Show HN: Moltis – AI assistant with memory, tools, and self-extending skills
moltis.orgHey HN. I'm Fabien, principal engineer, 25 years shipping production systems (Ruby, Swift, now Rust). I built Moltis because I wanted an AI assistant I could run myself, trust end to end, and make extensible in the Rust way using traits and the type system. It shares some ideas with OpenClaw (same memory approach, Pi-inspired self-extension) but is Rust-native from the ground up. The agent can create its own skills at runtime.
Moltis is one Rust binary, 150k lines, ~60MB, web UI included. No Node, no Python, no runtime deps. Multi-provider LLM routing (OpenAI, local GGUF/MLX, Hugging Face), sandboxed execution (Docker/Podman/Apple Containers), hybrid vector + full-text memory, MCP tool servers with auto-restart, and multi-channel (web, Telegram, API) with shared context. MIT licensed. No telemetry phoning home, but full observability built in (OpenTelemetry, Prometheus).
I've included 1-click deploys on DigitalOcean and Fly.io, but since a Docker image is provided you can easily run it on your own servers as well. I've written before about owning your content (https://pen.so/2020/11/07/own-your-content/) and owning your email (https://pen.so/2020/12/10/own-your-email/). Same logic here: if something touches your files, credentials, and daily workflow, you should be able to inspect it, audit it, and fork it if the project changes direction.
It's alpha. I use it daily and I'm shipping because it's useful, not because it's done.
Longer architecture deep-dive: https://pen.so/2026/02/12/moltis-a-personal-ai-assistant-bui...
Happy to discuss the Rust architecture, security model, or local LLM setup. Would love feedback.
I haven’t yet tried openclaw but can someone tell me how is this project different than that? Is this basically a different take on the same thing as openclaw? Dont get me wrong im not against it I just was wondering if theyre basically doing the same thing? If that’s the case I actually appreciate both projects, but idk what theyre doing and how theyre different?
author here.
It's a different take and heavily inspired at first by OpenClaw, which is a great product and Peter the founder is an amazing human being. I'm adding features than I want, since I do Moltis for my own use but also try to add features than others will enjoy.
I think Rust makes a lot of sense security wise, it does add benefits like being a single binary and very easy to install. I also tried to make it easy to try with a 1-click deploy on the cloud.
I'm not sure this is convincing enough but I think you can only judge by yourself trying it out, and I'd love feedback.
Aside from security and efficiency, is there anything openclaw and do that moltis can't? Like for example, does moltis have the "heartbeat" thing, short and long term memory, can update a soul.md etc?
I'm so keen to try openclaw in a locked down environment but the onboarding docs are a mess and I can see references to the old name in markdowns and stuff like that. Seems like a lot of work just to get up and running.
Moltis can do all that yes, unless I missed something. And it's way easier to setup.
Thanks for building Moltis. How does Rust alone make it more secure and immune to Prompt injection attacks?
To me it isn't about prompt Injection attacks, but supply chain and attack surface.
Thanks for the explanation! I love different takes, so good luck! I will try it later on. As I said i haven’t tried openclaw but just a quick look it seems like your take has all the pain points of openclaw fixed! Thanks Fabien
How can I (anyone) help?
You seem to have a good sense of what you want to do, and a manageable queue of bugs and PR's, but this projects has so many dimensions/large feature surface, you/one could get lost chasing everything or dealing with feedback and help. Any guidance? Just fix bugs we bump into?
Cool!
One pain point I have with openclaw is compaction. It uses so many tokens that compaction happens often - but I'd say it's not great at keeping the thread. I think this could be a nice little benefit you offer folks if you can get higher quality continuity.
the self-extending skills part is really interesting. ive been building AI agents with persistent memory for a while now and the skill/tool extensibility piece is where most frameworks fall short. they either give you a rigid plugin system or completley open-ended function calling with no guardrails.
how are you handling the trust boundary for self-created skills? thats usually where things get tricky.
also curious about the memory architecture. file-based memory (like markdown files the agent reads/writes) has been surprisingly effective in my experience compared to fancy vector DB approaches. simpler to debug, easier for the agent to reason about, and way less infrastructure overhead. whats your approach?
But what can it actually do? I read the landing page, your blog post, glanced through the docs… lots of stuff about how it’s built and absolutely nothing about how it’s useful to me.
What are some actually useful use cases and how would I install them? This seems like the missing piece.
This question has been asked thousands of times since Clawd came around. Answer: it's an agent with tools, which means you define the boundaries and imagination is the limit. How is useful to you is defined by you. There might be lots of use cases for which you find it useful or none at all. It's subjective.
Looks like a good architecture. I feel like this needs a complimentary mobile app instead of relying on a chat system like telegram, so you can both plain text interact but also do more advanced stuff like see the backlog of tasks, see the log of completed work, have more robust interactions that include stateful iteration on long form stuff, etc
Very cool build though, will try it out
Hello. I am happy to take this for a spin.
