Updated July 2026Deep Dive17 min read

OpenTag: the open-source @agent mention gateway

OpenTag is an open-source gateway that lets a team @mention a coding agent — Codex or Claude Code — from a Slack thread, a GitHub issue, or four other places work already happens. It runs the agent locally, posts a receipt of what it wants to do, and waits for a human to approve before anything writes. No pasting context into a separate chat window, no black-box cloud service deciding what ran. This guide covers the pipeline, the install, the real platform and executor limits, and the odd fact that two other unrelated teams shipped a project with the exact same name in the same week.

Editorial illustration: a small luminous violet-blue orb glowing at the center of a dark scene, thin governed light-trails branching outward to small abstract glyphs suggesting a chat bubble, a code bracket, a tag shape, and a checkmark inside a receipt outline, connected by a faint circuit-like routing line, on a deep midnight backdrop.
On this page · 18 sections
  1. TL;DR + the pipeline
  2. What OpenTag does
  3. Why it exists
  4. Mental model: 5 pieces
  5. Install & quick start
  6. Platforms & executors
  7. Approvals & receipts
  8. Audit & local-first
  9. Three teams, one name
  10. What we got wrong
  11. Right way / wrong way
  12. Gotchas & limits
  13. Who it's for
  14. Community signal
  15. The verdict
  16. FAQ
  17. Glossary
  18. Sources

TL;DR + the pipeline

  • What it is. A local-first CLI gateway, not a hosted SaaS and not an MCP server. It normalizes an @mention from six platforms into one event, runs Codex or Claude Code against a bound project, and posts the result back to the thread.
  • One install. npm install -g @opentag/cli@latest, then opentag setup. The wizard asks for a platform, an agent, a project, and credentials, then offers to run as a background service.
  • The pitch is governance, not novelty. Every mention becomes an audited run — a context snapshot, a capability check, an approval gate, and a local ledger you can query with opentag status --run <id>.
  • Watch the name. Three unrelated teams built a same-named “OpenTag” within about 72 hours in late June 2026. This guide covers amplifthq/opentag specifically — see the comparison before you copy commands from anywhere else.
npm install -g @opentag/cli@latest
opentag setup

What OpenTag actually does

The maintainers’ own demo is the clearest description: mention OpenTag in a Slack thread, approve the suggested action, and a real GitHub pull request comes back to that thread. Nothing about the request leaves the tools your team already uses — Slack for the conversation, GitHub for the code.

Ingress adapter

Slack, GitHub, GitLab…

Dispatcher

opentagd

Runner

claims bound work

Executor

Codex / Claude Code

Receipt

back to thread

The validated version of that loop, straight from OpenTag’s own smoke tests: a GitHub issue comment tags OpenTag, OpenTag hands it to a local Claude Code process, Claude Code commits to a branch, opens a pull request, and OpenTag posts a callback on the original issue. Once setup finishes, try it directly in a bound repo’s issue thread:

@opentag fix the failing test in this PR

OpenTag replies with a receipt describing the fix it found. Reply apply 1 in the same thread, and only then does it push a branch and open the pull request.

Our take: the interesting design choice isn’t the mention parsing — every chat bot does that. It’s that applying is a separate, explicit step from proposing, and the receipt lives in the thread that started the request instead of a dashboard you have to remember to check.

Why it exists

The failure mode OpenTag targets is the copy-paste tax: pulling a GitHub issue, a pull request, or a Slack discussion into a separate AI chat window, re-explaining the context by hand, then pasting the result back. The work sits in one place; the agent sits in another. OpenTag’s launch post named this directly — the idea is that agents should “join the work where it already happens” instead of the reverse.

Every time I wanted an AI agent to do something with a GitHub issue or a Slack discussion, I had to copy it out, paste it into a chat window, re-explain the context, and then paste the result back. The work was in one place; the agent was always somewhere else. So I built OpenTag.

OpenTag builder — r/SideProject launch post · Reddit

Launch post, late June 2026 — the origin story in the builder's own words.

