🛡️ Lyrie Agent

The world's first autonomous AI agent with built-in cybersecurity.

Lyrie is not just another AI assistant. It's a guardian that runs your operations and protects them in the same loop.

---

Why Lyrie?

Every AI agent platform treats security as an afterthought. Lyrie treats it as the foundation — and ships the receipts: every advisory we publish on research.lyrie.ai is backed by a reproducible exploit lab + detection rules in this repo.

Lyrie vs the field — head-to-head (April 2026)

Compared against the latest releases at the time of writing: OpenClaw 2026.4.23 · Hermes Agent v0.10.0 (2026.4.16) · Claude Code 2.1.x

Capability	OpenClaw 2026.4.23	Hermes 0.10.0	Claude Code	Lyrie
Autonomous agent loop	✅	✅	❌	✅
Multi-channel (TG/WA/Discord/Signal/Slack/iMessage)	✅	✅	❌	✅
Self-improving skills	Skills catalog	✅ Learns from use	❌	✅ + skill-creator
Persistent cross-session memory	Lancedb / sections	✅ Trajectory + graph	❌	✅ Sectioned + dream cycle
Self-healing memory	❌	Partial	❌	✅ Validator + repair
Multi-model + intelligent routing	✅	✅ (200+ via OpenRouter)	Anthropic only	✅ (auto-routed by task class)
Native cybersecurity layer	❌	❌	❌	✅ The Shield
Native device protection (iOS/Android/Mac)	❌ paired-device only	❌	❌	✅ Lyrie Shield apps
Real-time threat intel feed	❌	❌	❌	✅ research.lyrie.ai (KEV-driven)
Reproducible exploit labs in-repo	❌	❌	❌	✅ research/CVE-XXXX/ + tools/exploit-lab/
Built-in pentest/recon commands (/pentest /recon /vulnscan /apiscan)	❌	❌	❌	✅
Sub-agent orchestration	✅	✅	❌	✅ + role-based fleet (Brain/Muscle/Coder/Scout)
Browser control	Chrome DevTools MCP	❌	❌	✅ + agent-browser skill
Cron / scheduled jobs	✅	✅	❌	✅ + heartbeat protocol
RL training / trajectory export	❌	✅ Atropos	❌	✅ via OMEGA pipeline
Audit-friendly footprint	430K+ LOC	~30K LOC	Closed	<30K LOC, MIT, fully auditable
Built by	OpenClaw	Nous Research	Anthropic	OTT Cybersecurity LLC

The headline: OpenClaw and Hermes are great agents. Neither was built to defend you while it works. Lyrie is. Cybersecurity isn't a plugin — it's layer one.

📦 What's in this monorepo

Path	Description
packages/omega-suite/	Lyrie OMEGA — Autonomous Security Intelligence Platform. CVE validator, CISA KEV watcher, multi-source intel firehose, and the publisher pipeline that powers research.lyrie.ai.
research/	Reproducible exploit labs. Every published research advisory has a matching CVE-XXXX-NNNNN/ folder with Dockerfile, working PoC, asciinema-style transcript, Sigma + YARA rules, and IOCs. See research/README.md.
tools/exploit-lab/	Autonomous exploit reproduction framework — lab.sh orchestrator, scaffold-cve.sh, LAB-PROTOCOL.md (methodology + ethical scope).
skills/	Agent skills and capability modules (extensible, self-improving).
packages/*	Core runtime packages — agent loop, memory, channels, model routing.
docs/	Architecture, contributing, channel guides.
scripts/, assets/, reports/	Tooling, brand assets, and operator reports.

🌐 Public channels

• Research blog: research.lyrie.ai — verified threat intelligence, 3+ source cross-validation, KEV-driven priority
• X / Twitter: @lyrie_ai — gold-verified
• Main site: lyrie.ai
• Parent company: overthetop.ae — OTT Cybersecurity LLC

⚡ Quick start

curl -fsSL https://lyrie.ai/install.sh | bash

Or manual:

git clone https://github.com/overthetopseo/lyrie-agent.git
cd lyrie-agent
pnpm install
pnpm start

🏛 Architecture

┌─────────────────────────────────────────────┐
│            LAYER 4: INTERFACE               │
│  CLI · Web · Desktop · iOS · Android        │
├─────────────────────────────────────────────┤
│            LAYER 3: AGENT ENGINE            │
│  Agent spawning · skills · self-improvement │
│  Multi-model routing · sub-agent fleet      │
├─────────────────────────────────────────────┤
│            LAYER 2: MEMORY CORE             │
│  Vector · graph · sectioned + dream cycle   │
│  Self-healing, versioned, full-text search  │
├─────────────────────────────────────────────┤
│            LAYER 1: THE SHIELD              │
│  Real-time threat detection · WAF           │
│  Anti-malware · behavioral · device protect │
│  Threat intel feed (research.lyrie.ai)      │
└─────────────────────────────────────────────┘

🧠 Model support

Model-agnostic. Lyrie routes per task class automatically:

Tier	Model	Use
Brain	Claude Opus 4.7	Strategy, complex reasoning
Coder	GPT-5.5 / GPT-5.4-Codex	Code generation, refactors
Fast	Gemini 3.1 Flash / Haiku 4.5	Quick lookups, classification
Bulk	MiniMax-M2.7-HS	Mass content, parallel batches
Local	Qwen / Gemma / Llama-local	Private, self-hosted

Bring any model — Anthropic, OpenAI, Google, xAI, MiniMax, Nous, or your own endpoint. No lock-in.

📡 Channels

Telegram · WhatsApp · Discord · Slack · Signal · iMessage · CLI · Webchat — connect Lyrie to wherever you already work.

🌌 The Lyrie ecosystem

Product	What it does
Lyrie Agent (this repo)	Your autonomous AI operator
Lyrie Shield	Native cybersecurity protection across iOS, Android, Mac
Lyrie Research	research.lyrie.ai — verified threat intel, reproducible exploit labs
Lyrie OMEGA	Autonomous security intelligence backend (packages/omega-suite/)

Together: a complete digital guardian that operates and defends.

🔁 Migrating from OpenClaw or Hermes?

lyrie migrate --from openclaw   # ports memory, skills, config
lyrie migrate --from hermes     # ports skills + trajectory

One command. Full memory + skills + config retained.

🤝 Contributing

See docs/contributing.md. New CVE labs follow LAB-PROTOCOL.md.

🔐 Security

See SECURITY.md. Responsible disclosure goes to security@lyrie.ai. Cybersecurity isn't a feature here — it's the product.

📜 License

MIT. Use it, fork it, build on it.

---

Built by OTT Cybersecurity LLC · Powered by Lyrie — the AI that protects.
Research · @lyrie_ai · lyrie.ai · overthetop.ae

© 2026 OTT Cybersecurity LLC. All rights reserved.