Pinchy vs Limiq
Per its public site, Limiq is a permission and audit control layer you put in front of AI agents you build. Pinchy is the full platform: end users chat with governed agents that act in your business systems, through a web UI or Telegram, with permissions and a signed audit trail built in. Both are self-hosted and open-source-licensed. Limiq is the closest twin we have seen on the feature surface, and a different shape of product.
The Core Difference
Point the agents you build at Limiq, and it enforces what each one may do: tool restrictions, spend limits, rate limits, with a tamper-evident log. The center of gravity is a guardrail in front of agents you already operate.
Pinchy gives you the governed agents, not just the rules around them. End users chat through a web UI or Telegram, agents act in Odoo, Gmail, and more, and every action is permissioned and signed. The center of gravity is a product people use.
Both are self-hosted, both are open-source-licensed, both scope permissions per agent, and both keep a tamper-evident audit log. We do not pretend otherwise. The honest question is whether you need the control layer or the whole platform.
Side by Side
Limiq details are drawn from its public site (limiq.io) as of June 2026. We could not inspect its source, as the repository it linked was not publicly reachable at the time of writing. Corrections welcome via GitHub issue.
| Limiq | Pinchy | |
|---|---|---|
| Center of gravity | Permission & audit control layer | Full governed-agent platform |
| License (core) | Apache 2.0 (permissive) | AGPL-3.0 (copyleft) |
| Per-agent permissions | Tool restrictions, spend & rate limits | Allow-list tools per agent |
| Per-agent spend / cost limits | Yes | On the roadmap |
| Tamper-evident audit | Hash-chained events | HMAC-signed per row, CSV export |
| Agents | Bring your own | Built in, on the OpenClaw runtime |
| End-user channels | Not the model | Web UI + Telegram |
| Business-system integrations | Not an integration platform | Odoo, Gmail, Telegram, web, docs |
| Public source code | License stated; verify repo availability | Public, AGPL (github.com/heypinchy/pinchy) |
| Self-hosted | Yes | Yes (first-class, GHCR images) |
Being Honest
Limiq's Apache 2.0 is more permissive than Pinchy's AGPL-3.0. If you plan to embed the control layer inside a proprietary product, Apache 2.0 avoids the copyleft obligations that AGPL carries. For some teams that alone is decisive.
If you have already built agents in your own framework and only want a permission, spend-limit, and audit guardrail in front of them, Limiq's focused control-layer shape fits that better than adopting a whole platform.
Limiq advertises hard per-agent spend and rate limits now. Pinchy enforces tool allow-lists and a signed audit today, with cost budgets still on the roadmap. If spend caps are a hard requirement, that is a real point for Limiq.
Where Pinchy Wins
Pinchy gives you governed agents people actually use, not a guardrail you wire into agents you still have to build. The agents, the chat, the integrations, and the governance arrive together.
Pinchy ships a deep Odoo integration plus Gmail, Telegram, web search, and documents. Agents query stock, create orders, draft and send email, book a receipt from a photo, all from chat.
End users reach Pinchy agents through a web UI or Telegram, no developer integration required. Non-technical teams use it directly.
Pinchy's full source is public and AGPL. For a tool that governs your agents and signs your audit trail, being able to read the code matters. A license badge is not the same as source you can actually read, so check that any tool you shortlist publishes a reachable repository.
Before an agent sends an email or writes to a business system, it can draft and ask for confirmation. The human stays in the loop by design, not by bolt-on.
The license key is validated offline and Pinchy sends no telemetry. What runs on your infrastructure stays on your infrastructure, air-gapped if you want.
Decision Guide
You already build your own agents and want a focused permission, spend-limit, and audit layer in front of them, or a permissive Apache 2.0 license to embed in a proprietary product.
You want the governed agents themselves: end users chatting with agents that act in business systems like Odoo, with per-agent permissions, human approval, and a signed record of every action.
Insist on self-hosting, a tamper-evident audit trail, and source you can actually read. Both products agree governance belongs at the runtime, not in a cloud you cannot inspect.
Self-host Pinchy yourself in minutes, or book a call to talk it through. Your choice.
Or email us: info@heypinchy.com