Summary

hcom is a command-line interface tool that enables AI agents to communicate, observe, and spawn each other across terminals. It seamlessly integrates with popular AI CLIs like Claude Code, Gemini, and Codex, allowing users to coordinate complex pipelines, run agents as sub-processes, and automate workflows without altering existing agent usage patterns. The primary benefit is enhanced agent collaboration and automation for developers and researchers.

How It Works

Hooks intercept agent activity, logging to a local SQLite database and facilitating inter-agent communication. Messages are injected mid-turn or used to wake idle agents. Each agent possesses a queryable identity including name, status, inbox, transcript, and event log, enabling real-time messaging, observation, and event subscription. Collision detection prevents simultaneous file edits. The system is a single Rust binary, eliminating background services.

Quick Start & Requirements

Install via brew install aannoo/hcom/hcom, a shell script (curl -fsSL https://github.com/aannoo/hcom/releases/latest/download/hcom-installer.sh | sh), or uv tool install hcom. Building from source requires Rust 1.86+. Cross-device communication necessitates MQTT setup. No specific OS or hardware prerequisites are listed for runtime use.

Highlighted Details

Enables cross-device agent coordination via MQTT relay with end-to-end encryption. Features real-time messaging, observation of transcripts and terminal screens, event subscriptions, and agent lifecycle management (spawn, fork, kill). Includes bundled workflow scripts like debate and confess, extensible via custom scripts. Offers flexible terminal integration.

Licensing & Compatibility

Licensed under the MIT License, which is permissive for commercial use and integration into closed-source projects.

Limitations & Caveats

The relay security model has critical caveats: a leaked join token grants extensive control, including agent manipulation and potential shell access. Lacks forward secrecy, meaning leaked keys can decrypt historical traffic. All enrolled devices within a relay share full authority, with no per-device roles. Prompt injection from authenticated peers is a risk. The system trusts the local user account and configuration files, making it vulnerable to local malware or unauthorized users. PSK revocation is impossible; leaks necessitate creating new relays.