Why CKP?
The AI agent ecosystem is growing fast — OpenClaw, NanoClaw, IronClaw, PicoClaw, ZeroClaw, Nanobot — but every framework solves the same problems differently and none of them interoperate. Skills built for one framework do not work in another. Security models vary wildly. Multi-agent coordination barely exists. Observability is an afterthought.
CKP exists to fix this. One manifest format. One wire protocol. Portable across any conformant runtime.
Skills don’t transfer across frameworks
Section titled “Skills don’t transfer across frameworks”A Gmail integration built for OpenClaw won’t work in Nanobot. A web-scraping workflow from ZeroClaw can’t run on NanoClaw. Every framework has its own skill format, its own config structure, its own assumptions.
-> The Skill primitive defines a universal format — description, tool dependencies, instructions, permissions, and I/O schemas — all in one portable YAML block. Write once, run on any CKP runtime.
Multi-agent collaboration has no protocol
Section titled “Multi-agent collaboration has no protocol”You want a research agent, a writer, and an editor working together. But there is no standard way to coordinate them — no shared message format, no topology definition, no aggregation strategy.
-> The Swarm primitive provides five topologies (leader-worker, peer-to-peer, pipeline, broadcast, hierarchical), four message-passing backends, aggregation strategies, and a wire protocol for task delegation, peer discovery, and result reporting.
No structured observability
Section titled “No structured observability”When your agent misbehaves at 3 AM, you can’t trace why. There is no standard for tracing across tool calls, no token dashboards, no cost tracking. Every framework logs differently or not at all.
-> The Telemetry primitive exports structured events to OpenTelemetry-compatible backends (Datadog, Jaeger, Grafana) with sampling control and automatic redaction of sensitive data. It supports five exporter types: OTLP, file, SQLite, webhook, and console.
Security is a patchwork
Section titled “Security is a patchwork”OpenClaw uses application-level allowlists. NanoClaw uses OS containers. IronClaw built five security layers from scratch in Rust. There is no shared security vocabulary across frameworks.
-> Policy provides a declarative rule engine (allow, deny, require-approval, audit-only) with prompt injection detection, secret scanning, and rate limiting. Sandbox enforces per-tool isolation across five levels (none, process, WASM, container, VM). Both are required at Level 2 — security is not optional.
No standard way to verify agent behavior
Section titled “No standard way to verify agent behavior”How do you prove your agent handles policy denials, tool timeouts, or sandbox violations correctly? Each framework tests differently, or not at all. There is no shared conformance language.
-> CKP ships with 31 conformance test vectors across three levels and a coherence auditor that validates spec consistency across documents. Claim Level 2? Run the harness and prove it.
Voice and multimodal are bolted on
Section titled “Voice and multimodal are bolted on”Most frameworks are text-first. There is no standard for routing voice to the right model or handling image/video inputs alongside text.
-> Provider declares capabilities (text, image, audio, video, realtime) and transport (http, websocket, webrtc). Channel supports voice as a first-class type. Runtimes route automatically based on declared capabilities — no custom plumbing required.
Running offline means reinventing the stack
Section titled “Running offline means reinventing the stack”PicoClaw targets $10 hardware. ZeroClaw embeds everything in SQLite. Each project solves local-first agent deployment differently with no shared contract between them.
-> Provider supports local endpoints (Ollama, vLLM) with zero auth. Memory runs on SQLite. Sandbox works at process level. A valid L1 agent needs only Identity + Provider — no cloud, no Docker, no external dependencies. The same manifest format works from embedded hardware to cloud clusters.