{"slug": "show-hn-peerd-ai-agent-harness-that-runs-entirely-in-your-browser", "title": "Show HN: peerd – AI agent harness that runs entirely in your browser", "summary": "Developer NotASithLord released peerd, an open-source AI agent harness that runs entirely inside the browser as a Chrome/Firefox extension, enabling agents to read and drive web pages, spin up sandboxed compute, and communicate peer-to-peer without any backend or cloud component. The experimental beta is available for developers and early testers, with store packages pending approval.", "body_md": "**peerd is the first AI agent harness native to the browser.** It's a\nChrome/Firefox extension that runs a full agent loop *inside* the\nbrowser you already use — with the tabs and sessions you already have.\nIt reads and drives your pages, spins up sandboxed compute (JS\nNotebooks, full Linux VMs compiled to WebAssembly, personal client-side\napps), and — on the preview channel — shares what it builds over a\npeer-to-peer WebRTC network built for agent-to-agent communication. BYOK\nto the model provider of your choice. **No backend, no telemetry, no\ncloud component in the data path.**\n\n## newdemo.mp4\n\npeerd uses *the browser* as its runtime, its\nhypervisor, and its security model. It inherits decades of hardened\nbrowser platform work — V8 isolates for sandboxing, WebCrypto for the\nvault, WebAuthn passkeys to unlock it, opaque-origin iframes, Subresource\nIntegrity — and writes zero lines of its own cryptographic or\nprocess-isolation code. The agent that holds your keys never reads a raw\npage; a disposable runner with no keys and no network does, and its\noutput comes back fenced as untrusted. And the agent never takes its own\nword for success: every action it drives is verified against the live page\nbefore it counts as done — the model proposes, the browser decides. (More\nat [peerd.ai](https://peerd.ai).)\n\n**Status: 0.x — experimental beta.** It works and the initial feature\nbuildout is complete and integrated (see `STATUS.md`\n\n), but the surface\nis still moving: **breaking changes are likely**, storage formats may\nshift, and it drives your browser and holds your API keys — use it with\ncare. There is no \"V1\" commitment; versions stay in the 0.x range until\nthe surface stabilizes.\n\nFor the full, itemized list of what's shipped — categorized by module —\nsee [ FEATURES.md](/NotASithLord/peerd/blob/main/FEATURES.md).\n\n**Developer preview:**\nLoad the source tree unpacked using the steps below. This is the current\nsource-of-truth install path for contributors and early testers.\n\n**Store packages:**\nChrome Web Store / Firefox Add-ons listings will be linked here once they\nare approved. Store packages omit preview-only dweb pieces and the\npreview/dev advanced automation path.\n\n**Dweb preview (research package):**\nGitHub Releases may include signed preview artifacts. If there is no\nrelease attached yet, use the source install path below.\n\nThe preview package includes the decentralized web (dweb) layer —\npeer-to-peer dwapps between peerd instances. It's intended for\ncontributors and early testers — the dweb protocol is research-grade\nand subject to change. Most users want one of the two store packages\nabove. The preview installs alongside the store package as a separate\nextension (\"peerd preview\") with its own isolated storage; move state\nbetween them explicitly via **Settings → Export & import**.\n\nPreview package install paths (Firefox is the smoother of the two):\n\n**Firefox:** click`peerd-preview-firefox.xpi`\n\non the release page — it's AMO-signed, installs like any extension, and auto-updates.