One workspace for every AI coding assistant. Get started in 10 seconds.
Six steps to full API governance. No accounts, no API keys.
Get an instant health grade for your API spec. No install needed.
npx delimit-cli scan openapi.yaml # health grade + recommendations npx delimit-cli try # zero-risk demo with sample API
Detects your AI assistants (Claude Code, Codex, Cursor, Gemini CLI) and configures them all.
npx delimit-cli setup && source ~/.bashrc
Creates a .delimit/policies.yml with your chosen preset (strict, default, or relaxed).
npx delimit-cli init --preset default
Check your OpenAPI spec for breaking changes and policy violations.
npx delimit-cli lint api/openapi.yaml
Create .github/workflows/api-check.yml to lint every PR automatically.
name: API Contract Check
on: pull_request
jobs:
api-check:
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
- uses: actions/checkout@v4
- uses: delimit-ai/delimit-action@v1
with:
spec: api/openapi.yamlSign in with GitHub to see governance history, audit trails, and team management.
Open DashboardDelimit gives your AI coding assistant persistent memory, governance, and cross-model continuity. It works two ways:
Diffs your OpenAPI spec on every PR. Posts breaking changes, semver classification, and migration guidance as a PR comment.
View on Marketplace →Governance tools for AI coding assistants (Claude Code, Codex, Cursor, Gemini CLI). Lint, diff, policy enforcement, and more -- all local, no API keys.
npx delimit-cli setupBoth run entirely locally. No external services, no accounts, no data leaving your machine.
Delimit has three enforcement modes that control how governance decisions are applied. These work across all AI assistants and the GitHub Action.
| Behavior | Advisory | Guarded (default) | Enforce |
|---|---|---|---|
| PR comments + annotations | Yes | Yes | Yes |
| Critical actions blocked | No | Yes | Yes |
| High-risk actions blocked | No | Warned | Yes |
| Fails CI on breaking changes | No | No | Yes |
| Best for | Evaluation | Day-to-day | Production APIs |
Guarded mode is the default. It blocks dangerous operations like destructive deploys while allowing normal development. Switch modes anytime:
# GitHub Action
- uses: delimit-ai/delimit-action@v1
with:
spec: api/openapi.yaml
mode: enforce
# MCP (all assistants)
# Create ~/.delimit/enforcement_mode with: advisory, guarded, or enforceThe CLI works locally and in any CI system. Install globally or use npx.
delimit scan [path]Instant health grade for your API spec (A-F) across 5 dimensions: completeness, security, consistency, documentation, best practices. No install needed.
npx delimit-cli scan openapi.yaml # grade a specific spec npx delimit-cli scan # auto-detect specs in current directory
delimit tryZero-risk governance demo. Creates a sample API with breaking changes, runs the full governance pipeline, and saves a Markdown report to delimit-report.md.
npx delimit-cli try
delimit setup [--dry-run]Detect installed AI assistants and configure MCP tools for all of them. Use --dry-run to preview changes without writing anything.
npx delimit-cli setup # install into all AI assistants npx delimit-cli setup --dry-run # preview what will change
delimit init [--preset]Create a .delimit/policies.yml file with a preset. Options: strict, default, relaxed.
npx delimit-cli init # default preset npx delimit-cli init --preset strict # all violations are errors npx delimit-cli init --preset relaxed # all violations are warnings
delimit lint [spec] [--policy]Validate a spec against the base version and check for policy violations.
npx delimit-cli lint api/openapi.yaml npx delimit-cli lint api/openapi.yaml --policy strict npx delimit-cli lint old.yaml new.yaml
delimit diff <old> <new>Compare two specs and report all changes with semver classification.
npx delimit-cli diff old-api.yaml new-api.yaml
delimit explain <old> <new>Generate a human-readable migration guide from the diff between two specs.
npx delimit-cli explain old-api.yaml new-api.yaml --template migration
delimit doctorCheck your setup health. Verifies MCP configuration, Python dependencies, and tool availability.
npx delimit-cli doctor
delimit activate <key>Activate a Pro license key to unlock advanced features.
npx delimit-cli activate YOUR_LICENSE_KEY
delimit uninstall [--dry-run]Clean removal from all AI assistants (Claude Code, Codex, Cursor, Gemini CLI). Creates backups before removing. Use --dry-run to preview what will be removed.
npx delimit-cli uninstall # remove with backups npx delimit-cli uninstall --dry-run # preview removal
Delimit exposes tools through the MCP protocol. Your AI coding assistant can call any of these directly -- just describe what you want in natural language. The "Say this" column shows example prompts that trigger each tool.
Free tools are unlimited. Pro tools require an active license (deliberation is limited to 3 per month on the free tier).
