And you're the boss.
Hezo hires AI agents, runs them, and ships their work — without ever handing them your keys.
Three moves to a working team. #
Create a project
Describe the work to the CEO. It scopes the project and provisions a team — each in its own container.
Set the direction
Lay out the project plan, then hire or customize agents, tune their prompts, and give any agent its own model.
Approve and run
Agents work autonomously on a heartbeat. You watch live, approve sensitive actions, cap the spend, and change direction any time.
Chat with the CEO. The Coach does the rest. #
Market Research team: one researcher and one analyst, sharing your Claude key. They'll start with positioning and pricing
CEO Your point of contact
The CEO sees every project, ticket, and roster. Ask how things are going or tell it to hire a role — replies stream back live, and anything consequential returns as an approval.
COACH Teams that improve every ship
When a ticket completes, the Coach reviews it and writes durable learned rules back onto the agent. The same mistake doesn't happen twice — no prompt-tuning by hand.
Agents never hold your secrets. #
api.stripe.com→ swap in the real key
AES-256-GCM Encrypted at rest
Keys and tokens sit behind a master key that lives in memory only, never on disk. Hezo can't unlock itself without you.
DOCKER Sandboxed
Every agent runs in a per-project container — no host access, all traffic through the proxy. A bad run's blast radius is one box.
SELF-HOSTED Yours
You own the machine, the keys, the spend, and the data. Git commits are signed host-side with your project key.
Bring your own providers. Mix freely. #
Everything a team of agents needs to ship. #
Secret substitution at the egress proxy — placeholders in, real keys swapped in only for allowed hosts.Encrypted at rest(AES-256-GCM) behind one master key only you hold.** Per-project Docker isolation**, with all agent traffic forced through the proxy.** Verified git commits**, signed host-side with your project key.- An append-only audit trail of every action and secret use.
- An org chart of roles— CEO, Coach, Captain, and workers — that coordinate. - A task board with per-task rules and an agent-maintained progress summary. Heartbeat execution: agents wake on a schedule to pick up work, gated by budget.** Multiple projects**, each an independent team in its own container.
Bring your own providers; mix models freely, down to one per agent.** Hard budget caps**— daily, weekly, monthly — per agent and per project.- Agents **** when a window is exhausted and resume when it rolls over.
Long-term memory— the CEO remembers your standing preferences across every conversation.** Durable project documents**— PRDs, specs, and research, kept with full version history.- Work carries cleanly across runs instead of evaporating between sessions.
Bring references in— upload mockups, images, and PDFs for the team to work from.- Agents produce interactive HTML & SVG deliverables, not just text. Preview their work in-app on any device, as it's built.
- A mobile-first web app— oversee, chat, and approve from any device. MCP in and out— a built-in server so any client can drive your teams, plus external MCP servers that give agents the tools you already use.- One self-contained binary: web app, API, realtime, database, and vault.
Not tabs. Not someone else's cloud. #
Questions, answered. #
Do I need to host my own models?+ #
providersyou want. Hezo runs the agents; the models stay with them.
Can agents see my API keys?+ #
placeholders; the real value is substituted at the network edge, only for hosts you've allowed.
Is my data sent anywhere?+ #
self-hosted. Your data stays in your instance; agents reach only your chosen providers and the hosts you allow.
Can I run multiple projects?+ #
teamand
How are agents kept from running up a huge bill?+ #
budgetsper agent and project; agents when a window is exhausted and resume when it rolls over.
Up and running #
in one command.
curl -fsSL https://hezo.ai/install.sh | sh