**Chrome on macOS / Windows (recommended): load the zip unpacked.** Chrome hard-disables off-store CRX installs on these platforms (\"may have been added without your knowledge\", enable toggle locked) — and field testing showed even an`ExtensionInstallAllowlist`\n\npolicy visible in`chrome://policy`\n\ndoes NOT unlock it on an unmanaged machine (Chrome wants MDM-grade management). So don't fight it: download`peerd-preview-chrome.zip`\n\n, unzip it, enable Developer mode at`chrome://extensions`\n\n,**Load unpacked**, and pick the unzipped folder. Caveats: no auto-update (download the new zip per release) and the extension ID is machine-specific, not the table's CRX ID. This is a Chrome platform restriction on all self-hosted extensions, not a peerd choice.**Chrome on Linux (or any policy-managed Chrome):** download`peerd-preview-chrome.crx`\n\n, enable Developer mode at`chrome://extensions`\n\n, and drag the file onto the page. Auto-update then follows the feed at`peerd.ai/updates/`\n\n.\n\n**Extension IDs** (verify which package you're running):\n\n| package | id |\n|---|---|\n| peerd (Chrome store) | verify from the store listing or `chrome://extensions` after install |\n| peerd (Firefox store) | `peerd@peerd.ai` |\n| peerd preview (Chrome) | `lpdkhfeldihoejbbfonnbekpjclkknoc` (CRX installs only — an unpacked load gets a machine-specific ID) |\n| peerd preview (Firefox) | `peerd-preview@peerd.ai` |\n\npeerd has **no build step** — you load the `extension/`\n\nfolder straight\ninto Chrome as it is on disk. You need a Chromium-based browser (Chrome,\nEdge, Brave, Arc, …) and a model to talk to: a key from\n[Anthropic](https://console.anthropic.com/) and/or\n[OpenRouter](https://openrouter.ai/keys), or a local\n[Ollama](https://ollama.com/) (keyless, no bill, nothing leaves your\nmachine). BYOK: any key lives encrypted in a local vault and is only\never sent to that provider.\n\n**1. Get the code**\n\n```\ngit clone https://github.com/NotASithLord/peerd.git\ncd peerd\n```\n\n**2. Load the extension in Chrome**\n\n- Open\n`chrome://extensions`\n\n. - Turn on\n**Developer mode**(toggle, top-right). - Click\n**Load unpacked**. - Select the\nfolder inside the repo —`extension/`\n\n*not*the repo root. (The folder with`manifest.json`\n\nin it.)\n\npeerd now appears in your extensions list. Click the puzzle-piece icon\nin the toolbar and **pin** peerd so its icon is always visible.\n\n**3. Open peerd and set up the vault**\n\nClick the peerd toolbar icon — the side panel opens. On first run you\ncreate a local vault: unlock with **Touch ID / a passkey** (recommended)\nor a recovery passphrase. Keys, chat history, and the audit log are all\nencrypted on this device; nothing leaves your machine except the calls\nto your model provider.\n\n**4. Add your API key(s)**\n\nOpen **Settings** (gear icon) → **API keys**. Paste a key for\n**Anthropic** (`sk-ant-…`\n\n) and/or **OpenRouter** (`sk-or-…`\n\n). You can set\nboth at once — each is stored independently. Choose a default under\n*Default model for new chats*, and switch the model per chat from the\npicker above the message box.\n\n**5. Chat**\n\nBack in the chat, type a message. peerd can read and drive your open\ntabs, run shell commands in a sandboxed in-browser Linux VM, build small\napps, search the web, and more. Turn on **Confirm before actions** in\nSettings if you want to approve each tab/automation step first (off by\ndefault).\n\n**Updating after a code change.** Hit the **reload icon** on the peerd\ncard in `chrome://extensions`\n\n. The side panel, offscreen document, and\nany open VM/JS/App tabs reload with it.