./Sam_Stelfox.sh

Hive

Active Rust Tokio PostgreSQL WASM Axum

Hive is a self-hosted agent harness written in Rust. It manages long-lived agents as durable processes, connects them to external communication channels, and enforces security boundaries between agents, data, and the outside world using kernel-level primitives rather than application-level trust.

The core systems are functional and I'm using Hive daily for my own workflows. I plan to open-source it once the codebase is in a state I'm comfortable with.

Agents run in isolated environments with overlay filesystems, scoped capabilities, and per-process network filtering enforced through eBPF. A structured knowledge graph built on typed ontologies handles reasoning. A shared ticketing system coordinates work between agents and humans across sessions. Browser automation runs through a headless Firefox instance behind a filtering proxy.

The architecture reference covers the major components and how they connect. The security model documents the enforcement layers in detail.

Latest Update

Why Build Another Agent Harness
There are a lot of agent harnesses out there. So why build another one? I've spent a lot of time in this space. I built several small agent systems in both Rust and Python, tried most of the popular frameworks, ran models from all the major providers and a bunch of open ones, experimented with custom LoRA layers and spec-driven task systems. Every setup taught me something about where things break down and I kept notes along the way. What I wanted wasn't exotic. A system that runs on my hardware, manages agents as durable long-lived processes, connects to the communication channels I already use, and enforces real security boundaries between agents and data. Capability-based access control, taint tracking, domain isolation, per-process network filtering. These are all well-understood ideas with decades of prior art. The agent ecosystem just hasn't prioritized them yet because everyone's working on different problems.

Reference Pages