⌘K
Change language Switch ThemeSign In
Narrow Mode
面壁智能发布 EdgeClaw 智能体框架,主打安全和省钱
A AI前线 @AI前线
One Sentence Summary
ModelBest and partners release EdgeClaw framework, addressing privacy leaks and Token cost issues in personal agents through three-tier security collaboration and cost-performance routing.
Summary
This article provides a detailed introduction to the EdgeClaw framework jointly developed by ModelBest, OpenBMB, and THUNLP at Tsinghua University. The framework aims to solve the two major challenges faced by OpenClaw and other personal agents in practical applications: personal data leakage and high Token usage costs. EdgeClaw core adopts a 'three-tier security collaboration' and 'cost-performance aware collaboration' mechanism, which routes tasks based on sensitivity and complexity levels to achieve localized processing of sensitive data (using MiniCPM model) and cost reduction for simple tasks. Additionally, the framework introduces a 'dual-track memory' mechanism, ensuring cloud models only access desensitized information,,构建了工程层面的端云协同智能体解决方案,实现了「多、快、好、省」的目标。
Main Points
* 1. Self-developed three-tier security collaboration mechanism achieves privacy-level protection.Through Hook injection, data is classified into three levels: default, desensitized, and secure. S3-level sensitive data is forcibly processed by the local MiniCPM model offline, achieving physical isolation to ensure private data is never uploaded to the cloud. * 2. Cost-performance aware collaboration mechanism significantly reduces agent operating costs.Using a local small model as a Judge, requests are routed to different priced cloud models based on task complexity. In programming assistant scenarios, 60-80% of requests can be diverted to low-cost models. * 3. Security-first composable routing pipeline ensures compliance.Security collaboration and cost-performance collaboration run in the same pipeline, with the security router having higher priority. Once sensitive data is identified, the system directly triggers a bypass strategy, prioritizing data security over cost optimization. * 4. Dual-track memory mechanism fundamentally prevents context privacy leakage.The system maintains two sets of memory; the cloud model can only obtain desensitized conversation history, while memory containing complete information is only stored locally and accessed by the local model, preventing privacy leakage through the context window to third parties.
Metadata
AI Score
81
Website mp.weixin.qq.com
Published At Today
Length 1608 words (about 7 min)
Sign in to use highlight and note-taking features for a better reading experience. Sign in now
作者 | OpenBMB
当前大火的 OpenClaw,让越来越多开发者和个人用户意识到个人智能体发挥的巨大作用。然而在实际使用过程中,有两个问题被使用者广泛提及:一是用户个人数据会被 OpenClaw 上传给云端大模型,造成一定程度的个人数据泄露;另一方面是 OpenClaw 执行过程中拼接的超长上下文带来 token 浪费,造成了较高的使用成本。
3月19日,我们正式发布并开源由 THUNLP,中国人民大学,AI9Stars,面壁智能 与 OpenBMB 基于 OpenClaw 联合开发的安全高效端云协同智能体框架 EdgeClaw,通过 三级安全协同 与 性价比感知协同机制,解决 OpenClaw 使用过程中本地数据泄漏、token 花费成本高等问题。通过部署在 DGXSpark、MacMini 等桌面端设备上,给使用者带来安全高效的本地龙虾使用体验。
➤ GitHub 链接🔗https://github.com/Openbmb/EdgeClaw
EdgeClaw:安全高效端云协同智能体
当下 AI Agent 架构中,端侧长期被忽视——所有数据与任务一股脑涌向云端,隐私泄露与算力浪费由此而生。
EdgeClaw 通过 三级安全协同机制 实现本地数据加密与安全隔离,通过 性价比感知协同机制 灵活调用不同费用模型,实现简单任务使用低价模型、复杂任务调用高阶模型。安全协同和性价比感知协同运行在 同一管线 中,通过权重和两阶段短路策略协同工作。
EdgeClaw 主体功能实现以 OpenClaw 插件形式加载,配合端云协同的智能转发能力,开发者无需修改业务逻辑,即可在 EdgeClaw 中实现“公开数据上云、敏感数据脱敏、私密数据落地”的无感端云协同隐私保护与性价比节省。
三级安全协同机制
EdgeClaw 的一个核心创新是自研三级安全协同机制:通过在 OpenClaw 执行流程中植入 Hook,EdgeClaw 能自动将每一条用户消息、工具调用参数和 Agent 输出按敏感程度分为三级:
* S1:默认模式(信息将在云端处理),可直接用云端模型处理。
* S2 脱敏模式(信息将在脱敏后处理),自动脱敏,将企业的敏感信息模糊化(如把「王小二」变成「员工 A」)后,再发往云端。
* S3:安全模式(信息将强制在本地处理),物理隔离,敏感数据完全留在本地,由预装的 MiniCPM 系列模型离线处理。
对于隐私文件,EdgeClaw 识别为 S3 等级并由本地模型离线处理
在三级分类基础上,EdgeClaw 使用了基于规则检测器和本地 LLM 检测器的双检测引擎,两个引擎可组合叠加,通过 checkpoints 配置按场景灵活启用。
与此同时,EdgeClaw 还维护了一套「双轨记忆」机制——云端模型只能看到脱敏后的对话历史,只有本地模型才能访问包含完整信息的记忆内容,从根本上杜绝了隐私数据通过上下文窗口泄露给第三方云服务的风险。
性价比感知协同机制
在典型的 AI 编程助手工作流中,大部分请求是查文件、看代码、简单问答——用最贵的模型处理这些任务会造成大量浪费。性价比感知协同用本地小模型做 LLM-as-Judge,把请求按复杂度分级路由到不同价位的云端模型。
表 路由模型配置示例
实际测试中,以典型编程助手工作流为例,性价比感知协同机制可将 60–80% 的请求路由到更便宜的模型。
可组合路由管线
安全协同和性价比感知协同运行在 同一管线 中,通过权重和两阶段短路策略协同工作。管线设计遵循安全优先:安全路由器高权重先跑,有敏感数据就直接短路处理,不浪费时间再判断复杂度。只有安全通过(S1)后,才启动性价比感知协同优化成本。
未来规划
EdgeClaw 将持续迭代,进化为支持更广泛端侧设备部署的软件系统。未来的开发计划包含如下四个部分:
* EdgeClaw Router。聚焦安全高效端云协同,结合更多端侧硬件与模型,实现更灵活多样的本地模型选择。
* EdgeClaw Memory。优化 OpenClaw 记忆,实现面向任务的记忆机制,实现智能体真正配合用户执行长期复杂任务的能力。
* EdgeClaw SkillHub。构建聚焦支持本地化任务的 Skill Hub,整合端侧智能体服务关注的特定 Skill 并内置高频使用 Skill。对于主流的基于 AI 模型实现的 Skill 实现端侧模型替代,进一步提高使用效率。