Detect breaking changes, enforce policies, and classify API diffs.
| Tool | What it does | Say this |
|---|---|---|
delimit_lint | Check specs for breaking changes and policy violations | "lint my API spec" |
delimit_diff | Compare two API specs and list all changes | "diff old.yaml new.yaml" |
delimit_semver | Classify changes as MAJOR/MINOR/PATCH | "what semver bump is this?" |
delimit_explain | Generate a human-readable change explanation | "explain the changes" |
delimit_policy | View and manage governance policies | "show current policies" |
delimit_zero_spec | Extract a spec from source code (FastAPI, Express, NestJS) | "generate a spec from my code" |
delimit_impact | Analyze downstream impact of API changes | "what is the impact of these changes?" |
Persistent task tracking that survives across sessions and AI assistants.
| Tool | What it does | Say this |
|---|---|---|
delimit_ledger_add | Add a task to the ledger | "add to ledger: refactor auth module" |
delimit_ledger_list | List all ledger items | "show the ledger" |
delimit_ledger_done | Mark an item complete | "mark LED-001 done" |
delimit_ledger_context | Get top priority items for session start | "what's on the ledger?" |
Scan for vulnerabilities, detect secrets, and audit dependencies.
| Tool | What it does | Say this |
|---|---|---|
delimit_security_audit | Full security audit (dependencies, patterns, and secrets) | "run a security audit" |
delimit_security_scan | Quick security scan for common issues | "scan for vulnerabilities" |
System health, compliance checks, and policy evaluation.
| Tool | What it does | Say this |
|---|---|---|
delimit_gov_health | Check governance system health | "governance status" |
delimit_gov_status | Detailed governance status report | "show governance details" |
delimit_gov_evaluate | Evaluate a project against policies | "evaluate this project" |
delimit_gov_run | Run all governance checks | "run governance checks" |
delimit_gov_verify | Verify governance compliance | "verify compliance" |
delimit_gov_policy | View policy configuration | "show policies" |
Multi-model AI debate and consensus for architectural decisions.
| Tool | What it does | Say this |
|---|---|---|
delimit_deliberate | Send a question to multiple AI models for debate and consensus | "deliberate: should we use REST or GraphQL?" |
delimit_models | View and manage configured AI models | "show available models" |
Store and retrieve information across sessions.
| Tool | What it does | Say this |
|---|---|---|
delimit_memory_store | Save information for future recall | "remember this architecture decision" |
delimit_memory_search | Search stored memories | "search memory for auth" |
delimit_memory_recent | Get recently stored memories | "what do you remember?" |
delimit_context_init | Initialize a context namespace | "init context for project-x" |
delimit_context_write | Write an artifact to context storage | "save this plan" |
delimit_context_read | Read an artifact from context storage | "read the plan" |
delimit_context_list | List all context artifacts | "list saved artifacts" |
Plan, build, publish, and verify deployments.
| Tool | What it does | Say this |
|---|---|---|
delimit_deploy_plan | Create a deployment plan | "plan deployment" |
delimit_deploy_build | Build a project for deployment | "build the project" |
delimit_deploy_publish | Publish or deploy a project | "deploy to production" |
delimit_deploy_status | Check deployment status | "deploy status" |
delimit_deploy_verify | Verify deployment health | "verify the deploy" |
Securely store, retrieve, and manage credentials locally.
| Tool | What it does | Say this |
|---|---|---|
delimit_secret_store | Store a credential securely | "store my API key" |
delimit_secret_get | Retrieve a stored credential | "get the API key" |
delimit_secret_list | List stored secrets (values are not shown) | "list secrets" |
delimit_secret_revoke | Revoke a stored credential | "revoke that key" |
System health, metrics, and log searching.
| Tool | What it does | Say this |
|---|---|---|
delimit_obs_status | System health overview | "system status" |
delimit_obs_metrics | CPU, memory, and disk metrics | "show metrics" |
delimit_obs_logs | Search system logs | "search logs for errors" |
UI component scanning, accessibility audits, and test generation.
| Tool | What it does | Say this |
|---|---|---|
delimit_design_component_library | Scan and catalog UI components in a project | "catalog my components" |
delimit_design_validate_responsive | Check responsive design implementation | "validate responsive design" |
delimit_story_accessibility | Run a WCAG accessibility audit | "check accessibility" |
delimit_test_generate | Generate test skeletons from source code | "generate tests for this file" |
delimit_test_smoke | Run smoke tests | "run smoke tests" |
Autonomous daemon, content generation, and scheduling.
| Tool | What it does | Say this |
|---|---|---|
delimit_daemon_status | Check autonomous daemon status | "daemon status" |
delimit_daemon_run | Run a daemon iteration | "run daemon" |
delimit_social_generate | Generate social media content | "draft a tweet about the release" |
delimit_content_schedule | View the content publishing schedule | "show content schedule" |
The tools listed above are the primary interface. Additional internal tools exist for system orchestration, but the ones above cover every user-facing capability. All tools run locally on your machine.
Add breaking change detection to any repository. The action runs on every pull request, diffs your OpenAPI spec against the base branch, and posts a comment with breaking changes, semver classification, and a migration guide.
