Multi-tenant agent spawning with configurable secrets, customer onboarding, and fleet management.
Neo isn’t just one agent — it’s a fleet architecture:
┌─────────────────────────────────────────────────────────────┐
│ NEO FLEET MANAGER │
│ (Dashboard for spawning, configuring, monitoring agents) │
├─────────────────────────────────────────────────────────────┤
│ │
│ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐ │
│ │ Neo-Prime │ │ Neo-LW │ │ Neo-Anasto │ │
│ │ (Internal) │ │ (Customer) │ │ (Vertical) │ │
│ │ │ │ │ │ │ │
│ │ Full secrets│ │ Customer │ │ Biomedical │ │
│ │ Full memory │ │ secrets │ │ skills │ │
│ │ All skills │ │ Automotive │ │ Customer │ │
│ │ │ │ skills │ │ secrets │ │
│ └─────────────┘ └─────────────┘ └─────────────┘ │
│ │
├─────────────────────────────────────────────────────────────┤
│ SHARED INFRASTRUCTURE │
│ ├── Railway (hosting) │
│ ├── Clawdbot/OpenClaw (runtime) │
│ ├── soul.py (memory layer) │
│ ├── Supabase (fleet config storage) │
│ └── Telegram/Discord/API (interfaces) │
└─────────────────────────────────────────────────────────────┘
Different agents need different credentials:
# Base config (all agents inherit)
base:
runtime: openclaw
hosting: railway
memory: soul.py
# Internal overlay (add our secrets)
internal:
inherit: base
secrets:
GITHUB_TOKEN: "gho_OUR_TOKEN"
OPENAI_API_KEY: "sk-OUR_KEY"
# ... all our keys
memory:
bootstrap: "full" # Load all MEMORY.md
# Customer overlay (their secrets)
customer:
inherit: base
secrets:
GITHUB_TOKEN: "${CUSTOMER_GITHUB_TOKEN}" # Provided during setup
OPENAI_API_KEY: "${CUSTOMER_OPENAI_KEY}"
memory:
bootstrap: "domain" # Load domain knowledge only
# Vertical overlay (domain + customer)
vertical-anasto:
inherit: customer
skills:
- biomedical-research
- clinical-trials
- medical-devices
memory:
seed: "anasto-domain-knowledge"
┌────────────────────────────────────────────┐
│ Set Up Your AI Developer Agent │
├────────────────────────────────────────────┤
│ │
│ 1. GitHub Access │
│ ┌─────────────────────────────────┐ │
│ │ Create a GitHub Personal Access │ │
│ │ Token (PAT) with these scopes: │ │
│ │ │ │
│ │ ☑ repo │ │
│ │ ☑ read:user │ │
│ │ ☑ user:email │ │
│ │ │ │
│ │ [How to create a PAT →] │ │
│ └─────────────────────────────────┘ │
│ │
│ Token: [________________________] │
│ │
│ 2. AI Model Access (choose one) │
│ ○ Use Copilot (via GitHub) │
│ Your GitHub account must have │
│ Copilot enabled │
│ │
│ ○ Use OpenAI directly │
│ API Key: [____________________] │
│ │
│ ○ Use Anthropic directly │
│ API Key: [____________________] │
│ │
│ 3. Communication Channel │
│ ○ Telegram (recommended) │
│ [Connect Telegram Bot] │
│ │
│ ○ Discord │
│ [Connect Discord Server] │
│ │
│ [Create My Agent] │
└────────────────────────────────────────────┘
🧬 Neo is ready!
I'm your AI developer agent. I can:
• Understand and modify codebases
• Follow structured development workflows
• Remember context across sessions
• Learn from your feedback
Start by sharing a GitHub repo you'd like me to work on.
Type /help for commands.
