Safe by default, powerful by consent
Trust-before-anything boot — nothing is read-as-code, executed, or sent over the network before you make a trust decision. Real container isolation; dangerous capabilities are opt-in and scoped.
Open-source, model-agnostic, governed. A terminal-native autonomous engineer you can point at any model, extend with signed skills, and run without rate-limit cliffs or vendor lock-in — safe to open an untrusted repo by default.

Larb is an open-source, model-agnostic, security-first autonomous coding agent. It plans, edits, runs, tests, and self-corrects until a task verifiably passes — inside a capability sandbox, under a hard spend governor, with every action logged.
The name is also a Lao/Thai dish (ลาบ) — a nod to the project's roots. This site is bilingual: English · ไทย.
⚠️ Status:
0.1.0-alpha. Early, BYO-key developers only. APIs and config may change. See the roadmap and the README's Known limitations.
Everyone else makes you choose between open, safe, unlocked, and cheap. Larb refuses that trade-off. See the comparison for how it stacks up against Claude Code, Codex CLI, Gemini CLI, DeepSeek, Aider, and OpenClaw.