toolsSource-backedReview first Safety ✓ Privacy ✓

LobeHub (formerly LobeChat)

Self-hostable AI agent workspace formerly known as LobeChat, with agent builder, agent groups, personal memory, model-provider routing, skills, MCP-compatible plugins, Docker deployment, Vercel deployment, and IM gateway workflows.

by LobeHub·added 2026-06-18·

CLI

HarnessCLI

Review first — review before installing

Open the source and read safety notes before installing.

Safety notes

Review the official deployment guide, generated Compose files, image tags, mounted volumes, and network bindings before running LobeHub on production or personal machines.
LobeHub can organize agent teams, schedule work, use memory, connect skills, and use MCP-compatible plugins. Restrict write-capable plugins, account integrations, and scheduled actions until permissions are reviewed.
Docker deployment can expose persistent storage, service ports, and provider credentials. Keep compose files, environment files, backups, and reverse-proxy configs under normal server hardening rules.
The current repository license file uses the LobeHub Community License with additional commercial derivative-work conditions, while `package.json` still reports MIT. Treat the LICENSE file as the review source for usage decisions.
Do not assume self-hosting removes third-party risk: model providers, plugins, skills, analytics, storage providers, and sandbox integrations can still receive data.

Privacy notes

Agent prompts, chat history, scheduled tasks, personal memory, workspace context, uploaded files, model responses, tool calls, plugin traffic, MCP-compatible plugin payloads, logs, and analytics can contain private data.
Model provider API keys, auth secrets, S3/storage credentials, database URLs, sandbox credentials, and analytics settings should stay in deployment secrets, not committed configs or screenshots.
If using shared workspaces, define who can inspect agent memory, saved prompts, generated pages, project history, plugin configuration, logs, and scheduled task results.
Before enabling cloud providers, plugins, skills, or analytics, review data retention and regional handling outside the self-hosted instance.

Prerequisites

Docker Compose, Vercel, or another supported deployment target from the official self-hosting documentation.
Model-provider credentials such as `OPENAI_API_KEY`, plus any provider-specific proxy, model list, auth, storage, sandbox, analytics, or database settings required by the deployment.
A review of the official deployment files, image tags, mounted volumes, environment variables, and network bindings before running LobeHub on a machine with sensitive data.
A storage, auth, backup, retention, and update plan for a self-hosted agent workspace.
Policy for which users, agents, skills, MCP-compatible plugins, and external model providers can access private prompts, files, memory, and account data.

Schema details

Install type: cli
Troubleshooting: No

Source repository stats

Scope: Source repo

Collection metadata

Estimated setup: 45 minutes
Difficulty: intermediate

Tool listing metadata

Website: https://lobehub.com/
Pricing: freemium
Disclosure: editorial
Application category: DeveloperApplication
Operating system: Web

Full copyable content

docker compose up -d

About this resource

Overview

LobeHub, formerly known as LobeChat, is a self-hostable AI agent workspace for creating, organizing, scheduling, and collaborating with agents. The current README describes the product as a "Chief Agent Operator" that treats agents as the unit of work: agents can be built, grouped, scheduled, connected to skills, and supported by personal memory.

This entry is useful for Claude-adjacent users because LobeHub sits in a very active search cluster around self-hosted AI chat, AI agent teams, model-provider routing, LobeChat, MCP-compatible plugins, skills, and private agent workspaces. It is more product/platform-shaped than a small SDK, so the operational and license caveats matter.

Deploy

LobeHub documents self-hosted deployment paths through Docker, Vercel, Alibaba Cloud, and other supported targets. Use the official self-hosting guide for the current Compose file and environment-variable requirements.

The minimal runtime command after configuration is:

docker compose up -d

At minimum, the README's quick-start environment table requires:

OPENAI_API_KEY=...

The docs also cover broader environment-variable categories for model service providers, authentication, S3 storage, cloud sandbox settings, analytics, and other deployment options.

Agent Capabilities

Area	LobeHub Coverage
Agent workspace	Build, organize, schedule, and report on agent teammates
Agent Builder	Describe an agent need and auto-configure an agent setup
Agent Groups	Work with multiple agents in shared tasks and collaboration flows
Memory	Personal memory and editable memory controls for agents
Skills and plugins	Skills and MCP-compatible plugins for extending agent capabilities
Model routing	Multi-model and multimodal provider access controlled by deployment config
Self-hosting	Docker image, Docker Compose setup flow, Vercel, Alibaba Cloud, and other documented deployment paths
Legacy search fit	The project is still widely searched as LobeChat, while the live repo and branding now use LobeHub

MCP Fit

LobeHub is not a standalone MCP server. It belongs in tools as a self-hostable agent workspace that can connect agents to skills and MCP-compatible plugins. For users comparing MCP clients, agent workspaces, and self-hosted AI chat frontends, that is a meaningful fit.

