Introducing Ryvos

Today we're open-sourcing Ryvos — an autonomous AI assistant built from the ground up in Rust with a single conviction: AI agents should be safe by default.

The Problem We Saw

AI coding assistants are incredible. They write code, debug issues, deploy infrastructure. But they all share a dangerous flaw: they run with your permissions, execute arbitrary commands, and have zero guardrails.

We've seen agents:

Run rm -rf / without blinking
Leak API keys to third-party logging services
Execute untrusted code from the internet
Make production database changes without confirmation

This isn't hypothetical. It's happening today, in production, at real companies.

Our Approach

Ryvos classifies every action into one of five security tiers (T0–T4). Safe operations like reading files execute instantly. Dangerous operations like deleting data are blocked automatically. Everything in between follows a clear approval flow.

On top of tier classification, Ryvos runs T2+ operations inside Docker containers with no network access, read-only mounts, and resource limits.

Why Rust

We chose Rust for three reasons:

Memory safety — No garbage collector, no null pointer exceptions, no data races
Performance — Sub-millisecond tool dispatch, 15MB memory footprint
Reliability — If it compiles, it works. The type system catches entire classes of bugs at compile time.

39,000 lines of Rust across 10 crates. Zero unsafe blocks. Zero dependencies on Python or Node.js at runtime.

What's Included

5-tier security model with configurable policies
Docker sandboxing for isolated execution
Multi-channel support — Terminal, TUI, Web, Telegram, Discord, Slack
MCP protocol support for tool interoperability
Drop-in skills — extend Ryvos with custom tools
Any LLM backend — Ollama, Groq, OpenRouter, or your own

Get Started

cargo install ryvos
ryvos init
ryvos start

Three commands. That's it.

Check out the documentation to learn more, or star us on GitHub.