llm-cli-gateway - one MCP gateway for coding-agent CLIs, local or remote

$ llm-cli-gateway.dev --view <TAB>
llm-cli-gateway - one MCP gateway for coding-agent CLIs, local or remote
Claude Code / Codex / Gemini / Grok / Mistral Vibe - durable async jobs - MIT
Paste this into your AI agent:
Read https://llm-cli-gateway.dev/install.md and configure yourself to use llm-cli-gateway as an MCP server.
View the install spec · Repository
or run manually
npx -y llm-cli-gateway
$ npx -y llm-cli-gateway
  MCP server connected over stdio
$ LLM_GATEWAY_AUTH_TOKEN=… llm-cli-gateway --transport=http
  HTTP MCP server listening on 127.0.0.1:3333/mcp (bearer or OAuth, per-principal isolation)
> consensus_check({ models: ["claude", "codex", "gemini"], claim })
  claude_request: accepts with caveat
  codex_request: flags missing test
  gemini_request: suggests smaller patch
  result: disagreement summarized for review
> claude_request_async({ prompt, outputFormat: "stream-json" })
  jobId: 1f0c9a2e-…
  status: running
  persisted: ~/.llm-cli-gateway/logs.db
> llm_job_result({ jobId })
  complete - result recovered after gateway restart
API proxy
POST /v1/messages
model response
no native Claude Code session
no Codex CLI resume
no local provider CLI config
file and test access must be rebuilt
Good for hosted chat. Thin for local coding agents.
llm-cli-gateway
MCP tool call
claude_request keeps Claude Code semantics
codex_request uses real Codex sessions
gemini_request uses the installed Antigravity CLI (agy)
grok_request and mistral_request follow provider CLIs
One MCP surface, real local CLIs underneath.

A Model Context Protocol (MCP) gateway for running Claude Code, Codex, Gemini, Grok, and Mistral Vibe CLIs from one MCP endpoint, with durable async jobs, session continuity, cache-aware prompting, observability, and personal-appliance setup tooling.

Why developers try it: one MCP endpoint for cross-LLM validation, multi-agent coding workflows, and repeatable assistant-led setup across five provider CLIs.

Local by default over stdio. As of 2.9.0 it also runs remotely over HTTP behind a static bearer token or a built-in OAuth 2.0 server (PKCE on by default, an opt-in human-consent gate, and a trusted-principal-header seam for your own identity proxy), with every session, job, and stored request owned by a principal so one caller never sees another's work, remote calls refused unless a workspace is registered, and a dangerous configuration that fails closed rather than serving open.

Current signals: CI and security workflows pass on main, OpenSSF Scorecard is published, OpenSSF Best Practices is passing, releases use Sigstore signing, and the package is MIT licensed.

claude_request-> Claude Code with sessions and MCP server selection
codex_request-> OpenAI Codex CLI with real resume IDs
*_request_async-> long-running jobs persisted to SQLite
consensus_check-> ask several models and inspect disagreement
session_create-> reusable provider sessions and worktree-aware flows
approval_list-> review approval decisions from one place

The gateway orchestrates local CLIs. It does not replace them.

Posture
CI Security SAST OpenSSF Scorecard OpenSSF Best Practices npm provenance Sigstore CODEOWNERS Dependabot MIT
SignalStatusWhy it matters
Runtimelocal stdio or remote HTTPrun on your machine, or expose it behind a bearer token or OAuth
Remote authbearer or built-in OAuth 2.0PKCE, opt-in consent gate, per-principal isolation, fail-closed posture
Async jobsdurable SQLite storelong calls can survive gateway restarts
Validationcross-model toolscompare, red-team, second opinion, and consensus workflows
Releasenpm provenance + Sigstorepublished artifacts have supply-chain evidence
LicenseMITopen source and installable without a hosted service
Integration
MCP clientsnpx -y llm-cli-gatewaystdio server for Claude Desktop, Claude Code, Codex, Gemini, and other MCP clients (or --transport=http for remote clients)
Provider CLIsclaude / codex / agy / grok / vibeuses the tools and credentials you already installed locally
Registryio.github.verivus-oss/llm-cli-gatewaypublished to the official MCP Registry