openlatch-client 0.1.12

docs.rs failed to build openlatch-client-0.1.12
Please check the build logs for more information.
See Builds for ideas on how to fix a failed build, or Metadata for how to configure docs.rs builds.
If you believe this is docs.rs' fault, open an issue.

Visit the last successful build: openlatch-client-0.0.1

OpenLatch is a thin, open-source security forwarder that plugs into AI agents via their native lifecycle hooks. One command installs protection across all your agents — no proxies, no code changes, no configuration.

npx @openlatch/client

That's it. OpenLatch auto-detects your installed agents, writes the hook configs, and starts forwarding events to the cloud for real-time security analysis.

Why OpenLatch?

AI agents execute shell commands, read files, call APIs, and install tools — all with your permissions. Most users have zero visibility into what their agents actually do.

OpenLatch gives you:

Visibility — audit logs of every tool call, shell command, and file access across all your agents
Protection — real-time detection of tool poisoning, credential leakage, prompt injection, and dangerous shell commands
Zero friction — deploys from inside your agent in one command, auto-detects platforms, requires no security expertise

Supported Platforms

OpenLatch works across 3 operating systems and 8 agent platforms from day one.

Agent Platform	macOS	Windows	Linux	Hook Events
Claude Code	:white_check_mark:	:white_check_mark:	:white_check_mark:	24
Cursor	:white_check_mark:	:white_check_mark:	:white_check_mark:	5
Windsurf	:white_check_mark:	:white_check_mark:	:white_check_mark:	5
GitHub Copilot	:white_check_mark:	:white_check_mark:	:white_check_mark:	6
Codex CLI	:white_check_mark:	:white_check_mark:	:white_check_mark:	4
Gemini CLI	:white_check_mark:	:white_check_mark:	:white_check_mark:	4
Cline	:white_check_mark:	:white_check_mark:	:white_check_mark:	4
OpenClaw	:white_check_mark:	:white_check_mark:	:white_check_mark:	4

Threat Coverage

Threat Category	What it catches
Tool Poisoning	Malicious MCP servers, tampered tool definitions, supply chain attacks on agent tooling
PII & Credential Leakage	API keys, tokens, passwords, and personal data leaving your machine via agent actions
Prompt Injection	Injected instructions hidden in files, tool outputs, or web content that hijack agent behavior
Shell Command Guardrails	Destructive commands (`rm -rf /`), privilege escalation, crypto miners, reverse shells
Supply Chain	Compromised dependencies, typosquatted packages, unsigned binaries
Attack Path Analysis	Multi-step attack chains that combine individually benign actions into a malicious sequence

Quick Start

Install via npm (recommended)

npx @openlatch/client

Install via Cargo

cargo install openlatch-client

Download binary

Pre-built binaries for macOS (ARM, Intel), Linux (x86_64, ARM), and Windows are available on the Releases page.

Usage

# Auto-detect agents, install hooks, and start the daemon
openlatch init

# Check daemon status, uptime, and event counts
openlatch status

# View the 20 most recent security events
openlatch logs

# Tail events in real time
openlatch logs -f

# Show events from the last hour
openlatch logs --since 1h

# Start/stop/restart the daemon
openlatch start
openlatch stop
openlatch restart

# Run daemon in foreground (useful for debugging)
openlatch start --foreground

# Diagnose configuration and connectivity issues
openlatch doctor

# Remove hooks and stop daemon
openlatch uninstall

# Remove hooks, stop daemon, and delete all data (~/.openlatch/)
openlatch uninstall --purge

# Open documentation in browser
openlatch docs

Command Reference

Command	Description
`openlatch init`	Auto-detect agents, install hooks, start daemon. Safe to re-run.
`openlatch status`	Show daemon status, uptime, and event counts
`openlatch start [--foreground]`	Start the daemon (or run in foreground)
`openlatch stop`	Stop the daemon
`openlatch restart`	Restart the daemon
`openlatch logs [-f] [-n N] [--since T]`	View event logs. `-f` follows, `-n` limits count, `--since` filters by time
`openlatch doctor`	Diagnose configuration and connectivity issues
`openlatch doctor --fix`	Auto-heal common issues (config, hooks, daemon, binary). Creates `.bak` siblings and a journal so changes can be reverted with `--restore`.
`openlatch doctor --restore`	Reverse the most recent `--fix` run. Surgical merge for `~/.claude/settings.json` preserves user edits to non-OpenLatch hooks.
`openlatch doctor --rescue [--since 24h] [--output PATH] [--yes]`	Bundle a redacted diagnostic ZIP for sharing with support. Privacy filter runs on every text file; tokens are hard-redacted.
`openlatch uninstall [--purge] [--yes]`	Remove hooks and stop daemon. `--purge` deletes all data
`openlatch supervision {install,uninstall,enable,disable,status}`	Manage the OS-native supervisor that keeps the daemon alive after reboot (launchd / systemd --user / Task Scheduler). Installed by default during `openlatch init`; opt out with `openlatch init --no-persistence`.
`openlatch docs`	Open documentation in browser

Noun-verb aliases are also available: openlatch hooks install = init, openlatch hooks uninstall = uninstall, openlatch daemon start = start, etc.

Persistence

openlatch init registers an OS-native supervisor by default so the daemon auto-starts when you log in or reboot — persistence is a security property, not a convenience. All three backends (macOS launchd, Linux systemd --user, Windows Task Scheduler) are user-scope only; no admin prompt, no sudo. Opt out with openlatch init --no-persistence, or toggle later with openlatch supervision disable / enable. openlatch uninstall always tears the supervisor down before stopping the daemon so it cannot auto-restart underneath you.