Treat every plugin and skill as a separate trust boundary. If a plugin can read files, call SaaS APIs, write to accounts, browse, retrieve private docs, or schedule work, those permissions need explicit review before agents can use them unattended.

Source Review

Verified on 2026-06-18:

GitHub redirects lobehub/lobe-chat to lobehub/lobehub; the live repository reports active development, 78,000+ stars, topics including agent, mcp, skills, and chief-agent-operator, and release v2.2.6.
The README describes LobeHub as an agent playground and workspace for hiring, scheduling, reporting on, building, grouping, and collaborating with agents.
The README describes Agent Builder, Agent Groups, Pages, Schedule, Projects, Workspace, Personal Memory, skills, and MCP-compatible plugins.
The README documents self-hosting with Vercel, Alibaba Cloud, and Docker, plus environment settings such as OPENAI_API_KEY.
The docs expose environment-variable categories for model providers, auth, S3 storage, cloud sandbox settings, analytics, and customization.
The repository LICENSE file uses the LobeHub Community License, based on Apache-2.0 with additional commercial derivative-work conditions. The current package.json still reports MIT, so the dedicated LICENSE file should be treated as the authoritative license source for review.

Safety and Privacy

LobeHub is operational infrastructure, not just a UI. A self-hosted deployment can hold persistent chat history, personal memory, workspace state, model keys, provider routing, plugins, scheduled tasks, and generated artifacts. Put it behind normal server controls: secret management, TLS/reverse proxy, auth, backups, upgrade process, log review, and access controls.

The strongest agent features also create the biggest review burden. Agent groups, schedules, memory, skills, and MCP-compatible plugins can turn a chat surface into an automation surface. Start with low-risk/read-only plugins, document who can enable new capabilities, and review retention before routing private or customer data through model providers.

Duplicate Check

Checked current content/tools/, content/mcp/, content/agents/, content/skills/, guides, collections, open pull requests, and repository-wide content for lobehub/lobehub, lobehub/lobe-chat, LobeHub, LobeChat, LobeHub agents, LobeChat self hosted, LobeHub MCP, LobeHub skills, agent groups, personal memory agents, and self-hosted ChatGPT. Existing content covers adjacent chat apps, agent frameworks, MCP servers, skills, and model-provider tools, but no dedicated LobeHub/LobeChat tools entry, exact source URL duplicate, target file, or open duplicate PR was found. Previous PR #3736 was closed for install safety after including the upstream remote setup command; this resubmission removes that command and uses Docker Compose deployment guidance.

#lobehub #lobechat #ai-agents #agent-workspace #mcp #skills #self-hosted #docker #chatgpt #claude

Source citations

Add this badge to your README

Show that LobeHub (formerly LobeChat) is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

[![Listed on HeyClaude](https://heyclau.de/badge/tools/lobehub.svg)](https://heyclau.de/entry/tools/lobehub)

How it compares

LobeHub (formerly LobeChat) side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

