You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+23Lines changed: 23 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -31,6 +31,29 @@ Every AI agent framework gives the model shell access and hopes for the best. Ho
31
31
32
32
**202 tests** across 6 test suites. CI runs all tests + `detect-secrets` on every push.
33
33
34
+
## How It Compares
35
+
36
+
Hornet was partly inspired by [OpenClaw](https://github.com/openclaw/openclaw)'s security architecture. Different threat models lead to different strengths:
37
+
38
+
|| Feature | 🐝 Hornet | 🦞 OpenClaw |
39
+
|---|---------|-----------|-------------|
40
+
| 1 |**Tamper-proofing**| Root-owned hook + tool-guard + skill layer. Agent can't edit its own security. | N/A — human owns everything |
| 10 |**CI**| 202 tests + detect-secrets | Full suite + detect-secrets + pre-commit |
50
+
51
+
**Hornet's edge**: kernel-level walls an AI can't punch through — even fully compromised, iptables/hidepid/root-owned hooks hold. The agent works on real files in real repos (no sandbox friction), but can't exfiltrate data or escalate privileges.
**Different threat models**: Hornet guards against *its own AI going rogue*. OpenClaw guards against *external attackers reaching your personal assistant*.
0 commit comments