\n\n**Firefox (temporary).** `about:debugging#/runtime/this-firefox`\n\n→\n**Load Temporary Add-on** → pick `extension/manifest.json`\n\n. Re-load on\neach edit. Firefox parity is still being polished — Chrome is the\nprimary target for now.\n\n**Generated files.** `extension/manifest.json`\n\nand\n`extension/shared/channel-config.js`\n\nare GENERATED (the checked-in copies\nare the dev defaults — preview channel, dweb on). Don't hand-edit\nthem; change `manifests/*.json`\n\nor `packaging/default-settings.mjs`\n\nand run\n`bun run gen:dev`\n\n. CI fails if they drift.\n\n**Why the permissions?** peerd asks for broad host access (``\n\n,\nand `debugger`\n\non the preview/dev channels) because driving arbitrary\ntabs and reading the page the agent is acting on is the whole point. Each\npermission, why it's needed, and what the store build strips is spelled\nout in\n[ docs/store/PERMISSION-JUSTIFICATIONS.md](/NotASithLord/peerd/blob/main/docs/store/PERMISSION-JUSTIFICATIONS.md)\n— and the trust boundaries (BYOK vault, egress allowlist,\nuntrusted-content handling, no telemetry) in\n\n[.](/NotASithLord/peerd/blob/main/SECURITY.md)\n\n`SECURITY.md`\n\n- Plain vanilla JS, ES2024+. No TypeScript, no JSX, no bundler, no\n`npm`\n\ninside`extension/`\n\n. - ES modules only. Strict mode by default.\n- Pure functions and reducers over classes. Classes only where lifecycle is real (vault, VM, ports).\n`safeFetch`\n\n/`webFetch`\n\nfor all outbound HTTP — bare`fetch`\n\nis forbidden.- Comments explain\n*why*, not*what*. The codebase is security-sensitive and is meant to be read carefully.\n\nThe full version of these conventions and the architectural rationale\nlives in `CLAUDE.md`\n\n(orientation), `ARCHITECTURE.md`\n\n(module\norganization), and `DESIGN.md`\n\n(the full technical design record —\nvault crypto, dispatcher gates, prompt-injection defenses, the MV3\nkeepalive trick; long, historical, and worth searching before\nreopening a settled question).\n\nThe five-letter wordmark *is* the architecture — each colored letter is\none top-level module. **Each module has its own README** with how it\nworks today, its public API, known limitations, and TODOs:\n\n| Module | Role | |\n|---|---|---|\n· cyan`p` |\n`peerd-provider` |\n\n**· red**`e`\n\n`peerd-egress`\n\n**· amber**`e`\n\n`peerd-engine`\n\n**· green**`r`\n\n`peerd-runtime`\n\n**· magenta**`d`\n\n`peerd-distributed`\n\nThe brand IS the architecture: cross-module imports go through each\nmodule's `index.js`\n\n, never deep paths; nothing outside\n`peerd-distributed/`\n\nimports it at all. See\n[ ARCHITECTURE.md](/NotASithLord/peerd/blob/main/ARCHITECTURE.md) for the dependency graph.\n\npeerd's safety is *who is allowed to do what* — small, legible boundaries\nenforced by the browser platform, not by peerd's own crypto. Two\nprinciples run through all of it: **the agent that holds your keys never\ntouches a raw page or runs untrusted code**, and **the agent never gets the\nfinal word on correctness — every action is verified against the live page\nbefore it counts as done.