DenchHQ has launched DenchClaw, an open-source, locally-hosted AI CRM built on its OpenClaw framework, pitching it as a privacy-first alternative to Salesforce and HubSpot. Installation is a single `npx denchclaw` command — Node 22+ required — which spins up a web UI at localhost:3100 with workspace management, object tables for contacts, companies, customers, and founders, and an integrated AI chat interface. All data lives in DuckDB on the local machine; nothing leaves it.
The more interesting capability is how DenchClaw's agent operates once it's running. It can browse the web using the user's existing Chrome profile, which means it inherits authenticated sessions for LinkedIn, Gmail, GitHub, and other services rather than requiring fresh credentials or separate API integrations. In practice, that means the agent can perform outreach, scrape directories, and enrich contact records while logged in as the user — a level of access that typical API-based tools don't get. The tool also supports natural language-to-SQL queries against the local DuckDB instance and cron-based automations, pointing to a persistent agent architecture with defined identity, memory, and what DenchHQ calls a "heartbeat." A demo ships with a Founders table pre-seeded with YC Winter 2026 batch data, walking through a lead generation and enrichment workflow end-to-end.
OpenClaw, the underlying framework, is a modular CLI-driven gateway system built around profile-based configuration and pluggable capabilities. DenchClaw is essentially a pre-configured OpenClaw profile (`--profile dench`) with a purpose-built CRM interface layered on top. DenchHQ has positioned OpenClaw alongside a skills registry called skills.sh — framed as an npm-style marketplace for reusable agent capabilities — which lists publishers including Anthropic, Vercel Labs, and Microsoft, though the exact nature of those relationships wasn't confirmed before publication.
The Chrome session inheritance is the sharpest edge here. Agents that can act inside authenticated browser sessions — without OAuth scopes or API keys — occupy a different risk and capability category than those that operate through official integrations. Whether that's a feature or a liability will depend on the user, but it's the thing that makes DenchClaw worth watching.