Blog
Honest thoughts on building an enterprise AI agent platform. No marketing fluff.
Gmail ships. The first Pinchy integration whose setup story includes a trip through the Google Cloud Console — folded into a wizard that hands over the redirect URI, stores credentials once per workspace, and treats abandoned OAuth flows as a visible pending state instead of limbo.
Two branches, both moving. The pinchy-docs plugin learning to scope documentation to the agent that's asking; the password reset page finally existing, instead of routing resets through an invite form pretending to be one.
Saturday. One commit on main. Two docs pages that had been saying almost the same thing about HTTPS setup — nearly the same is the dangerous part. The fix is not adding content; it's picking which page owns the flow and making the in-app link point there.
Three point releases in ten hours, each closing a real report from the first day v0.4.0 spent in the wild — a Docker port bypassing UFW, a Caddyfile dpkg refused to install, a validator that trusted a public endpoint, and one unreadable row that hid every integration.
Release day. Three last-hours fixes to Ollama Cloud support — tokens tracking, vision flags, and model IDs that actually match the API. The kind of thing you only find by running the product yourself.
Two clean-ups before shipping v0.4.0: the agent permission screen was offering toggles that didn't do anything, and Smithers had been repeating the docs back at itself instead of reading them. Both cut.
What happens when the model backend vanishes mid-stream — and how the user finds out. Disconnect errors, timeout errors, and heartbeats that stop lying about progress.
Three conversations in one day, all circling the same problem: companies want agents that can access shared knowledge — but only with the right boundaries, roles, and permissions in place.
A usage dashboard is only useful if the numbers are trustworthy. Today was about timezones, cache tokens, missing days, retry states, and the details that make cost visibility reliable.
Usage tracking, Telegram guardrails, and a growing library of Odoo templates — three parallel workstreams pointing in the same direction: making Pinchy operational for real teams.
The day after a feature lands is when the real product work starts: fixing merge fallout, tightening error handling, improving validation UX, and making edge cases fail clearly.
Day two of the workshop. And the EU Cloud Act turns out to be a tailwind for everything Pinchy is already designed to be.
The audit trail now shows success or failure. Pre-built images ship to GHCR. And a two-day workshop on automating complex workforce scheduling.
A new audit log format that records outcomes — not just what happened, but whether it worked. Plus Smithers reads the docs on demand.
A small change to default model selection that makes local Ollama dramatically more reliable. Plus a WebSocket fix nobody asked for but everybody needed.
The insecure mode banner officially merges. Ollama gets tool-calling enforcement. And a deep dive into why dependencies are a constant maintenance tax.
Pinchy now ships pre-built Docker images instead of building them on every deploy. First-time setup goes from 15 minutes to under a minute.
Easter weekend, low-energy work, but the small UX details that make the difference between a developer toy and a real product.
Odoo agent templates that configure themselves, and local Ollama support that discovers models automatically. 45 commits, one very productive day.
Someone found Pinchy because Grok recommended it. The Odoo config went from 867KB to 3KB. And who is Pinchy actually for?
Telegram is merged. The multi-user test found bugs, I fixed them, and the biggest feature branch in Pinchy's history landed on main.
The Telegram integration that almost derailed everything is finally finished. Plus two meetings that confirmed the direction is right.
Every company I've talked to wants the same thing: an agent that reads their email. Here's what that actually means to build.
How a fake Telegram server made the real integration better, and why the feedback loop matters more than it sounds.
The deployment release ships, Telegram goes multi-bot, a recruitment company wants to automate their entire workflow, and the product roadmap writes itself.
An Austrian manufacturer wants AI-generated quotes. An Irish fleet company wants to scale NanoClaw. Same core needs, different industries.
Fixing everything that breaks when Pinchy leaves localhost — cookies, HTTPS, OpenClaw restarts, Telegram stability, and the gap between demo and production.
A pilot user tried to deploy Pinchy on Hetzner. It didn't go smoothly. So I built the deployment docs, a loading page, and fixed every issue he hit — in one day.
Telegram integration, security hardening, dynamic model selection — and the uncomfortable realization that demand is outpacing what one person can build.
