DEV Community

Y H
Y H

Posted on

LocalAnt: using ChatGPT as the brain and your local computer as the hands

#security #ai #agents #opensource

I have been building LocalAnt, a local-first MCP gateway for ChatGPT.

GitHub: https://github.com/yuga-hashimoto/localant

The goal is to make ChatGPT useful as a real local coding and automation agent without handing it an unsafe raw shell.

The problem

ChatGPT is good at reasoning, planning, and explaining tradeoffs. But most real work still happens on your own machine: codebases, git state, local dev servers, browsers, Android devices, command-line tools, and existing coding agents.

A direct shell is powerful, but it is also a bad default. I wanted a middle layer that lets ChatGPT act locally while keeping dangerous operations explicit, reviewable, and auditable.

What LocalAnt does

LocalAnt exposes a permissioned local MCP surface to ChatGPT:

  • read/search/edit project files
  • run approved shell commands
  • inspect git state and produce diffs
  • call coding agents such as Claude Code, Codex, or OpenCode-style flows
  • control browser and ADB workflows
  • run custom local skills
  • gate risky actions through local approval
  • keep an audit log with secret redaction

The mental model is:

ChatGPT is the brain. Your local computer is the hands.

Why MCP?

MCP gives the assistant a structured tool surface instead of a vague remote-control channel. That makes it possible to expose only the things the local machine uniquely provides: files, shell, git, local toolchains, devices, browsers, and custom skills.

LocalAnt intentionally avoids duplicating things ChatGPT already does well, such as web search, planning, or asking follow-up questions.

Security model

The project is designed around local control:

  • sensitive paths and dangerous command patterns are blocked
  • stricter allow-list mode is available
  • risky tools can require local approval in the dashboard or CLI
  • secrets are stored separately and redacted in logs
  • every tool call is audited

I am still tuning the defaults, especially how strict the first-run experience should be.

Setup

The shortest path is:

npx -y localant setup
Enter fullscreen mode Exit fullscreen mode

That starts the local gateway and dashboard, creates an MCP endpoint, and prints the ChatGPT connector steps.

Feedback I am looking for

I would especially like feedback from people experimenting with ChatGPT connectors, MCP servers, and local coding agents:

  • Does a permissioned local gateway feel useful compared with running a coding agent directly?
  • Should the default security mode be stricter, even if setup becomes less convenient?
  • Which local tools would you expect to expose first?
  • Would you trust a dashboard approval queue for risky actions?

Repository: https://github.com/yuga-hashimoto/localant

Top comments (0)