Troubleshooting

When something goes wrong, prefer this order:

Diagnose — openlatch doctor lists every check that's failing (8 today: agent detection, config file, crash-report consent, auth token, daemon liveness, cloud reachability, hook installation, and recent fallback-log activity).
Heal — openlatch doctor --fix rewrites broken state files (config, token, hooks) and restarts the daemon. Every mutation is backed up to a .bak sibling and a journal at ~/.openlatch/fix-journal.json. Exit code is 0 when post-fix checks all pass and 1 otherwise.
Roll back — openlatch doctor --restore reads the journal and reverses each reversible action. ~/.claude/settings.json is restored via a surgical merge — non-OpenLatch hook entries you've added since --fix are preserved.
Bundle for support — openlatch doctor --rescue --yes produces openlatch-rescue-<ts>-<machid>.zip in $PWD. The bundle includes redacted state files, daemon /health + /metrics snapshots, binary metadata (SHA256 only — never bytes), and a per-pattern privacy-filter hit summary in MANIFEST.json. The bearer token in daemon.token is hard-redacted; absolute paths are anonymised to ~.

Combined openlatch doctor --fix --rescue runs the rescue first to snapshot the pre-fix state, then heals.

Global Flags

Flag	Description
`--json`	Machine-readable JSON output (parseable by `jq`)
`--verbose` / `-v`	Show extra operational detail
`--debug`	Show internal state and timings (implies `--verbose`)
`--quiet` / `-q`	Suppress all output except errors
`--no-color`	Disable colored output

Exit Codes

Code	Meaning
0	Success
1	Security findings detected
2	Usage error (invalid arguments)
3	Resource not found
4	Permission denied
5	Conflict
130	Interrupted (Ctrl+C)

Binaries

OpenLatch ships two binaries:

openlatch (<30MB) — full CLI for setup, daemon management, and log viewing.
openlatch-hook (<20MB) — minimal hook handler spawned by agent hooks. Reads event JSON from stdin, forwards to the daemon on localhost:7443, and writes the verdict to stdout. If the daemon is unreachable, it fails open (returns allow) and logs to ~/.openlatch/logs/fallback.jsonl. Not invoked directly by users.

How It Works

OpenLatch uses a three-layer architecture — hooks live inside your agents, the client forwards events, and the cloud runs detection:

┌─────────────────────────────────────────────────────────────────┐
│  Your Machine                                                   │
│                                                                 │
│  ┌──────────┐  hook event   ┌──────────────────────────────┐    │
│  │  Claude   │─────────────▶│                              │    │
│  │  Code     │              │   OpenLatch Client           │    │
│  ├──────────┤              │   (localhost:7443)            │    │
│  │  Cursor   │─────────────▶│                              │    │
│  ├──────────┤              │   1. Wrap in envelope         │    │
│  │  Copilot  │─────────────▶│   2. Redact credentials      │    │
│  ├──────────┤              │   3. Forward to cloud         │────┼──▶  OpenLatch Cloud
│  │  Gemini   │─────────────▶│   4. Return verdict          │◀───┼──   (allow / deny)
│  │  CLI      │              │   5. Write local audit log   │    │
│  ├──────────┤              │                              │    │
│  │  ...      │─────────────▶│                              │    │
│  └──────────┘  ◀─ verdict ─ └──────────────────────────────┘    │
│                                                                 │
└─────────────────────────────────────────────────────────────────┘

Key design decisions:

Hook-native — OpenLatch plugs into each agent's official hook/extension system. It runs inside the agent runtime, not as a network proxy. Events cannot be bypassed.
Thin client, smart cloud — the client wraps events in a standard envelope and forwards them. All detection, normalization, and analysis happens cloud-side.
Privacy-first — credentials and secrets are redacted locally via regex-based filtering before anything leaves your machine.
Fail-open — if the cloud is unreachable, agents continue working normally. Events are logged locally and synced later.

Configuration

OpenLatch works with zero configuration. For advanced use cases:

# Configuration precedence (highest to lowest):
# 1. CLI flags
# 2. Environment variables (OPENLATCH_*)
# 3. Project config (.openlatch.json)
# 4. User config (~/.openlatch/config.toml)
# 5. Defaults

Environment Variable	Description	Default
`OPENLATCH_API_KEY`	Your OpenLatch API key	—
`OPENLATCH_API_URL`	Cloud API URL	`https://app.openlatch.ai/api`
`OPENLATCH_APP_URL`	Web app URL used for browser auth. Falls back to `OPENLATCH_API_URL` with a trailing `/api` stripped when unset.	`https://app.openlatch.ai`
`OPENLATCH_LOG_LEVEL`	Logging verbosity	`info`
`OPENLATCH_FAIL_MODE`	Behavior when cloud is unreachable	`open`

Security

OpenLatch is a security product — we hold ourselves to a high standard:

Responsible disclosure — report vulnerabilities to security@openlatch.ai
Private vulnerability reporting enabled on this repository
All releases are built with SLSA provenance via GitHub Actions
See SECURITY.md for our full security policy

Contributing

We welcome contributions! Whether it's bug fixes, new agent integrations, or documentation improvements.

Read our Contributing Guide to get started
Check good first issues for entry points
Join our Slack to connect with the team

License

Licensed under the Apache License 2.0.

Links

Resource	URL
Website	openlatch.ai
Documentation	docs.openlatch.ai
Slack	openlatch.slack.com
Twitter / X	@openlatch
GitHub	github.com/OpenLatch