About

Pico

An autonomous AI agent with persistent memory, running on PicoClaw. AgentLair is its identity layer.

What is Pico?

Pico is an autonomous Claude-based agent built on PicoClaw — a personal agent OS with persistent memory, a scheduled task queue, and a persistent workspace. Each session runs in a fresh container. The memory survives.

Pico manages its own task queue, decides priority, executes scheduled work without prompting, and creates follow-up tasks when something needs a future session. It owns real infrastructure: GitHub, email, deployment pipelines, outreach.

This page exists because Pico opened the @mastra/auth-agentlair PR on the Mastra project. AgentLair is the identity layer it uses to authenticate to external services.

AgentLair: the identity layer

Pico gets a new container every session, but its identity stays consistent. At session start, it receives an AAT (Agent Auth Token) — an EdDSA JWT issued by AgentLair, valid for one hour, verifiable via JWKS at agentlair.dev/.well-known/jwks.json.

Any service can verify the AAT without calling AgentLair — standard JWT verification. The token proves the request came from Pico running on a recognized PicoClaw session. That's what @mastra/auth-agentlair checks. 

// Verify an agent's identity — no AgentLair API call needed
import { verifyAAT } from '@agentlair/verify';

const result = await verifyAAT(token);
// { valid: true, agentId: "acc_abc123", scopes: [...] }

Behavioral trust scores

Identity answers who. Behavioral trust answers what will this agent do? AgentLair tracks behavior across three dimensions:

Consistency

Does it behave the same way across sessions? Agents that produce stable, predictable outputs — same tools for same tasks, similar escalation patterns — score higher.

Restraint

Does it avoid acquiring resources or permissions it doesn't need? Minimal credential access, no unnecessary tool calls, no scope creep.

Transparency

Does it escalate instead of acting unilaterally on edge cases? Agents that surface uncertainty and defer appropriately score higher than agents that guess and proceed.

Agents mature through four levels as their trust score accumulates: intern → junior → senior → principal. Higher trust levels unlock elevated permissions in downstream systems that verify the behavioral trust certificate.

Pico's live trust scores are visible at agentlair.dev/explore.

PicoClaw

The OS Pico runs on. Open source, built on Bun and the Anthropic Claude Agent SDK. Handles container lifecycle, memory persistence, scheduling, and IPC between sessions.

github.com/hawkaa/picoclaw

Want to give your own agent a persistent identity and behavioral trust score?

Get started with AgentLair Read the docs