**\n\n| Actor | Trusted with | Never |\n|---|---|---|\nThe vault (`peerd-egress/vault` ) |\nyour API keys + secrets, decrypted only after Touch ID / passkey / passphrase unlock; idle auto-lock | leaving the device — keys go only to the provider you chose |\nThe main agent (`peerd-runtime/loop` ) |\nthe conversation, planning, tool dispatch | reading raw page bytes or running untrusted code directly |\nThe disposable runner (`peerd-runtime/runner` ) |\ndriving + reading the page via do/get/check | holding keys or its own network; its output returns `wrapUntrusted` -fenced |\nThe egress chokepoint (`safeFetch` / `webFetch` ) |\nevery outbound byte — provider allowlist + denylist + SSRF guard | being bypassed; a bare `fetch` is lint-forbidden |\nThe sandboxes (WebVM · Notebook · App) |\nrunning code — V8 isolates + opaque-origin iframes | extension access; their HTTP routes back through egress |\nWeb content |\nnothing by default | being trusted — all of it is fenced as untrusted input |\n\nThe shape is *proposes vs. decides*: the AI proposes and drives; the\nbrowser platform (WebCrypto vault, WebAuthn unlock, V8 isolates, SRI) and\nthe live DOM are what actually decide. Full detail in\n[ SECURITY.md](/NotASithLord/peerd/blob/main/SECURITY.md) and\n\n`DESIGN.md`\n\n.Read `CLAUDE.md`\n\nfor quick orientation, `ARCHITECTURE.md`\n\nfor the\nfive-module organization, `ARCHITECTURE-CHANGES.md`\n\nif you're picking\nup work from a previous session, `FEATURES.md`\n\nfor what's shipped,\n`PACKAGING.md`\n\nfor the dual-distribution\npackaging system, and\n`docs/DECISIONS.md`\n\nfor the recorded design tradeoffs.\n\nThe five-letter wordmark *is* the architecture (see `ARCHITECTURE.md`\n\n).\nEach colored letter maps to a top-level module:\n\n```\npeerd/\n├── extension/ # the extension itself — load this dir unpacked\n│ ├── manifest.json\n│ ├── peerd-provider/ # p · cyan — model adapters (Anthropic, OpenRouter, Ollama; OpenAI later)\n│ ├── peerd-egress/ # e · red — vault, allowlist, denylist, confirm, audit\n│ ├── peerd-engine/ # e · amber — execution-instance registries (WebVM, Notebook, App). Tab runtimes in -tab/; the headless js_run worker in offscreen/.\n│ ├── peerd-runtime/ # r · green — agent loop, tools + do/get/check runner, sessions, permissions, composer, skills, memory, review, goal mode, cost, transfer, subagent, voice, clock, dom, edit\n│ ├── peerd-distributed/ # d · magenta — the dweb layer between peerd instances (ships ONLY in preview packages)\n│ ├── background/ # chassis: service worker + per-kind tab trackers + clients\n│ ├── offscreen/ # chassis: SW keepalive + voice host\n│ ├── sidepanel/ # chassis: chat UI (Mithril)\n│ ├── vm-tab/ # chassis: WebVM tab page (CheerpX + bash + xterm)\n│ ├── notebook-tab/ # chassis: Notebook tab page (Web Worker + OPFS)\n│ ├── app-tab/ # chassis: App tab page (stored HTML in sandboxed iframe)\n│ ├── eval/ # live end-to-end eval harness (runner.html)\n│ ├── shared/ # base types and utilities (importable everywhere)\n│ ├── tests/ # in-browser test runner — open runner.html\n│ ├── vendor/ # third-party deps, committed as-is (CheerpX, xterm, mithril, Moonshine)\n│ └── permissions/ # permission-grant pages (mic, etc.)\n├── manifests/ # base manifest + per-channel patch documents (PACKAGING.md)\n├── packaging/ # Bun packaging scripts: manifest gen, channel artifacts, signing, feeds\n├── tests/ # Bun test suite (bun test ./tests)\n├── update-feeds/ # generated auto-update feeds served at peerd.ai/updates/ (copied to peerd-site to deploy)\n├── docs/ # DECISIONS.md, distributed/, store/, and friends\n├── signaling-node/ # dweb rendezvous server shells (share the pure signaling reducer)\n├── v1-deliverables/ # V1 buildout record: INTEGRATION-LOG.md, TEST-PLAN.md\n└── scripts/ # dev helpers (cdp/ headless harness, dev-server.sh, vendor-*)\n```\n\npeerd ships from this one tree in **two channels**: `peerd`\n\n(Chrome Web\nStore / Firefox Add-ons, no dweb code in the artifact) and\n`peerd preview`\n\n(GitHub Releases, dweb enabled, signed,\nauto-updating). Same source, same version, same release — the channel\nonly decides whether the dweb module ships. `PACKAGING.md`\n\nhas the\nwhole story.