amr/hermes-brain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ideas: editorial sweep — atomization, interlinking, restructuring

Browse Source 
- Split competitive-analysis-2026-05.org → TOC + 9 competitor files in
  ideas/competitors/. Dropped date from filename. All competitor UUIDs
  generated, TOC keeps original UUID for backlink continuity.
- Deleted passepartout-economics.org archive (replaced by 27-node KB).
- Inlined 5 'See also' blocks into natural prose (compliance-index,
  first-mover-window, revenue-table, orders-of-magnitude-time,
  native-org-knowledge-base).
- Linked 7 orphan compliance pages back to compliance index + finished
  truncated sentences.
- Linked all 14 Agora requirement docs from topic-relevant pages
  (identity→lisp-machine-security, infrastructure→compute-marketplace,
  social-space→growth-strategy, exchange→agora-contracts, etc.).
- Linked ai-industry-impact from investment-thesis, sufficiency-flip,
  verification-appliance, effects-growth-flywheel (up from 1 to 10+ pages).
- Fixed CREATED timestamps to use git commit dates instead of today.
- Made all links absolute from root (no port inheritance).
- Removed stale agora/docs/ duplicate content.
This commit is contained in:
Hermes
2026-05-24 16:25:55 +00:00
parent 94f1871177
commit cc3976fb7f
121 changed files with 2104 additions and 2644 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
ideas/competitors/aider.org Normal file
View File

@@ -0,0 +1,22 @@
:PROPERTIES:
:ID: c3aab2e8-7e43-4abc-93f0-741675cfd78c
:CREATED: [2026-05-22 Thu]
:END:
#+title: Aider — AI Coding Agent
#+filetags: :passepartout:strategy:competitive:aider:
Language: Python. ~6.8M pip installs. ~40K lines. MIT license. The oldest and most mature open-source coding agent.
Architecture: Chat-based Coder class with 5 edit formats (diff, udiff, patch, whole, architect). Uses litellm for universal provider access (50+ providers). RepoMap provides codebase awareness via cosine-similarity embedding.
Safety model: Purely prompt-based plus user-confirmation dialogs. No deterministic gate stack. No sandboxing. No model output validator. The allowed_to_edit() gate is a single user confirmation call. --yes flag auto-approves. Aider can edit its own source code with no special protection — self-modification is undetectable.
Data model: Ad-hoc. Chat messages in memory. Git commits for persistence. RepoMap is a cosine-similarity index. No persistent memory across sessions. No knowledge graph.
Self-modification: Full. No guard against editing its own files.
Verification: None.
Key gap vs Passepartout: No safety gates, no persistent memory model, no knowledge representation, no verification, no self-modification protection, no architecture for neurosymbolic reasoning. It is a thin shell around litellm + edit format parsers.
See the full [[id:3aa22300-2f25-57b0-8787-9f199cc978b1][competitive analysis]] for the landscape view and comparison.

22
ideas/competitors/claude-code.org Normal file
View File

@@ -0,0 +1,22 @@
:PROPERTIES:
:ID: 512dd121-2292-4f3d-ac53-31bf3d12a60f
:CREATED: [2026-05-22 Thu]
:END:
#+title: Claude Code — Anthropic AI Coding Agent
#+filetags: :passepartout:strategy:competitive:claude-code:
Anthropic's proprietary coding agent. TypeScript/Bun, ~512K lines (leaked source analysis). Not open source.
Architecture: Bun-bundled TypeScript single-file executable. Ink/React terminal UI. 23+ core tools. Subagent forking with byte-identical API prefixes for prompt cache sharing. Multi-agent coordination mode.
Safety model: Layered deterministic safety — NOT prompt-based: 7 permission modes, persistent permission rules (alwaysAllow/alwaysDeny/alwaysAsk from 4 sources), bash security validator at 2,592 lines with 23+ named security checks using tree-sitter AST parsing, sandbox runtime, path/mode validation, optional ML bash classifier. This is the most sophisticated safety system of any coding agent analyzed.
Data model: File-based markdown memdir at ~/.claude/projects/<slug>/memory/. 4 memory types: user, feedback, project, reference. YAML frontmatter in .md files. PROJECT.md and CLAUDE.md for project config. No database.
Self-modification: HIGH. Skill system writes SKILL.md files. Plugin system, cron scheduling, agent spawning.
Verification: None.
Key gap vs Passepartout: No proof system, no neurosymbolic architecture, no self-verification, no persistent knowledge graph (flat markdown files, not Org-mode with cross-references), markdown data model lacks semantic depth. Proprietary — Anthropic controls it completely. The permission rules system is impressive but structurally inferior to Passepartout's gate stack because rules are heuristic (regex-based pattern matching) rather than typed (type-level gates with structural guarantees).
See the full [[id:3aa22300-2f25-57b0-8787-9f199cc978b1][competitive analysis]] for the landscape view and comparison.

