delimit
OfficialDelimit is a comprehensive API governance, project management, and AI assistant toolkit that unifies Claude Code, Codex, Cursor, and Gemini CLI with persistent context, multi-model deliberation, and broad developer tooling.
API Governance & Contract Management (Free)
Lint OpenAPI/Swagger specs for breaking changes and policy violations (
delimit_lint)Diff two specs, classify semver bumps (MAJOR/MINOR/PATCH/NONE), and generate migration guides in 7 templates (developer, changelog, PR comment, Slack, etc.)
Enforce custom governance policies with configurable severity levels
Extract OpenAPI specs from FastAPI, Express, or NestJS source code
Ledger & Task Tracking (Free)
Append-only, hash-chained ledger for tracking tasks, bugs, features, and strategy items across sessions
Filter by status, priority, or type; get quick project context summaries
List all registered projects/ventures
Security & Scanning
Scan for vulnerabilities, hardcoded secrets, dangerous patterns, and
.envfiles in gitAudit dependencies for known CVEs
Project discovery: detect frameworks, OpenAPI specs, security issues, and test coverage
Multi-Model Deliberation (Pro)
Orchestrate real AI-to-AI debate (Grok 4, Gemini, Codex) until unanimous consensus
Manage model configurations and credentials
Memory & Vault (Pro)
Store and semantically search conversation memory across sessions
Encrypted vault for secrets and persistent context with health/snapshot tools
Deployment & Release Management (Pro)
Governed pipeline: plan, build (Docker), publish, rollback, and check status
Automate site deployments (Vercel) and npm package publishing with version bumping and git tagging
Generate release plans from git history, audit/sync public surfaces (GitHub, npm, site meta)
Governance Workflow (Pro)
Create, run, and verify governed tasks with risk levels and gate checks
Collect and verify compliance evidence bundles; analyze downstream API change impact
Observability & Cost Management (Pro)
Query live metrics (CPU, memory, disk via /proc or Prometheus), search logs (journalctl, Elasticsearch, Loki), and check system health
Analyze project costs, find optimization opportunities, and manage spending alerts
Code & Project Generation
Generate code templates (component, page, API) and scaffold new projects (Next.js, API, library)
Design & UI
Extract design tokens from CSS/SCSS/Tailwind/Figma; generate React/Next.js components and Tailwind configs
Validate responsive design patterns; catalog component libraries; generate Storybook stories
Run visual regression tests (Playwright) and WCAG accessibility checks
Testing & Documentation
Generate test skeletons (Jest/Pytest/Vitest), run smoke tests
Generate API reference docs from docstrings/JSDoc and validate documentation quality
Data Management
Validate JSON/CSV/SQLite files, check migration status (Alembic, Django, Prisma, Knex), back up data with timestamps
Intel / Research
Register, freeze, and query datasets and research snapshots with provenance metadata
Utilities
Monitor GitHub issues, diagnose setup issues, manage Pro license activation, and get tool-specific help
Supported formats: OpenAPI 3.0/3.1, Swagger 2.0 (YAML/JSON), GitHub Actions CI/CD integration, MCP (Model Context Protocol) for AI assistants.
Allows for zero-spec extraction to generate OpenAPI specifications directly from Express.js source code.
Allows for zero-spec extraction to generate OpenAPI specifications directly from FastAPI source code.
Integrates with GitHub Actions to monitor pull requests for breaking API changes, automatically posting comments with migration guides and severity ratings.
Allows for zero-spec extraction to generate OpenAPI specifications directly from NestJS source code.
Performs automatic Semantic Versioning classification (Major, Minor, Patch) based on detected breaking changes in API specifications.
Provides API governance tools including linting and diffing for Swagger 2.0 specifications.
Supports API governance, linting, and policy enforcement for OpenAPI specifications and custom governance rules defined in YAML format.
</> Delimit
The merge gate for AI-written code, with signed, replayable attestation.
Wrap any AI coding assistant (Claude Code, Codex, Cursor, Gemini CLI) with a governance chain that runs your gates, records what changed, and signs a replayable receipt for every merge.
$ delimit wrap -- claude "fix the flaky test in tests/api.spec.ts"
✓ repo_diagnose
✓ security_audit 0 critical · 0 secrets
✓ test_smoke 165/165
✓ changed_files 1
✓ attestation signed att_a05050eb8e13277e
delimit.attestation.v1 · HMAC-SHA256
replay → https://delimit.ai/att/att_a05050eb8e13277eEvery wrapped run emits a delimit.attestation.v1 bundle: repo head before/after, changed files, gate results, HMAC-SHA256 signature, and a replay URL. Advisory by default; flip to enforcing when you're ready.
