OpenTag: the open-source @agent mention gateway
OpenTag is an open-source gateway that lets a team @mention a coding agent — Codex or Claude Code — from a Slack thread, a GitHub issue, or four other places work already happens. It runs the agent locally, posts a receipt of what it wants to do, and waits for a human to approve before anything writes. No pasting context into a separate chat window, no black-box cloud service deciding what ran. This guide covers the pipeline, the install, the real platform and executor limits, and the odd fact that two other unrelated teams shipped a project with the exact same name in the same week.

On this page · 18 sections▾
TL;DR + the pipeline
- What it is. A local-first CLI gateway, not a hosted SaaS and not an MCP server. It normalizes an @mention from six platforms into one event, runs Codex or Claude Code against a bound project, and posts the result back to the thread.
- One install.
npm install -g @opentag/cli@latest, thenopentag setup. The wizard asks for a platform, an agent, a project, and credentials, then offers to run as a background service. - The pitch is governance, not novelty. Every mention becomes an audited run — a context snapshot, a capability check, an approval gate, and a local ledger you can query with
opentag status --run <id>. - Watch the name. Three unrelated teams built a same-named “OpenTag” within about 72 hours in late June 2026. This guide covers
amplifthq/opentagspecifically — see the comparison before you copy commands from anywhere else.
npm install -g @opentag/cli@latest
opentag setupWhat OpenTag actually does
The maintainers’ own demo is the clearest description: mention OpenTag in a Slack thread, approve the suggested action, and a real GitHub pull request comes back to that thread. Nothing about the request leaves the tools your team already uses — Slack for the conversation, GitHub for the code.
Ingress adapter
Slack, GitHub, GitLab…
Dispatcher
opentagd
Runner
claims bound work
Executor
Codex / Claude Code
Receipt
back to thread
The validated version of that loop, straight from OpenTag’s own smoke tests: a GitHub issue comment tags OpenTag, OpenTag hands it to a local Claude Code process, Claude Code commits to a branch, opens a pull request, and OpenTag posts a callback on the original issue. Once setup finishes, try it directly in a bound repo’s issue thread:
@opentag fix the failing test in this PROpenTag replies with a receipt describing the fix it found. Reply apply 1 in the same thread, and only then does it push a branch and open the pull request.
Our take: the interesting design choice isn’t the mention parsing — every chat bot does that. It’s that applying is a separate, explicit step from proposing, and the receipt lives in the thread that started the request instead of a dashboard you have to remember to check.
Why it exists
The failure mode OpenTag targets is the copy-paste tax: pulling a GitHub issue, a pull request, or a Slack discussion into a separate AI chat window, re-explaining the context by hand, then pasting the result back. The work sits in one place; the agent sits in another. OpenTag’s launch post named this directly — the idea is that agents should “join the work where it already happens” instead of the reverse.
“Every time I wanted an AI agent to do something with a GitHub issue or a Slack discussion, I had to copy it out, paste it into a chat window, re-explain the context, and then paste the result back. The work was in one place; the agent was always somewhere else. So I built OpenTag.”
OpenTag builder — r/SideProject launch post · Reddit
Launch post, late June 2026 — the origin story in the builder's own words.
The deeper reasoning goes past convenience. OpenTag’s own design notes list the questions a team actually needs answered once an agent starts acting inside real workflows: who asked it to act, what context it saw and what was deliberately excluded, what permissions the run held, which executor handled it, and what can be audited later without flooding the human thread. That list reads like a governance checklist, not a chatbot feature list — which is the point.
Our take: that is a different pitch than “AI in your Slack.” Copilot-style chat tools already exist. OpenTag’s design centers the audit trail as much as the automation, which is why the project calls itself an Agent Work Protocol rather than a bot.
Mental model: the five pieces
Five named pieces, each with one job, chained in a fixed order. Understanding this order explains almost every behavior in the rest of this guide.
- Ingress adapter — normalizes a platform event (a Slack message, a GitHub comment, a Lark mention) into one common event shape. One adapter per platform; each ignores anything that isn’t an explicit mention.
- Dispatcher (
opentagd) — the local coordination service. It validates scope, persists the run, manages leases so two runners can’t claim the same mention, and writes audit events. - Runner — claims only the work it is explicitly bound to handle, local or hosted. Bindings map a channel or repo to a project; an unbound container is ignored, not guessed at.