Source

The deeper reasoning goes past convenience. OpenTag’s own design notes list the questions a team actually needs answered once an agent starts acting inside real workflows: who asked it to act, what context it saw and what was deliberately excluded, what permissions the run held, which executor handled it, and what can be audited later without flooding the human thread. That list reads like a governance checklist, not a chatbot feature list — which is the point.

Our take: that is a different pitch than “AI in your Slack.” Copilot-style chat tools already exist. OpenTag’s design centers the audit trail as much as the automation, which is why the project calls itself an Agent Work Protocol rather than a bot.

Mental model: the five pieces

Five named pieces, each with one job, chained in a fixed order. Understanding this order explains almost every behavior in the rest of this guide.

  • Ingress adapter — normalizes a platform event (a Slack message, a GitHub comment, a Lark mention) into one common event shape. One adapter per platform; each ignores anything that isn’t an explicit mention.
  • Dispatcher (opentagd) — the local coordination service. It validates scope, persists the run, manages leases so two runners can’t claim the same mention, and writes audit events.
  • Runner — claims only the work it is explicitly bound to handle, local or hosted. Bindings map a channel or repo to a project; an unbound container is ignored, not guessed at.
  • Executor — the coding agent doing the work: Codex, Claude Code, or the test-only Echo, running against the mapped local checkout.
  • Receipt / callback — a compact reply posted back to the source thread, plus a quiet entry in the local audit ledger.

Our take: the piece worth noticing is that adapters never execute agent code and executors never talk to platforms directly. That boundary is what makes “executor-neutral” a real property instead of a slogan — swapping Claude Code for something else doesn’t touch the Slack or GitHub code at all.

Install & quick start

Requires Node.js 20 or newer. Global install is recommended so a background service points at a stable CLI path instead of a temporary npx location:

npm install -g @opentag/cli@latest
opentag setup

For a one-off terminal check without a global install:

npx @opentag/cli setup

opentag setup is a wizard that walks through six choices: CLI language, listen address, which coding agent to use, which local project to work on, which platform credentials to save, and how OpenTag should keep running. For scripted installs, skip the last prompt and go straight to the recommended background mode:

opentag setup --service

Background service mode uses a LaunchAgent on macOS and systemd --user on Linux. On other platforms, including Windows, use terminal mode with opentag start and keep that terminal open — there is no background-service path there yet.

Once running, mention it from any connected platform:

@opentag investigate this

Config lives at ~/.config/opentag/config.json; runtime state and isolated worktrees default to ~/.local/state/opentag. To remove everything:

npm uninstall -g @opentag/cli
rm -rf ~/.config/opentag ~/.local/state/opentag

Platforms & executors

Six platforms ship in the opentag setup flow today, each with its own setup guide and a recommended first path:

PlatformBest first path
SlackSocket Mode for local development
GitHubRepository webhook + GitHub token
GitLabProject Note Hook + GitLab access token
Lark / FeishuScan the Personal Agent QR code from setup
TelegramBotFather token with local polling
DiscordBot token with local Gateway delivery

Executors are narrower on purpose:

ExecutorStatusNotes
CodexReadyLocal codex exec
Claude CodeReadyLocal claude --print
EchoDev/test onlyDoes not call a real model

If you are choosing between Codex and Claude Code as your team’s default coding agent in the first place, our Claude Code vs Codex CLI comparison covers model access, pricing, and sandboxing side by side.

One honest wrinkle we found: OpenTag’s own marketing site, opentag.im, shows Discord, Microsoft Teams, and Google Chat under “coming soon” and doesn’t list GitLab at all. The GitHub repository disagrees — both docs/platforms/discord.en.md and docs/platforms/gitlab.en.md are complete, step-by-step setup guides, and issues asking for Discord (#32) and GitLab (#54) support are both closed as shipped. Trust the repo’s docs over the landing page for a project moving this fast.

The executor list is also narrower than “executor-neutral” framing might suggest. A request to add a third real executor, Hermes, was filed and closed without landing (issue #34) — the adapter contract is public, but only Codex and Claude Code ship as working integrations today.

