Open Source • MIT License

Helm

Keep long-running coding agents bounded, recoverable, and auditable.

Helm gives AI agent workspaces operational discipline after the chat is gone: profiles before commands, checkpoints before risky edits, and durable task history on disk.

$ python -m pip install helm-agent-ops

View on GitHub

PyPI Docs Three-minute demo

The problem with agent-driven work

Long-running coding agents operate in an unstructured void. When things go wrong, you're left piecing together what happened.

Chat history disappears

Context evaporates when the session ends. What the agent learned is gone.

Commands run too fast

Agents execute broad commands too quickly without pausing for review.

Recovery is informal

No structured rollback points. Manual git stashes are your only safety net.

Hard to explain

After a long session, reconstructing what happened is detective work.

Who is this for?

Developers running Codex, Claude Code, Cursor, OpenClaw, or similar coding agents for long repository tasks

Builders who need agent command history, checkpoints, and rollback discipline

Local-first AI workflow users who want durable state without adopting a hosted agent platform

Teams experimenting with repeatable human-agent development workflows

What Helm adds

An operational layer that brings structure, safety, and visibility to agent workspaces.

Profiles

Declare allowed command risk before execution. Define what the agent can and cannot do upfront.

Guardrails

Block dangerous or out-of-profile commands automatically. No more rm -rf surprises.

Checkpoints

Create visible recovery points before risky work. Roll back with confidence.

Audit trail

Keep task and command history in local files. Know exactly what happened and when.

File-backed memory

Hydrate future runs from workspace state. Context persists between sessions.

Operational visibility

See profiles, checkpoints, task history, and command guard decisions at a glance.

helm dashboard

~/.helm/workspace

ACTIVE PROFILE

inspect_local

git, ls, cat, grep

rm, mv (needs confirm)

RECENT CHECKPOINTS

before-risky-work2m ago

after-refactor1h ago

initial-state3h ago

TASK LEDGER

inspect repo

4 cmdsdone

add feature

12 cmdsactive

fix tests

7 cmdsdone

COMMAND GUARD LOG

git status --short • allowed by profile:inspect_local

cat README.md • allowed by profile:inspect_local

rm -rf node_modules • blocked: destructive command not in profile

See it in action

A quick look at Helm's core commands.

helm-workspace

# Check workspace health

$ helm doctor --path ~/.helm/workspace

✓ Workspace initialized
✓ Profile config valid
✓ Checkpoint storage OK
✓ Task ledger accessible

# Run a command with profile enforcement

$ helm profile --path ~/.helm/workspace run inspect_local --task-name "inspect repo" -- git status --short

[profile:inspect_local] Command allowed: git status --short
 M README.md
?? new-feature.py

# Create a checkpoint before risky work

$ helm checkpoint create --path ~/.helm/workspace --label before-risky-work --include ~/.helm/workspace

checkpoint created: before-risky-work (3.2 MB)
location: ~/.helm/workspace/.checkpoints/20240115-143022-before-risky-work

# View the dashboard

$ helm dashboard --path ~/.helm/workspace

Dashboard running at http://localhost:8420
Press Ctrl+C to exit

Published on PyPI• helm-agent-ops

MIT Licensed• Open source

Runtime Agnostic• Any Python env

Local-first• State on disk

Trusted Publishing• GitHub Actions

What Helm is not

Helm is not another agent runtime.

Helm is not an autonomous agent platform.

Helm is not a cloud SaaS.

Helm does not replace your coding agent.

Helm adds an operations layer around the agent workflow you already use.

Get started

Install Helm and bring operational discipline to your agent workflows.

$ python -m pip install helm-agent-ops

Install from PyPI Three-minute demo GitHub

Start with the three-minute demo, then add Helm to one real agent workspace.