tentaclaw-setup
Safe installation, verification, rotation, incidents, and migration.
Tentaclaw is the MCP Server. It translates six structured tool calls into controlled Poppy API requests. Four first-party skills teach compatible agents how to set it up, choose approved destinations, research, and draft without ever owning the Poppy key.
Chrome Pro opens Poppy chatbot links in Chrome. Tentaclaw is the MCP Server that connects external agent clients to the documented Poppy API. First-party skills run in the agent environment and call Tentaclaw tools; they are not a second server.
Exact path: Agent runtime + SharetoBoard/Tentaclaw skills → MCP → Tentaclaw MCP Server → HTTPS → Poppy API.
tentaclaw-setupSafe installation, verification, rotation, incidents, and migration.
poppy-operatorCore board/chat resolution, bounded use, and conversation control.
poppy-board-researchFocused, source-aware research from one approved destination.
poppy-content-workflowBrainstorm, create, and rewrite work returned for human review.
Credential rule: skills use Tentaclaw MCP tools only. They do not contain the key, read the key file, or make direct Poppy HTTP calls.
The current implementation exposes exactly these operations. It does not claim broader Poppy board construction or commercial account governance.
poppy_get_boardsList boards available to the configured Poppy API key.
poppy_get_chatsList chat assistants for a selected board.
poppy_create_conversationCreate a conversation for a board and chat assistant.
poppy_askAsk a one-time question without a conversation thread.
poppy_chatContinue an existing Poppy conversation.
tentaclaw_versionReport the running Tentaclaw version.
stdio is the defaultNo inbound network port is required for an agent running on the same machine.
The preferred setup reads the Poppy API key from a restricted file. POSIX permissions are checked by the current implementation.
The release CLI is stdio-only. Any future remote mode requires a separately authenticated, TLS-protected gateway; raw public exposure is not a release feature.
Important: A secret file is still plaintext protected by operating-system permissions. Use a secrets manager, container secret, or vault when your deployment supports one.
stdio server by defaultAPI Conduit is separate: customer identities, credits, rate limits, revocation, billing, multi-account routing, reseller controls, and audit ledgers belong to a different future infrastructure product—not Tentaclaw.
Draft PR #1 now contains client-native candidate examples for Codex, Claude, OpenClaw, and Hermes. Those examples establish the intended configuration shape; no client will be labeled “tested” until its exact-version end-to-end run is recorded.