22
ideas/competitors/codex-cli.org Normal file
View File

@@ -0,0 +1,22 @@
:PROPERTIES:
:ID: e929ff32-28d8-4a29-bf74-d55babc040d1
:CREATED: [2026-05-22 Thu]
:END:
#+title: Codex CLI — OpenAI AI Coding Agent
#+filetags: :passepartout:strategy:competitive:codex:
OpenAI's open-source coding agent. Rust, ~950K lines, sandboxed.
Architecture: ~116 crate Rust workspace with a protocol layer (SQ/EQ session types), sandbox manager (macOS Seatbelt, Linux nsjail), multi-provider support, configurable TUI.
Safety model: Most sophisticated safety system of any coding agent analyzed. Multi-layer: process hardening (macOS Seatbelt with 4 profile tiers), execution policy engine, sandboxing via nsjail/Seatbelt, Guardian module for tool permission gating. No prompt-based safety — all deterministic through policy definitions.
Data model: Protocol-defined session types. Structured request/response models. Config through TOML files with schema validation.
Self-modification: Protected by sandbox — the agent cannot escape to modify its own binary or config without explicit policy override.
Verification: None (no proof system).
Key gap vs Passepartout: No knowledge graph, no persistent memory model, no deterministic gate stack for agent behavior (only OS-level sandboxing), no ACL2/prover, no neurosymbolic architecture. Strongest sandbox but weakest cognitive architecture.
See the full [[id:3aa22300-2f25-57b0-8787-9f199cc978b1][competitive analysis]] for the landscape view and comparison.

22
ideas/competitors/continue.org Normal file
View File

@@ -0,0 +1,22 @@
:PROPERTIES:
:ID: 22d0a159-68a2-4587-9375-5046beddc20c
:CREATED: [2026-05-22 Thu]
:END:
#+title: Continue — CI/Check System
#+filetags: :passepartout:strategy:competitive:continue:
TypeScript, ~328K lines, Apache 2.0. Source-controlled AI checks for CI/CD. Markdown-as-gate-policy.
Architecture: Shared core (@continuedev/core) with ~80 provider implementations, tool-calling engine, config system (YAML/JSON/Markdown). Serves CLI (Ink/React TUI + headless CI mode), IDE extensions (VS Code, JetBrains), web dashboard.
Safety model: Three permission levels (allow/ask/exclude). Precedence: mode policies → CLI flags → permissions.yaml → built-in defaults. Terminal security package for shell command analysis via shell-quote parsing. Workspace-scoped file access.
Data model: Markdown files for checks, agents, rules. Source-controlled in-repo. YAML frontmatter for metadata.
Self-modification: Checks source-controlled — any change goes through git.
Verification: None (the checks are themselves unverified).
Key gap vs Passepartout: The checks-as-markdown concept is philosophically similar to Passepartout's gate rules (deterministic policies checked before execution) but the implementation is dramatically simpler — regex-based policy objects, not a type-level gate stack with structural guarantees. No persistent agent, no memory, no knowledge graph, no neurosymbolic architecture. It is a gate system without an agent to gate.
See the full [[id:3aa22300-2f25-57b0-8787-9f199cc978b1][competitive analysis]] for the landscape view and comparison.