I see that not all models available in my Github subscription are available (all models should be visible).
Further, is it possible to use openrouter with the current implementation? I couldn't figure it out by reading the documentation alone.
Thank you!
Is there a heartbeat equivalent? It seems a lot of the magic of OpenClaw is the heartbeat functionality that keeps the agent running and being “self-driven.”
From poking around the UI, there's Heartbeat and Cron sections (not sure what the difference is)
Heartbeat: is run on a regular interval (you choose) and can do something you define in the heartbeat prompt section of that settings.
Crons: is run when you want, you can ask to Moltis things like "do <whatever> every day at X" and it will automatically create a cron entry, you can disable later.
For cron, what's the difference between "Agent Turn" and "System Event"? Also, is there a way to delete cron runs from the chat list?
Very cool! I love the approach, OpenClaw is really cool but there's two major things holding me back for deploying it from friends a family;
- Cybersecurity (you can't expect a non-technical person to read a skill)
- Token usage (without a flat fee subscription it'll become expensive very fast)
I understand that security is a hard problem to solve but having a single binary + containers should definitely help! I'll definitely keep an eye on this.
Yeap. Cost is a major problem with these agents. I wonder why MistralAI is never natively supported. It’s the cheapest paid option out there.
ps. One can use mistral’s API through liteLLM.
Don’t install skills in OpenClaw or Moltis for security reasons. Self-extension or self-evolving nature means that you can customise it to create your own skills
You can run it with a ChatGPT subscription (or even a local model) so it can be flat fee
Curious why was this named Molt-is? I understand what the creator of openclaw was trying to do - stretching the "claude" joke by using crab terminology and hence "molt" i.e. to shed the outer exoskeleton to grow. It just sounds like trying to ride on the hype of openclaw/moltbot.
Do you plan on Open Sourcing it? A bit scary to just execute a random binary and put in a bunch of API keys.
It is already MIT license.
Didn't see it, thanks!
A naive question - pi is using jiti to hotreload extensions, but how does hotreloading work at all with Rust?
Very nice.
Though, I am looking forward to the next generation of AI agents that aren't named after a lobster
There is actually a reason, the Rust logo is a crab named Ferris: https://rustacean.net
ah that's fair, that makes a lot more sense.
I thought it was all from "clawdbot" being renamed to "moltbot" to "openclaw". Thought everyone stuck with the lobster meme simply because of the claude code origins of clawdbot.
To be honest, I was looking at a short name, something than "Rustacean" would get, had a domain name available, easy to pronounce. I didn't like rustclaw, I think having similar name doesn't mean much unless it's very related, like tinyclaw being a typescript simili I get it.
For the logo, I do think everyone went for the lobster meme for a connection to clawdbot. But in my case it's because I wanted to use a derivative of the Rust logo, a crab.
Hello! I tried to run with podman but it get stuck in the login of my bot :( Would check it out later on the development.
Is it compatible with OpenClaw Plugins?
Yes. The UI allows you to add repositories (OpenClaw is one listed), and you can enable/disable any of them.
Why can I only see gpt-5.2 and opus-4.5? Is this a limit on Moltis or can my API keys not access the latest models?
You should not be limited, which provider do you use?
For the models? Directly from Anthropic and OpenAI. I'm running moltis via the docker container
edit: There is a gpt-5.3 model, but selecting that gives me the error:
Error The model `gpt-5.3` does not exist or you do not have access to it. Provider: openai
I don't see a 5.3-codex, and no opus 4.6...
Let me confirm, I just tried on digitalocean and I have a similar issue, the last version I published might have issue. Fixing as of now.
oh so those are issues from the provider itself, you get to choose between model the provider advertise for you, meaning:
- you can have models you can not actually use (that gpt-5.3 response) - you can have model non-listed.
Those are all coming from the provider with your API_KEY.
Isn't the point of OpenClaw that the agent can modify itself?
Self modifying part is through skills:
Assistant -> Skill -> Script.
As you keep modifying or adding capabilities, it’s the script that gets modified. Atleast that’s how OpenClaw works, I’m not sure how Moltis implements self-modifying part.
If you run it with a cheaper model or just once in a while, it will write sometjing unexpected into its config json, restart and crash. Happens every few days. I learned to back up the config the hard way
This is what I'm interested in knowing. Just how much can it modify if it's a static binary? Can it modify it's own agents.md etc?
It can modify everything, because while it's a single binary and that makes it easy for installation, there are things stored outside that binary. The memories, the skills, the config etc. But you can do everything from the UI and you don't need to bother, it will be all automatic.
is this a custom agent loop?
moltis.org is down fwiw
author here, it works for a few friends. Would love to fix it for you, but you can also just use the github project: https://github.com/moltis-org/moltis
[dead]
Why don't u try https://marketplace.visualstudio.com/items?itemName=devokaic...