1 / 12
Open Source · MSP Automation · v0.3
An orchestration engine
on top of your MSP tools
MSPclaw
ConnectWise, SuperOps, NinjaRMM, and Datto stay as the system of record. MSPclaw sits on top and resolves L1 tickets automatically, without replacing a single tool your team already uses.
Open Source Orchestrator MSP / ITSM v0.3 Live
Orchestrator
MSPclaw
ConnectWise
SuperOps
NinjaRMM
Datto
system of record
2 / 12
The Problem
MSP techs spend half
their day on the same 30 tickets
Password reset. Printer down. WiFi not connecting. PC running slow. Onboarding a new user. Every MSP sees these every day. The fix is always the same. The ticket still takes 20 minutes.
1
40-70% of all service desk tickets are repeatable L1 scenarios with known fixes
2
Each one takes a tech 15-30 minutes even though the diagnosis and fix are deterministic
3
MSPs can't hire fast enough to absorb growth, so they cap client count or burn out techs
3 / 12
The Cost
A 10-tech MSP burns
$180k-240k/year
on work a tool could handle
40-70%
of all tickets are repeatable L1 scenarios with a known playbook
20min
average time per L1 ticket at fully-loaded tech cost of $60-80/hr
40k+
MSPs in North America, each facing the same staffing and margin pressure
4 / 12
Gap in the Market
Every existing tool
solves one layer and stops
Tool What it does PSA integration Community playbooks Works across PSAs
TacticalRMM Script execution on devices None Scripts only No
ConnectWise Automate RMM + scripting CW Manage only Vendor-locked No
n8n / Zapier Generic workflow builder Via HTTP Not MSP-specific Yes, but generic
NinjaRMM RMM + basic automations Limited None No
MSPclaw Orchestration layer on top Multi-PSA Community marketplace Yes
5 / 12
The Solution
An orchestration layer.
Existing tools stay in place.
MSPclaw sits on top of your PSA and RMM. It receives ticket events, matches a community playbook, runs steps on the client device, and writes the result back to the ticket. Nothing gets replaced.
Ticket created
SuperOps / ConnectWise
MSPclaw
matches playbook
Agent on device
runs diagnostics + fix
Ticket updated
note + worklog + status
A
Ticket data stays in your PSA. Device data stays in your RMM. MSPclaw reads and writes, never stores.
B
Each playbook is a versioned YAML file with explicit steps. The tech can read every action before it runs.
6 / 12
L1 Coverage
30 ticket types covered
across two categories
Account + Access
Password reset
Account locked
MFA issues
VPN not connecting
Network
WiFi not connecting
WiFi password
Internet slow
Shared drive access
Devices
Printer not working
Keyboard / mouse
Monitor issues
App crashes
Performance
PC running slow
Disk full
High CPU / RAM
Service down
People Ops
New user onboarding
User offboarding
Software install
Email not working
Each scenario maps to a community playbook with step-by-step actions and full audit trail
7 / 12
Why It Works
MSP techs need to explain
to clients what ran on their machines
"The AI did something" is not an acceptable incident report. This is why AI automation fails to get adopted in MSPs. MSPclaw solves this with explicit, auditable playbooks.
What makes it trustworthy
1
Every step is a named action in a YAML file. Techs read it before it runs in production.
2
Destructive actions (password reset, account disable) require live tech approval before executing.
3
Full append-only audit log. Every tool call, approval, and result is recorded to JSONL + SQLite.
4
AI suggests playbook drafts. Techs review every step and approve before the playbook goes live.
The trust model
Playbook defines what can run
Tech approves what will run
Engine executes and logs everything
Ticket gets a full account of what happened
"AI recommends. Tech approves.
Playbook executes. Ticket closes."
8 / 12
Current State
v0.3 shipped.
Production-ready engine.
vOrchestration engine with ReAct reasoning loop. LLM-agnostic: works with OpenAI, Claude, Gemini, or local Ollama.
v15 community playbooks covering top L1 scenarios (macOS). Windows playbooks in progress.
vSuperOps integration working end-to-end. Ticket in SuperOps triggers playbook, result written back as note.
vAPI key auth on all endpoints. Full JSONL audit trail. Append-only, designed for compliance reporting.
vHuman approval gating on destructive actions. Auto-deny after 5 minutes if tech doesn't respond.
vDevice memory: agent learns user's name and context from prior sessions, never re-asks known info.
vPer-playbook resolution stats. Techs see which playbooks are resolving tickets vs. escalating.
vStructured escalation with webhook. When stuck, packages diagnosis + steps taken and notifies via Slack/Teams.
9 / 12
Business Model
Open source engine.
Revenue from hosting, not software.
AGPL license protects against commercial resellers while keeping the community open. MSPs who want managed infrastructure pay for cloud hosting. The software itself is always free to self-host.
Self-hosted
Technical MSPs
Run on your own servers. Full platform, unlimited executions, all community playbooks included.
Free - AGPL v3.0
Cloud Hosted
MSPs who want managed infra
Uptime SLA, managed updates, priority support. Zero ops overhead for the MSP.
$200 - $500 / MSP / month
Marketplace
Vendors + specialist MSPs
Verified playbook packs: security response, vendor-specific tools, onboarding bundles.
Revenue share on paid packs
10 / 12
Revenue Potential
Small market share.
Meaningful revenue.
Conservative path to $1M ARR
Y1
100 MSPs on cloud tier at $200/month
$240k ARR - 0.25% of North American market
Y2
500 MSPs at blended $220/month
$1.3M ARR - still under 1.5% market penetration
Y3
2,000 MSPs + marketplace revenue
$5-7M ARR - community flywheel in motion
Why these numbers are achievable
1
40,000 MSPs in North America. 1% adoption = $960k ARR at $200/month.
2
MSPs already pay $40-80/tech/month for PSA. MSPclaw adds ROI on top of that existing spend.
3
Open source community builds the playbook library. Distribution cost is near-zero once the flywheel starts.
11 / 12
Why Now
Three forces are
converging right now
1
MSPs are under margin pressure. Labour costs are up. Client expectations are up. The only way to grow without burning techs is automation. MSPs are actively looking for solutions.
2
AI is expected, but black-box AI is rejected. MSP clients expect AI-driven service. MSP techs reject AI that they can't audit or explain to clients. MSPclaw bridges this gap with auditable, tech-controlled playbooks.
3
Open source is winning in the MSP tooling space. TacticalRMM has 10,000+ installs with no marketing budget. Community-driven tools are displacing expensive vendor stacks. This is the right moment to establish a community platform.
4
The engine is already built. v0.3 is live, tested, and working with a real PSA. The remaining work is integration plumbing and community growth, not architecture.
12 / 12
Next Steps
Three milestones to
production deployment
MILESTONE 01
Multi-client asset mapping
When a SuperOps ticket comes in, MSPclaw automatically identifies which registered device/agent to run the playbook on. Today this is hardcoded to one machine. Fixing this unblocks any MSP with more than one client.
MILESTONE 02
Automatic webhook trigger
Today the bridge runs manually (one command per ticket). The next step is a webhook endpoint that SuperOps fires on ticket creation, making the whole loop automatic with zero tech intervention for L1 tickets.
MILESTONE 03
Real enterprise API calls
Password resets, AD account management, and M365 operations are currently realistic mocks. Swapping to real Microsoft Graph API calls turns the demo into a production tool. This is the final step for a paying pilot customer.
Estimated time to production-ready pilot: 2-3 weeks from today. All three milestones are integration work on top of a finished engine.