FireClaw

Mojo-native AI coding agent with MCP and permissions
22 nodes

/projects/fireclaw

FireClaw

06

An open-source AI coding agent forged in Mojo with multi-runtime architecture, 184+ tools, MCP integration, and tiered permissions for local terminal automation.

Project context05

Problem

Local coding agents need broad tool access, but broad access becomes unsafe without permission tiers, MCP boundaries, run artifacts, and a runtime that can support fast local automation.

Solution

FireClaw is a Mojo-native coding-agent direction with filesystem, shell, browser, code-intelligence, and MCP tools coordinated through a planner loop and tiered permissions.

Challenges

The agent must balance speed, interoperability, and safety: local file edits, shell commands, external MCP tools, model providers, and run state all need clear boundaries.

Innovation

FireClaw explores a high-performance agent runtime with Mojo at the center while preserving Python/Rust interop and MCP extensibility.

Domain expertise

This demonstrates Stefan's interest in agent runtime design, local developer automation, permissioned tool suites, MCP integration, and multi-runtime systems engineering.

Case study evidence11

Outcomes

  • Creates a distinct coding-agent story beyond a wrapper around one model API.
  • Shows how local tool automation can be permissioned instead of fully open or fully blocked.
  • Positions MCP as an extensibility layer for terminal coding agents.

Architecture decisions

  • Planner and critic loops coordinate local tools and repair from results.
  • Permission tiers split read-only, write, and dangerous operations.
  • Mojo, Rust, and Python lanes support speed, safety, and ecosystem access.

Domain expertise signals

Coding agentsMojoMCPPermission tiersLocal automation
Technical deep dive09

FireClaw is a local coding-agent runtime experiment. It combines a high-performance Mojo direction with broad tool access, MCP extensibility, run artifacts, and explicit permission tiers.

Local autonomy

Coding agents become useful when they can inspect files, run shell commands, search code, and call external tools. They become risky when those powers are not separated by permission level.

Permission tiers

Read-only, write, and dangerous operations require different gates. The permission model is the product primitive that lets local automation remain useful without becoming unbounded.

MCP extensibility

MCP gives FireClaw a way to grow its tool surface without embedding every database, browser, API, or service directly into the core runtime.

Runtime strategy

Mojo, Rust, and Python can each serve a different layer: fast orchestration, safe systems tooling, and ecosystem-rich scripting. That multi-lane design is the technical thesis.

What this proves

  • Mojo-centered coding-agent runtime
  • MCP integration for external tools
  • Tiered local permissions
  • Run artifacts for reviewable automation
184+tools
3permission tiers
3runtime lanes
1MCP bridge
Nlocal actions
100%permissioned
Technology stack06
Mo

Mojo

Targets a fast local coding-agent runtime with Python ecosystem compatibility.

Rust

Rust

Fits low-level tooling where predictable binaries and safety matter.

Python

Python

Keeps scripting and tool interop close to the agent runtime.

MCP

MCP

Makes external tool servers available without custom integrations for every service.

OpenAI

OpenAI

Provides one model family for planning, coding, and review.

Anthropic

Anthropic

Adds a second model family for critique and long-context coding workflows.

Tools implemented08

FireClaw CLI

Coordinates local coding-agent runs from a terminal entrypoint.

Planner loop

Breaks prompts into tool-backed steps and repairs from results.

Filesystem tools

Reads and edits local code under permission controls.

Shell tools

Runs commands only inside the configured risk tier.

MCP client

Expands the tool surface through protocol-compatible services.

Permission tiers

Separate read-only inspection, write actions, and dangerous operations.

Runtime bridge

Combines Mojo speed with Rust/Python tooling paths.

Run artifacts

Preserves logs and diffs for review after the agent acts.

Stefan Creadore · @Eldergenixproduction agent systems mapped end to end