laboratoriohacker-com

laboratoriohacker-com / tatu

Public

Free, open source, self-hosted. Built by Laboratório Hacker for teams that take AI security seriously. Deploy in minutes.

14
1
100% credibility
Found Mar 18, 2026 at 14 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

Tatu is a security dashboard for DevSecOps teams that monitors coding assistant sessions to detect and block secrets, personal data leaks, destructive actions, and vulnerabilities.

How It Works

1
🔍 Discover Tatu

You hear about Tatu, a friendly security watchtower that keeps your team's coding safe from mistakes like leaked secrets or risky commands.

2
🚀 Start your security dashboard

With a simple setup, you launch the dashboard on your computer to see everything in one place.

3
🛡️ Load built-in safety rules

You add ready-made rules that spot secrets, personal info, dangerous deletions, and code flaws automatically.

4
💻 Protect team computers

Everyone installs a tiny protector on their machines to watch coding sessions in real time.

5
🔗 Link protectors to dashboard

Connect each protector to your dashboard so alerts flow in smoothly.

6
📊 See live alerts and stats

Watch real-time warnings, compliance scores, and team activity on beautiful charts.

Team codes securely

Your projects stay safe from leaks and risks, with full oversight and peace of mind.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 14 to 14 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is tatu?

Tatu is a free, open-source, self-hosted DevSecOps dashboard in Python (FastAPI backend) and React that secures Claude AI coding sessions. Local CLI hooks (`tatu-hook`, installable via pip) scan for secrets leaks, PII exposure (like Brazilian CPF/CNPJ), destructive commands (rm -rf, force-push), SAST vulns, and file risks before content hits the AI—blocking or auditing in real-time while reporting to a dashboard with live alerts, compliance gauges (SOC2, LGPD, GDPR), and rule editing. Deploy via Docker Compose or Kubernetes in minutes.

Why is it gaining traction?

It's a free self-hosted GitHub Copilot alternative with built-in security gates, dodging free GitHub Actions limits, minutes, runners, and stars—ideal for students or teams maxing Copilot's free tier. Custom YAML/YARA rules sync automatically, WebSocket live feeds catch issues instantly, and audit exports (CSV/JSON) simplify reporting, all without cloud dependencies.

Who should use this?

DevSecOps teams using Claude for code generation who need to enforce AI security policies locally. Brazilian firms handling LGPD PII, or any org tracking compliance frameworks while avoiding GitHub's free runner quotas in CI/CD pipelines.

Verdict

Promising free self-hosted security layer for AI dev workflows, but 14 stars and 1.0% credibility signal early maturity—docs shine, setup's effortless, yet test thoroughly before prod reliance.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.