LockedCode – Security-hardened OpenCode fork (lockedcode.ai)

LockedCode, a secure fork of the popular open-source AI coding agent OpenCode, has been announced to address significant security gaps for corporate development teams. Unlike OpenCode, which operates on a trust-based model allowing LLMs direct access to files and commands, LockedCode introduces a comprehensive security layer that scans and analyzes every action the LLM proposes before execution. This ensures that file writes and shell commands are scrutinized for malware, sensitive information, and compliance, thus safeguarding sensitive data and preventing unauthorized actions. The introduction of LockedCode is particularly significant for enterprises transitioning to self-hosted or lower-cost LLM models, which often lack the built-in security assurances of larger providers. With features like immutable audit trails, configurable security policies, and advanced scanning techniques, LockedCode provides a robust framework for safe AI-driven coding in regulated industries like finance and healthcare. It balances security with performance—promising no impact on speed or workflow—making it an essential tool for organizations that prioritize code security and regulatory compliance without sacrificing productivity.