Fastest path to value: delimit check
Zero-config PR safety gate. No init, no setup, no account, no keys — run it on any repo and it applies deterministic checks (breaking API changes + leaked secrets) to your staged or modified files.
npx delimit-cli check$ delimit check
Delimit Check
Policy: default | Base: HEAD | Specs: 1
+ api/openapi.yaml — clean
PASSED — no breaking changes, no leaked secretsWhen a check finds a breaking change or a leaked secret, it prints the offending file and the issue and exits non-zero — so it drops straight into a pre-commit hook or CI step.
Common options:
delimit check --staged # only check staged files
delimit check --base main # compare against a git ref (default HEAD)
delimit check --fix # show migration guidance for violations
delimit check --record # write a content-pinned record of this check--record writes a content-pinned record of the check to .delimit/records/check-<ts>.json (or a path you name). That record is the precursor to the signed, replayable Seal attestation — the same evidence shape, pinned to the exact content you checked.
Related MCP server: EX MCP Server
Worked examples
Real, reproducible merge-gate runs against public API specs:
OpenAI OpenAPI: a year of AI frontier evolution under a cross-vendor merge gate — OpenAI (openai/openai-openapi)
Stripe v1 OpenAPI: 57 days under a merge gate — Stripe (stripe/openapi)
Anthropic API: 76 days under a cross-vendor merge gate — Anthropic (anthropics/anthropic-sdk-python)
Twilio v2010 OpenAPI: 55 days under a merge gate — Twilio (twilio/twilio-oai)
Docusign eSignature v2.1 OpenAPI: 46 days under a merge gate — Docusign (docusign/OpenAPI-Specifications)
Supabase Auth OpenAPI: 57 days under a merge gate — Supabase Auth (supabase/auth)
cal.com v2 OpenAPI: 60 days under a merge gate — cal.com (calcom/cal.com)
EU TED v3 procurement API: $ref'd component-schema drift under a merge gate — European Commission (TED v3 Public API)
Cross-agent handoff: one artifact, four CLIs — Cross-CLI session handoff (worked example)
delimit-mcp-server (self-attestation): same merge gate, third artifact class — delimit-mcp-server (self-attestation)
See the full index at delimit.ai/reports. For the schema and signing methodology behind every report, see delimit.ai/methodology/mcp-attestation.
Golden Path — your first 10 minutes
The merge gate for AI-written code, end to end: lint a spec, see exactly what breaks, classify the bump, settle the hard calls with multiple models, and walk away with a signed, replayable attestation. Then keep the context that survives across sessions and models.
1. Install
npx delimit-cli scan # discovery: finds your OpenAPI specs, frameworks, security issues, tests
npx delimit-cli init # wire up the merge-gate config (--preset strict | default | relaxed)scan (delimit_scan) reports what Delimit can do for this repo. init (delimit_init) drops in the policy preset and merge-gate config. No account, no keys.
2. The merge gate, end to end
Lint the spec change (the gate). Baseline vs. proposed, with policy applied — one pass/fail verdict.
npx delimit-cli lint old.yaml new.yaml # tool: delimit_lintSee exactly what breaks. Pure structural diff — added/removed/modified endpoints, schemas, params, no policy.
npx delimit-cli diff old.yaml new.yaml # tool: delimit_diffClassify the bump. Deterministic MAJOR/MINOR/PATCH/NONE — same input, same answer, every time.
delimit_semver → MAJOR/MINOR/PATCH/NONE + next version string
delimit_impact → blast radius: scans your dependency manifest for downstream callers (informational)Settle the hard calls. When the gate verdict is a judgment call, put it to multiple models and let them debate to consensus.
npx delimit-cli deliberate "Is dropping the deprecated v1 /users field a safe MINOR?"
# tool: delimit_deliberate — 3 free, then bring your own keyCapture the signed, replayable attestation. After a gate event (deploy / security / test / audit), record the evidence bundle and verify it any time.
delimit_evidence_collect → signed evidence bundle for the audit trail (Pro)
delimit_evidence_verify → confirm a bundle hasn't been tampered with (Pro)
delimit_seal_verify → check a Delimit Seal receipt against its bundled (Free)
Layer-0 constitution — offline-verifiableEvery receipt is offline-verifiable: npx delimit-cli seal-verify <receipt.json>, or open its delimit.ai/att/<id> replay URL.
