product analytics. See privacy policy.

The problem

Today's AI agents make you pick between capability and sanity.

Most AI agent runtimes install a process on your machine with your user account's full reach — filesystem, shell, browser, anything you can touch. That's how they get their capability, and it's also how a prompt injection inside a webpage or PDF inherits your permissions.

Most also let the agent rewrite its own configuration and skills. The same feature that powers "self-improving" agents is what lets one break itself overnight, or be tricked into granting itself new permissions.

And almost none of them have a UI. Configuration is markdown files you edit by hand, or instructions you give the agent and hope it doesn't corrupt them. Either way you need to be a sysadmin to use it.

Three architectural choices, three liabilities. Each one is fixable.

"It rewrote its own prompt to be 'more helpful'. Three days later nothing worked the way I'd set it up." — the brittle side of self-improving agents

How it works

Your manager delegates. Specialists do their one thing well, or delegate further.

Build a manager agent and give it specialist subagents — browsing, research, email, code. Each has its own prompt, model, and tool set. The manager plans, pulls from memory, and delegates with a tight brief. Each subagent's session can be continued, or a new session can be started. Specialists can delegate further. Work completes without a single agent drowning in context.

The live demo above is exactly this pattern: a comparison agent that delegates to a researcher in two parallel sessions, plus a standalone researcher you can talk to directly.

Composition

Any agent can be another agent's tool — composable multi-agent workflows.

Other AI agent frameworks treat subagents as ephemeral background workers with hard-coded depth limits and reduced tool access. We treat every agent as a first-class composable tool — same identity, same tools, anywhere in a tree.

Once you configure an agent, it shows up to its parent as just another tool to call. No depth limit. No circular references. Any agent you build becomes reusable across every workflow that needs it.

No depth limit

Nest trees as deep as the task demands. Manager → research → browser → parser → tool is a real shape.

Reusable

Write a browsing specialist once, plug it into any other agent, at any depth.

Composable

Create any hierarchy tree to suit your workflow. As many hierarchies as you need.

Runtime

Every workflow runs in its own container — real isolation for AI agents.

Each top-level agent gets a container with exactly the dependencies it and its subagent tree needs — nothing more. Workflows stay reproducible and easy to reset.

No more "my agent's environment is broken" headaches. You control the environment and can recreate it from scratch, based on the configuration.

Per-workflow isolation

Each tree has its own dependencies. A browsing agent's Playwright install doesn't leak into your email agent's environment.

Reproducible environments

Same config runs the same everywhere. No drift between your machine and a teammate's.

Bounded reach

Each agent can only touch what its container's mounts grant it. Nothing leaks to the host filesystem.

Clean uninstall

Delete the agent — its container and files go with it. Nothing lingers on your system.

Questions

Frequently asked questions about local AI agents.

Do I need my own LLM API key?

Yes — bring your own Anthropic key, OpenRouter key, or any OpenAI-compatible endpoint (Ollama, LM Studio, vLLM, custom hosted proxy, whatever you run). Your traffic, your budget, your control. We don't proxy or touch your model usage.

Is this built on top of OpenClaw or Hermes Agent?

No. dispatchmy.ai's agent runtime is our own — not a wrapper around OpenClaw, Hermes Agent, or any other agent framework. The architectural choices that make us different (containerization by default, no agent self-modification, secrets the agent can't see, dashboard-driven config) are ours from day one.

Can the agent see my API keys?

Your LLM provider keys and channel keys never reach the agent — they live with the daemon and are only used when the daemon proxies a tool request. The same applies to any tool marked "external". Even a prompt-injected agent can't exfiltrate credentials it never sees. The exceptions are CLI tools and stdio MCP tools that need env-var credentials at runtime; those live in the container alongside the agent — so prefer "external" tools when you have the choice.

What operating systems do you support?

macOS and Linux (both amd64 and arm64) as Tier 1. Windows via Docker Desktop + WSL2 is in beta. You install Docker, we do the rest.

Can I use this at work?

Yes — personal or work use is fine.

What happens to my data?

Your configs, sessions, and files live on your machine — we don't store them. We only keep your account details server-side.