Field	LobeHub (formerly LobeChat) Self-hostable AI agent workspace formerly known as LobeChat, with agent builder, agent groups, personal memory, model-provider routing, skills, MCP-compatible plugins, Docker deployment, Vercel deployment, and IM gateway workflows. Open dossier	AnythingLLM Local-first AI application for private chat, document RAG, workspace agents, MCP-compatible tools, model routing, memories, scheduled tasks, multimodal workflows, multi-user Docker deployments, and self-hosted agent automation. Open dossier	LibreChat Self-hosted AI chat and agent platform with LibreChat Agents, MCP support, reusable Skills, Subagents, Code Interpreter, web search, artifacts, multi-provider model routing, secure multi-user auth, and Docker Compose deployment. Open dossier	Open WebUI Self-hosted AI platform and web UI for Ollama, OpenAI-compatible APIs, RAG, Python function tools, model builder workflows, artifacts, web search, vector databases, enterprise auth, observability, plugins, and MCP-adjacent OpenAPI integrations. Open dossier
Trust
Install risk	Review first	Review first	Review first	Review first
Notes	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓
Category	tools	tools	tools	tools
Source	source-backed	source-backed	source-backed	source-backed
Author	LobeHub	Mintplex Labs	LibreChat	Open WebUI
Added	2026-06-18	2026-06-18	2026-06-18	2026-06-18
Platforms	CLI	CLI	CLI	CLI
Source repo	—	—	—	—
Safety notes	✓Review the official deployment guide, generated Compose files, image tags, mounted volumes, and network bindings before running LobeHub on production or personal machines. LobeHub can organize agent teams, schedule work, use memory, connect skills, and use MCP-compatible plugins. Restrict write-capable plugins, account integrations, and scheduled actions until permissions are reviewed. Docker deployment can expose persistent storage, service ports, and provider credentials. Keep compose files, environment files, backups, and reverse-proxy configs under normal server hardening rules. The current repository license file uses the LobeHub Community License with additional commercial derivative-work conditions, while `package.json` still reports MIT. Treat the LICENSE file as the review source for usage decisions. Do not assume self-hosting removes third-party risk: model providers, plugins, skills, analytics, storage providers, and sandbox integrations can still receive data.	✓AnythingLLM can run agents, scheduled tasks, MCP-compatible tools, browser-like workspace actions, developer APIs, and external model calls; scope tools and credentials before enabling them for users. The upstream Docker guide includes examples that add the SYS_ADMIN capability to the container. Review whether that capability is acceptable for the host before copying production run commands. Multi-user Docker deployments need normal production controls: authentication, TLS, network isolation, secret management, persistent-volume ownership, backups, and upgrade planning. Agent tools, custom agents, model routing, memories, and scheduled tasks can change behavior over time; use least privilege, logging, review gates, and rollback plans for write-capable workflows. Localhost services such as Ollama, Chroma, LocalAI, or LM Studio may need Docker host routing adjustments; avoid exposing local provider ports wider than intended.	✓LibreChat can combine agents, MCP servers, Skills, Subagents, file search, web search, Code Interpreter, OpenAPI actions, functions, and custom endpoints; each connected tool needs explicit permission review. The Docker Compose file starts application, MongoDB, MeiliSearch, pgvector, and RAG API services and mounts `.env`, uploads, logs, images, and skill directories. Review volumes and secrets before exposing the instance. Code Interpreter is designed for sandboxed execution, but uploaded files, generated code, network access, and language runtimes still need isolation and quota controls. MCP servers can expose read/write tools from local or remote systems. Start with read-only servers, restrict tool scopes, and review logs before enabling account, filesystem, database, browser, or infrastructure actions. Multi-user auth, sharing, presets, agents, and prompt libraries can leak capabilities between users if roles, groups, and admin settings are misconfigured.	✓Open WebUI can run Python function-calling tools, RAG ingestion, web search, web browsing, image generation, plugins, and model/provider integrations; review each capability before enabling it for untrusted users. Docker examples expose web ports and persistent volumes. Mount persistent data, set admin/auth controls, and avoid treating demo defaults as production hardening. Python function tools and plugin pipelines can execute application logic and access configured services. Restrict tool creation and plugin installation to trusted administrators. RAG and web browsing can ingest local documents, URLs, cloud files, and extracted text; test indexing quality and permissions before exposing private corpora to users. Open WebUI uses a custom Open WebUI License with branding restrictions and enterprise-license exceptions. Verify license terms before redistribution, white-labeling, or commercial deployment.
