{"id":"cagataycali-devduck","name":"devduck","af_score":49.8,"security_score":48.5,"reliability_score":32.5,"what_it_does":"DevDuck is a Python-based, “one-file” self-healing AI agent runtime that can hot-reload code, run many built-in tools (including shell/git/browser/messaging), and connect across multiple interfaces (CLI/TUI/WebSocket/TCP) and networks (Zenoh P2P + a unified mesh/relay). It can also expose itself as an MCP server and deploy to AWS AgentCore.","best_when":"You want a local-first (or self-hosted) agent that can rapidly add/reload tools and orchestrate workflows across multiple interfaces and peers, and you can manage the security risk of granting powerful tool access.","avoid_when":"You cannot control secrets, network exposure, or tool permissions (especially shell/browser/remote execution), or you require enterprise-grade governance/auditability and predictable reliability guarantees.","last_evaluated":"2026-03-30T15:26:52.947307+00:00","has_mcp":true,"has_api":false,"auth_methods":["API keys and environment variables for multiple model providers (Anthropic/OpenAI/Gemini/AWS Bedrock/Ollama/etc.)","AWS credentials or Bedrock bearer token (per README example)","Telegram/Slack bot tokens (for messaging listeners)","OpenAPI-tool authentication (described as supporting auth methods; specific mechanisms not fully shown in provided text)"],"has_free_tier":false,"known_gotchas":["Powerful tools (e.g., shell/web/computer) can be risky if used without explicit guardrails/permissions.","Mesh/peer networking introduces additional security considerations (peer discovery/relay exposure, trust boundaries).","“Self-healing” and hot-reload imply dynamic behavior that may complicate deterministic operation and debugging.","No evidence in provided text of standardized structured errors, idempotency, or pagination semantics for agent/tool calls."],"error_quality":0.0}