DEV Community

Cover image for Building a self-hosted AI agent platform in Go that runs on a Raspberry Pi
Alan G
Alan G

Posted on

Building a self-hosted AI agent platform in Go that runs on a Raspberry Pi

#go #selfhosted #ai #playwright

Over the past few months I've been building CrossKlaw - an agentic AI platform that ships as a single Go binary.

Why I built it

Every agentic AI framework I tried had the same problems: Python dependency hell, Docker required, vendor lock-in to one LLM provider, and no thought given to deployment on constrained hardware. I wanted something I could download, run, and forget about.

What it does

CrossKlaw connects to 14 communication channels (Telegram, Discord, Slack, WhatsApp, Signal, Matrix, Email, MQTT, WebChat, and more), orchestrates 11 LLM providers with intelligent routing and failover, controls IoT devices via MQTT/Home Assistant/GPIO, and participates in multi-agent ecosystems via A2A and MCP protocols.

All from a ~50MB binary with zero external dependencies. Runs on a Raspberry Pi.

Architecture highlights

  • Pure Go, zero CGO - SQLite via modernc.org, WASM via wazero. Cross-compiles everywhere.
  • Intelligent model routing - a complexity classifier routes simple queries to fast/cheap models and complex reasoning to powerful ones. Automatic failover if a provider is down.
  • WASM skill sandboxing - untrusted skills run in a WebAssembly sandbox with memory limits, execution timeouts, and no filesystem/network access.
  • OpenTelemetry native - spans for every LLM call, tool execution, and skill invocation. OTLP export to Jaeger, Grafana Tempo, Datadog.
  • Human-in-the-loop - high-stake tools pause and ask the user for approval via their messaging channel before executing.

v0.3.0 (just shipped)

  • OpenTelemetry tracing
  • Human-in-the-loop approval workflows
  • Voice output / TTS (browser + API)
  • Provider cost/latency dashboard
  • Eval/regression harness (crossklaw eval)
  • Interactive channel management
  • OpenClaw skill compatibility

Security

Security is a core pillar, not an afterthought:

  • Prompt injection defence on every input (20+ weighted patterns, base64 scanning)
  • AES-256-GCM config encryption with Argon2id key derivation
  • Ed25519 skill signing and verification
  • WASM sandbox for untrusted code
  • Per-role tool restrictions for sub-agents
  • Full audit logging
  • Pen tested: 22 automated checks across 9 attack categories

Try it 

# Download for your platform from GitHub Releases
./crossklaw setup    # interactive wizard
./crossklaw chat     # start chatting
./crossklaw run      # start all channels + dashboard
Enter fullscreen mode Exit fullscreen mode

Free for personal use.

GitHub: https://github.com/cross-klaw/crossklaw

I'd love to hear feedback from the community. Happy to discuss architecture, security trade-offs, or anything else.

Cheers,
Al (that's short for Alan, not A.I.)

Top comments (0)