AstrBot
AstrBot is an open-source Python-based AI agent platform that integrates with messaging apps (QQ, Telegram, WeChat, Slack, etc.) and LLMs to build conversational AI. It supports plugins, knowledge bases, and agent frameworks via a web UI and offers sandbox execution for safe code/shell operations.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | AstrBotDevs/AstrBot |
| Owner | AstrBotDevs |
| Primary language | Python |
| License | AGPL-3.0 — OSI-approved |
| Stars | 36k |
| Forks | 2.5k |
| Open issues | 1.3k |
| Latest release | v4.26.5 (2026-07-07) |
| Last updated | 2026-07-07 |
| Source | https://github.com/AstrBotDevs/AstrBot |
What AstrBot is
Python 3.12+ framework providing multi-platform IM connectors, LLM orchestration (OpenAI, Gemini, Llama, etc.), MCP support, plugin architecture (1000+ available), agent sandbox for isolated execution, and auto-context compression. Deployable via Docker, uv, or cloud platforms.
Get the AstrBot source
Clone the repository and explore it locally.
git clone https://github.com/AstrBotDevs/AstrBot.gitcd AstrBot# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- AGPL-3.0 license: any modifications or derivative deployments must be open-sourced; review legal/compliance before use in proprietary products.
- 1,298 open issues and high fork count suggest active development but potential stability gaps; test thoroughly on target IM platforms before production.
- Requires uv (package manager) or Docker for deployment; ensure team familiarity with Python 3.12+, async I/O, and plugin lifecycle management.
- LLM integration is by-bring-your-own-key (OpenAI, Gemini, etc.); no bundled model; cost scales with API usage and context length.
- Sandbox execution adds complexity; validate resource limits, timeout handling, and isolation for untrusted code execution scenarios.
When to avoid it — and what to weigh
- Closed-Source or Proprietary Requirement — AGPL-3.0 licensing requires source code disclosure and derivative works to remain open. If you cannot publish modifications or need permissive commercial licensing, this is unsuitable.
- High Security/Compliance Constraints — No explicit audit trail, SOC 2, or HIPAA compliance mentioned. Code/shell sandbox execution presents attack surface; requires threat modeling for regulated data (healthcare, finance).
- Single-Platform, Lightweight Requirement — Overhead of multi-platform abstraction, plugin system, and agent orchestration may be excessive for a simple single-channel bot. Consider a purpose-built lightweight library instead.
- Limited Python Ecosystem in Your Stack — Python-only implementation; integration with JVM, Go, or .NET applications requires API/RPC bridges, adding operational complexity.
License & commercial use
AGPL-3.0 (GNU Affero General Public License v3.0). This is a strong copyleft license. Any modifications or network-distributed versions must disclose source and remain open-source. Use only with explicit legal review if commercial, proprietary, or embedded in closed-source products.
AGPL-3.0 permits use but requires: (1) all modifications be open-sourced; (2) if deployed as a service, source code must be offered to users. Commercial support/licensing from maintainers is not described in provided data. **Requires review with your legal team before commercial deployment.**
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Adequate |
| License clarity | Clear |
| Deployment complexity | Moderate |
| DEV.co fit | Good |
| Assessment confidence | High |
Agent sandbox for code/shell execution is a security feature but also an attack surface. No mention of input validation, prompt injection mitigations, or LLM jailbreak protections. Plugin ecosystem introduces supply-chain risk (1000+ plugins of unknown provenance/maintenance). Code execution from untrusted sources (e.g., user-provided agents) requires strict isolation, resource limits, and monitoring. Assess threat model against LLM output, plugin code, and user input before production.
Alternatives to consider
Dify
Closed-UI agent/workflow builder; emphasizes enterprise SaaS deployment and visual orchestration over self-hosting; may require licensing.
LangChain / LangGraph
Python LLM framework focused on agent chains and tool use; more modular and lightweight but lacks built-in IM integrations and requires custom platform adapters.
n8n
Visual no-code workflow automation with LLM support; easier onboarding for non-technical users but less customizable for agent-specific logic.
Build on AstrBot with DEV.co software developers
Review the full documentation at astrbot.app, assess AGPL-3.0 licensing implications with your legal team, and deploy via Docker or uv. Start with a non-production test on your IM platform.
Talk to DEV.coRelated on DEV.co
Explore the category and the services that help you build with it.
AstrBot FAQ
Can I use AstrBot commercially?
Does AstrBot include LLMs?
How stable is AstrBot for production?
Is AstrBot secure for user data?
Custom software development services
DEV.co helps companies turn open-source tools like AstrBot into production software. Our software development services cover the full lifecycle — architecture, web development, integration, and maintenance — delivered by software developers and web developers who ship. Engage our software development agency to implement or customize it for your ai frameworks stack.
Ready to Deploy Multi-Platform AI?
Review the full documentation at astrbot.app, assess AGPL-3.0 licensing implications with your legal team, and deploy via Docker or uv. Start with a non-production test on your IM platform.