┌────────────────────────────────────────────────────────────┐
│ Neo Fleet Manager [Admin Panel] │
├────────────────────────────────────────────────────────────┤
│ │
│ ACTIVE AGENTS (4) │
│ ┌─────────────────────────────────────────────────────┐ │
│ │ Agent │ Customer │ Status │ Last Active │ │
│ ├─────────────┼─────────────┼─────────┼──────────────┤ │
│ │ Neo-Prime │ Internal │ 🟢 Up │ 2 min ago │ │
│ │ Neo-LW │ LW Auto │ 🟢 Up │ 15 min ago │ │
│ │ Neo-Anasto1 │ CJ Shores │ 🟢 Up │ 1 hr ago │ │
│ │ Neo-Trial │ Demo │ 🟡 Idle │ 3 days ago │ │
│ └─────────────────────────────────────────────────────┘ │
│ │
│ [+ Spawn New Agent] [Manage Templates] [View Logs] │
│ │
│ RESOURCE USAGE │
│ ┌─────────────────────────────────────────────────────┐ │
│ │ Railway Compute: $47.23 / month │ │
│ │ API Calls: 12,847 (OpenAI: 8.2K, Copilot: 4.6K) │ │
│ │ Storage: 2.3 GB across all agents │ │
│ └─────────────────────────────────────────────────────┘ │
│ │
│ RECENT ACTIVITY │
│ • Neo-LW committed to menonpg/lotpay — 15 min ago │
│ • Neo-Prime analyzed bhph-dms-playbook — 2 hr ago │
│ • Neo-Anasto1 generated codebase memory — 1 day ago │
│ │
└────────────────────────────────────────────────────────────┘
┌────────────────────────────────────────────────────────────┐
│ Neo-LW [LW Automotive] │
├────────────────────────────────────────────────────────────┤
│ │
│ STATUS: 🟢 Running │
│ Railway Service: neo-lw-production │
│ Created: 2026-06-15 │
│ Last Active: 15 min ago │
│ │
│ SECRETS │
│ ├── GITHUB_TOKEN: gho_****rK3m (valid, expires never) │
│ ├── OPENAI_API_KEY: sk-****7xQ (valid) │
│ └── [+ Add Secret] [Rotate Keys] │
│ │
│ SKILLS │
│ ├── ✓ codebase-memory │
│ ├── ✓ superpowers-methodology │
│ ├── ✓ automotive-domain (custom) │
│ └── [Manage Skills] │
│ │
│ MEMORY │
│ ├── MEMORY.md: 12 KB (47 entries) │
│ ├── Daily logs: 23 files │
│ ├── Codebase graphs: 3 projects │
│ └── [View Memory] [Export] [Reset] │
│ │
│ ACTIONS │
│ [View Logs] [Restart] [Pause] [Delete] │
│ │
└────────────────────────────────────────────────────────────┘
Each agent is a Railway service cloned from a template:
# Dockerfile.neo-agent
FROM node:22-slim
# Install OpenClaw/Clawdbot
RUN npm install -g clawdbot@latest
# Install soul.py
RUN pip install soul-agent
# Copy base config
COPY config/ /root/.clawdbot/
# The actual secrets come from Railway env vars
# GITHUB_TOKEN, OPENAI_API_KEY, etc.
CMD ["clawdbot", "gateway"]
// spawn-agent.js
async function spawnCustomerAgent(customerId, config) {
// 1. Create Railway service from template
const service = await railway.createService({
projectId: FLEET_PROJECT_ID,
name: `neo-${customerId}`,
source: { repo: 'menonpg/neo-agent', branch: 'main' }
});
// 2. Inject customer secrets
await railway.setEnvVars(service.id, {
GITHUB_TOKEN: config.githubToken,
OPENAI_API_KEY: config.openaiKey,
TELEGRAM_BOT_TOKEN: config.telegramToken,
CUSTOMER_ID: customerId
});
// 3. Initialize memory (fresh or seeded)
if (config.seedMemory) {
await seedAgentMemory(service.id, config.domainTemplate);
}
// 4. Deploy
await railway.deploy(service.id);
return service;
}
// rotate-secrets.js
async function rotateAgentSecrets(agentId, newSecrets) {
// 1. Update Railway env vars
await railway.setEnvVars(agentId, newSecrets);
// 2. Trigger redeploy to pick up new secrets
await railway.redeploy(agentId);
// 3. Verify agent is healthy with new secrets
await waitForHealthy(agentId);
// 4. Log rotation event
await logSecretRotation(agentId, Object.keys(newSecrets));
}
-- Agent fleet configuration
CREATE TABLE agents (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
name TEXT NOT NULL,
customer_id UUID REFERENCES customers(id),
railway_service_id TEXT,
status TEXT DEFAULT 'pending', -- pending, running, paused, stopped
agent_type TEXT DEFAULT 'customer', -- internal, customer, vertical
config JSONB DEFAULT '{}',
created_at TIMESTAMPTZ DEFAULT NOW(),
last_active_at TIMESTAMPTZ
);
-- Customer accounts
CREATE TABLE customers (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
name TEXT NOT NULL,
email TEXT UNIQUE,
plan TEXT DEFAULT 'trial', -- trial, pro, enterprise
created_at TIMESTAMPTZ DEFAULT NOW()
);
-- Secrets (encrypted, never logged)
CREATE TABLE agent_secrets (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
agent_id UUID REFERENCES agents(id) ON DELETE CASCADE,
key_name TEXT NOT NULL, -- GITHUB_TOKEN, OPENAI_API_KEY, etc.
key_hash TEXT NOT NULL, -- Hash for verification, not the actual value
last_rotated_at TIMESTAMPTZ DEFAULT NOW(),
UNIQUE(agent_id, key_name)
);
-- Activity log
CREATE TABLE agent_activity (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
agent_id UUID REFERENCES agents(id),
event_type TEXT, -- message, commit, deploy, error
metadata JSONB,
created_at TIMESTAMPTZ DEFAULT NOW()
);
| Plan | Agents | Features | Price |
|---|---|---|---|
| Trial | 1 | Basic skills, 7-day limit | Free |
| Pro | 3 | Full skills, priority support | $49/mo |
| Team | 10 | + Fleet dashboard, SSO | $199/mo |
| Enterprise | Unlimited | + Custom skills, SLA | Custom |
Neo Fleet: Spawn agents for customers, manage at scale, isolate secrets, bill appropriately.