Presets
Presets encode a security posture: which action manifests to extract and how the initial ACL is shaped. They are the primary mechanism for tailoring LatchGate to a specific use case without manual manifest curation or policy editing.
Built-in presets
Section titled “Built-in presets”LatchGate ships eleven built-in presets:
| Preset | Manifests | Wildcard grant | Use case |
|---|---|---|---|
quickstart | Listed (4 actions) | risk_below:medium — only low-risk auto-granted | First evaluation — two auto-allowed reads and two gated writes. No external credentials required. |
agent | Tagged agent | risk_below:high — low and medium auto-granted | General-purpose AI agent: code, issues, docs, tasks, search, and filesystem. High-risk actions gated. |
coding | Tagged coding | risk_below:high — low and medium auto-granted | Coding agent: filesystem, GitHub, web search. Writes and PRs gated. |
read-only | Tagged research (read-only) | risk_below:medium — only low-risk auto-granted | Read and search only — web, APIs, docs, feeds, and public registries. All write actions blocked. |
ops | Tagged agent,devops | risk_below:high — low and medium auto-granted | Full operations: agent + devops actions. Infrastructure changes and deploys require approval. |
devops | Tagged devops | risk_below:high — low and medium auto-granted | Infrastructure and deployment: CI/CD, DNS, monitoring, cloud storage, incident management. |
data | Tagged data-pipeline | risk_below:high — low and medium auto-granted | Storage, monitoring, and financial integrations — S3, Datadog, Grafana, Stripe. Write actions gated. |
team | Tagged team | risk_below:high — low and medium auto-granted | Agent plus email, messaging, calendar, and notes. Sending messages and creating events gated. |
lockdown | Full catalog | none — nothing auto-granted | Full action catalog, nothing auto-granted. Every action requires a named principal or approval. |
blank | None | none — nothing auto-granted | Empty registry. Add actions individually via the TUI or the manifests directory. |
permissive | Full catalog | all — everything auto-granted | Dev and demo only. Never deploy. Requires unsafe dev mode. |
Wildcard grant levels
Section titled “Wildcard grant levels”The wildcard_grant field in a preset controls which actions are automatically available to any authenticated principal (the * ACL entry):
all— every extracted action is granted to*. Dev/demo only.risk_below:high— actions with risk levellowormediumare granted. High and critical actions require a named principal or human approval.risk_below:medium— onlylowrisk actions are granted. Everything else requires explicit authorization.none— no actions are granted to*. Every action requires a named principal entry in the ACL.
Named principals (added via latchgate policy grant) can always access actions regardless of wildcard grant level.
Manifest tagging
Section titled “Manifest tagging”Presets that specify manifests = "tagged:<name>" extract only the subset of the built-in action catalog tagged with that preset name. This keeps the attack surface minimal — a read-only deployment never sees http_delete or github_pr_create manifests.
Presets with manifests = "all" extract the full catalog.
Using presets
Section titled “Using presets”During init
Section titled “During init”latchgate init # interactive — preset pickerlatchgate init --preset coding # non-interactivelatchgate init --preset lockdown --location user # user-global installThe interactive wizard presents all eleven presets with descriptions. The selected preset determines which manifests are extracted and how data.json is populated.
Listing and exporting
Section titled “Listing and exporting”latchgate init --list-presets # show all presets with descriptionslatchgate init --export-preset coding # dump raw TOML for customization--export-preset outputs the preset TOML to stdout. Redirect to a file, modify it, and pass the file path to --preset for a custom preset:
latchgate init --export-preset coding > my-preset.toml# Edit my-preset.toml...latchgate init --preset ./my-preset.tomlCustom presets
Section titled “Custom presets”A custom preset is a TOML file with this structure:
[preset]name = "my-custom"description = "Internal APIs only. No public web access."manifests = "tagged:internal-api" # or "all"
[preset.policy]wildcard_grant = "risk_below:high" # or "all", "risk_below:medium", "none"Custom presets can reference custom manifest tags. To tag a manifest for a custom preset, add the tag to the manifest’s tags field:
# In your action manifest YAML:tags: ["internal-api", "coding"]Pass the file path to latchgate init --preset ./my-preset.toml.
Preset format reference
Section titled “Preset format reference”| Field | Required | Values | Description |
|---|---|---|---|
preset.name | yes | string | Preset identifier. Used in policy_version tracking. |
preset.description | yes | string | Human-readable summary shown in --list-presets and preset show. |
preset.manifests | yes | "all", "tagged:<tag>", "listed:<id>,<id>", "none" | Which manifests to extract from the catalog. |
preset.policy.wildcard_grant | yes | "all", "risk_below:high", "risk_below:medium", "none" | What the * ACL entry receives. |
Policy version tracking
Section titled “Policy version tracking”Every data.json generated or modified by LatchGate includes a policy_version string that encodes the preset origin:
coding-init— initial generation fromlatchgate initcoding-init-1— after alatchgate policy grant/revokeincrement