cplt is a sandboxing tool designed to provide kernel-level isolation for AI coding agents, such as GitHub Copilot CLI and OpenCode, ensuring that sensitive data and secrets remain protected during code generation sessions. The tool enforces strict security boundaries at the operating system level, preventing AI agents from accessing secrets, credentials, SSH keys, and other sensitive files that would otherwise be exposed. It is intended for developers and teams who use AI-powered coding assistants and require strong guarantees that their secrets and credentials are not inadvertently leaked or accessed by these agents.
The sandbox operates on both macOS and Linux, leveraging Apple Seatbelt on macOS and a combination of Landlock, seccomp-BPF, and optionally Bubblewrap namespace isolation on Linux. aws, and various registry credentials invisible to the agent. It also controls network access by routing all outbound traffic through a local CONNECT proxy, supporting blocklist and allowlist modes, private IP filtering, DNS rebinding protection, and audit logging. The proxy can be forced to become the only permitted egress route, and it supports chaining through a corporate upstream proxy with additional domain filtering and logging. Environment hardening measures include disabling npm lifecycle scripts, restricting environment variables to a safe allowlist, write-protecting git hooks, and preventing execution from /tmp.
Specialized features include gh guard and git guard, which block destructive GitHub and git operations such as push, merge, or delete, while allowing safe operations like commit and branch. These guards can be enabled via configuration, and policies can be customized to protect only specific branches or restrict certain commands. Multi-agent support allows different AI agents or even a sandboxed shell to run within the same security framework. Team configuration is supported through repository-committed settings, enabling organizations to enforce or propose sandbox policies collaboratively.
cplt is delivered as a command-line tool, installable via Homebrew or a shell script, and applies the same security policies across supported platforms. Its focus on kernel-enforced boundaries ensures that no userspace bypass is possible, providing a robust security layer for developers working with AI coding assistants.
cplt is a Coding AI & assistants product. It prevents AI coding agents from accessing sensitive secrets and credentials during code generation. cplt is an open-source project aimed at developers using AI coding agents. The project is open source (MIT). cplt is available on the web, the command line, macOS, and Linux.
It is developed by navikt (Norway), and the product first shipped in 2026. The project is developed in the open on GitHub with 90 stars and 246 commits in the last 90 days. Across PulseGate's embedding index, cplt has few near neighbours, marking it as relatively distinct. Among its 6 catalogued features are kernel-level sandboxing, secret protection, and filesystem isolation.
Latest indexed changes and source events
Other apps tracked under the same category.