A single-binary CLI for LibertAI: log in once, then run inference, generate images, and launch agent tools (Claude Code, OpenCode, Aider) pre-wired to talk to LibertAI.
Pick the channel that fits your OS — they all land on the same released binary.
# One-liner (Linux / macOS / WSL — no sudo, installs to ~/.local/bin)
curl -fsSL https://raw.githubusercontent.com/Libertai/libertai-cli/main/packaging/install.sh | sh
# Debian / Ubuntu (system-wide, auto-updates via apt)
curl -fsSL https://apt.libertai.io/install.sh | sudo bash
# macOS (Homebrew)
brew install Libertai/tap/libertai
# Any platform with a Rust toolchain
cargo install libertai-cli
# From source (dev)
git clone https://github.com/Libertai/libertai-cli
cd libertai-cli && cargo install --path .Windows: grab the latest libertai-windows-x86_64.exe from
GitHub Releases.
No native package yet.
The binary is named libertai. The one-liner honours LIBERTAI_VERSION (pin
a tag) and LIBERTAI_INSTALL_DIR (override the install dir).
libertai pings GitHub once every 24h in a background thread and prints a
one-line banner on the next startup if a newer release exists, pointing to
the upgrade command that matches how you installed it (apt / brew / cargo
install / re-run install.sh). No self-replacing libertai update subcommand
— updates flow through your system package manager.
Silence the banner with NO_UPDATE_CHECK=1 or
libertai config set check_for_updates false. The check is also skipped
automatically in non-interactive shells and CI.
libertai login # pick: [1] paste API key [2] sign with wallet [3] open console
libertai ask "explain EIP-191 signing in two sentences"
libertai chat # streaming REPL, Ctrl-D to exit
libertai image "a lighthouse at dusk" --out dusk.png
libertai claude # launch Claude Code against LibertAI| Command | Description |
|---|---|
libertai login |
Interactive login: API key, wallet signing (Base), or browser fallback. |
libertai logout |
Back up the current config to config.toml.bak.<epoch>. |
libertai status |
Show current auth state and default models. |
libertai models |
List models available from /v1/models. |
libertai ask <prompt> |
One-shot, non-streaming completion. |
libertai chat |
Streaming chat REPL with history. --system for a system prompt. |
libertai search <query> |
Web search via search.libertai.io. --max-results, --type web|news|images, --json. |
libertai fetch <url> |
Fetch a URL and return its cleaned article text (title, content, word count). --json for the raw response. |
libertai image <prompt> |
Generate and save images. --n, --size, --out, --model, --force. |
libertai keys list|create|delete |
Manage API keys (requires wallet). |
libertai run -- <cmd> |
Exec any command with LibertAI env vars injected. |
libertai claude [args] |
run preset for Claude Code. |
libertai opencode [args] |
Writes a libertai provider into ~/.config/opencode/opencode.json, sets LIBERTAI_API_KEY, then launches OpenCode. |
libertai aider [args] |
run preset for Aider; auto-passes --model openai/<default_code_model>. |
libertai claw [args] |
run preset for Claw Code; auto-passes --model openai/<default_code_model>. |
libertai config show|path|set|unset |
Inspect or edit ~/.config/libertai/config.toml. |
libertai skills install|list|uninstall |
Manage bundled Claude Code skills (image gen etc). |
~/.config/libertai/config.toml (permissions 0600):
api_base = "https://api.libertai.io"
account_base = "https://api.libertai.io"
default_chat_model = "qwen3.5-122b-a10b"
default_code_model = "qwen3.6-35b-a3b"
default_image_model = "z-image-turbo"
[launcher_defaults]
opus_model = "gemma-4-31b-it"
sonnet_model = "qwen3.6-35b-a3b"
haiku_model = "qwen3.6-35b-a3b"
[auth]
api_key = "LTAI_..."
# wallet_address / chain are only written when you log in via wallet.Set values with:
libertai config set default_chat_model hermes-3-8b-tee
libertai config set launcher_defaults.opus_model gemma-4-31b-itReset a key (or everything) back to the built-in default so future default changes in the CLI propagate to you automatically:
libertai config unset default_chat_model
libertai config unset launcher_defaults # all three launcher tiers
libertai config unset all # every non-auth fieldFields that match the built-in default are omitted from the saved file, so once reset they track future upgrades.
libertai claude is equivalent to:
env \
ANTHROPIC_BASE_URL=https://api.libertai.io \
ANTHROPIC_AUTH_TOKEN=$LTAI_API_KEY \
ANTHROPIC_DEFAULT_OPUS_MODEL=gemma-4-31b-it \
ANTHROPIC_DEFAULT_SONNET_MODEL=qwen3.6-35b-a3b \
ANTHROPIC_DEFAULT_HAIKU_MODEL=qwen3.6-35b-a3b \
CLAUDE_CODE_ATTRIBUTION_HEADER=0 \
CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC=1 \
CLAUDE_CODE_DISABLE_1M_CONTEXT=1 \
DISABLE_TELEMETRY=1 \
claude…without the 60 characters of typing. --model, --opus, --sonnet, --haiku
override individual tiers.
libertai run -- <cmd> is the generic form: it always sets
OPENAI_API_KEY / OPENAI_BASE_URL / OPENAI_API_BASE /
ANTHROPIC_BASE_URL / ANTHROPIC_AUTH_TOKEN before exec'ing.
