Production: https://paid-agent-demo-production.up.railway.app
Marketplace: https://paid-agent-demo-production.up.railway.app/marketplace
Hire AI employees — pick a template, customize it, deploy it. Your worker handles customers 24/7 on web chat. WhatsApp coming soon.
- B2B Lead Qualifier — qualifies Hebrew/English leads, books meetings
- Hebrew Customer Support — answers FAQs from your knowledge base, escalates when needed
- Data Entry Clerk — extracts structured data from emails/forms/invoices
- Hebrew Content Writer — writes blog posts, LinkedIn, ads in natural Hebrew
- Real Estate Agent — handles apartment inquiries, schedules viewings
- Clinic Receptionist — books appointments, answers FAQs, handles cancellations
- Restaurant Manager — takes reservations, answers menu questions, handles takeaway
- E-Commerce Support — order tracking, returns, product questions
- Property Manager — maintenance requests, rent inquiries, contractor coordination
npm install
npm test # starts an isolated server and runs API + browser flow tests
npm start # starts on :8765Open http://localhost:8765/ for the dashboard, then /marketplace to browse workers.
- Start from the marketplace — buyers can create a tenant key without admin help.
- Pick a template from the marketplace (one-time buy: 99-199 ₪).
- Customize persona, tasks, knowledge, skills, and MCP tools in the Builder.
- Pay monthly rental (149-299 ₪/mo) via PayPal, Bit, or bank transfer.
- Submit payment proof from the worker paywall.
- Admin approves the activation request from
#/admin. - Chat with the worker — it handles customers using its persona + your knowledge.
Workers use the platform-provided LLM configured on the server. If no LLM_API_KEY is set, the app runs in mock mode for demos and local testing.
src/
├── server.js # HTTP server, dashboard, admin routes, payment channels
├── workers.js # Worker engine: templates, CRUD, chat, LLM runtime, encryption
├── workers-ui.html # Marketplace + Builder + Chat SPA
├── test.js # platform/API tests
├── worker-tests.js # worker lifecycle/API tests
├── browser-flow-test.js # rendered buy -> activate -> chat regression
└── run-tests.js # isolated test runner used by npm test
Zero runtime npm dependencies. Uses Node 22 built-ins: node:http, node:sqlite, node:crypto. Playwright is a dev dependency for browser-flow verification.
Edit .env or set env vars:
set ADMIN_TOKEN=your-secret-token # admin panel access
set PAYPAL_ME=your-username # payment channel
set BIT_PHONE=972541234567 # Israeli Bit payments
set BANK_ACCOUNT=123456 # bank transfer detailsAdmin API calls must use bearer auth:
curl -H "Authorization: Bearer %ADMIN_TOKEN%" http://localhost:8765/earningsQuery-string admin tokens are intentionally rejected so secrets do not leak through logs, history, or copied URLs.
- New buyers use
/api/signupthrough the marketplace UI to create a tenant key. - Tenant IDs are stable across API key rotation; customers can rotate the browser-stored key from the key bar.
- Admins can replace a lost tenant key from
#/admin; old active keys for that tenant are revoked. - Unpaid workers stay in
pending_paymentand cannot chat. - Buyers submit proof through
/api/workers/:id/activation-request. - Admins review pending requests at
/marketplace#/adminand approve with/api/admin/mark-worker-paid. - Private telemetry endpoints such as
/earningsand/earnings.csvrequire admin bearer auth. - MCP discovery and website-learning URLs are restricted to public
http/httpsdestinations by default to prevent SSRF. UseALLOW_PRIVATE_NETWORK_URLS=1only in isolated local labs.
Production deployments must persist /app/data; it contains the platform SQLite
database (earnings.db) and per-tenant worker databases (tenants/*/workers.db).
If this directory is ephemeral, customers will lose keys, workers, audit events,
payment status, and chat history on restart.
| Platform | Config | Persistent DB | Time |
|---|---|---|---|
| Railway (recommended) | railway.toml + Dockerfile + volume /app/data |
Yes | 5 min |
| Fly.io | fly.toml + Dockerfile |
Yes (volume) | 5 min |
| Render | render.yaml + Dockerfile |
Yes (disk) | 5 min |
| Vercel | vercel.json |
No (/tmp only) |
demos |
| Any VPS | Dockerfile |
Yes (mount volume) | 15 min |
No CLI login required — use the dashboard:
- Open railway.app/new → Deploy from GitHub repo → select this repo.
- Railway detects
Dockerfile+railway.tomlautomatically. First build may fail until env + volume are set — that is expected. - Service → Volumes → Add Volume → mount path
/app/data(1 GB+). Without this,GET /healthreturnspersistentStorage: false. - Service → Variables → Raw Editor — paste non-comment lines from
.env.production.exampleand replace placeholders:PUBLIC_BASE_URL=https://<your-service>.up.railway.app(no trailing slash)ADMIN_TOKEN= random hex (node -e "console.log(require('crypto').randomBytes(24).toString('hex'))")LLM_API_KEY= your provider keyBIT_PHONEorPAYPAL_ME= at least one payment channel
- Settings → Networking → Generate Domain if Railway did not assign one yet.
- Push to
main(or click Deploy) and wait for the build. - Verify:
curl https://<your-service>.up.railway.app/health→ok:true,persistentStorage:true.
Optional CLI (only if you have RAILWAY_TOKEN or can complete browser login):
.\scripts\railway-deploy.ps1
# or verify only:
.\scripts\railway-deploy.ps1 -BaseUrl "https://your-app.up.railway.app"Set variables in the dashboard (same as step 4 above):
ADMIN_TOKEN=<random-hex> # node -e "console.log(require('crypto').randomBytes(24).toString('hex'))"
LLM_API_KEY=sk-...
PUBLIC_BASE_URL=https://your-app.up.railway.app
TRUST_PROXY_HEADERS=1
AGENT_OWNER_CONTACT=you@example.com
BIT_PHONE=972541234567 # or PAYPAL_ME
WEBHOOK_NOTIFY_URL= # optional: lead/escalation webhookDB_PATH and TENANTS_DIR are preset in railway.toml to /app/data/....
- After deploy, verify:
curl https://your-app.up.railway.app/health
# expect: ok:true, persistentStorage:true, adminEnabled:trueDeployment checklist:
- Set
ADMIN_TOKENfrom a secret manager, never in source. - Set
LLM_API_KEYfor real worker replies; without it the app intentionally runs in mock mode. - Mount persistent storage at
/app/dataor setDB_PATHandTENANTS_DIRto another persistent path. - Set
TRUST_PROXY_HEADERS=1only behind a trusted proxy/load balancer that overwritesX-Forwarded-*headers. - Set
PUBLIC_BASE_URLto your public URL (Railway domain or custom domain). - Verify
/healthafter deploy and run a buyer flow smoke test: signup -> buy template -> submit activation proof -> admin approve -> chat. - Roll back by redeploying the previous image/revision, then verify
/healthand the admin audit panel.
Production URL: https://paid-agent-demo-production.up.railway.app — this is the only supported live environment.
Vercel (if still connected) uses ephemeral /tmp storage and is not used for real customers; disconnect it in the Vercel dashboard to avoid confusion.
AI models are commodity. The value is in vertical integration:
- Pre-built Hebrew-first templates tuned for Israeli business culture
- No-code builder — businesses customize without developers
- Israeli payment methods (PayPal, Bit, bank transfer — no Stripe needed)
- Per-tenant worker isolation with stable tenant IDs, key rotation, recovery, and admin audit events
- WhatsApp integration (coming soon) — the #1 business channel in Israel