\n\nCross-module imports go through each module's `index.js`\n\n— never deep\npaths. ESLint enforces. Within a module, deep imports are fine.\n\n`peerd-engine`\n\nhosts Sandboxes — four execution kinds (taxonomy in\nDESIGN.md §8.5). Three are discrete, persistent browser tabs the user can\nsee, focus, and close, grouped under \"peerd\" in the tab strip and\nsurviving browser restarts: the WebVM, the Notebook, and the App. The\nfourth, the headless worker (`js_run`\n\n), runs the Notebook's sealed worker\noffscreen with no tab — ephemeral, for the agent's own quick compute. The\nagent picks the lightest kind that fits the task.\n\n**WebVM** — CheerpX-emulated Debian (sandboxed Linux). Own disk (IDB\noverlay), own bash, own POSIX. ~10s first boot. The heavy hitter; use\nwhen you need real binaries, a shell, multi-language stacks.\n\n```\nvm_list vm_create vm_boot vm_import vm_write_file vm_delete\n```\n\nHTTP egress from the VM (curl / wget / git clone) is intercepted by\nbash function wrappers that route every request through `peerd-egress`\n\nbefore it leaves the browser.\n\n**Notebook** — a sealed Web Worker with its own JS realm and an OPFS file\ntree, in a visible tab. ~hundreds of ms boot. `peerd.egress.fetch`\n\nis the\nworker's only network, routed through `peerd-egress`\n\nso it's honest. Each\n`js_notebook`\n\nrun spawns a fresh worker, so in-memory state (`globalThis`\n\n,\n`let`\n\n/`const`\n\n) does NOT carry between runs — persist via\n`peerd.self.writeFile`\n\n/`readFile`\n\nto the OPFS file tree.\n\n```\njs_list js_create js_notebook js_run js_write_file js_read_file js_delete\n```\n\n**Headless worker** — the same sealed worker as a Notebook, but headless:\n`js_run`\n\nruns it in the offscreen document with no tab, ephemeral scratch\ndiscarded after. It's the agent's own quick compute and peerd's code mode\n(one script instead of a chain of tool/MCP calls), not a workspace you\nwatch — a distinct kind from the Notebook, same substrate.\n\n**App** — a stored HTML document the agent built for the user, rendered\nin a sandboxed iframe (own opaque origin, no extension access).\nMetadata in `chrome.storage.local`\n\n; body in IndexedDB; substring\nsearch across name, tags, and body. `app_update`\n\nauto-reloads the open\ntab so iterations show live.\n\n```\napp_list app_create app_update app_open app_search app_delete\n```\n\nTwo surfaces, different jobs (see `CLAUDE.md`\n\n):\n\n**In-browser** — things that need a real browser (DOM, `chrome.*`\n\n, IDB,\nside-panel components, the SW). Open\n`chrome-extension:///tests/runner.html`\n\nin a tab and refresh to\nre-run. Tiny custom framework covering the vault, the tool dispatcher,\nintrospection tools, provider streaming + tool_use, the\nsession store, agent loop, denylist matcher, egress, and more. The same\nsuite runs headless in CI via the CDP harness\n(`scripts/cdp/run-inbrowser-tests.mjs`\n\n— headless Chrome over the\nDevTools Protocol, no MCP).\n\n**Bun** — pure logic that runs without a browser (registries, the module\nresolver, the Markdown renderer, the OpenAI/OpenRouter format layer).\nFast and runnable from the terminal:\n\n```\nbun install # once — pulls the dev-only test deps (e.g. fake-indexeddb)\nbun test ./tests\n```\n\n(Bun is only needed for these terminal tests and for re-vendoring third-party deps — running the extension itself needs no toolchain at all.)\n\n**Types — JSDoc + // @ts-check, mandatory for browser files.