Item detail
github.com

rivet-dev/agentos

rivet-dev/agentos is a code repository that RepoRadar is tracking in its AI tooling section, currently rated Gold tier with a 'try now' verdict. It is written primarily in Rust. Its strongest signal is workflow potential, scored 9.6 out of 10.

Score8.5
Popularity100.0
Risklow
TierGold
Score breakdown
Usefulness8.3
Novelty9.2
Momentum8.5
Maturity9.1
Open-source/build8.4
Evidence7.2
Workflow potential9.6
Setup ease6.4

Popularity is tracked separately. Support, ads, sponsorships, and tips never affect these signals.

Why it matters

AgentOS belongs on RepoRadar because it ships a real, runnable, in-process agent OS instead of another chat wrapper, skill collection, or sandbox library that delegates execution to Docker or Firecracker. The kernel manages a virtual filesystem, process table, pipes, PTYs, and a virtual network stack -- nothing executes on the host. Agents call host JavaScript functions as bindings

Who should use it

Embedding AI agents directly into a TypeScript backend without booting a VM or pulling a container per callRunning Pi / Claude Code / OpenCode agents in-process with deny-by-default permissions, programmatic network control, and per-agent CPU/memory limitsBuilding agent-to-agent delegation flows via host-defined JavaScript bindingsMulti-agent orchestration via the Agent Communication Protocol (ACP) with universal transcript formatDurable workflows with retries, branching, and resumable executionMultiplayer collaboration: multiple clients observing and driving the same agent in real timeWASM command packages for codex-cli / curl / git / jq / ripgrep / sqlite3 / duckdb / tar / zip / coreutils without requiring native binaries on the hostAgent backends where cold-start latency matters (sub-10 ms vs. 100s of ms for VM sandboxes)Self-hosting on AWS / Hetzner / Railway / Vercel / Kubernetes / any container platform with Apache-2.0 license

Who should skip it

Skip rivet-dev/agentos unless the captured evidence suggests it solves a problem you are actively working on.

About this signal

rivet-dev/agentos is tracked by RepoRadar as a code repository in the AI tooling section. It was first seen on 2026-07-12 and last updated on 2026-07-12. The current verdict is 'try now' with a Gold tier and moderate setup difficulty. The standout signals for rivet-dev/agentos are workflow potential (9.6) and novelty (9.2), while setup ease (6.4) trails — that balance shapes where it fits best. This page summarizes the public evidence on the linked source page and states where additional review is still needed. The score, tier, risk label, and verdict on this page are never influenced by sponsorship, ads, or tips — they reflect only the usefulness, popularity, novelty, momentum, maturity, and evidence signals described in the RepoRadar methodology.

How this item is evaluated

RepoRadar assigned rivet-dev/agentos a composite score of 8.5 out of 10, placing it in the Gold tier. This score combines weighted sub-signals: usefulness (35%), novelty (18%), momentum (14%), maturity (10%), open-source/build quality (7%), evidence quality (6%), workflow potential (6%), and setup ease (4%). Popularity is tracked separately at 100.0 and never affects the composite score or tier. The risk label of 'low' reflects inherent user-impacting hazards, not generic novelty. Items with no risk flag may still require normal code review before production use.

Putting this into practice? Read How to vet an AI agent or MCP server before you wire it in for the checklist behind this score.

Risk explanation

Project is at v0.2.7 (early-stage but production-ready for embedded use; the README publishes real-world benchmarks vs. mainstream sandbox providers, suggesting internal production usage at Rivet); Stars (3610) and subscribers (10) are lower than some try_now picks; the momentum is real (3,610 stars and 173 forks within ~2.5 years of the repo's first commit on 2024-02-07) but the project is still building a wider install base; WASM command packages ship as build artifacts -- the README publishes them via a registry table but does not enumerate every package's source repo (some packages are reposts of upstream coreutils / git / curl; verify provenance if you need license-clean distribution for a downstream commercial use case); The in-process kernel pattern is novel; if a downstream user hits an isolation bug, the security model is different from container / VM sandbox (deny-by-default WASM, not syscall-filtered Linux).

Evidence links
Closest alternatives / related signals
agent-runtimein-process-vmwasmsandboxagent-osapache-2rusttypescript