A full usage dashboard with cost tracking, a screenshot CI pipeline that fought back hard, and a WebSocket fix that should have been obvious.
Building a PDF reader that actually works — from text extraction to vision fallback, plus five feature pages, an automated screenshot pipeline, and a security fix.
Nvidia's NemoClaw validates the enterprise OpenClaw market. Here's how infrastructure and application layers are complementary, not competitive.
v0.2.0 shipped, a freelancer meetup talk, star challenge round 2, and Jensen Huang just validated our entire market.
21 commits of polish, dependency upgrades, tab flicker fixes, and eating our own dog food with two new Pinchy agents.
Two major PRs merged, a sold-out meetup talk, three companies wanting to integrate Pinchy, and crossing 100 GitHub stars.
Building defense-in-depth for audit logs, and getting ready to tell the Pinchy story to a sold-out meetup.
Testing for v0.2.0, a look at everything shipping in the next release, and why openclaw-node deserves more attention.
Enterprise key system, Telegram integration, and provider config migration. Three feature branches running in parallel on a Saturday.
Telegram integration design, the first external feature request, 5 community PRs, and a clarity moment: Pinchy is a messaging tool.
RBAC is merged, a real company wants to pilot Pinchy, and I'm learning that token cost is the concern nobody talks about publicly.
First demo without a single bug. A cybersecurity startup grills Pinchy on security. And the confidence is building.
Peter Steinberger says nobody's building enterprise OpenClaw tooling. 30 seconds later, I'm on stage showing Pinchy. Plus: RBAC edge cases and why manual testing still matters.
Multiple demo calls, an enterprise from Dubai, a potential partnership, and the first enterprise feature: RBAC. Plus: a lightning talk at tomorrow's 280-person meetup.
542 commits. 33 PRs. 20 days. Pinchy has its first official release.
24 commits, 5 PRs, zero new features. Just making Docker startup actually work. The unglamorous work that makes a v1 possible.
A no-show demo, the founder impatience problem, and 14 commits making Pinchy actually work for the people who cloned it.
Coded in the dentist's waiting room. Claude kept going during the cleaning. Then PR #21 landed: Better Auth replaces Auth.js. 11 commits, and the kind of work that makes everything else possible.
43 commits: migrated from Auth.js to Better Auth, built mobile navigation, added in-app bug reporting, and had a call that changed how I think about Pinchy's future.
84 commits, 5 PRs merged, 112 files changed. Every bug from yesterday's demo, plus a complete audit log overhaul, soft-delete, and settings polish.
A live demo, an Anthropic outage, and the most productive bug-finding session in weeks.
Zero commits. No code. Just thinking about RBAC, knowledge base indexing, and what Pinchy needs next.
PR #3 merged. Every tool call now leaves a trace. Plus: a marketing experiment that backfired.
Two npm releases, audit trail upgrades, and three calls with people who want to build with us.
A data model that felt right at 2 agents broke at 5. Why USER.md moved from agent settings to general settings.
31 commits. 128 files. The first PR merge, fun-emoji avatars, and why polish isn't optional.
11 commits. 72 files. Personality presets, DiceBear avatars, taglines, and the Settings UI that ties it all together.
16 commits. A product philosophy, a lobster in a bowtie, and a complete session architecture rewrite.
26 commits. 5,000 lines. Agent greetings, memory privacy, SBOM pipelines, and the question: what makes an AI agent feel like yours?
77 commits. 15,000 lines of code. Security hardening, audit trails, compliance docs, and a conversation in a gym that changed everything.
Read more →63 commits. 12,000 lines of code. Multi-user support, invite system, personal agents, custom plugins, E2E tests, and eating our own dog food.
Read more →30 commits, 7,600 lines of code. Encrypted API key storage, a full provider setup flow, Docker dev mode, a documentation site — and we shipped the first Node.js client for OpenClaw.
Read more →Yesterday we had a website. Today we have a working app — login, setup wizard, chat UI, WebSocket bridge to OpenClaw, and Docker Compose. 29 commits, ~2,000 lines of code.
Read more →It started with an AI agent leaking internal reasoning to a friend via WhatsApp. Now imagine that happening at a company. That's the problem Pinchy solves.
Read more →