22
ideas/competitors/gemini-cli.org Normal file
View File

@@ -0,0 +1,22 @@
:PROPERTIES:
:ID: 8d73ccb9-34e4-4899-b0c3-605998e9bebc
:CREATED: [2026-05-22 Thu]
:END:
#+title: Gemini CLI — Google AI Coding Agent
#+filetags: :passepartout:strategy:competitive:gemini:
Google's open-source coding agent. TypeScript, ~525K lines, Apache 2.0. Node.js 20+, Ink/React TUI.
Architecture: 7-package npm monorepo. Core backend handles Gemini API orchestration, tool execution, policy engine, safety checks, sandbox management, session management, MCP client. 7-strategy composite model routing chain.
Safety model: Multi-layered: CONSECA (Contextual Security Checker) — AI-driven per-request policy generation using a separate Gemini Flash model. 4 approval modes (PLAN/DEFAULT/AUTO_EDIT/YOLO). 6 sandbox methods (macOS Seatbelt, Docker/Podman, bwrap, gVisor, LXC, Windows). Trusted folders with path traversal protection. Policy integrity via cryptographic hashes. Loop detection.
Data model: JSONL session files. Turn-based conversation model. 4-layer config precedence (system-defaults → user → project → system-override). TOML policy files.
Self-modification: Modifiable hooks system, MCP extensions, custom commands. Core binaries are protected on disk by file permissions.
Verification: None.
Key gap vs Passepartout: No proof system, no persistent knowledge graph, no self-verification, no neurosymbolic architecture, lock-in to Google Gemini models. CONSECA is interesting (AI-generated policies) but introduces a second LLM call for every security decision — the opposite of Passepartout's zero-token deterministic gating.
See the full [[id:3aa22300-2f25-57b0-8787-9f199cc978b1][competitive analysis]] for the landscape view and comparison.

22
ideas/competitors/hermes-agent.org Normal file
View File

@@ -0,0 +1,22 @@
:PROPERTIES:
:ID: c652688a-1ea0-487c-9222-00e954efe8a1
:CREATED: [2026-05-22 Thu]
:END:
#+title: Hermes Agent — Personal AI Assistant
#+filetags: :passepartout:strategy:competitive:hermes:
The agent running this conversation. Python, ~17K core lines, MIT.
Architecture: Synchronous conversation loop with OpenAI-format messages. 60+ built-in tools. 109+ providers via pluggable transport layer. 15+ messaging platforms via gateway. MCP client (native, not bridge). Ink/React TUI as Node.js subprocess. Cron jobs, Kanban board, subagent delegation.
Safety model: Multi-layer but NOT a deterministic gate stack: message sanitization, Tirith binary scanner, command approval system, memory injection detection, secret/PII redaction, tool call guardrails, MCP security, context fencing. All heuristic or prompt-based — no structural type-level gates.
Data model: SQLite session DB (FTS5 full-text search). File-based memory (MEMORY.md + USER.md). YAML config. No knowledge graph. No Org-mode.
Self-modification: Skill system writes SKILL.md files. Memory tool edits MEMORY.md/USER.md. Core Python code is read-only in execution but no gate specifically prevents the LLM from requesting source modifications.
Verification: None.
Key gap vs Passepartout: No deterministic gate stack (heuristic layers, not structural/typed), no knowledge graph, no Org-mode, no neurosymbolic architecture, no self-verification, no proof system. Hermes's strength is breadth — 109 providers, 15 platforms, MCP ecosystem. But it has no depth in safety, knowledge representation, or reasoning architecture.
See the full [[id:3aa22300-2f25-57b0-8787-9f199cc978b1][competitive analysis]] for the landscape view and comparison.

22
ideas/competitors/openclaw.org Normal file
View File

@@ -0,0 +1,22 @@
:PROPERTIES:
:ID: 85ca69dd-d085-4a55-ad11-021910b1f82e
:CREATED: [2026-05-22 Thu]
:END:
#+title: OpenClaw — Personal AI Assistant
#+filetags: :passepartout:strategy:competitive:openclaw:
TypeScript/Node.js, ~3.5M lines. The largest codebase analyzed. Personal AI assistant with 25+ messaging channel support.
Architecture: pnpm workspace with ~135 bundled plugins. Gateway control plane routes messages through multi-agent routing. Per-agent sessions, workspaces, skill registries. Companion native apps (macOS, iOS, Android).
Safety model: Tiered — main agent runs tools directly on host (trusted-operator), non-main sessions sandboxed via Docker (read-only rootfs, capability dropping, seccomp/AppArmor, memory/cpu/PID limits, SSH/OpenShell backends).
Data model: Typed JSON/YAML config (openclaw.json). Multi-source model catalog. Plugin SDK with narrow typed subpath exports.
Self-modification: ACP (Agent Control Protocol) for spawning child sessions. Skill system with npm distribution and ClawHub registry.
Verification: None.
Key gap vs Passepartout: Same as Hermes — no gate stack, no knowledge graph, no Org-mode, no verification, no neurosymbolic architecture. Differentiated by vastly broader channel support and mature plugin ecosystem. But architecturally conventional — LLM + tools + channels, no cognitive architecture innovation.
See the full [[id:3aa22300-2f25-57b0-8787-9f199cc978b1][competitive analysis]] for the landscape view and comparison.