** The\nextension is no-build vanilla JS, so types come from JSDoc checked by a\n\n`// @ts-check`\n\ndirective, not a `.ts`\n\ntoolchain. `bun run typecheck`\n\n(strict `tsc`\n\n) checks every annotated file; `bun run check:tscheck`\n\nis a\nCI gate on coverage. **Every browser file (** add the directive and make the file type-clean (\n\n`extension/**/*.js`\n\n) now\ncarries `// @ts-check`\n\n— 100% — and it is required on new ones:`bun run typecheck`\n\n), or CI\nfails. (The Bun tests under `tests/`\n\nare real TypeScript — Bun runs `.ts`\n\ndirectly; only code the browser loads is JSDoc-on-JS.)peerd stands on a lot of excellent open-source work. The MV3 CSP\nforbids remote script execution (`script-src 'self' 'wasm-unsafe-eval'`\n\n),\nso every third-party runtime dependency is **vendored** — committed\npre-built under `extension/vendor/`\n\n, pinned to a version, and SHA-verified\nby a `scripts/vendor-*.sh`\n\n(or `.ts`\n\n) re-vendor step. Each directory\ncarries a `SOURCE.txt`\n\nrecording the upstream, the pinned version, the\nhash, and the update procedure. A fresh clone runs with **no build and no\nnetwork fetch** for code. You only touch the vendor scripts when *updating*\na dependency, and the regenerated bytes are checked in; peerd's own code is\nplain ES modules loaded directly, never bundled.\n\nThank you to the maintainers of all of these projects.\n\n| Component | Version | License | Used for |\n|---|---|---|---|\n|\n\n`peerd-engine`\n\n, `vm-tab/`\n\n)[xterm.js](https://xtermjs.org/)(`@xterm/xterm`\n\n+ `@xterm/addon-fit`\n\n)`vm-tab/`\n\n)[Mithril.js](https://mithril.js.org/)[CodeMirror 6](https://codemirror.net/)(`@codemirror/*`\n\n)`peerd-engine/editor.js`\n\n)[Moonshine](https://github.com/moonshine-ai/moonshine)(`@moonshine-ai/moonshine-js`\n\n)`peerd-runtime/voice/`\n\n)[ONNX Runtime Web](https://github.com/microsoft/onnxruntime)(`onnxruntime-web`\n\n)`vendor/onnxruntime-web/`\n\n)[Silero VAD](https://github.com/snakers4/silero-vad)(`@ricky0123/vad-web`\n\n)`vendor/vad-web/`\n\n)[hash-wasm](https://github.com/Daninet/hash-wasm)(Argon2 bundle)`peerd-egress/vault/`\n\n)[webextension-polyfill](https://github.com/mozilla/webextension-polyfill)`browser.*`\n\nAPI across Chrome and Firefox[Transformers.js](https://github.com/huggingface/transformers.js)(`@huggingface/transformers`\n\n)`offscreen/local-model.js`\n\n)²¹ **CheerpX is proprietary, closed-source software** — the one vendored\ndependency here that is *not* under an open-source license, and the only\none with a paid tier. Per Leaning Technologies'\n[EULA](https://github.com/leaningtech/cheerpx-meta/blob/main/LICENSE.txt)\nand [licensing terms](https://cheerpx.io/docs/licensing), the free\n*Community* tier covers **individuals and one-person companies for any\npurpose** (including revenue-generating, public-facing products);\n**organizations of more than one person** may use it for free only for\nevaluation and testing — production use requires a paid **Commercial\nLicense** (contact-sales; no public price list). Separately, **bundling\nand redistributing the CheerpX runtime — which peerd does by vendoring it\ninto extension/vendor/cheerpx/ — and self-hosting it off Leaning's CDN\nis gated**: their terms state that downloading a CheerpX build to host it\nelsewhere is not permitted without a commercial license.