Your agent is ready. You're not ready to trust it. We fix that.
Run your agents 24/7. Credentials hidden. Every action logged. Big moves approved.
You have a working agent. It can reply to emails, fix bugs, process payments, review PRs. But you won't let it run unsupervised because:
- It has your API keys (what if it goes rogue?)
- You can't see what it did (what if the CEO asks?)
- There's no spend ceiling (what if one bad prompt burns $500?)
- There's no kill switch (what if it starts replying to every email in your inbox?)
So you babysit it. Or you don't run it at all.
A Zombie is a preconfigured agent workflow that does one job and runs forever.
"Install the Lead Zombie" → handles inbound email, replies, logs leads
"Install the Slack Bug Fixer" → monitors #bugs, opens PRs, replies in thread
"Install the PR Zombie" → reviews every PR, posts feedback, alerts on critical
"Install the Ops Zombie" → watches infra, alerts on incidents
"Install the Hiring Zombie" → receives candidate profile (resume PDF, GitHub PRs,
Gmail), analyzes attachments for merit, sends you
a decision report on Discord
You don't code a Zombie. You configure it: what tools it attaches, what credentials it uses, what budget it has, what triggers it. The agent intelligence is built in.
- Sandboxed runtime — bwrap + landlock isolation. Network deny-by-default.
- Credentials hidden — vault injects at the sandbox boundary. The agent never sees API keys.
- Webhooks wired — receive events from email, Slack, GitHub. No ngrok needed.
- Activity stream — every action timestamped.
zombiectl logsshows what happened and why. - Spend ceiling — per-day and per-month dollar budgets. One bad prompt never becomes an infinite burn.
- Kill switch —
zombiectl killstops any agent mid-action. Checkpoint saved, no data lost. - Crash recovery — state checkpointed after every event. Crashes recover automatically.
npm install -g zombiectl
zombiectl login
zombiectl install lead-collector
zombiectl up