I built an open-source platform for running AI OpenClaw agents with auditable, capability-based security. Agents start sandboxed and must request permissions through human-in-the-loop approval. Every LLM call is logged. Built with Temporal, Docker-in-Docker, FastAPI, and Next.js.