Moltis
A secure, persistent personal agent server in Rust — run it on your own hardware.
Moltis is the most capable self-hosted agent server we've seen — it rivals cloud alternatives in features while keeping your data local. It's genuinely production-ready out of the box, but you will need comfort with CLI and server management to deploy and maintain it. If that's you, this is a rare find.
- Developers wanting a self-hosted, secure AI agent with full data control
- Privacy-conscious users avoiding cloud lock-in and vendor dependency
- Power users needing multi-channel automation via Telegram, Discord, etc.
- Teams needing an on-premise assistant with sandboxed execution
- Users who prefer a fully managed, zero-setup cloud service
- Non-technical users uncomfortable with CLI and server configuration
- Those needing a large plugin marketplace or pre-built integrations
We scan live Reddit threads, YouTube comments, X posts, G2 reviews and other communities — and hand you an honest verdict in under a minute.
- Honest verdict, not marketing
- Real pros & cons from real users
- Attributed quotes with receipts
3 free scans · no card needed
In short
Moltis — A secure, persistent personal agent server in Rust — run it on your own hardware. Best for Developers wanting a self-hosted, secure AI agent with full data control, Privacy-conscious users avoiding cloud lock-in and vendor dependency, Power users needing multi-channel automation via Telegram, Discord, etc.. Free to use.
What's new in Moltis
Checked 3 days agoAcross the latest 5 updates: 3 feature updates and 2 changelog entries.
No notable changes in release 20260603.01
Release 20260603.01 with no notable changes.
Added NEAR AI Cloud provider, per-turn tool controls, nonblocking spawn agents; split OpenAI Codex catalog; many fixes.
NEAR AI Cloud provider added; per-turn tool controls and nonblocking spawn agents introduced. Multiple provider and skill fixes.
Added per-agent runtime limits, agents as capability boundaries, OpenAI Codex reasoning effort support; various fixes.
Per-agent runtime limits and capability boundaries (MCP, sandbox, skills). OpenAI Codex reasoning effort supported.
Fixed config startup, agent hooks, thought parsing, dangerous command scan, sandbox zombie reaping.
Bug fixes: config defaults preservation, BeforeLLMCall hook, thought reasoning tags, heredoc safety, sandbox zombies.
Added public IP SAN for TLS certs, OAuth client secrets for MCP.
TLS certs support public IP SAN; MCP gains OAuth client secret support.
What independent users actually report about Moltis
We ran a structured research pass across product reviews, community discussions, and post-purchase forum threads to surface the patterns vendors won't publish themselves. Below: the recurring strengths, the hidden costs people mention most, and the cohort that consistently regrets adopting this tool.
72 mentions across 5 sources (Hacker News, YouTube, Bluesky, GitHub, Lemmy).
- +Polished, not full of half-baked features like competitors.
- +One-command installation: three steps from zero to chat.
- +Sandboxed execution with Docker or Apple Containers for security.
- +Persistent memory with vector and full-text search.
- +Multi-provider LLM support: 20+ cloud and local models.
- −Sandbox restrictions cannot be disabled, limiting some use cases.
- −Self-modifying skills raise security concerns among community.
- −Voice and scheduling features lack extensive real-world feedback.
- −Small community means slower support and fewer integrations.
- −No mobile app or managed cloud tier available.
- • Self-hosting costs: hardware, electricity, bandwidth for local LLMs if not using cloud APIs.
Viability Score
How likely is Moltis to still be operational in 12 months? Based on 4 signals — momentum (how recently it shipped), wrapper dependency, revenue model, and web presence.