- Executor — the coding agent doing the work: Codex, Claude Code, or the test-only Echo, running against the mapped local checkout.
- Receipt / callback — a compact reply posted back to the source thread, plus a quiet entry in the local audit ledger.
Our take: the piece worth noticing is that adapters never execute agent code and executors never talk to platforms directly. That boundary is what makes “executor-neutral” a real property instead of a slogan — swapping Claude Code for something else doesn’t touch the Slack or GitHub code at all.
Install & quick start
Requires Node.js 20 or newer. Global install is recommended so a background service points at a stable CLI path instead of a temporary npx location:
npm install -g @opentag/cli@latest
opentag setupFor a one-off terminal check without a global install:
npx @opentag/cli setupopentag setup is a wizard that walks through six choices: CLI language, listen address, which coding agent to use, which local project to work on, which platform credentials to save, and how OpenTag should keep running. For scripted installs, skip the last prompt and go straight to the recommended background mode:
opentag setup --serviceBackground service mode uses a LaunchAgent on macOS and systemd --user on Linux. On other platforms, including Windows, use terminal mode with opentag start and keep that terminal open — there is no background-service path there yet.
Once running, mention it from any connected platform:
@opentag investigate thisConfig lives at ~/.config/opentag/config.json; runtime state and isolated worktrees default to ~/.local/state/opentag. To remove everything:
npm uninstall -g @opentag/cli
rm -rf ~/.config/opentag ~/.local/state/opentagPlatforms & executors
Six platforms ship in the opentag setup flow today, each with its own setup guide and a recommended first path:
| Platform | Best first path |
|---|---|
| Slack | Socket Mode for local development |
| GitHub | Repository webhook + GitHub token |
| GitLab | Project Note Hook + GitLab access token |
| Lark / Feishu | Scan the Personal Agent QR code from setup |
| Telegram | BotFather token with local polling |
| Discord | Bot token with local Gateway delivery |
Executors are narrower on purpose:
| Executor | Status | Notes |
|---|---|---|
| Codex | Ready | Local codex exec |
| Claude Code | Ready | Local claude --print |
| Echo | Dev/test only | Does not call a real model |
If you are choosing between Codex and Claude Code as your team’s default coding agent in the first place, our Claude Code vs Codex CLI comparison covers model access, pricing, and sandboxing side by side.
One honest wrinkle we found: OpenTag’s own marketing site, opentag.im, shows Discord, Microsoft Teams, and Google Chat under “coming soon” and doesn’t list GitLab at all. The GitHub repository disagrees — both docs/platforms/discord.en.md and docs/platforms/gitlab.en.md are complete, step-by-step setup guides, and issues asking for Discord (#32) and GitLab (#54) support are both closed as shipped. Trust the repo’s docs over the landing page for a project moving this fast.
The executor list is also narrower than “executor-neutral” framing might suggest. A request to add a third real executor, Hermes, was filed and closed without landing (issue #34) — the adapter contract is public, but only Codex and Claude Code ship as working integrations today.
Approvals & source-thread receipts
When an agent proposes a change, OpenTag renders a compact receipt in the source thread showing what will change and whether it is ready to apply. The apply action only appears once the dispatcher confirms a bound adapter can actually execute it — otherwise the receipt shows setup or attention needed instead of failing silently.
Applying is always a separate, explicit reply in the same thread — something like apply 1 or continue 1 — not a default outcome of the mention itself. That single design choice is what turns “an agent read my thread” into “an agent asked permission in my thread,” and it is the mechanism the “governed” part of OpenTag’s tagline refers to.
Our take: putting the approval prompt and the result in the same thread as the original ask is a small UX decision with an outsized effect — nobody has to context-switch to a dashboard to say yes.
Audit trail & local-first privacy
Every run keeps a local agent work ledger: the source event, the admission decision, a context packet snapshot, an executor capability snapshot, produced artifacts, callback delivery, and the final outcome. None of that floods the human thread — it stays queryable through opentag status --run <run_id> and opentag doctor.
On privacy specifically: there is no OpenTag cloud service in the local CLI flow. Platform credentials are stored on your machine with private file permissions, Codex and Claude Code run against your local checkout, and platform APIs receive only the messages needed to acknowledge, reply, and apply an action you approved.
