SkillAgentSearch skills...

Mission Control

Open-source dashboard for AI agent orchestration. Manage agent fleets, dispatch tasks, track costs, and coordinate multi-agent workflows. Self-hosted, zero dependencies, SQLite-powered.

GenerateConvertImprove

Install / Use

/learn @builderz-labs/Mission Control
About this skill

Quality Score

0/100

Supported Platforms

Claude Code
Claude Desktop
Cursor

README

<div align="center">

Mission Control

Open-source dashboard for AI agent orchestration.

Manage AI agent fleets, dispatch tasks, track costs, and coordinate multi-agent workflows — self-hosted, zero external dependencies, powered by SQLite.

License: MIT Next.js 16 React 19 TypeScript SQLite

Mission Control Dashboard

</div>

Alpha Software — Mission Control is under active development. APIs, database schemas, and configuration formats may change between releases. Review the known limitations and security considerations before deploying to production.

Why Mission Control?

Running AI agents at scale means juggling sessions, tasks, costs, and reliability across multiple models and channels. Mission Control gives you:

  • 32 panels — Tasks, agents, skills, logs, tokens, memory, security, cron, alerts, webhooks, pipelines, and more
  • Real-time everything — WebSocket + SSE push updates, smart polling that pauses when you're away
  • Zero external dependencies — SQLite database, single pnpm start to run, no Redis/Postgres/Docker required
  • Role-based access — Viewer, operator, and admin roles with session + API key auth
  • Quality gates — Built-in Aegis review system that blocks task completion without sign-off
  • Recurring tasks — Natural language scheduling ("every morning at 9am") with cron-based template spawning
  • Claude Code bridge — Read-only integration surfaces Claude Code team tasks and configs on the dashboard
  • Skills Hub — Browse, install, and security-scan agent skills from ClawdHub and skills.sh registries
  • Multi-gateway — Connect to multiple agent gateways simultaneously (OpenClaw, and more coming soon)

Quick Start

One-Command Install (Docker)

git clone https://github.com/builderz-labs/mission-control.git
cd mission-control
bash install.sh --docker

The installer auto-generates secure credentials, starts the container, and runs an OpenClaw fleet health check. Open http://localhost:3000 to create your admin account.

One-Command Install (Local)

git clone https://github.com/builderz-labs/mission-control.git
cd mission-control
bash install.sh --local

Requires Node.js 22.x (LTS, recommended) or 24.x, and pnpm (auto-installed via corepack if missing).

One-Command Install (Windows PowerShell)

git clone https://github.com/builderz-labs/mission-control.git
cd mission-control
.\install.ps1 -Mode local

Or with Docker:

.\install.ps1 -Mode docker

Additional options: -Port 8080, -SkipOpenClaw. Requires Node.js 22+ and pnpm (auto-installed via corepack if missing).

Manual Setup

Requires pnpm and Node.js 22.x (LTS, recommended) or 24.x. Mission Control is validated on Node 22 (primary CI/LTS) and supports Node 24 for local dev and deploys. Use nvm use 22 (or nvm use 24) before installing or starting the app.

git clone https://github.com/builderz-labs/mission-control.git
cd mission-control
nvm use 22            # or: nvm use 24
pnpm install
pnpm dev                # http://localhost:3000/setup

On first run, visit http://localhost:3000/setup to create your admin account. Secrets (AUTH_SECRET, API_KEY) are auto-generated and persisted to .data/.

For CI/automation, set AUTH_USER and AUTH_PASS env vars to seed the admin from environment instead.

Gateway Optional Mode (Standalone Deployment)

Mission Control can run in standalone mode without a gateway connection. This is useful when:

  • Deploying on a VPS with firewall rules blocking non-standard WebSocket ports (18789/18790)
  • Testing UI/core workflows without a running gateway
  • Running Mission Control primarily for project/task operations

Enable with:

NEXT_PUBLIC_GATEWAY_OPTIONAL=true

When enabled, the HUD status shows Gateway Optional (Standalone) instead of Disconnected.

Works without gateway:

  • Task board, projects, agents, sessions, scheduler, webhooks, alerts, activity/audit, cost tracking

Requires active gateway:

  • Real-time session updates
  • Agent-to-agent messaging
  • Gateway log streaming

For production VPS setups, you can also proxy gateway WebSockets over 443. See docs/deployment.md.

Docker Zero-Config

docker compose up

No .env file needed. The container auto-generates AUTH_SECRET and API_KEY on first boot and persists them across restarts. Visit http://localhost:3000 to create your admin account.