Last calculated: July 2026
How we score →Key Features
- Self-hosted single binary, no runtime dependencies
- Persistent memory with vector + full-text search
- Sandboxed execution via Docker or Apple Containers
- Multi-provider LLMs (20+ cloud and local models)
- Voice input/output with cloud and local TTS/STT
- Scheduled recurring tasks via natural-language cron
- SSRF-protected web browsing and summarization
- CalDAV calendar integration for events and reminders
- Built-in Telegram, WhatsApp, Discord, Slack, Matrix, Nostr, Teams channels
- Runtime-created skills, hooks, and MCP tools
- OAuth zero-config for GitHub Copilot, OpenAI Codex, Kimi Code
- Encryption-at-rest vault for API keys and secrets
- Authentication with passkeys, tokens, and password
- Secure remote access via NetBird and Cloudflare Tunnel
- Full GraphQL API and JSON-RPC
About Moltis
Moltis is a self-hosted, open-core AI agent server written in Rust that you install on your own hardware — a Mac Mini, Raspberry Pi, or any server. It persists memory across sessions, connects through every major messaging channel, and keeps your data local by default. Installation takes one command: curl -fsSL moltis.org/install.sh | sh, then configure via localhost:13131, and chat from anywhere. This is not a chatbot wrapper or a cloud service tied to one provider. Moltis sandboxes execution using Docker or Apple Containers, blocks your keys and private data from leaving your machine unless you explicitly allow it. It supports over 20 LLM providers, including cloud services like Anthropic, OpenAI, Gemini, Mistral, DeepSeek, and local models via Ollama, LM Studio, or MLX. It connects to Telegram, WhatsApp, Discord, Slack, Matrix, Nostr, and Microsoft Teams out of the box. Built-in features include persistent memory with vector + full-text search, voice input/output (cloud and local), scheduling via natural-language cron jobs, SSRF-protected web browsing, CalDAV calendar integration, and extensibility through runtime-created skills, hooks, and MCP tools. The single binary includes authentication (passkeys, tokens), encryption-at-rest vault for secrets, sandboxed browsing, and full i18n with eleven locales. Recent updates add per-agent runtime limits, NEAR AI Cloud provider support, nonblocking agent spawning, and remote access via NetBird or Cloudflare Tunnel. Unlike cloud-dependent agents, Moltis never sends your data to external servers unless you explicitly allow it. It's ideal for developers, privacy-conscious users, and teams who want full control over their AI assistant without cloud lock-in. The project is actively maintained with frequent releases and a responsive community.
Behind the Verdict
Pick Moltis when you want a persistent AI agent that runs on your own hardware, remembers context across sessions, and can message you on any channel. The install process is genuinely one command, and the web UI config is straightforward. You get sandboxed execution, encryption-at-rest for secrets, and a single binary with no runtime dependencies. Pass if you want a fully managed cloud service — Moltis requires you to own and maintain a server. Non-technical users who aren't comfortable with the terminal or Docker will find the setup challenging despite the short install command. Closest alternatives are open-source agents like OpenClaw or self-hosted ChatGPT clones, but Moltis packs far more built-in features (multi-channel, scheduling, memory, voice, skills, MCP) without needing a plugin marketplace. It also lets you import an OpenClaw workspace in one click. Where it bites: you manage everything yourself – updates, backups, uptime. And while the feature breadth is impressive, some features like the iOS companion app are listed as 'coming soon.' The community is active but small, so support is primarily GitHub discussions and Discord. For a single-binary agent that can talk to everyone and run anywhere, Moltis is hard to beat for the price (free).
Researching Moltis? Get your full AI stack in 60 seconds.
Free, no signup — tell us your goal and get tools matched to your budget & existing stack.
Use Cases
- Schedule recurring cron jobs using natural language, like 'remind me daily to check logs'.
- Browse and summarize web pages with SSRF protection.
- Manage your calendar via CalDAV, adding events and reminders.
- Send and receive messages across Telegram, WhatsApp, Discord, Slack, Matrix, Nostr, and Teams.
- Extend the agent's capabilities at runtime by creating custom skills, hooks, or MCP tools.
Models Under the Hood
Limitations
- As a self-hosted solution, Moltis requires users to manage their own infrastructure (server, Docker, networking).
- Setup involves CLI commands and configuration, which may be a barrier for beginners.
- While it supports many LLM providers, each requires an API key or local model setup.
12-month cost
Project the real annual outlay, including the implied monthly cost when only an annual tier is published.
Vendor list price only. Add-on usage, seat overages, and contract minimums are surfaced under Hidden costs & gotchas.
Integrations
Resources & Guides
Official links
Featured Head-to-Head Comparisons
Popular in Security & Privacy
Push Security
Browser security platform that stops AI-powered attacks and controls AI tool usage.
Sublime Security
Agentic AI email security that stops BEC and phishing with full transparency.
Frequently Asked Questions
Best-of guides
Used Moltis? Help shape our editorial sentiment research.