Skip to content

FAQ

Jump to bottom
loki-bedlam edited this page Mar 22, 2026 · 3 revisions

Frequently Asked Questions

Security & Trust

Wait — this is using OpenClaw?

Yes. OpenClaw is a powerful stateful AI agent framework. It's what gives Loki persistent memory, proactive scheduling, event-driven actions, and the ability to work across sessions. Think of it as the runtime that makes Loki more than a chatbot — it's a full Dev/Research/Ops partner that lives in your account 24/7.

I heard OpenClaw can be insecure. Should I be worried?

Many users have run OpenClaw insecurely on their local machines and exposed it to the internet. The Loki install is completely different — your agent runs inside a closed VPC with no inbound traffic. Security groups block all ingress by default. Access is only through SSM Session Manager (or optionally SSH with a key pair). There are no open ports, no public endpoints, and no way to reach the instance from the internet.

What about prompt injection?

Prompt injection is a real concern with any AI agent. To minimize the attack surface, we do not install any OpenClaw community plugins. The only extensions installed are AWS MCP servers (documentation search, CloudFormation schemas, CLI access) and Playwright MCP for browser-based testing. No third-party MCP servers, no untrusted plugins.

What permissions does Loki have in my account?

Loki has admin-level permissions (via IAM role, no console access) so it can help you build and debug anything across any AWS service — from Lambda to ECS to DynamoDB to CloudFormation. That's exactly why we strongly recommend creating a dedicated AWS account for this: to contain the blast radius to a single sandbox. This is a prototyping tool, not a production operations platform.

Does the agent have internet access?

Yes — outbound only. The agent needs outbound internet for Bedrock API calls, package installs (pip, npm), fetching documentation, and accessing AWS APIs. There is no inbound access — security groups block all ingress. No one can reach the instance from the internet.

Can I see what the agent has done? Is there an audit trail?

Yes. Full conversation logs and memory files are stored in the workspace on the EC2 instance. Every AWS API call the agent makes is recorded in CloudTrail. You can review the agent's memory files, daily logs, and CloudTrail events at any time.

What data does the agent store and where?

Everything stays on the EC2 EBS volume in your account — conversation history, memory files, code, and configuration. Nothing leaves your AWS account. Bedrock inference also stays within AWS.

Getting Started

Is this using Amazon Bedrock under the covers?

Yes. All AI inference runs through Amazon Bedrock in your own AWS account. Loki uses Claude Opus and Sonnet models via Bedrock's cross-region inference. No data leaves AWS — your prompts, code, and conversations stay within your account's Bedrock endpoint.

How do I talk to it?

The default interface is the SSM terminal — connect from any browser via the AWS Console. You can optionally configure messaging integrations (Telegram, Discord, Slack) for mobile access, but these are not pre-configured. The Deployment Guide walks you through everything.

Can I SSH into the instance?

SSM Session Manager is the default — no open ports, no SSH keys needed. If you prefer SSH, you can optionally add your key pair during CloudFormation setup, which opens port 22. But SSM is recommended for security.

What happens if I delete the CloudFormation stack?

Everything gets cleaned up — EC2 instance, VPC, security groups, EBS volumes. Your account goes back to its original state. It's a clean, reversible install.

How long does installation take?

About 4–10 minutes via CloudFormation. It's fully automated — the stack creates the VPC, launches the EC2 instance, installs all dependencies, and configures the agent. You can also use the one-command installer:

bash <(curl -sfL https://raw.githubusercontent.com/inceptionstack/loki-agent/main/install.sh)

What region does it deploy in?

us-east-1 by default. The installer lets you pick your preferred region. CloudFormation templates can be deployed to any region with Bedrock access.

Capabilities

What can the agent help me with?

Loki is a Dev/Research/Ops partner. It can:

  • Build full-stack prototypes in hours — from a prompt to a deployed app with CI/CD pipeline
  • Research new AWS services hands-on — spin up a working PoC while you read the docs
  • Debug complex issues across deployed services with full architectural context
  • Monitor your account — read from GuardDuty, Security Hub, Inspector for findings; track cost anomalies and pipeline failures
  • Fix failed builds and redeploy
  • Run scheduled tasks — nightly cost reports, infrastructure checks, CVE scans
  • Manage infrastructure as code — CloudFormation, Terraform, CDK
  • Work from anywhere — close your laptop, come back to a deployed app

How is this different from Cursor, Kiro, or Claude Code?

Cursor, Kiro, and Claude Code are excellent coding assistants, but they run on your local machine and forget everything between sessions. Loki is fundamentally different:

  • Stateful memory — Loki remembers everything you've built together. No need to re-explain your architecture every session.
  • Always-on — Runs on EC2, not your laptop. Start a build, close your computer, come back to a deployed app.
  • Proactive — Scheduled tasks, heartbeat checks, automated reports. Acts on events without you asking.
  • Full account awareness — Monitors your apps, costs, and pipelines. Alerts you when something needs attention.
  • CI/CD integration — Knows the state of every repo, pipeline, and deployment. Can fix failed builds on its own.
  • Higher abstraction — You don't see code unless you want to. Describe what you want, Loki handles repos, pipelines, and infrastructure.

Bottom line: Kiro and Claude Code are for coding sessions. Loki is what happens when you give that same intelligence a permanent home in your AWS account.

Can I customize which MCP servers are installed?

Yes. Once deployed, you can add or remove MCP servers through the OpenClaw configuration. We start with a minimal, vetted set (AWS documentation, CloudFormation schemas, CLI access, and Playwright), but you're free to extend it.

What models does it use? Can I change them?

Claude Opus 4.6 via Bedrock by default — the most capable model for complex reasoning and coding. You can switch to Sonnet for faster/cheaper tasks or configure other Bedrock models. The agent can even switch models on the fly for different types of work.

Does it auto-update?

No — you control updates. The agent can self-update when you ask it to (just say "update yourself"), but it will never update without your explicit request. You stay in control.

General

Can multiple people share one instance?

It's not really designed for that — you'd be stepping on each other's toes. You could try though and let me know how it works out.

Can I install multiple Lokis in one account?

Same story as sharing one instance — they could mess with each other's shared infrastructure, or you'd need to architect a way for them to work on their own "zones." It's possible but not designed for it yet.

Who maintains this?

Roy Osherove (blog). Contributions, issues, and feedback are welcome at github.com/inceptionstack/loki-agent.

Clone this wiki locally