Approvals & source-thread receipts

When an agent proposes a change, OpenTag renders a compact receipt in the source thread showing what will change and whether it is ready to apply. The apply action only appears once the dispatcher confirms a bound adapter can actually execute it — otherwise the receipt shows setup or attention needed instead of failing silently.

Applying is always a separate, explicit reply in the same thread — something like apply 1 or continue 1 — not a default outcome of the mention itself. That single design choice is what turns “an agent read my thread” into “an agent asked permission in my thread,” and it is the mechanism the “governed” part of OpenTag’s tagline refers to.

Our take: putting the approval prompt and the result in the same thread as the original ask is a small UX decision with an outsized effect — nobody has to context-switch to a dashboard to say yes.

Audit trail & local-first privacy

Every run keeps a local agent work ledger: the source event, the admission decision, a context packet snapshot, an executor capability snapshot, produced artifacts, callback delivery, and the final outcome. None of that floods the human thread — it stays queryable through opentag status --run <run_id> and opentag doctor.

On privacy specifically: there is no OpenTag cloud service in the local CLI flow. Platform credentials are stored on your machine with private file permissions, Codex and Claude Code run against your local checkout, and platform APIs receive only the messages needed to acknowledge, reply, and apply an action you approved.

Worth being precise about, for an MCP-focused audience: OpenTag is not an MCP server and does not implement the Model Context Protocol. It speaks its own protocol for routing mentions to agent CLIs. If what you actually want is to aggregate several MCP servers behind one endpoint, that is a different tool in a different layer — see our MetaMCP guide for that use case, and What is the Model Context Protocol? if the distinction between a tool protocol and a mention gateway is still fuzzy.

Three teams, one name

Search “OpenTag GitHub” today and you will find three unrelated, independently created projects, all shipped within about 72 hours of each other in late June 2026. None is a fork of another — different orgs, different codebases, same premise and the same name.

amplifthq/opentaglinxidnju/OpenTagCopilotKit/OpenTag
CreatedJun 24, 2026Jun 27, 2026Jun 26, 2026
LicenseMITApache-2.0MIT
LanguageTypeScriptJavaScriptTypeScript
PlatformsSlack, GitHub, GitLab, Lark/Feishu, Telegram, DiscordSlack onlySlack, Discord, Telegram, WhatsApp
ExecutorsCodex, Claude Code (+ Echo for testing)Codex, Claude Code, OpenCode, Docker, HTTP, custom CLIsBring your own model, via @copilotkit/bot
Framing“Governed agent work loop,” audit ledger“Channel-native agent gateway,” per-channel policy bundles“Open-source alternative to Claude in Slack,” generative UI
HostingLocal-first CLI onlyLocal-first (MVP)Self-host, or managed service coming soon

The CopilotKit implementation is the one that picked up Hacker News coverage — “OpenTag: An open-source alternative to Claude in Slack” and a Show HN post the next day, both pointing at github.com/CopilotKit/OpenTag, not the implementation this guide covers. If you arrived here from an HN link, double-check which repo you are actually installing.

This guide is anchored on amplifthq/opentag because it has the broadest platform coverage of the three and the most explicit audit/governance design — the framing this whole article has been describing. If Slack-only with a wider executor list fits your team better, linxidnju’s Apache-2.0 build is worth a look; if a managed hosted option matters more than local-first, CopilotKit’s is the one to watch.

Our take: this isn’t plagiarism or confusion — it is three teams independently deciding that “tag an agent into the thread” was an obvious enough idea to build, in the same two-week window, under the same name. That convergence is itself a signal worth taking seriously.

What we got wrong

Three things we assumed while researching this piece that turned out to be wrong, in the interest of saving you the same detour.

  • We assumed “OpenTag” meant one project. It doesn’t. A plain web search mixes results from three unrelated repos with different licenses, different install commands, and different feature sets. We nearly cited a CopilotKit tweet as being about amplifthq’s implementation before checking the linked repo — always confirm the org before you copy a command.
  • We expected Discord to be unshipped, based on the landing page. opentag.im still marks it “coming soon.” The actual repository had a complete Discord setup guide and a closed feature-request issue confirming it works. For a project shipping daily, the marketing site lagged the real code by at least a week.
  • We read “executor-neutral” as “bring any agent today.” The adapter contract genuinely is open — we verified it in docs/adapter-authoring.md— but the working executor list is exactly two: Codex and Claude Code. A community request for a third was closed without merging.