22
ideas/competitors/opencode.org Normal file
View File

@@ -0,0 +1,22 @@
:PROPERTIES:
:ID: 7a060b36-36db-4eb7-b8cc-844bd6ac9d36
:CREATED: [2026-05-22 Thu]
:END:
#+title: OpenCode — AI Coding Agent
#+filetags: :passepartout:strategy:competitive:opencode:
TypeScript/Bun. anomalyco/opencode, 163K★. The dominant open-source coding agent by adoption. Bun runtime, Effect-TS functional core, Solid.js TUI, Turborepo monorepo.
Architecture: Dual LLM runtime — default AI SDK (streamText/generateText) + opt-in native Effect-Schema runtime with 4-axis route decomposition (Protocol/Endpoint/Auth/Framing). 30+ provider plugins. Agent workflow DSL with plan/build agent switching. Agent Communication Protocol (ACP) for inter-agent messaging. Subagents inherit permission boundaries from parent. 18+ built-in tools + custom tools from config. Effect-TS ScopedCache per-project state management.
Safety model: Explicitly documents not sandboxing the agent. Permission system is rule-based (glob matching, actions: allow/ask/deny) and exists as a UX feature, not security isolation. Built-in agents have carefully scoped defaults. Permission rules inherited by subagents.
Data model: SQLite via Drizzle ORM with bun:sqlite or better-sqlite3. Key tables: SessionTable, MessageTable, PartTable. Project model stores worktree, VCS, sandbox config. Config is JSON-chain with remote config fetch.
Self-modification: Agent.generate() interface lets the LLM create new agent definitions — the system grows its own subagent roster. Skills system loads domain-specific knowledge packs dynamically.
Verification: None.
Key gap vs Passepartout: No deterministic safety architecture, no knowledge graph, no Org-mode, no verification/proof system, no neurosymbolic architecture. The permission system is explicitly labeled not security isolation — it's UX, not a gate stack.
See the full [[id:3aa22300-2f25-57b0-8787-9f199cc978b1][competitive analysis]] for the landscape view and comparison.

22
ideas/competitors/thoth.org Normal file
View File

@@ -0,0 +1,22 @@
:PROPERTIES:
:ID: 416bab7c-4300-4d50-838a-5c7a8ad45d96
:CREATED: [2026-05-22 Thu]
:END:
#+title: Thoth — Personal AI Sovereignty
#+filetags: :passepartout:strategy:competitive:thoth:
https://github.com/siddsachar/Thoth — Python, ~151K lines, Apache 2.0. Local-first desktop AI assistant with knowledge graph, tools, voice, vision, shell, browser automation, workflow engine, and messaging channels.
Architecture: LangGraph create_react_agent (prebuilt ReAct pattern). Dual-mode streaming. NiceGUI web UI with desktop launcher. Context trimming via tiktoken, base64 data redaction, stale browser snapshot compression, MD5 tool result dedup, old tool result summarization. Agent graph cached by tool set + model override. Checkpoints via LangGraph's SQLite-backed checkpointer. 30+ tool modules.
Safety model: Shell command classification with 17 blocked patterns, 30+ safe auto-execute prefixes, needs-approval for compound commands. Interactive interrupt for non-safe shell. Per-workflow safety modes (block/approve/allow_all). Prompt-injection defense (5 categories, detection-only). Filesystem workspace boundary. Opt-in Docker Sandbox. Destructive ops require confirmation. No sandboxing of agent runtime itself.
Data model: SQLite (WAL mode) at ~/.thoth/memory.db — shared between knowledge graph and legacy memory. Knowledge graph: SQLite (durable) + NetworkX MultiDiGraph (in-memory, rebuilt on startup) + FAISS vector index (semantic recall). 11 entity types, 67+ typed relations with 30+ LLM-produced aliases. Dream Cycle refinement pipeline. Config: JSON files. Keys in OS credential store.
Self-modification: Agent CAN create/update/delete skills via dedicated tools. Skill patching requires user confirmation + auto backup. Maximum 1 patch proposal per conversation. No tool to modify system prompts directly.
Verification: None formal. Update signature verification.
Key gap vs Passepartout: No deterministic gate stack — shell safety is pattern list, not typed gates. No proof system. No output guardrails. No neurosymbolic architecture. No Org-mode. No Merkle-tree memory. Knowledge graph is LLM-driven entity extraction — no structural integrity guarantees. Thoth's differentiation is the knowledge graph + Developer/Designer studios + embedded LangGraph framework, but still architecturally conventional.
See the full [[id:3aa22300-2f25-57b0-8787-9f199cc978b1][competitive analysis]] for the landscape view and comparison.