3. Context that survives sessions and models
Decisions, constraints, and tasks persist across sessions and across AI assistants — switch from Claude Code to Codex, Cursor, or Gemini CLI without losing the thread.
Memory — persist and recall the why, not just the diff.
npx delimit-cli remember "v1 /users field is frozen until Q3 — downstream billing depends on it"
# tool: delimit_memory_store
npx delimit-cli recall billing # local recall over your saved memories (Free)For semantic recall by meaning across sessions, the assistant calls delimit_memory_search (Pro) directly.
Ledger — one task list, shared across every assistant and session.
delimit_ledger_add → record a task/bug/feature/strategic item
delimit_ledger_context → session-start: top open items by priority (what's queued)
delimit_ledger_done → close with a note (auto-captures a PR URL as ship proof)That's the loop: gate the change, sign the proof, keep the context. Run it once on a real spec and you've used the whole merge gate.
Think and Build
Beyond the merge gate, Delimit orchestrates multi-model deliberation and autonomous builds. delimit think dispatches a strategic question to Claude, Codex, Gemini, and Grok; delimit build activates a background daemon that executes ledger tasks through the gate chain. delimit vault manages local secrets (AES-256).
Works across any configuration, from a single model on a budget to a full panel.
Try it in 2 minutes
npx delimit-cli doctor # 14 prescriptive checks — tells you exactly what to fix
npx delimit-cli status # Visual dashboard of your entire governance setup
npx delimit-cli simulate # Dry-run: see what would be blocked before you commit
npx delimit-cli scan # Instant health grade for your API spec
npx delimit-cli try owner/repo # Try governance on any GitHub repoNo API keys. No account. No config files.
Pick your first win
Protect my API — catch breaking changes before merge:
npx delimit-cli try
# Creates a sample API, introduces breaking changes, shows what gets blocked.
# Saves a governance report to delimit-report.mdWatch for drift — detect spec changes without review:
npx delimit-cli init # Sets up governance + drift baseline
# Weekly drift checks run automatically via GitHub ActionRun PR copilot — governance gates on every pull request:
# .github/workflows/api-governance.yml
- uses: delimit-ai/delimit-action@v1
with:
spec: api/openapi.yaml
# Posts gate status, violations, and remediation in PR commentsWhat's New
Gate every AI-assisted invocation. Ship the receipts.
delimit wrap— pipeclaude -p,cursor,aider,codex, or any AI-assisted CLI through a signed governance gate. Snapshots the git diff before/after, runs lint + tests, HMAC-signs anatt_*attestation, emits a public replay URL. Advisory by default;--enforceblocks CI on policy violations;--max-time <s>is a kill switch that tags the attestation as aliability_incidentand prints a cross-model handoff command.delimit trust-page— renders a directory of attestations into a static HTML trust page + JSON Feed 1.1 feed. Single file, no framework, offline-renderable. Deploy anywhere.delimit ai-sbom— aggregates attestations into a CycloneDX 1.6 bill-of-materials with AI-specific fields (detected models per vendor, tool-call surface, policy gate counts). Pipe straight into procurement.Cross-model by construction —
wrapis agnostic to the producer. Same attestation schema whether the pipe upstream is Claude Code, Cursor, Aider, Codex, or Gemini CLI. Switch producers without losing the audit chain.
# Gate any AI-assisted CLI
delimit wrap -- claude -p "add tests for payments"
# → att_7d556843c84fb881 signed, replay: https://delimit.ai/att/att_7d556843c84fb881
# Kill switch + handoff after 60s wall-clock
delimit wrap --max-time 60 -- cursor edit "refactor auth middleware"
# → if killed: kind=liability_incident
# → suggested: delimit wrap -- claude -p "refactor auth middleware"
# Render accumulated attestations as a public trust page
delimit trust-page -o ./trust
# → ./trust/index.html (+ feed.json)
# Build a CycloneDX-AI bill of materials
delimit ai-sbom -o ./ai-sbom.json
# → components: 4 models detected, 187 gates runEarlier releases
The highest state of AI governance — earlier features still active.
delimit doctor-- 14 prescriptive diagnostics. Every failure prints the exact command to fix it.--cifor pipelines,--fixfor auto-repair.delimit simulate-- policy dry-run. See what would be blocked before you commit. Theterraform planfor API governance.delimit status-- visual terminal dashboard. Policy, specs, hooks, CI, MCP, models, memory, ledger, evidence, git branch.--watchfor live refresh.delimit report-- governance report.--since 7d --format md|html|json. Audit-friendly output for PRs and compliance.Memory hardening -- SHA-256 integrity hash + source model tag on every
remember. Cross-model trust, verified on everyrecall.Tag-based publishing -- automated gateway sync, no more version drift between source and npm bundle.
