Ryu stops being "an agent" and becomes the layer everything runs through. You don't compete with OpenClaw, ZeroClaw, Claude Code, Cursor, etc., you sit underneath all of them.
Users set their OpenAI-compatible base URL to Ryu:
# Instead of pointing at OpenAI directly...
OPENAI_BASE_URL=https://api.openai.com/v1
# They point at Ryu
OPENAI_BASE_URL=http://localhost:8080/v1
Now every agent, whether it's OpenClaw, Claude Code, Cursor, a custom CrewAI setup, whatever, routes all LLM traffic through Ryu. The agent doesn't even know Ryu exists. It just thinks it's talking to OpenAI (or Anthropic, etc.).
graph TD
subgraph Agents["Any Agent"]
OC["OpenClaw"]
ZC["ZeroClaw"]
CC["Claude Code"]
CU["Cursor"]
ANY["..."]
end
subgraph Gateway["Ryu Gateway (localhost:8080/v1)"]
FW["Firewall Layer"]
MR["Model Router"]
SR["Skills / MCP Registry"]
FW --> PIPE
MR --> PIPE
SR --> PIPE
PIPE["Message Pipeline<br>inbound scan → route → enrich →<br>outbound scan → log → return"]
end
subgraph Providers["Model Providers"]
OAI["OpenAI"]
ANT["Anthropic"]
LOCAL["Local (llama.cpp)"]
OR["OpenRouter"]
end
OC --> Gateway
ZC --> Gateway
CC --> Gateway
CU --> Gateway
ANY --> Gateway
PIPE --> OAI
PIPE --> ANT
PIPE --> LOCAL
PIPE --> OR
struct FirewallConfig {
pii_scanner: PiiScanner, // regex + NLP-based
leak_detector: LeakDetector, // entropy + pattern scan
prompt_guard: PromptGuard, // injection defense
policy: FirewallPolicy, // Block, Sanitize, WarnAndContinue
log_all: bool, // audit trail
}