Worth being precise about, for an MCP-focused audience: OpenTag is not an MCP server and does not implement the Model Context Protocol. It speaks its own protocol for routing mentions to agent CLIs. If what you actually want is to aggregate several MCP servers behind one endpoint, that is a different tool in a different layer — see our MetaMCP guide for that use case, and What is the Model Context Protocol? if the distinction between a tool protocol and a mention gateway is still fuzzy.
Three teams, one name
Search “OpenTag GitHub” today and you will find three unrelated, independently created projects, all shipped within about 72 hours of each other in late June 2026. None is a fork of another — different orgs, different codebases, same premise and the same name.
| amplifthq/opentag | linxidnju/OpenTag | CopilotKit/OpenTag | |
|---|---|---|---|
| Created | Jun 24, 2026 | Jun 27, 2026 | Jun 26, 2026 |
| License | MIT | Apache-2.0 | MIT |
| Language | TypeScript | JavaScript | TypeScript |
| Platforms | Slack, GitHub, GitLab, Lark/Feishu, Telegram, Discord | Slack only | Slack, Discord, Telegram, WhatsApp |
| Executors | Codex, Claude Code (+ Echo for testing) | Codex, Claude Code, OpenCode, Docker, HTTP, custom CLIs | Bring your own model, via @copilotkit/bot |
| Framing | “Governed agent work loop,” audit ledger | “Channel-native agent gateway,” per-channel policy bundles | “Open-source alternative to Claude in Slack,” generative UI |
| Hosting | Local-first CLI only | Local-first (MVP) | Self-host, or managed service coming soon |
The CopilotKit implementation is the one that picked up Hacker News coverage — “OpenTag: An open-source alternative to Claude in Slack” and a Show HN post the next day, both pointing at github.com/CopilotKit/OpenTag, not the implementation this guide covers. If you arrived here from an HN link, double-check which repo you are actually installing.
This guide is anchored on amplifthq/opentag because it has the broadest platform coverage of the three and the most explicit audit/governance design — the framing this whole article has been describing. If Slack-only with a wider executor list fits your team better, linxidnju’s Apache-2.0 build is worth a look; if a managed hosted option matters more than local-first, CopilotKit’s is the one to watch.
Our take: this isn’t plagiarism or confusion — it is three teams independently deciding that “tag an agent into the thread” was an obvious enough idea to build, in the same two-week window, under the same name. That convergence is itself a signal worth taking seriously.
What we got wrong
Three things we assumed while researching this piece that turned out to be wrong, in the interest of saving you the same detour.
- We assumed “OpenTag” meant one project. It doesn’t. A plain web search mixes results from three unrelated repos with different licenses, different install commands, and different feature sets. We nearly cited a CopilotKit tweet as being about amplifthq’s implementation before checking the linked repo — always confirm the org before you copy a command.
- We expected Discord to be unshipped, based on the landing page. opentag.im still marks it “coming soon.” The actual repository had a complete Discord setup guide and a closed feature-request issue confirming it works. For a project shipping daily, the marketing site lagged the real code by at least a week.
- We read “executor-neutral” as “bring any agent today.” The adapter contract genuinely is open — we verified it in
docs/adapter-authoring.md— but the working executor list is exactly two: Codex and Claude Code. A community request for a third was closed without merging.
Doing it right vs. doing it wrong
Mentioning in an unbound channel
Tagging @opentag in a channel or repo that was never bound to a project during setup. Nothing happens — bindings map containers to projects on purpose, so an adapter never guesses which checkout you meant.
Bind first, confirm, then mention
Run the channel/repo binding in opentag setup, confirm it with opentag doctor, and only then start mentioning the agent from that thread.
Assuming a mention means an applied change
Treating every reply as if the fix is already live. The receipt may show “setup or attention needed” instead of an apply option, and nothing writes until someone replies with the apply command.
Read the receipt, then apply
Check the receipt state before assuming anything happened, and use opentag status --run <run_id> if a thread reply doesn’t make the outcome obvious.
Running setup from Codex Default mode
OpenTag’s own setup skill documents that Codex Default mode can’t render interactive choice cards, so platform and agent choices silently fall back to plain-text prompts or defaults.
Use Plan mode, or answer the terminal wizard directly
Let Codex collect setup choices in Plan mode before running opentag setup, or just run the CLI yourself and answer its terminal prompts.