Release automation publishes multi-arch images to:

  • ghcr.io/builderz-labs/mission-control
  • docker.io/builderz-labs/mission-control when DOCKERHUB_USERNAME and DOCKERHUB_TOKEN are configured in GitHub Actions secrets

Docker Hardening (Production)

For production deployments, use the hardened compose overlay:

docker compose -f docker-compose.yml -f docker-compose.hardened.yml up -d

This adds read-only filesystem, capability dropping, log rotation, HSTS, and network isolation. See Security Hardening for the full checklist.

Station Doctor

Run diagnostics on your installation:

bash scripts/station-doctor.sh
bash scripts/security-audit.sh

Getting Started with Agents

Once Mission Control is running, set up your first agent in under 5 minutes:

export MC_URL=http://localhost:3000
export MC_API_KEY=your-api-key   # shown in Settings after first login

# Register an agent
curl -X POST "$MC_URL/api/agents/register" \
  -H "Authorization: Bearer $MC_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"name": "scout", "role": "researcher"}'

# Create a task
curl -X POST "$MC_URL/api/tasks" \
  -H "Authorization: Bearer $MC_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"title": "Research competitors", "assigned_to": "scout", "priority": "medium"}'

# Poll the queue as the agent
curl "$MC_URL/api/tasks/queue?agent=scout" \
  -H "Authorization: Bearer $MC_API_KEY"

No gateway or OpenClaw needed — this works with pure HTTP.

For the full walkthrough, see the Quickstart Guide.

| Guide | What you'll learn | |-------|-------------------| | Quickstart | Register an agent, create a task, complete it — 5 minutes | | Agent Setup | SOUL personalities, config, heartbeats, agent sources | | Orchestration | Multi-agent workflows, auto-dispatch, quality review gates | | CLI Reference | Full CLI command list for headless/scripted usage |

Project Status

What Works

  • Agent management with full lifecycle (register, heartbeat, wake, retire)
  • Kanban task board with drag-and-drop, priorities, assignments, and comments
  • Real-time monitoring via WebSocket + SSE with smart polling
  • Token usage and cost tracking with per-model breakdowns
  • Multi-gateway connection management
  • Role-based access control (viewer, operator, admin)
  • Background scheduler for automated tasks
  • Outbound webhooks with delivery history, retry with exponential backoff, and circuit breaker
  • Webhook signature verification (HMAC-SHA256 with constant-time comparison)
  • Local Claude Code session tracking (auto-discovers from ~/.claude/projects/)
  • Quality review gates for task sign-off
  • Pipeline orchestration with workflow templates
  • Ed25519 device identity for secure gateway handshake
  • Agent SOUL system with workspace file sync and templates
  • Agent inter-agent messaging and comms
  • Skills Hub with ClawdHub and skills.sh registry integration (search, install, security scan)
  • Bidirectional skill sync — disk ↔ DB with SHA-256 change detection
  • Local agent discovery from ~/.agents/, ~/.codex/agents/, ~/.claude/agents/
  • Natural language recurring tasks — schedule parser converts "every 2 hours" to cron, spawns dated child tasks
  • Claude Code task bridge — read-only scanner surfaces team tasks and configs from ~/.claude/tasks/ and ~/.claude/teams/
  • Skill security scanner (prompt injection, credential leaks, data exfiltration, obfuscated content)
  • Update available banner with GitHub release check and one-click self-update
  • Framework adapter layer for multi-agent registration (OpenClaw, CrewAI, LangGraph, AutoGen, Claude SDK, generic)
  • Multi-project task organization with per-project ticket prefixes
  • Per-agent rate limiting with x-agent-name identity-based quotas
  • Agent self-registration endpoint for autonomous agent onboarding
  • Security audit panel with posture scoring, secret detection, trust scoring, and MCP call auditing
  • Four-layer agent eval framework (output, trace, component, drift detection)
  • Agent optimization endpoint with token efficiency, tool patterns, and fleet benchmarks
  • Hook profiles (minimal/standard/strict) for tunable security strictness
  • Guided onboarding wizard with credential setup, agent discovery, and security scan

Known Limitations

  • No major security limitations currently tracked here for CSP; policy now uses per-request nonces (no unsafe-inline / unsafe-eval).

Security Considerations

  • Change all default credentials (AUTH_USER, AUTH_PASS, API_KEY) before deploying
  • Deploy behind a reverse proxy with TLS (e.g., Caddy, nginx) for any network-accessible deployment
  • Review SECURITY.md for the vulnerability reporting process
  • **Do not expose the dashboard to

builderz-labs

View profile

View on GitHub
GitHub Stars3.0k
CategoryData
Updated1m ago
Forks517
builderz-labs/mission-control

Languages

TypeScript

Security Score

100/100

Audited on Mar 22, 2026

No findings