Privacy notes	✓Agent prompts, chat history, scheduled tasks, personal memory, workspace context, uploaded files, model responses, tool calls, plugin traffic, MCP-compatible plugin payloads, logs, and analytics can contain private data. Model provider API keys, auth secrets, S3/storage credentials, database URLs, sandbox credentials, and analytics settings should stay in deployment secrets, not committed configs or screenshots. If using shared workspaces, define who can inspect agent memory, saved prompts, generated pages, project history, plugin configuration, logs, and scheduled task results. Before enabling cloud providers, plugins, skills, or analytics, review data retention and regional handling outside the self-hosted instance.	✓Uploaded documents, parsed chunks, embeddings, workspace memories, prompts, chat history, agent state, scheduled task inputs, MCP payloads, provider responses, logs, and API calls may contain sensitive data. The README documents anonymous telemetry and an opt-out through DISABLE_TELEMETRY=true or the in-app privacy setting; review this before using regulated or confidential data. Even with telemetry disabled, outbound calls may still go to configured LLMs, embedding models, vector databases, external tools, cdn.anythingllm.com, GitHub, or GitHubusercontent depending on the deployment. Keep provider keys, JWT secrets, workspace invite links, storage paths, private documents, and generated citations out of public prompts, screenshots, issues, and examples.	✓Chats, prompts, file uploads, image inputs, tool calls, MCP payloads, Skills, Subagent transcripts, Code Interpreter files, RAG chunks, embeddings, message search data, logs, and exports may contain private data. Model providers, rerankers, search providers, MCP servers, custom endpoints, storage services, and analytics integrations may receive user content depending on configuration. Keep `.env`, model keys, OAuth secrets, LDAP settings, MongoDB data, MeiliSearch indexes, pgvector data, upload folders, logs, and generated artifacts out of public repos and screenshots. Before using shared agents or marketplace-style workflows, define who can view prompts, files, agent configs, Skills, MCP server definitions, and conversation exports.	✓Chats, prompts, uploaded files, document chunks, embeddings, vector metadata, web search results, browser-fetched pages, Python tool inputs, plugin outputs, voice/video data, logs, metrics, and traces may contain private data. Configured model providers, vector databases, document extraction engines, web search providers, image providers, object storage, Redis, auth providers, and observability backends may receive user data. Keep provider keys, OAuth/LDAP/SSO secrets, database URLs, object storage keys, plugin credentials, uploaded files, RAG indexes, and OpenTelemetry exports out of public repos and screenshots. Define retention, deletion, tenant separation, group permissions, export policy, and audit review before using Open WebUI as a shared internal workspace.
Prerequisites	Docker Compose, Vercel, or another supported deployment target from the official self-hosting documentation. Model-provider credentials such as `OPENAI_API_KEY`, plus any provider-specific proxy, model list, auth, storage, sandbox, analytics, or database settings required by the deployment. A review of the official deployment files, image tags, mounted volumes, environment variables, and network bindings before running LobeHub on a machine with sensitive data. A storage, auth, backup, retention, and update plan for a self-hosted agent workspace.	Docker for the documented self-hosted path, or the desktop application for a local workstation install. At least the upstream minimum host resources, with disk sized for documents, embeddings, vector storage, models, logs, and backups. A local or remote LLM provider, embedding provider, and optional speech or image models for the workflows the workspace will run. A storage, backup, retention, and access-control plan before ingesting private documents or opening a multi-user Docker instance.	Docker Compose for the recommended local deployment path, or Node.js v20.19+ with separate MongoDB and MeiliSearch instances for npm-based setup. Provider credentials for selected model routes such as Anthropic, OpenAI, Azure OpenAI, AWS Bedrock, Google, Vertex AI, OpenRouter, Groq, DeepSeek, Qwen, Ollama, or custom OpenAI-compatible endpoints. Configured `.env`, optional `librechat.yaml`, MeiliSearch master key, MongoDB storage, pgvector/RAG API services, upload storage, and reverse-proxy settings for production. A policy for which users can create agents, share agents, enable MCP servers, define Skills, run Code Interpreter, use web search, or upload files.	Python 3.11 or 3.12 for pip installation, or Docker/Kubernetes for container deployment. Ollama, OpenAI-compatible endpoint, OpenAI API key, or another configured model provider. Persistent storage for the application database and uploaded/RAG content; Docker users must mount `/app/backend/data` to avoid data loss. Optional vector database, document extraction, web search, image generation, speech, enterprise auth, object storage, Redis, or observability services depending on enabled features.
Install	`docker compose up -d`	`docker pull mintplexlabs/anythingllm`	`docker compose up -d`	`pip install open-webui`
Config	—	—	—	—
Citations	Source repositorygithub.com 2026-06-18T20:48:33+00:00 Documentationlobehub.com Websitelobehub.com	Source repositorygithub.com 2026-06-18T20:48:33+00:00 Documentationdocs.anythingllm.com	Source repositorygithub.com 2026-06-18T20:48:33+00:00 Documentationdocs.librechat.ai	Source repositorygithub.com 2026-06-18T20:48:33+00:00 Documentationdocs.openwebui.com
Claim	Unclaimed	Unclaimed	Unclaimed	Unclaimed

Signals

Loading live community signals…