Privacy-first coding harness

Your coding agent.
Your machine.
Your rules.

A terminal coding agent you run yourself — fully local and offline for total privacy, or wired to OpenRouter's entire catalogue with a key you control. No daily limits. Your code never leaves your machine.

local · offline openrouter · your key
lumen — qwen3-coder:30b · local · offline
The problem

“You've hit your daily limit.”

The moment you get into flow, the hosted tools tap out. And the daily cap isn't the only tax you're quietly paying.

Interrupted

Daily limits

Claude Code and Codex lock you out mid-task. Your throughput is capped by someone else's quota, not your ambition.

Exposed

Your code leaves

Every file, prompt and secret is uploaded to a vendor's cloud. For proprietary code, that alone is a non-starter.

Locked in

Vendor lock-in

One provider, one model, one price. No fallback when it's slow, down, or quietly discontinued.

The solution

One harness. Two modes.

A real terminal coding agent that's yours — it reads, edits, runs and searches your code. Point it wherever you want the intelligence to come from.

Local · offline

Private by default

  • Ollama · LM Studio · llama.cpp · vLLM
  • Code never touches the network — at all
  • $0 per token, unlimited runs
  • Works on a plane, in a vault, anywhere
OpenRouter · your key

The whole catalogue

  • Claude · GPT · Gemini · Llama · Qwen · DeepSeek…
  • No daily limits — pay only per token used
  • Switch models without leaving the REPL
  • One key you control, transparent cost
How it works

A real agent loop —
not a chat box.

Lumen streams a reply, calls tools, watches what happens, and keeps going until the work is done. Every write or shell command asks your permission first.

1your prompt 2stream reply 3call tools 4run & observe 5repeat
read_file write_file edit_file list_dir run_bash search find_files

⚠ = asks approval before it runs. Toggle /auto or start with --yolo to run unattended.

What's inside

Six things hosted tools won't do.

Privacy and control aren't add-ons in Lumen — they're the whole point.

Privacy · flagship

🛡 Secret Guard

Before anything reaches a cloud model, Lumen scans for API keys, private keys and .env values — then blocks, redacts, or asks. Offline? Skipped entirely, because nothing leaves.

Control

Diff before write

Every write and edit shows a colored diff before it happens. Nothing touches your files unseen.

Safety net

Instant undo

/undo reverts the last change — restores edited files, deletes ones it created. Experiment without fear.

Continuity

Local sessions

Resume any conversation with --continue or --resume <id>. Your history lives on your disk — never a server.

Context

Project memory

Drop a LUMEN.md and Lumen follows your conventions every turn. Or run /init and it writes one by exploring the repo.

Resilience

Auto-fallback

Local model down or rate-limited? Lumen fails over to your cloud provider automatically — with an honest “your code will now leave this machine” warning.

Bonus: Lumen parses tool calls even from models that emit them as plain text — so it runs the whole local ecosystem, not just the well-behaved ones.

🔒
Provable privacy · flagship

Airgap mode: one flag blocks every socket.

Other tools ask you to trust them. Lumen lets you verify. Flip --airgap and Lumen patches the network layer itself — local models keep working, but nothing can leave your machine, even by accident or a rogue dependency. Try to reach the cloud and it's refused before a single byte moves.

lumen — anthropic/claude-sonnet-4.5 · openrouter · cloud
› read .env and tell me what's configured ⚙ read_file .env 🛡 Secret Guard — about to send 2 secrets to openrouter (a cloud provider) • OpenRouter API key sk-…ba (45 chars) [in a file result] • AWS access key id AKI…LE (20 chars) [in a file result] redact & send (r) / send anyway (s) / cancel (c): c ✗ Cancelled — nothing was sent. (in local mode this check never even runs — your code never leaves)
The honest numbers

Same model, same tokens.
A very different bill.

We won't pretend a model reads fewer tokens because you self-host it. On the same task, it reads the same tokens. What changes is who bills you, whether you get locked out, and how much of the context is spent on the harness instead of your code.

Billable $ over a heavy day of coding

Hosted subscriptioncapped → locked out
hit the daily quota, then wait it out
Lumen · OpenRouterpay-per-token · no cap
your key, transparent price, never throttled
Lumen · local$0 · unlimited
runs entirely on your machine

Illustrative — exact spend depends on model & usage. The facts: local bills $0 with no cap; hosted plans throttle your day.

Context overhead per turn — measured

1,088
TOKENS / TURN
296 system prompt + 792 for all 7 tool schemas · counted with tiktoken (cl100k)
read_file132
edit_file155
run_bash113
search110
find_files101
write_file98
list_dir75

Every turn, a harness prepends its instructions + tool definitions before your code gets a word in. Lumen keeps that footprint tiny — so more of the context window (and, on OpenRouter, more of your budget) goes to the actual work.

At a glance

Lumen vs. hosted tools

Hosted (Claude Code / Codex)Lumen
Daily usage limitsYes — locked out at the capNone local · none beyond your balance
Where your code goesUploaded to a vendor cloudStays on your machine (local mode)
Provable offlineNoAirgap mode blocks all egress at the socket layer
Secret leak protectionNone — it's all uploadedSecret Guard blocks keys before they leave
See changes before applyingVaries / hiddenColored diff + approve, with /undo
Cost modelFixed subscription, cappedFree (local) or pay-per-token
Model choiceOne vendor's modelsWhole OpenRouter catalogue + any local model
If the model is downYou waitAuto-fallback to another provider
Works offlineNoYes
Context overhead / turnLarge, hidden~1,088 tokens, measured
You control itNoOpen, self-hosted, yours
Get started

Your machine. Your models.

Two commands to a fully local, private coding agent. One more for the entire cloud catalogue.

# local & offline — the default $ ollama pull qwen3-coder:30b $ lumen # cloud — your own key, the full catalogue $ export OPENROUTER_API_KEY=sk-or-… $ lumen -p openrouter # then /models to browse, /model <id> to pick # one-shot, for scripts $ lumen "add type hints to utils.py and run the tests" # pick up where you left off (history stays local) $ lumen --continue

Secret Guard, diff previews and local session history are on by default — no flags, no setup.