Commerce Claw
Connected Commerce
56 connectors pre-wired · Zero Zaps to maintain

Don't build the workflow.
Just ask for the result.

Every other tool sells the canvas. We sell the outcome. Type what you want — "refund order 1234 on Shopify," "post in #launch on Slack," "purge the homepage cache" — and the AI picks the right connector and runs it. 56 wired in. Encrypted per-user keys. Approval queue on the dangerous stuff. Audit trail on everything.

Try it · The AI tells you which tool would fire
Live route trail · last 6 commands
All 56 connectors · loading…

What makes it different.

01
Encrypted at rest, by default.
Every API key and OAuth token is wrapped in AES-256-GCM with a versioned key envelope. Rotate the master key and old data still decrypts via dual-read until the next save sweep. Plaintext never touches disk after the first write.
AES-256-GCM · key_id rotation
02
Sensitive actions wait for approval.
Reads execute. Writes — refunds, posts, DNS edits, payouts — land in an approval queue with the parsed intent shown in plain English. You see what's about to happen before it happens. Fail-closed against prompt injection.
Approval gate · audit trail
03
Local LLM, your IP doesn't leak.
Routing runs on a Mac Studio at the edge of the network — qwen3:14b — not a third-party API. Your business commands aren't training someone else's model. Zero per-request inference cost.
Ollama · qwen3:14b · $0/req
How it works · 3 steps
i.
You type one sentence.
> refund order 1234 on shopify
> post #launch on slack
> purge cloudflare cache
ii.
Local LLM picks the tool.
{
  "connector": "shopify",
  "action": "order.refund",
  "input": { "order_id": "1234" }
}
iii.
You approve. It runs.
⚠ SENSITIVE · awaiting approval
shopify.order.refund(1234)
   [approve]  [reject]
audit log #4827 written ✓
Versus the workflow-builder maze
Zapier · Make · n8n
7,000+ apps in a directory. You drag, you wire, you maintain. Make's free tier polls every 15 minutes — by design.
Bardeen · Relay
Credit-metered AI assists. Bardeen's 1,000 Premium credits burn through in a single workday at 3 credits/row. The math is the moat — until it isn't.
Commerce Claw
56 curated connectors, on-demand routing. The command layer IS the product, not a feature bolted on. Local LLM means your IP doesn't leak.
FAQ · what people actually ask

Honest answers.

Where do my API keys actually live?

On disk, AES-256-GCM encrypted with a versioned key envelope (key_id rotation supported). The encryption key is derived from a server-side secret loaded only at boot and never logged. The plaintext leaves memory the moment it's saved.

Does the AI ever see my full data?

The local LLM only sees your command (e.g., "refund order 1234 on Shopify") to pick the connector and parse arguments. It does not see vendor responses or your other connectors' data. Routing runs on Steve's hardware — no third-party LLM API.

What if the AI picks the wrong tool?

Sensitive actions (refunds, posts, DNS edits, deletions) land in an approval queue with the parsed intent shown in plain English. Read it. Approve or reject. Reads execute immediately because they don't change state.

How does this differ from Zapier or Make?

Those are workflow builders — you wire triggers to actions on a canvas, then maintain the wires. Commerce Claw is the opposite: type one sentence, the AI picks the connector. No canvas, no Zaps to maintain, no per-task pricing.

What's the pricing?

Currently free while in early access. The eventual model will be a flat workspace fee (no per-task metering, no credit math). If pricing changes, you'll get 30 days notice and can export your audit log + connector registrations on the way out.

Can I self-host?

Not yet packaged for distribution. The architecture is a single Node process + JSON store + local Ollama, so it's straightforward to lift — email info@agentabrams.com if you want the Docker recipe.

What if I want a connector that's not in the 56?

Most modern SaaS tools speak OAuth2 + REST and slot in cleanly. Tell us what you need; new connectors typically ship in 1-3 days. Anything that exposes a webhook can be wired the same week.

Is this production-ready?

Encryption-at-rest, atomic writes with fsync, audit trail, sensitive-action approval queue, CSP+HSTS, rate limits — yes, by mainstream-SaaS standards. We're early-access because the connector matrix and UX are still hardening, not because the security floor is.

Skip the canvas. Just type.

Sign in → Talk to Steve