Caplets
Caplets wraps MCP servers, APIs, and commands into focused capabilities for coding agents.
Code Mode is the default surface: each configured backend becomes a typed caplets.<id>
handle that an agent can inspect, search, call, filter, and summarize in one workflow.
Use Caplets with Codex, Claude, OpenCode, Pi, or any MCP client that can launch a local stdio server.
Required upgrade migration: If this host ran
caplets@0.25.xor earlier, do not startcaplets@0.26.0or later until you complete the one-time legacy-state migration. Caplets does not automatically migrate or fall back to the old auth, Vault, remote-security, setup, activity, and tracked-Caplet stores.
Quick Start
Section titled “Quick Start”Install the CLI, then run a known-good no-auth setup first. OSV is public, so it is the fastest way to prove your agent can see and call a Caplet.
npm install -g capletscaplets setupcaplets install spiritledsoftware/caplets osvcaplets doctorUse npx caplets ... only for temporary foreground commands; daemon-backed agent setup
expects a stable installed caplets binary on PATH.
caplets setup is daemon-first: it initializes Caplets config, starts or reuses the
local Caplets daemon, and configures your agent as a thin caplets attach <local-daemon-url> or native client. The daemon owns backend execution and environment
passthrough, so agent configs do not need secrets or provider-specific environment values.
doctor should identify the active Caplets config path and report the checks it can run
for your configured integrations. Fix any failed check before testing through an agent.
Then ask your agent to use Caplets Code Mode to query OSV for npm package
react@18.2.0, returning the package, version, vulnerability count, and advisory IDs
as compact JSON.
A successful agent run should use the visible caplets__code_mode tool and inspect an
OSV handle such as caplets.osv. If the agent cannot see that tool, go to
Troubleshooting.
First success shape
Section titled “First success shape”The exact OSV data can change over time, but the result should have this shape:
{ "package": "react", "version": "18.2.0", "vulnerabilityCount": 0, "advisoryIds": []}If the package has advisories, vulnerabilityCount should increase and advisoryIds
should contain the OSV identifiers the agent found.
What to read next
Section titled “What to read next”- Install - set up the CLI and agent connection.
- Code Mode - learn the default agent workflow.
- Configuration - configure user and project Caplets.
- Capabilities - add MCP, OpenAPI, GraphQL, HTTP, CLI, and shared Caplets.
- Catalog - inspect public Caplets before installing them.
- Dashboard - administer a self-hosted Current Host from the browser.
- Caplets Vault - store secret config values without relying on agent environment propagation.
- Agent integrations - use Codex, Claude, OpenCode, and Pi.
- Remote attach - connect agents to a remote Caplets runtime.
- Project Binding - synchronize local repository context for remote Caplets.
- Authoritative Host State - operate SQLite or PostgreSQL host state.
- CLI reference - find command families and environment controls.
- Privacy and network activity - control telemetry, update checks, and catalog indexing.
- Troubleshooting - check config, auth, and runtime issues.