Skip to content
LatchGate

Windsurf

Connect Windsurf to LatchGate so every tool call goes through the execution security kernel.

Prerequisites

Section titled “Prerequisites”
  • LatchGate running (latchgate up or production deployment)
  • latchgate-mcp binary on PATH (from GitHub Releases or brew install latchgate-ai/tap/latchgate)
  • Windsurf installed

Automatic setup

Section titled “Automatic setup”
Terminal window
latchgate-mcp install --ide windsurf

This writes the MCP server entry to ~/.codeium/windsurf/mcp_config.json. Restart Windsurf to pick up the configuration.

Preview first without writing:

Terminal window
latchgate-mcp install --ide windsurf --dry-run

Manual setup

Section titled “Manual setup”

Add to ~/.codeium/windsurf/mcp_config.json:

{
  "mcpServers": {
    "latchgate": {
      "command": "/usr/local/bin/latchgate-mcp",
      "args": ["serve", "--gate-url", "http://localhost:3000"],
      "env": {
        "LATCHGATE_AGENT_ID": "windsurf",
        "RUST_LOG": "warn"
      }
    }
  }
}

Adjust the binary path if installed elsewhere. Use which latchgate-mcp to find it.

End-to-end verification

Section titled “End-to-end verification”
  1. Start LatchGate: latchgate up
  2. Install config: latchgate-mcp install --ide windsurf
  3. Restart Windsurf.
  4. Ask the agent to perform an HTTP request.
  5. Verify the audit trail: latchgate audit --limit 5
  6. Confirm the full pipeline: lease => policy => WASM sandbox => receipt.

Production (UDS transport)

Section titled “Production (UDS transport)”

Replace --gate-url with UDS + public base URL for production:

{
  "mcpServers": {
    "latchgate": {
      "command": "/usr/local/bin/latchgate-mcp",
      "args": ["serve", "--public-base-url", "http://localhost:3000"],
      "env": {
        "LATCHGATE_AGENT_ID": "windsurf",
        "RUST_LOG": "warn"
      }
    }
  }
}

This connects via /run/latchgate/gate.sock (default) — no TCP exposure.

For production hardening with UDS transport, see Deployment.