Multi-Model Deliberation
Run your question through 4 AI models simultaneously. They debate each other until unanimous agreement.
delimit deliberate "Should we build rate limiting in-house or use a managed service?" Round 1 (independent):
Claude: Build in-house. Redis sliding window is 50 lines.
Gemini: Build. You already have Redis.
Codex: Agree — but add circuit breaker for Redis failures.
Grok: Build. Managed service costs $200/mo for 50 lines of code.
Round 2 (deliberation):
All models: AGREE
UNANIMOUS CONSENSUS (2 rounds, confidence 94/100)
Build rate limiting in-house with Redis + circuit breaker.3 free deliberations, then BYOK for unlimited. Works with Grok, Gemini, Claude, GPT-4o.
v4.1
TUI -- terminal-native Ventures panel, real
delimit thinkanddelimit buildcommandsSecurity hardening -- notify.py stubbed in npm, axios pinned against supply chain attacks
Free tier restructure -- deliberations use Gemini Flash + GPT-4o-mini (cost: <$20/mo)
Zero-config onboarding -- auto-detect framework, scan, and first evidence in one command
Auto-approve tools --
delimit setupconfigures permissions for Claude Code, Codex, and Gemini CLI
v4.0
Toolcard Delta Cache -- SHA256 schema hashing, delta-only transmission, saves tokens
Session Phoenix -- cross-model session resurrection with soul capture
Handoff Receipts -- structured acknowledgment protocol between agents
Cross-Model Audit -- 3 lenses (security, correctness, governance) with deterministic synthesis
4-model deliberation -- Claude + Grok + Gemini + Codex debate until consensus
Universal Swarm Triggers -- "Think and Build", "Keep building", "Ask Delimit"
Full governance toolkit -- lint, diff, policy, evidence, drift, attestation, and swarm orchestration exposed as MCP tools and CLI subcommands
GitHub Action
Zero-config -- auto-detects your OpenAPI spec:
- uses: delimit-ai/delimit-action@v1Or with full configuration:
name: API Contract Check
on: pull_request
jobs:
delimit:
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: delimit-ai/delimit-action@v1
with:
spec: api/openapi.yamlThat's it. Delimit auto-fetches the base branch spec, diffs it, and posts a PR comment with breaking changes, semver classification, migration guides, and governance gate results.
View on GitHub Marketplace | See a live demo (23 breaking changes)
Example PR comment
Breaking Changes Detected
Change
Path
Severity
endpoint_removed
DELETE /pets/{petId}error
type_changed
/pets:GET:200[].id(string -> integer)warning
enum_value_removed
/pets:GET:200[].statuswarning
Semver: MAJOR (1.0.0 -> 2.0.0)
Migration Guide: 3 steps to update your integration
Governance Gates
Gate
Status
Chain
API Lint
Pass/Fail
lint -> semver -> gov_evaluate
Policy Compliance
Pass/Fail
policy -> evidence_collect
Security Audit
Pass
security_audit -> evidence_collect
Deploy Readiness
Ready/Blocked
deploy_plan -> security_audit
Adopt with minimum privilege
You don't have to trust a large tool surface on day one. The safe on-ramp:
Phase 1 — read-only governance (free, no account). Start with the tools that
only read your repo and write reports: delimit_lint, delimit_diff,
delimit_semver, delimit_policy, delimit_explain, delimit_scan, and
delimit_seal_verify. If your MCP client supports per-tool allowlists, grant
exactly those. Nothing in this set executes, deploys, or posts anywhere.
Phase 2 — opt into side effects deliberately. Tools that write evidence
bundles, open PR comments, or run deploys (delimit_security_audit,
delimit_deploy_*, agent orchestration) are tier-gated; enable them once
phase 1 has earned its keep in your CI.
