@openthomas/thomas

Thomas

Get Thomas on the wire.

The orchestrator's instrument panel for AI agents.

The 2026 founder's job is to orchestrate agents — Claude Code shipping code, Claude Cowork running ops, Hermes answering support, a dozen agents working in parallel while you sleep. You cannot orchestrate what you cannot see.

Thomas is the local-first flight recorder. Every model call, every tool call, every MCP message, every file change, every dollar — all captured on your own machine, decoded into an execution graph you can actually read. The paid tiers add the control plane on top: block risky actions, set budgets, route models, govern across a team.

Quick start

npm install -g @openthomas/thomas

thomas wire                  # detect agents, install taps, start daemon
# …run your agent as usual…
thomas                       # open the UI at http://localhost:9877

thomas wire is byte-exact reversible: thomas unwire restores every file it touched. No accounts, no telemetry, no cloud — your traces stay on your machine. Read PRIVACY.md for the precise list of every file Thomas writes and the only place it sends data (forwarding your own agent's traffic to the model provider your agent already calls — and nowhere else).

How Thomas fits the founder journey

Anthropic's Founder's Playbook names four stages every AI-native startup moves through. AI compresses each — and introduces new failure modes the playbook explicitly warns about. Thomas is the instrument set that lets the orchestrator see and control what AI is doing on their behalf, at every stage.

Stage	Where you are	Thomas (free) gives	Natural upgrade
Idea	Ten hypotheses, ten Claude bills running in parallel	Cost X-ray per agent, per project, per day	Personal: budget caps so rabbit holes can't drain credits
MVP	Agentic coding, unattended runs. "Code that works is not code that is secure." — playbook	Full action trace, risk flags (destructive shell, secret leak, retry storm), mock replay	Personal: approval gates, budget caps, model routing
Launch	Real users on the line. The playbook prescribes "the observability layer that makes SLAs actually enforceable."	Audit trail per run, shareable post-mortem reports	Personal: live blocking + alerts. Solo: multi-project workspaces, CI replay, eval suites built from real production traces
Scale	First hires, multiple machines, enterprise procurement asking for proof you are "a dependable infrastructure partner."	(free keeps recording)	Team: RBAC, SSO, shared policies, fleet management, audit log for compliance

Same job, new instruments. The playbook closes with "Same job, new rules" — the founder's work hasn't changed, only the path. Thomas is one of the instruments that makes the new path navigable.

Thomas (free) → Thomas Personal / Solo / Team

The free package — Thomas — is the see layer. Capture, decode, timeline, cost X-ray, risk flags, mock replay, shareable reports. MIT licensed, fully local, complete on its own.

The paid tiers — Personal / Solo / Team — are the control layer that builds on the same daemon: act on what you saw, set budgets, route models, sync across machines, govern across team members.

	Thomas (free)	Personal	Solo	Team
Local capture, decode, timeline	✅	✅	✅	✅
Cost X-ray, risk flags (read-only)	✅	✅	✅	✅
Shareable reports, mock replay	✅	✅	✅	✅
Active blocking & policy	—	✅	✅	✅
Approval gates (live YES/NO on risky actions)	—	✅	✅	✅
Budget caps & model routing	—	✅	✅	✅
Encrypted cloud sync across your machines	—	✅	✅	✅
Multi-project workspaces	—	—	✅	✅
CI replay (live, deterministic)	—	—	✅	✅
Eval suites built from your real traces	—	—	✅	✅
RBAC, SSO, shared policies	—	—	—	✅
Fleet management & audit log	—	—	—	✅

Paid features ship in the same binary, gated by a cloud-issued license token — no plugins to install, no separate CLI to learn. The free package never calls cloud, never phones home, and is a complete flight recorder forever.

Today (v0.1): free only. Personal launches in v0.4; Solo and Team follow.

What you'll see

$ thomas list
ID            STARTED              AGENT        STATUS  DUR     ACT  COST     IN/OUT  CACHE R/W
────────────  ───────────────────  ───────────  ──────  ──────  ───  ───────  ──────  ─────────
ru_aBc1xYz9   2026-05-16 14:23:11  claude-code  done    1.4s    1    $0.0024  120/45  0/0
ru_fOj6Ce1H   2026-05-16 14:22:18  hermes       done    7.8s    1    $0.97    1/396   565K/5K

$ thomas tail
14:42:49  claude-code   mcp_call    → filesystem  tools/list
14:42:49  claude-code   mcp_call    ← filesystem  tools/list
14:43:21  claude-code   model_call  claude-opus-4-7  200  6/8  $0.0007
!  14:44:02  hermes        model_call  Xiangxin-2XL-Chat  200  1/1547  $1.367

What it captures

• Model calls — Anthropic, OpenAI, Gemini, OpenRouter, vLLM, and any OpenAI-compatible endpoint. Streaming and non-streaming. Full prompt / response / tool_use blocks.
• MCP messages — JSON-RPC over stdio. Per-frame capture (request / response / notification) with method, params, result, error.
• Tool calls — tool_use blocks (bash, file edit, web fetch, …) inline with the model response that produced them.
• Cost / tokens / latency — including cache_read / cache_write attribution. See exactly when a prompt cache charged you.
• Risk signals — destructive shell (rm -rf, curl | sh), possible secret leak (keys, tokens, bearer creds), cost spikes, retry storms. Read-only labels in the trace. You decide what to do.

Why not Langfuse / Helicone / LangSmith?

Those tools watch model calls. Thomas watches agent runtimes — the full execution graph including tool calls, MCP, file ops, and inter-agent traffic.

If you've ever asked what did my agent actually do?, that's the gap.

Supported agents

Agent	Auto-wire	Notes
Claude Code	✅	via ~/.claude/settings.json env block + MCP wrap
OpenClaw	✅	restarts the launchd daemon on wire
Hermes	✅	paste /model <name> --global to apply live
OpenCode	✅
Codex	ⓘ manual
Cursor	ⓘ manual
Gemini CLI	ⓘ manual

Custom agent? Point its base URL at http://localhost:9877/wire/<your-name>/<provider> and Thomas will record everything.

Architecture

Thomas runs as a single always-on Node.js daemon, installed via launchd on macOS or systemd on Linux. Four layers: capture (HTTP reverse proxy + MCP stdio tap) → decode (Anthropic SSE, OpenAI chat, MCP JSON-RPC per-protocol decoders) → store (local SQLite) → present (Hono REST + SSE + React UI on localhost:9877). All data stays on disk under ~/.thomas/. Source: github.com/openthomas-com/thomas.

Status

v0.1. Solo-built and used daily by the author. Tested against real Claude Code / OpenClaw / Hermes traffic. Bug reports and PRs welcome.

License

MIT.