Gotchas, from the issue tracker
- npm install can fail before OpenTag even starts. The project ships its own troubleshooting runbook for
ENOTFOUND,EAI_AGAIN, andfetch failederrors duringnpm install -g @opentag/cli— a sign registry/proxy hiccups are common enough on first install to warrant documented tooling. - No background service on Windows yet. The recommended always-on mode uses a macOS LaunchAgent or Linux
systemd --userunit. Everywhere else, including Windows, you runopentag startin a terminal you have to keep open. - Two executors, not “any agent.” Codex and Claude Code are it. Echo doesn’t call a real model, and the one community request for a third (Hermes) closed without landing.
- Coverage gaps are visible in open issues. A LINE Messenger request (#65) is open and unaddressed; a WeChat request (#30) is open too. If your team’s primary chat platform isn’t one of the current six, you are filing an issue, not installing today.
- The name collision is a real installation risk. Three different repos, three different licenses, three different command sets. Confirm the org —
amplifthq,linxidnju, orCopilotKit— before running install commands from any tutorial, including this one.
Who this is for
This is for you if your team already discusses work in Slack or GitHub threads and wants an agent to join that conversation instead of opening a separate chat tab; if you need an approval gate and an audit trail before an agent’s suggested change becomes real; or if your team has already standardized on Codex or Claude Code as its coding agent.
This is less urgent if you’re a solo developer who already runs Claude Code or Codex directly in a terminal — the mention-gateway layer adds setup cost with no team thread to route from. It’s also not the fit if you want a zero-ops hosted SaaS today (that is on OpenTag’s own roadmap, not shipped, and closer to what CopilotKit’s managed service is aiming at), or if you need an executor beyond Codex or Claude Code out of the box. For a broader comparison of terminal coding agents that OpenTag can route to, see our Goose vs Cline vs Aider vs Claude Code vs OpenCode roundup, and wire the agent side up directly at mcp.directory/clients/claude-code.
Community signal
The launch tweet reads like the product brief in miniature — local execution, an auditable dispatch layer, and an explicit “early v0” framing:
We’ve been working on something new: OpenTag 🔥 open-source @ agent mentions for GitHub, Slack, and beyond.
— Monica Cheng (@MeredithCheng22) June 24, 2026
The idea is simple: AI agents should be able to join the work where it already happens.
We built OpenTag around an open, auditable dispatch layer: a mention becomes a normalized event, routed only to an explicitly bound local runner.
OpenTag is still an early v0, but we’re sharing it now because we want the direction to be shaped in the open.
A third-party reaction picked up on the same design detail we called out above — the adapter contract being public from day one:
If you’re building on top of AI agents, the extensibility layer is everything.
— Nav Toor (@heynavtoor) June 25, 2026
OpenTag has a public Adapter contract for custom executors. That’s the right call for an early-stage open-source project.
Means you’re not locked into their opinionated defaults.
We could not find loud public criticism of OpenTag yet — the project is barely two weeks old at the time of writing, and most GitHub issues are feature requests rather than complaints. The most concrete critical signal we found is structural, not opinion: the Windows background-service gap and the two-executor ceiling described above are real limits, confirmed directly in the project’s own docs and issue tracker, not community speculation.
The verdict
Our take
Install OpenTag if your team already works in Slack and GitHub threads, already runs Codex or Claude Code, and wants a governed way to pull an agent into that existing conversation instead of a new chat surface — the approval gate and local audit ledger are the real product, not the mention parsing. Skip it, for now, if you need more than two executors, a hosted option with no local daemon to run, or a platform outside the current six. And regardless of which way you land, confirm you’re looking at amplifthq/opentag and not one of the other two same-named projects before you install anything.
FAQ
What is OpenTag?
OpenTag is an open-source gateway that lets a team @mention a coding agent — Codex or Claude Code — from a Slack thread, GitHub issue, GitLab merge request, Lark/Feishu chat, Telegram message, or Discord server. It runs the agent locally and posts results back to that same thread, gated by an approval step and logged to a local audit trail.
Is OpenTag an MCP server?
No. OpenTag is a mention-routing gateway that invokes coding-agent CLIs — it speaks its own Agent Work Protocol, not the Model Context Protocol. Those agents may separately be configured with MCP servers for tools; OpenTag sits one layer above, deciding which agent runs and on whose approval.