Pin the Action to a commit SHA. @v1 is a floating tag. For
supply-chain-sensitive pipelines, pin the exact commit and bump on review:
- uses: delimit-ai/delimit-action@<commit-sha> # gh api repos/delimit-ai/delimit-action/git/refs/tags/v1Keep BYOK keys out of plaintext config. If you bring your own model keys
for deliberation, store them with delimit_secret_store (encrypted vault,
access-logged via delimit_secret_access_log) rather than in dotfiles.
Our own releases ship under the same discipline: every release carries a
signed, replayable Seal receipt (see the latest
release assets —
verify with npx delimit-cli seal-verify <receipt.json> or at its
delimit.ai/att/<id> replay URL), plus SLSA provenance on npm.
CLI commands
npx delimit-cli scan # Instant spec health grade + recommendations
npx delimit-cli pr owner/repo#123 # Review any GitHub PR for breaking changes
npx delimit-cli quickstart # Clone demo project + guided walkthrough
npx delimit-cli try # Zero-risk demo — saves governance report
npx delimit-cli demo # Self-contained governance demo
npx delimit-cli init # Guided wizard with compliance templates
npx delimit-cli init --preset strict # Initialize with strict policy
npx delimit-cli setup # Install into all AI assistants
npx delimit-cli setup --dry-run # Preview changes first
npx delimit-cli lint api/openapi.yaml # Check for breaking changes
npx delimit-cli diff old.yaml new.yaml # Compare two specs
npx delimit-cli explain old.yaml new.yaml # Generate migration guide
npx delimit-cli check # Pre-commit governance check
npx delimit-cli check --staged --fix # Check staged files + show guidance
npx delimit-cli hooks install # Install git pre-commit hook
npx delimit-cli hooks install --pre-push # Also add pre-push hook
npx delimit-cli ci # Generate GitHub Action workflow
npx delimit-cli ci --strict --dry-run # Preview strict workflow
npx delimit-cli remember "Redis uses JWT 15min" # Save a persistent memory
npx delimit-cli recall redis # Search memories
npx delimit-cli recall # Show recent memories
npx delimit-cli recall --tag deploy --all # Filter by tag, show all
npx delimit-cli recall --export # Export as markdown
npx delimit-cli forget abc123 # Delete a memory by ID
npx delimit-cli models # Configure deliberation API keys (BYOK wizard)
npx delimit-cli models --status # Show current model config
npx delimit-cli status # Compact dashboard of your Delimit setup
npx delimit-cli doctor # Check setup health
npx delimit-cli uninstall --dry-run # Preview removal
npx delimit-cli wrap -- claude -p "..." # Gate any AI-assisted CLI + signed attestation
npx delimit-cli wrap --max-time 60 -- codex "..."# With kill switch + handoff on timeout
npx delimit-cli trust-page -o ./trust # Render attestations into a static trust page
npx delimit-cli ai-sbom -o ./ai-sbom.json # Build a CycloneDX-AI bill of materialsWhat the MCP toolkit adds
When installed into your AI coding assistant, Delimit provides tools across two tiers:
Free (no account needed)
API governance -- lint, diff, policy enforcement, semver classification
Persistent ledger -- track tasks across sessions, shared between all AI assistants
Zero-spec extraction -- generate OpenAPI specs from FastAPI, Express, or NestJS source
Project scan -- auto-detect specs, frameworks, security issues, and tests
Quickstart -- guided first-run that proves value in 60 seconds
Pro
Multi-model deliberation -- AI models debate until they agree (free: Gemini Flash + GPT-4o-mini; BYOK: any models)
Security audit -- dependency scanning, secret detection, SAST analysis
Test verification -- confirms tests ran, measures coverage, generates new tests
Memory & vault -- persistent context and encrypted secrets across sessions
Evidence collection -- governance audit trail for compliance
Deploy pipeline -- governed build, publish, and rollback
OS layer -- agent identity, execution plans, approval gates
What It Detects
28 change types (17 breaking, 11 non-breaking) -- deterministic rules, not AI inference. Same input always produces the same result.
