Introducing Ryvos
Introducing Ryvos
Today we're open-sourcing Ryvos — an autonomous AI assistant built from the ground up in Rust with a single conviction: AI agents should be safe by default.
The Problem We Saw
AI coding assistants are incredible. They write code, debug issues, deploy infrastructure. But they all share a dangerous flaw: they run with your permissions, execute arbitrary commands, and have zero guardrails.
We've seen agents:
- Run
rm -rf /without blinking - Leak API keys to third-party logging services
- Execute untrusted code from the internet
- Make production database changes without confirmation
This isn't hypothetical. It's happening today, in production, at real companies.
Our Approach
Ryvos classifies every action into one of five security tiers (T0–T4). Safe operations like reading files execute instantly. Dangerous operations like deleting data are blocked automatically. Everything in between follows a clear approval flow.
On top of tier classification, Ryvos runs T2+ operations inside Docker containers with no network access, read-only mounts, and resource limits.
Why Rust
We chose Rust for three reasons:
- Memory safety — No garbage collector, no null pointer exceptions, no data races
- Performance — Sub-millisecond tool dispatch, 15MB memory footprint
- Reliability — If it compiles, it works. The type system catches entire classes of bugs at compile time.
39,000 lines of Rust across 10 crates. Zero unsafe blocks. Zero dependencies on Python or Node.js at runtime.
What's Included
- 5-tier security model with configurable policies
- Docker sandboxing for isolated execution
- Multi-channel support — Terminal, TUI, Web, Telegram, Discord, Slack
- MCP protocol support for tool interoperability
- Drop-in skills — extend Ryvos with custom tools
- Any LLM backend — Ollama, Groq, OpenRouter, or your own
Get Started
cargo install ryvos
ryvos init
ryvos startThree commands. That's it.
Check out the documentation to learn more, or star us on GitHub.