* EdgeClaw UI。支持更加端侧场景友好的前端 UI 设计,增加本地 GPU 使用率、本地 token 使用量等端侧用户关注的性能监控指标。
EdgeClaw 聚焦构建安全高效的端云协同智能体,未来将继续保持开源。欢迎广大开发者与行业伙伴一起参与贡献,共同打造“多、快、好、省”的端侧智能体解决方案。
A AI前线 @AI前线
One Sentence Summary
ModelBest and partners release EdgeClaw framework, addressing privacy leaks and Token cost issues in personal agents through three-tier security collaboration and cost-performance routing.
Summary
This article provides a detailed introduction to the EdgeClaw framework jointly developed by ModelBest, OpenBMB, and THUNLP at Tsinghua University. The framework aims to solve the two major challenges faced by OpenClaw and other personal agents in practical applications: personal data leakage and high Token usage costs. EdgeClaw core adopts a 'three-tier security collaboration' and 'cost-performance aware collaboration' mechanism, which routes tasks based on sensitivity and complexity levels to achieve localized processing of sensitive data (using MiniCPM model) and cost reduction for simple tasks. Additionally, the framework introduces a 'dual-track memory' mechanism, ensuring cloud models only access desensitized information,,构建了工程层面的端云协同智能体解决方案,实现了「多、快、好、省」的目标。
Main Points
* 1. Self-developed three-tier security collaboration mechanism achieves privacy-level protection.
Through Hook injection, data is classified into three levels: default, desensitized, and secure. S3-level sensitive data is forcibly processed by the local MiniCPM model offline, achieving physical isolation to ensure private data is never uploaded to the cloud.
* 2. Cost-performance aware collaboration mechanism significantly reduces agent operating costs.
Using a local small model as a Judge, requests are routed to different priced cloud models based on task complexity. In programming assistant scenarios, 60-80% of requests can be diverted to low-cost models.
* 3. Security-first composable routing pipeline ensures compliance.
Security collaboration and cost-performance collaboration run in the same pipeline, with the security router having higher priority. Once sensitive data is identified, the system directly triggers a bypass strategy, prioritizing data security over cost optimization.
* 4. Dual-track memory mechanism fundamentally prevents context privacy leakage.
The system maintains two sets of memory; the cloud model can only obtain desensitized conversation history, while memory containing complete information is only stored locally and accessed by the local model, preventing privacy leakage through the context window to third parties.
Key Quotes
* EdgeClaw achieves local data encryption and security isolation through three-tier security collaboration, and flexibly calls different priced models through cost-performance aware collaboration. * Developers can achieve seamless edge-cloud collaboration of 'public data to cloud, sensitive data desensitized, private data local' in EdgeClaw without modifying business logic. * The cost-performance aware collaboration mechanism can route 60-80% of requests to cheaper models. * The cloud model can only see desensitized conversation history; only the local model can access memory containing complete information, fundamentally eliminating the risk of privacy data leakage.
AI Score
81
Website mp.weixin.qq.com
Published At Today
Length 1608 words (about 7 min)
Tags
AI Agent
EdgeClaw
Edge-Cloud Collaboration
Privacy Protection
Token Optimization
Related Articles
* GPT-5.4 Released: OpenAI's First Unified Model, Truly Native * What You Don't Know About Claude Code: Architecture, Governance, and Engineering Practices - Tw93 * Working 100 Hours a Week! Google DeepMind CEO Reveals: Chinese Rival is ByteDance, Asserts Google is the Only Full-Stack AI Giant * OpenAI Frontline Development Observations: Those Who Can Manage 10–20 Agents and Run Hour-Long Tasks Are Leaving Other Engineers Far Behind * Software Engineering Outlook for the Next Two Years: From Writing Code to Managing AI, Programmers are Splitting into Two Careers * 128. Manus Co-founder's Final Interview Before Sale: The Fantastical Drift to 2025... * Claude Code Creator Reveals He's a Liu Cixin Superfan! No PRDs, No Job Titles: How Anthropic Consistently Launches AI Hits * 1,500 PRs, 0 Humans Coding: Codex-Driven Million-Line Internal Product Practice * How to Design an AI Agent System * Deconstructing Clawdbot: Local Architecture, Memory Management, Agent Orchestration, and Context Assembly Principles HomeArticlesPodcastsVideosTweets