Status¶

Live status of every component shipped to the public repo. Shipped means it is in main and has tests; Not yet implemented means the surface exists but is intentionally disabled or stubbed pending sign-off.

CLI¶

Surface	Status
`agentlock detect`	Shipped
`agentlock install` (Claude Code, Codex CLI, Cursor)	Shipped
`agentlock install` (OpenCode, Cline, Gemini CLI, Continue, VS Code Copilot)	Not yet implemented — detected but disabled in selector
`agentlock install --tier {unattested,software,totp}`	Shipped
`agentlock status`	Shipped
`agentlock signer enroll --tier totp`	Shipped
`agentlock signer enroll --tier os-keychain` (macOS, optional `--ttl`)	Shipped
`agentlock signer enroll --tier yubikey` (PIV / FIDO2)	Not yet implemented
`agentlock session create / rotate / end` (software, totp)	Shipped
`agentlock hook claude-code / codex / cursor <event>` shims	Shipped
`agentlock ledger root / verify`	Shipped
`agentlock fake-hook` (eval / scenario harness)	Shipped
`agentlock dashboard` (open local web dashboard)	Shipped
`agentlock login`	Shipped (password mode only)
`agentlock rules add / sources / sync / search / install / uninstall / remove`	Shipped — backed by openagentlock/rules

Control plane¶

Endpoint group	Status
`/v1/health`	Shipped
`/v1/gates`, `/v1/mode`	Shipped
`/v1/policy/view`, `/v1/policy/gates` (POST/PATCH/DELETE), `/v1/policy/gates/yaml`	Shipped
`/v1/install/plan`, `/v1/install/apply`, `/v1/uninstall`	Shipped
`/v1/mcp/pin/check`, `/v1/mcp/pin/accept`	Shipped
`/v1/sessions/*`, `/v1/sessions/insights`	Shipped
`/v1/ledger/root`, `/v1/ledger/proof/:seq`, `/v1/ledger/verify`	Shipped
`/v1/hooks/claude-code/*`	Shipped
`/v1/hooks/codex/*`	Shipped
`/v1/hooks/cursor/*`	Shipped
`/v1/auth` (password)	Shipped
`/v1/auth` (OIDC)	Not yet implemented — stub returns mode hint
`/v1/auth` (LDAP)	Not yet implemented — stub returns mode hint
Signed-PDF report endpoint	Not yet implemented — `501 Not Implemented`
Local web dashboard at `127.0.0.1:7879`	Shipped

Ledger¶

Function	Status
`leaf_hash`	Shipped
`merkle_root` (RFC 6962 odd-tail)	Shipped
`inclusion_proof`	Shipped
`verify_proof`	Shipped
FFI staticlib for Go	Shipped
Ten regression tests in `tests/merkle.rs`	Shipped all green

Policy¶

Gate	Default verdict
`supply-chain.pkg-install`	monitor
`supply-chain.untrusted-mcp`	monitor
`rogue.secret-read`	monitor
`rogue.net-egress`	monitor
`rogue.destructive-bash`	monitor

Flip to mode: enforce at the top of your policy file when you've reviewed activity and are ready to start blocking.

Distribution¶

Channel	Status
`ghcr.io/openagentlock/agentlockd` Docker image	Shipped on tag
`@openagentlock/cli` on npm	Shipped on tag
`openagentlock/tap/agentlock` Homebrew formula	Shipped on tag
`pip install openagentlock`	Not yet implemented — Bun-native CLI; pip wrapper is roadmap if demand surfaces

Other surfaces¶

Surface	Status
MCP observation via lifecycle hooks (Claude Code, Cursor, Cline, Gemini CLI, OpenCode)	Shipped on the hook side; OpenCode does not currently fire the pre-tool hook for MCP
MCP fingerprint pinning (`/v1/mcp/pin`)	Shipped
OIDC SSO + RBAC + LDAP	Not yet implemented
Group / scoped policy with inheritance	Not yet implemented
Federated deployment (per-dev daemons + central control plane)	Not yet implemented
Signed PDF audit report	Not yet implemented