Doing it right vs. doing it wrong

Mentioning in an unbound channel

Tagging @opentag in a channel or repo that was never bound to a project during setup. Nothing happens — bindings map containers to projects on purpose, so an adapter never guesses which checkout you meant.

Bind first, confirm, then mention

Run the channel/repo binding in opentag setup, confirm it with opentag doctor, and only then start mentioning the agent from that thread.

Assuming a mention means an applied change

Treating every reply as if the fix is already live. The receipt may show “setup or attention needed” instead of an apply option, and nothing writes until someone replies with the apply command.

Read the receipt, then apply

Check the receipt state before assuming anything happened, and use opentag status --run <run_id> if a thread reply doesn’t make the outcome obvious.

Running setup from Codex Default mode

OpenTag’s own setup skill documents that Codex Default mode can’t render interactive choice cards, so platform and agent choices silently fall back to plain-text prompts or defaults.

Use Plan mode, or answer the terminal wizard directly

Let Codex collect setup choices in Plan mode before running opentag setup, or just run the CLI yourself and answer its terminal prompts.

Gotchas, from the issue tracker

  • npm install can fail before OpenTag even starts. The project ships its own troubleshooting runbook for ENOTFOUND, EAI_AGAIN, and fetch failed errors during npm install -g @opentag/cli — a sign registry/proxy hiccups are common enough on first install to warrant documented tooling.
  • No background service on Windows yet. The recommended always-on mode uses a macOS LaunchAgent or Linux systemd --user unit. Everywhere else, including Windows, you run opentag start in a terminal you have to keep open.
  • Two executors, not “any agent.” Codex and Claude Code are it. Echo doesn’t call a real model, and the one community request for a third (Hermes) closed without landing.
  • Coverage gaps are visible in open issues. A LINE Messenger request (#65) is open and unaddressed; a WeChat request (#30) is open too. If your team’s primary chat platform isn’t one of the current six, you are filing an issue, not installing today.
  • The name collision is a real installation risk. Three different repos, three different licenses, three different command sets. Confirm the org — amplifthq, linxidnju, or CopilotKit — before running install commands from any tutorial, including this one.

Who this is for

This is for you if your team already discusses work in Slack or GitHub threads and wants an agent to join that conversation instead of opening a separate chat tab; if you need an approval gate and an audit trail before an agent’s suggested change becomes real; or if your team has already standardized on Codex or Claude Code as its coding agent.

This is less urgent if you’re a solo developer who already runs Claude Code or Codex directly in a terminal — the mention-gateway layer adds setup cost with no team thread to route from. It’s also not the fit if you want a zero-ops hosted SaaS today (that is on OpenTag’s own roadmap, not shipped, and closer to what CopilotKit’s managed service is aiming at), or if you need an executor beyond Codex or Claude Code out of the box. For a broader comparison of terminal coding agents that OpenTag can route to, see our Goose vs Cline vs Aider vs Claude Code vs OpenCode roundup, and wire the agent side up directly at mcp.directory/clients/claude-code.

Community signal

The launch tweet reads like the product brief in miniature — local execution, an auditable dispatch layer, and an explicit “early v0” framing:

A third-party reaction picked up on the same design detail we called out above — the adapter contract being public from day one:

We could not find loud public criticism of OpenTag yet — the project is barely two weeks old at the time of writing, and most GitHub issues are feature requests rather than complaints. The most concrete critical signal we found is structural, not opinion: the Windows background-service gap and the two-executor ceiling described above are real limits, confirmed directly in the project’s own docs and issue tracker, not community speculation.