Breaking Changes
# | Change Type | Example |
1 |
|
|
2 |
|
|
3 |
| New required header on |
4 |
|
|
5 |
|
|
6 |
| Request body now requires |
7 |
|
|
8 |
|
|
9 |
|
|
10 |
|
|
11 |
| Query param |
12 |
|
|
13 |
| Response |
14 |
| OAuth2 security scheme removed |
15 |
|
|
16 |
|
|
17 |
|
|
Non-Breaking Changes
# | Change Type | Example |
18 |
| New |
19 |
|
|
20 |
| Optional |
21 |
|
|
22 |
| Optional |
23 |
|
|
24 |
| Updated description for |
25 |
| API key security scheme added |
26 |
|
|
27 |
| Default value for |
28 |
| Required field |
Policy presets
npx delimit-cli init --preset strict # All violations are errors
npx delimit-cli init --preset default # Balanced (default)
npx delimit-cli init --preset relaxed # All violations are warningsOr write custom rules in .delimit/policies.yml:
rules:
- id: freeze_v1
name: Freeze V1 API
change_types: [endpoint_removed, method_removed, field_removed]
severity: error
action: forbid
conditions:
path_pattern: "^/v1/.*"
message: "V1 API is frozen. Changes must be made in V2."Supported formats
OpenAPI 3.0 and 3.1
Swagger 2.0
YAML and JSON
FAQ
How does this compare to Obsidian Mind?
Obsidian Mind is a great Obsidian vault template for Claude Code users who want persistent memory via markdown files. Delimit takes a different approach: it's an MCP server that works across Claude Code, Codex, Gemini CLI, and Cursor. Your memory, ledger, and governance travel with you when you switch models. Delimit also adds API governance (28-type breaking change detection), CI gates, git hooks, and policy enforcement that Obsidian Mind doesn't cover. Use Obsidian Mind if you're all-in on Claude + Obsidian. Use Delimit if you switch between models or need governance.
Does this work without Claude Code?
Yes. Delimit works with Claude Code, Codex (OpenAI), Gemini CLI (Google), and Cursor. The remember/recall commands work standalone with zero config. The MCP server integrates with any client that supports the Model Context Protocol.
Is this free?
The free tier includes API governance, persistent memory, zero-spec extraction, project scanning, and 3 multi-model deliberations. Pro ($10/mo) adds unlimited deliberation, security audit, test verification, deploy pipeline, and agent orchestration. Premium ($50-100/mo) adds priority support and team features. Enterprise is custom: see delimit.ai/pricing.
Telemetry & cloud sync
Short version: none by default. Nothing leaves your machine unless you explicitly configure it.
What's always local (source of truth):
~/.delimit/events/events-YYYY-MM-DD.jsonl— per-tool-call events (tool name, timestamp, status, model id, session id, trace id). No source code, no prompts, no responses.~/.delimit/ledger/— your ledger items, work orders, deliberation transcripts.~/.delimit/attestations/—delimit wrapoutput bundles.
What's OPT-IN (requires you to provide your own Supabase project credentials):
gateway/ai/supabase_sync.pymirrors the local event + ledger + work-order + deliberation rows into a Supabase project you own so you can view them inapp.delimit.ai. It only activates if you setSUPABASE_URL+SUPABASE_SERVICE_ROLE_KEYenvironment variables OR provide~/.delimit/secrets/supabase.jsonwith those credentials. No URL or key is hardcoded in the published package (verify withgrep -r aqbdqxnhzqzswdxifksc $(npm root -g)/delimit-cli/— zero hits).Data scope when enabled: metadata only (tool names, timestamps, IDs, statuses, venture tags). Never source code, prompts, or model responses.
Kill switch:
Set DELIMIT_DISABLE_CLOUD_SYNC=1 in your environment to force all sync operations to no-op even if credentials are present. Local files continue to work normally.
# Disable cloud sync for a single invocation
DELIMIT_DISABLE_CLOUD_SYNC=1 delimit lint api/openapi.yaml
# Disable for the shell session
export DELIMIT_DISABLE_CLOUD_SYNC=1Webhook notifications:
gateway/ai/notify.py emits governance events to a webhook endpoint only if you configure DELIMIT_WEBHOOK_URL explicitly. Unset by default.
If you spot another code path that could phone home without disclosure, file an issue. This section is maintained as ship-truth, not aspirational.
Links
delimit.ai -- homepage
Dashboard -- governance console
Docs -- full documentation
GitHub Action -- Marketplace listing
Quickstart -- try it in 2 minutes
npm -- CLI package
Pricing -- free tier + Pro
MIT License
Maintenance
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/delimit-ai/delimit-mcp-server'
If you have feedback or need assistance with the MCP directory API, please join our Discord server