\n\n**peerd ships the runtime as a convenience and makes no licensing grant. If you run, fork, distribute, or build a commercial offering on peerd, obtaining whatever CheerpX license your use requires is your responsibility, not peerd's**— contact Leaning Technologies before any commercial launch. ² Local in-browser WebGPU inference is\n\n**early but proven**— one model (Gemma-4-E2B) ships behind an opt-in download, WebGPU-only; broader model support is staged. Design notes:\n\n`docs/LOCAL-INFERENCE.md`\n\n.These are **data, not script**, so they're fetched lazily on first use\nand cached locally (IndexedDB / OPFS) rather than shipped in-package — but\nthey're open assets worth crediting:\n\n**CheerpX Debian image**— CheerpX's stock Debian`ext2`\n\ndisk, streamed lazily over WebSocket from`disks.webvm.io`\n\n(the only relaxed`connect-src`\n\norigin). The disk*content*is unmodified Debian under Debian's own (free) licensing — a separate concern from the proprietary CheerpX runtime that streams it (note ¹ above).**Moonshine STT models**—ONNX weights (the`UsefulSensors/moonshine`\n\n`base`\n\nvariant, ~250 MB), SRI-pinned to specific Hugging Face commits (`peerd-runtime/voice/model-store.js`\n\n).**Silero VAD model**—`silero_vad`\n\nONNX weights, served same-origin from the vendored`vad-web`\n\npackage.**Gemma on-device model**—weights (~1.3 GB), the model behind the early on-device WebGPU runner. It's Google's`onnx-community/gemma-4-E2B-it-ONNX`\n\n**Gemma** converted to ONNX by the onnx-community /**Xenova**([Transformers.js](https://github.com/huggingface/transformers.js)) ecosystem, downloaded opt-in and run in the offscreen doc (`offscreen/local-model.js`\n\n). The Gemma weights are under Google's[Gemma Terms of Use](https://ai.google.dev/gemma/terms)— a custom license with use restrictions,**not** a standard OSI-approved one — so they're a credited runtime download, never bundled.\n\nThe brand mark on monochrome, the spinner cadence, and the rest of peerd's own design are first-party. Everything above is third-party and credited to its upstream.\n\nApache 2.0 — see [ LICENSE](/NotASithLord/peerd/blob/main/LICENSE).\n\npeerd is provided **\"as is\", without warranty of any kind**, express or\nimplied — including, without limitation, the implied warranties of\nmerchantability, fitness for a particular purpose, title, and\nnon-infringement. The entire risk as to the quality and performance of\nthe software is with you.\n\nIn no event shall the authors or copyright holders be liable for any claim, damages, or other liability — whether in contract, tort, or otherwise — arising from, out of, or in connection with the software or its use.\n\nThis is early, actively-developed software that drives your browser,\nexecutes code, and handles your API keys and other secrets on your\nbehalf. **Use it at your own risk.** The controlling terms are the\nDisclaimer of Warranty and Limitation of Liability in\n[ LICENSE](/NotASithLord/peerd/blob/main/LICENSE) (Apache 2.0, sections 7 and 8).", "url": "https://wpnews.pro/news/show-hn-peerd-ai-agent-harness-that-runs-entirely-in-your-browser", "canonical_source": "https://github.com/NotASithLord/peerd", "published_at": "2026-06-23 15:05:00+00:00", "updated_at": "2026-06-24 17:39:14.384889+00:00", "lang": "en", "topics": ["ai-agents", "ai-tools", "ai-infrastructure", "developer-tools", "ai-safety"], "entities": ["peerd", "NotASithLord", "Chrome", "Firefox", "WebAssembly", "WebRTC", "WebAuthn", "V8"], "alternates": {"html": "https://wpnews.pro/news/show-hn-peerd-ai-agent-harness-that-runs-entirely-in-your-browser", "markdown": "https://wpnews.pro/news/show-hn-peerd-ai-agent-harness-that-runs-entirely-in-your-browser.md", "text": "https://wpnews.pro/news/show-hn-peerd-ai-agent-harness-that-runs-entirely-in-your-browser.txt", "jsonld": "https://wpnews.pro/news/show-hn-peerd-ai-agent-harness-that-runs-entirely-in-your-browser.jsonld"}}