A secure persistent personal agent server in Rust. One binary, sandboxed execution, multi-provider LLMs, voice, memory, Telegram, WhatsApp, Discord, Teams, and MCP tools. Secure by design, runs on your hardware.
Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"moltis": {
"command": "<see-readme>",
"args": []
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
Installation • Comparison • Architecture • Security • Features • How It Works • Contributing
This server supports HTTP transport. Be the first to test it — help the community know if it works.
Five weighted categories — click any category to see the underlying evidence.
No known CVEs.
No package registry to scan.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in ai-ml / communication
Workspace template + MCP server for Claude Code, Codex CLI, Cursor & Windsurf. Multi-agent knowledge engine (ag-refresh / ag-ask) that turns any codebase into a queryable AI assistant.
The official MCP server implementation for the Perplexity API Platform
Asynchronous coordination layer for AI coding agents: identities, inboxes, searchable threads, and advisory file leases over FastMCP + Git + SQLite
Self-hosted URL- and file-to-Markdown service for humans and AI agents - web pages, documents, images, audio, YouTube. PWA + REST + MCP + Claude Code skill, Reddit-aware, refreshable share links.
MCP Security Weekly
Get CVE alerts and security updates for Moltis and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
One binary — sandboxed, secure, yours.
Installation • Comparison • Architecture • Security • Features • How It Works • Contributing
Moltis recently hit the front page of Hacker News. Please open an issue for any friction at all. I'm focused on making Moltis excellent.
Secure by design — Your keys never leave your machine. Every command runs in a sandboxed container, never on your host.
Your hardware — Runs on a Mac Mini, a Raspberry Pi, or any server you own. One Rust binary, no Node.js, no npm, no runtime.
Full-featured — Voice, memory, cross-session recall, automatic edit checkpoints, scheduling, Telegram, Signal, Discord, browser automation, MCP servers, SSH or node-backed remote exec, managed deploy keys with host pinning in the web UI, a live Settings → Tools inventory, Cursor-compatible project context, and context-file threat scanning — all built-in. No plugin marketplace to get supply-chain attacked through.
Auditable — The agent runner and model interface fit in ~7.5K lines, with providers in ~19K more. The Rust workspace is ~270K lines across 59 modular crates you can audit independently, with 470+ Rust files containing tests. Unsafe code is isolated to FFI and precompiled runtime boundaries, not the core agent loop.
# One-liner install script (macOS / Linux)
curl -fsSL https://www.moltis.org/install.sh | sh
# macOS / Linux via Homebrew
brew install moltis-org/tap/moltis
# Docker (multi-arch: amd64/arm64)
docker pull ghcr.io/moltis-org/moltis:latest
# Or build from source
cargo install moltis --git https://github.com/moltis-org/moltis
| OpenClaw | Hermes Agent | Moltis | |
|---|---|---|---|
| Primary stack | TypeScript + Swift/Kotlin companion apps | Python + TypeScript TUI/web surfaces | Rust |
| Runtime | Node.js + npm/pnpm/bun | Python + uv/pip, optional Node UI pieces | Single Rust binary |
| Local checkout size* | ~1.1M app LoC | ~152K app LoC | ~270K Rust LoC |
| Architecture | Broad gateway, channel, node, and app ecosystem | CLI/gateway agent with learning loop and research tooling | Persistent personal agent server with modular crates |
| Crates/modules | npm packages, extensions, apps | Python packages, plugins, tools, TUI | 59 Rust workspace crates |
| Sandbox/backends | App-level permissions, browser/node tools | Local, Docker, SSH, Daytona, Singularity, Modal | Docker/Podman + Apple Container + WASM |
| Auth/access | Pairing and local gateway controls | CLI and messaging gateway setup | Password + Passkey + API keys + Vault |
| Voice I/O | Voice wake and talk modes | Voice memo transcription | Built-in STT + TTS providers |
| MCP | Plugin/integration support | MCP integration | stdio + HTTP/SSE |
| Skills | Bundled, managed, and wo |