What's solid, and what's lightly tested

Honesty is the product here, so this page exists on purpose. Here is the maturity line, drawn down the middle.

Solid, and verifiable yourself

• The security posture is a command, not a claim. npm run security boots the real daemon and dashboard and attacks them the way self-hosted agents were attacked in 2026, landing on 10 of 10 attack classes across 95 of 95 checks. npm run e2e verifies every feature end-to-end against a live daemon, with npm run fuzz and npm run redteam on top.
• 533 unit tests, several of them adversarial security regressions frozen from real findings, so a fixed hole cannot quietly reopen.
• The architecture is the moat. No inbound network port (a 0600 unix socket only), fail-closed allowlists on every channel, read-only sandboxed remote turns, and a hard credential-deny boundary that holds even in Full mode.
• It can prove what it did. A hash-chained Ledger of Record makes tampering detectable, and an ed25519 Sovereign Seal signs the chain head. Run urfael attest for one report a reviewer can keep.

Lightly tested, on purpose

• The Matrix, Signal and WhatsApp bridges, the eight native webhook channels (Mattermost, Google Chat, SMS, DingTalk, Home Assistant, BlueBubbles, Feishu, WeCom), Discord voice channels, and the Android/Termux host are code-complete and reviewed, their parsing, verification, and allowlist logic unit-tested and frozen as benchmark checks, but not yet certified against live accounts or a real device. Treat them that way.
• A2UI canvas ships as a protocol and a validator (unit-tested, benchmark-frozen as XSS-proof); live rendering of A2UI blocks in the dashboard and Console is the next increment, not yet built.
• Linux runs the full stack but is newer than macOS and has less mileage; real-world scale is small, because this is a personal tool and we say so; the desktop GUI is unsigned until the signing certificates are in place.

If you want twenty channels and every model under the sun, OpenClaw and Hermes are excellent at breadth. If you want the smallest possible blast radius, a flat bill, local voice, and a tool that is straight with you about its limits, stay.

See how that trade looks side by side: the honest comparison ›

‹ Back to urfael.com