Which coding agents does OpenTag support?
Two production executors ship today: Codex (via codex exec) and Claude Code (via claude --print). A third, Echo, exists only for local testing and doesn't call a real model. A public adapter contract exists for adding more; a community request to add a fourth executor was filed and closed without landing.
Is OpenTag free?
The amplifthq implementation this guide covers is MIT-licensed and free to self-host — you only pay for whatever Codex or Claude Code access you already have. There's no OpenTag cloud tier here. A same-named project from CopilotKit plans a paid managed service separately.
Does OpenTag require a cloud account?
No. Setup, config, and execution happen locally. opentag setup collects platform credentials once, then a local daemon or foreground process handles mentions. Platform APIs (Slack, GitHub, etc.) see only the messages needed to acknowledge, reply, and apply an approved action — nothing routes through an OpenTag-run cloud.
Why are there multiple "OpenTag" projects on GitHub?
Three unrelated teams built a tag-an-agent-into-a-thread tool under the same name within about 72 hours in late June 2026: amplifthq/opentag, linxidnju/OpenTag, and CopilotKit/OpenTag. They share a name and a premise, not code. Check which org's repo a tutorial points to before running install commands.
Can OpenTag apply changes without a human approving them?
The default loop posts a receipt and waits. An Apply action appears only once the dispatcher confirms a bound adapter can execute it, and applying still needs an explicit thread reply like apply 1. Read-only investigation runs skip the gate; anything that writes does not.
Glossary
@mention gateway
Software that turns a tagged message inside an existing chat or issue thread into a bounded, routable unit of agent work.
Ingress adapter
The piece that normalizes a platform-specific event — a Slack message, a GitHub comment — into one common event shape.
OpenTagEvent
The normalized event object every ingress adapter produces, regardless of which platform it came from.
Dispatcher (opentagd)
The local coordination service that validates scope, persists runs, manages leases, and records audit events.
Runner
The process that claims only the work it is explicitly bound to handle, local or hosted.
Executor
The coding agent doing the actual work — Codex, Claude Code, or the test-only Echo.
Context packet
The curated, bounded slice of thread and repo context handed to the executor, kept auditable instead of pasted in full.
Source-Thread Action Receipt
The compact message OpenTag posts back showing what will change and whether it is ready to apply.
Agent work ledger
The local, per-run audit record: source event, permissions, context, artifacts, and final outcome.
Lease
A time-bound claim a runner holds on a piece of work, so two runners can't act on the same mention at once.
Callback sink
The adapter half that posts acknowledgement, progress, and final messages back to the originating platform.
Channel / project binding
The explicit mapping from a chat channel or repo to a local project. Unbound containers are ignored, not guessed at.
Local-first
Architecture where execution, credentials, and state stay on the user's or team's own machine, with no required cloud hop.
Sources
Primary — amplifthq/opentag
- github.com/amplifthq/opentag — README, issue tracker, license (MIT, TypeScript,
@opentag/clion npm) - opentag.im — product site and architecture summary
- docs/adapter-authoring.md — the adapter contract referenced above
- docs/agent-work-protocol.md — the governance design doc quoted in “Why it exists”
- skills/opentag/SKILL.md — the project’s own agent-readable setup skill, source for the Codex Default-mode gotcha and the npm troubleshooting runbook
Comparison implementations (same name, different projects)
- github.com/linxidnju/OpenTag (Apache-2.0, JavaScript)
- github.com/CopilotKit/OpenTag (MIT, TypeScript, built on
@copilotkit/bot)
Community
- @MeredithCheng22, June 24 2026 — launch tweet
- @heynavtoor, June 25 2026 — adapter-contract reaction
- r/SideProject — launch post
- Hacker News — “OpenTag: An open-source alternative to Claude in Slack” · Show HN follow-up (both about the CopilotKit implementation)
Related reading on mcp.directory
Comparison
Claude Code vs Codex CLI — the two executors OpenTag runs
ReadDeep dive
MetaMCP — if you want to gateway MCP servers, not mentions
ReadFundamentals
What is the Model Context Protocol?
ReadFound an issue?
If something in this guide is out of date — a new platform ships, a third executor lands, the landing page catches up to the docs — email [email protected] or read more on our about page. We keep these guides current.