OpenCode ignores OPENAI_* env vars for custom providers and instead
requires a provider entry in ~/.config/opencode/opencode.json.
libertai opencode synthesizes one idempotently — a provider.libertai
block pointing at <api_base>/v1 with apiKey: "{env:LIBERTAI_API_KEY}"
and a models map built from your default_chat_model / default_code_model
plus the three launcher tiers. Other top-level keys and providers in
opencode.json are preserved. LIBERTAI_API_KEY is exported from the CLI's
config on each launch. If you don't pass --model, the CLI appends
--model libertai/<default_code_model>.
Claw Code reads
ANTHROPIC_BASE_URL / ANTHROPIC_AUTH_TOKEN like Claude Code, but its
CLI rejects model names that don't match a known provider prefix with
invalid_model_syntax, and the Anthropic path does not strip a routing
prefix before sending the request — so --model qwen3.5-122b-a10b and
--model anthropic/qwen3.5-122b-a10b both fail against a LibertAI
backend. libertai claw works around this by routing via claw's
OpenAI-compatible path: it appends --model openai/<default_code_model>
(the openai/ prefix is stripped before the request is sent) and
relies on OPENAI_BASE_URL / OPENAI_API_KEY from the base env. Claw
doesn't ship with a ~/.claude/skills/ reader today, so the image /
search skills aren't automatically available inside a claw session yet.
Out of the box, agent CLIs pointed at LibertAI have no image-generation or
web-search tool. The CLI bundles two Claude Code
skills that teach the agent how
to call libertai for these capabilities:
libertai-image— teaches the agent to runlibertai image "<prompt>" --out <path>when the user asks for a picture, logo, mockup, etc.libertai-search— teaches the agent to runlibertai search "<query>" [--type news|images]for fact-checks, current events, and research, andlibertai fetch "<url>"to read the cleaned text of a specific page.
Because both Claude Code and OpenCode read skills from
~/.claude/skills/<name>/SKILL.md, the same bundle works for both. Aider
has no skill system, so libertai aider instead generates an
instructions file at ~/.config/libertai/aider-instructions.md and passes
--read <that file> when it exec's aider.
libertai claude and libertai opencode auto-install the bundled skills
non-destructively (existing files are left alone so customisations
survive). Manual control:
libertai skills list # show what's bundled
libertai skills install # force-refresh into ~/.claude/skills/
libertai skills install --project # into ./.claude/skills/ for this repo
libertai skills uninstall # remove| Tool | How libertai capabilities reach it |
|---|---|
Claude Code (libertai claude) |
~/.claude/skills/libertai-* (native) |
OpenCode (libertai opencode) |
~/.claude/skills/libertai-* (opencode reads Claude's skill format) + provider.libertai in opencode.json |
Aider (libertai aider) |
~/.config/libertai/aider-instructions.md loaded via --read |
Future: OpenCode MCP bridge (exposes image/search as MCP tools so they appear in opencode's tool list alongside native ones).
Two supported flows today:
- API key — create one at console.libertai.io
and paste it into
libertai login. - Wallet signing on Base —
libertai loginprompts for a hex-encoded secp256k1 private key, fetches an auth message from/auth/message, shows you the message and host and asks for confirmation before signing, then submits the EIP-191 signature to/auth/loginand creates an inference API key via/api-keys.
The private key is never persisted. Only the derived address and chain are
saved, so keys list/create/delete can re-prompt for signing when they need a
fresh JWT.
- Credentials live on disk at
~/.config/libertai/config.tomlin plaintext (file mode0600, parent dir0700). OS keyring storage is on the roadmap. libertai run/claude/opencode/aiderinject the API key into the child process's environment. Any subprocess that reads env vars — and any diagnostic tool that can enumerate this process — can see the key. This is the only way these third-party tools can authenticate today; if you do not want this tradeoff, uselibertai ask/chat/imagedirectly.- The wallet-signing flow shows you the exact message and host before signing
and requires explicit confirmation. Still: the
account_baseit talks to is user-configurable — if you change it, you are trusting that host to issue benign signing requests. - HTTPS is enforced for
api_baseandaccount_base;http://URLs are rejected at config load.
cargo build # debug
cargo build --release # single optimized binary
cargo test # config round-trip + masking
./target/release/libertai --help- Solana wallet signing.
- Browser-based device pairing (console.libertai.io issues a one-time code the CLI exchanges for a key — removes the private-key prompt).
libertai openclawandlibertai hermeslaunchers.- OS keyring storage as an alternative to the TOML file.