The verdict

Our take

Install OpenTag if your team already works in Slack and GitHub threads, already runs Codex or Claude Code, and wants a governed way to pull an agent into that existing conversation instead of a new chat surface — the approval gate and local audit ledger are the real product, not the mention parsing. Skip it, for now, if you need more than two executors, a hosted option with no local daemon to run, or a platform outside the current six. And regardless of which way you land, confirm you’re looking at amplifthq/opentag and not one of the other two same-named projects before you install anything.

FAQ

What is OpenTag?

OpenTag is an open-source gateway that lets a team @mention a coding agent — Codex or Claude Code — from a Slack thread, GitHub issue, GitLab merge request, Lark/Feishu chat, Telegram message, or Discord server. It runs the agent locally and posts results back to that same thread, gated by an approval step and logged to a local audit trail.

Is OpenTag an MCP server?

No. OpenTag is a mention-routing gateway that invokes coding-agent CLIs — it speaks its own Agent Work Protocol, not the Model Context Protocol. Those agents may separately be configured with MCP servers for tools; OpenTag sits one layer above, deciding which agent runs and on whose approval.

Which coding agents does OpenTag support?

Two production executors ship today: Codex (via codex exec) and Claude Code (via claude --print). A third, Echo, exists only for local testing and doesn't call a real model. A public adapter contract exists for adding more; a community request to add a fourth executor was filed and closed without landing.

Is OpenTag free?

The amplifthq implementation this guide covers is MIT-licensed and free to self-host — you only pay for whatever Codex or Claude Code access you already have. There's no OpenTag cloud tier here. A same-named project from CopilotKit plans a paid managed service separately.

Does OpenTag require a cloud account?

No. Setup, config, and execution happen locally. opentag setup collects platform credentials once, then a local daemon or foreground process handles mentions. Platform APIs (Slack, GitHub, etc.) see only the messages needed to acknowledge, reply, and apply an approved action — nothing routes through an OpenTag-run cloud.

Why are there multiple "OpenTag" projects on GitHub?

Three unrelated teams built a tag-an-agent-into-a-thread tool under the same name within about 72 hours in late June 2026: amplifthq/opentag, linxidnju/OpenTag, and CopilotKit/OpenTag. They share a name and a premise, not code. Check which org's repo a tutorial points to before running install commands.

Can OpenTag apply changes without a human approving them?

The default loop posts a receipt and waits. An Apply action appears only once the dispatcher confirms a bound adapter can execute it, and applying still needs an explicit thread reply like apply 1. Read-only investigation runs skip the gate; anything that writes does not.

Glossary

@mention gateway

Software that turns a tagged message inside an existing chat or issue thread into a bounded, routable unit of agent work.

Ingress adapter

The piece that normalizes a platform-specific event — a Slack message, a GitHub comment — into one common event shape.

OpenTagEvent

The normalized event object every ingress adapter produces, regardless of which platform it came from.

Dispatcher (opentagd)

The local coordination service that validates scope, persists runs, manages leases, and records audit events.

Runner

The process that claims only the work it is explicitly bound to handle, local or hosted.

Executor

The coding agent doing the actual work — Codex, Claude Code, or the test-only Echo.

Context packet

The curated, bounded slice of thread and repo context handed to the executor, kept auditable instead of pasted in full.

Source-Thread Action Receipt

The compact message OpenTag posts back showing what will change and whether it is ready to apply.

Agent work ledger

The local, per-run audit record: source event, permissions, context, artifacts, and final outcome.

Lease

A time-bound claim a runner holds on a piece of work, so two runners can't act on the same mention at once.

Callback sink

The adapter half that posts acknowledgement, progress, and final messages back to the originating platform.

Channel / project binding

The explicit mapping from a chat channel or repo to a local project. Unbound containers are ignored, not guessed at.

Local-first

Architecture where execution, credentials, and state stay on the user's or team's own machine, with no required cloud hop.

Sources

Primary — amplifthq/opentag

Comparison implementations (same name, different projects)

Community

Related reading on mcp.directory

Found an issue?

If something in this guide is out of date — a new platform ships, a third executor lands, the landing page catches up to the docs — email [email protected] or read more on our about page. We keep these guides current.