Delimit auto-detects your OpenAPI spec. No inputs required:
name: API Governance
on: pull_request
jobs:
check:
runs-on: ubuntu-latest
permissions: { pull-requests: write }
steps:
- uses: actions/checkout@v4
with: { fetch-depth: 0 }
- uses: delimit-ai/delimit-action@v1name: API Contract Check
on: pull_request
jobs:
api-check:
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
- uses: actions/checkout@v4
- uses: delimit-ai/delimit-action@v1
with:
# Single file mode -- auto-fetches base branch version
spec: api/openapi.yaml
# Or explicit comparison mode
# old_spec: api/openapi-base.yaml
# new_spec: api/openapi.yaml
# Mode: advisory (default) or enforce
mode: advisory
# Policy: path to custom policy file or preset name
# policy: .delimit/policies.yml
# policy: strict| Input | Required | Description |
|---|---|---|
spec | * | Path to your OpenAPI spec. Auto-fetches the base branch version for comparison. |
old_spec | * | Path to the baseline spec. Use with new_spec for explicit comparison. |
new_spec | * | Path to the proposed spec. Use with old_spec. |
mode | No | advisory (default) or enforce. Enforce fails the check on violations. |
policy | No | Path to a custom policy YAML file, or a preset name (strict, default, relaxed). |
* Provide either spec alone, or both old_spec and new_spec.
Delimit ships with 3 built-in presets that control how violations are treated.
All violations are errors. Any breaking change fails the check.
Balanced. Endpoint/method removal and required param addition are errors. Type changes are warnings.
All violations are warnings. Nothing blocks the build.
Create .delimit/policies.yml to define your own rules:
# .delimit/policies.yml
override_defaults: false
rules:
- id: protect_v1_api
name: Protect V1 API
description: V1 endpoints are frozen
change_types:
- endpoint_removed
- method_removed
- field_removed
severity: error
action: forbid
conditions:
path_pattern: "^/v1/.*"
message: "V1 API is frozen. Changes must be made in V2."
- id: warn_response_type_change
name: Warn Response Type Changes
change_types:
- type_changed
severity: warning
action: warn
conditions:
path_pattern: ".*:2\\d\\d.*"
message: "Type changed at {path} - verify client compatibility."| Change type | Breaking | Description |
|---|---|---|
endpoint_removed | Yes | An API endpoint path was removed |
method_removed | Yes | An HTTP method was removed from an endpoint |
required_param_added | Yes | A new required parameter was added |
param_removed | Yes | A parameter was removed |
response_removed | Yes | A response status code was removed |
required_field_added | Yes | A new required field was added to a request body |
field_removed | Yes | A field was removed from a response |
type_changed | Yes | A field's type was changed |
format_changed | Yes | A field's format was changed |
enum_value_removed | Yes | An allowed enum value was removed |
endpoint_added | No | A new endpoint was added |
method_added | No | A new HTTP method was added |
optional_param_added | No | A new optional parameter was added |
response_added | No | A new response status code was added |
optional_field_added | No | A new optional field was added |
enum_value_added | No | A new enum value was added |
description_changed | No | A description was modified |
Delimit deterministically classifies every diff into a semver bump:
major -- any breaking change detectedminor -- additive changes only (new endpoints, optional fields)patch -- non-functional changes only (descriptions)none -- no changes detectedMany teams don't maintain an explicit API spec. Delimit can help:
Auto-extract an OpenAPI spec from your source code. Supports FastAPI, Express, and NestJS.
npx delimit-cli zero-spec ./src
Create a basic openapi.yaml with just your endpoints listed. Delimit will track changes from there. Even a skeleton with paths and methods is enough to detect removals and additions.
If your spec is generated from code (FastAPI auto-docs, NestJS Swagger), just point Delimit at the generated file. The diff happens at the spec level, not the source level. Common locations: docs/openapi.json, swagger.json, or your framework's output path.
Only tool call events for governance tracking. No source code is sent to any server. The CLI and MCP tools run entirely on your machine. The hosted dashboard (app.delimit.ai) stores account data and governance history if you choose to sign in, but the core tools are fully local.
Yes. Everything runs locally on your machine. Your API specs, source code, and governance policies never leave your local filesystem. The GitHub Action runs inside your own CI environment.
Deliberation is limited to 3 per month on the free tier. All other tools -- linting, diffing, ledger, security, governance, observability, design, and testing -- are unlimited.
Delimit works with Claude Code, Codex (ChatGPT CLI), Cursor, and Gemini CLI. The npx delimit-cli setup command detects which assistants you have installed and configures them all.
Run the uninstall command. It removes MCP configuration from all AI assistants and cleans up local data.
npx delimit-cli uninstall
The CLI, MCP tools, and GitHub Action are MIT licensed and fully open source. The hosted dashboard (app.delimit.ai) is a proprietary service. You can use everything locally without ever creating an account.
Delimit works with any spec file checked into git, whether hand-written or generated. If your spec is generated from code (e.g., via FastAPI, NestJS Swagger, or a build step), just point Delimit at the generated output file. The diff happens at the spec level, not the source level.
Yes. Set old_spec and new_spec to the path within your monorepo. You can run multiple Delimit steps in one workflow for different services.
Delimit operates on the OpenAPI/Swagger layer. If your gRPC service has a REST gateway that generates an OpenAPI spec, Delimit can diff that. For proto-level breaking change detection, use Buf.