Skip to content
OpenLatch

Overview

OpenLatch is a real-time threat detection layer for AI coding agents. It monitors tool calls — file writes, shell commands, network requests — and blocks malicious actions before they execute.

The Problem

Section titled “The Problem”

AI coding agents are powerful, but they operate with broad permissions in your development environment. A compromised prompt, a malicious dependency, or an adversarial injection can turn your helpful assistant into an attack vector.

The Solution

Section titled “The Solution”

OpenLatch sits between the AI agent and your system. Every action the agent attempts is intercepted, analyzed, and either allowed or blocked — all in real time.

  • Hook — A thin client intercepts agent tool calls before execution
  • Detect — Each action is analyzed by the OpenLatch cloud detection engine
  • Block — Threats are stopped; safe actions pass through transparently

Supported Agents

Section titled “Supported Agents”

OpenLatch works with any AI coding agent that supports tool call hooks:

  • Claude Code
  • Cursor
  • GitHub Copilot
  • Windsurf
  • Custom agents via the OpenLatch SDK

Design Principles

Section titled “Design Principles”
  • Zero configurationnpx openlatch is all you need
  • Fail-open — If the cloud is unreachable, agents continue working
  • Privacy-first — Your code stays local; only action metadata is analyzed
  • Open source — The client is MIT-licensed and fully auditable