OpenWolf Enhanced
A token-conscious second brain for Claude Code — a hardened, actively maintained fork of OpenWolf. Bounded storage, one-command self-maintenance, and the security & data-loss fixes the original never shipped.
$ npm install -g openwolf-enhanced
$ openwolf init
✓ .wolf/ created — 13 files
✓ 6 hooks registered
✓ 24 files indexed
✓ dashboard-token generated (0600)
✓ retention limits applied One install, one init — then it's invisible.
Why we forked it
Claude Code works blind: it re-reads the same files, has no map of your project, and no memory of your corrections. OpenWolf gives it a second brain through a handful of lightweight hooks — a file index, a learning memory, and a token ledger. We forked it because the original went unmaintained, its .wolf/ directory grew without bound (multi-megabyte token ledgers), and it had open security and data-loss issues. We fixed all of that, then kept going: citation-backed recall, an MCP server, hooks for Codex/Gemini/OpenCode, and an opt-in bridge to a shared team workspace. Still a drop-in replacement.
What's enhanced
Recall with citations
openwolf recall keyword-searches everything you've learned (BM25, no database) and gives each hit a stable citation id. Read the ranked index first, expand only the entry you need — progressive disclosure instead of loading whole files.
Bounded storage
The token ledger, bug log, backups and cron queues are all capped. No more runaway multi-megabyte files eating your repo.
One-command self-maintenance
openwolf doctor reports the .wolf/ footprint and compacts everything — ledger, memory, backups, logs — in a single command. No daemon required.
Security hardened
The dashboard binds to localhost and requires a token; shell command strings became argument arrays (no injection); outbound URLs are validated against SSRF; secrets are redacted before anything is written.
Works beyond Claude Code
Hooks auto-deploy for Codex, Gemini CLI and OpenCode as well, and openwolf mcp exposes recall/resume to any MCP client — including Claude Desktop, via a one-click .mcpb extension.
Local-first, and it stays that way
No telemetry, no background sync, no phoning home. A remote team workspace can be linked explicitly with openwolf link — and nothing is sent until you type push.
Fewer tokens, same work
OpenWolf's core value is unchanged in this fork: Claude reads less because it knows what a file contains before opening it, and it stops re-reading the same file. These are the underlying tool's measured figures on real projects.
Figures reported for the underlying OpenWolf on real usage; they vary by project size and session patterns. Token tracking is estimation-based (~15% accuracy), not exact API counts.
Three steps. Then invisible.
$ openwolf init Initialize
Creates the .wolf/ directory, registers the hooks in whichever agents you use, and indexes your project.
$ claude Work normally
The hooks fire on every read and write — invisibly. Claude gets a file map, read-awareness and your learned preferences. No workflow changes.
$ openwolf doctor Stay healthy
One command reports the .wolf/ footprint and compacts everything. The dashboard (openwolf dashboard) shows token stats and what Claude has learned.
The .wolf/ directory
Markdown is the source of truth — human-readable, git-friendly, and now bounded.
The enforcement layer
Seven hooks fire on every agent action. They inform and nudge — they never block your work. They make no network calls.
Injects the resume digest: the handoff note, recent activity and open bugs — so a fresh session picks up where the last one stopped.
Shows the file's anatomy entry before a read and warns on repeats — but allows a re-read after the file was edited (fixed here).
Checks the cerebrum Do-Not-Repeat list and surfaces similar past bugs before an edit.
Estimates and records token usage — skipping ignored and secret files.
Updates the anatomy map and appends to memory, skipping no-op rewrites and secrets.
Counts edits made through the shell (heredocs, redirects, sed -i) — which the write hook never sees — and optionally logs notable commands.
Writes the session summary to the token ledger and surfaces end-of-turn reminders into the model's context.
Commands
The CLI is still openwolf, so it's a drop-in replacement.
openwolf init Initialize .wolf/ and register the hooks (Claude Code, Codex, Gemini, OpenCode). openwolf recall new Keyword-search everything you've learned; each hit gets a citation id you can expand. openwolf doctor Report the .wolf/ footprint and compact it — daemon-independent. openwolf consolidate new LLM-merge near-duplicate cerebrum entries so the brain stops repeating itself. openwolf mcp new Run an MCP server (recall / resume / memory health) for Claude Desktop and other clients. openwolf link new Link the project to a remote workspace — opt-in, no endpoint hardcoded. openwolf push new Offer learnings, decisions and bugs to that workspace; they arrive as needs-approval. openwolf status Health, token stats, .wolf/ footprint and size warnings. openwolf dashboard Open the real-time web dashboard (localhost + token auth). openwolf export Export sessions or the bug log as JSON or CSV. openwolf bug search Search the bug-fix memory for known solutions. openwolf update Update registered projects — config is deep-merged, not overwritten. Install
From npm (Node 20+). Published with build provenance:
npm install -g openwolf-enhanced Then, in any project:
cd your-project
openwolf init Krynex Labs
Built by Krynex Labs
We build production-grade AI agents, automations and custom LLM systems — measured in revenue, not demos. OpenWolf Enhanced is one of the tools we use ourselves, and we maintain it in the open.
What we do →FAQ
What is OpenWolf Enhanced?
A maintained, security-hardened fork of OpenWolf — a context and token-tracking layer for coding agents that runs through seven lightweight lifecycle hooks. It gives the agent a project map, a learning memory you can search by citation, and a token ledger, with none of the storage growth or security issues of the original.
How do I install it?
npm install -g openwolf-enhanced, then openwolf init in any project. It is published to npm with build provenance (SLSA), so you can verify that the package on the registry was built from the commit it claims.
Does it send my code or notes anywhere?
No. There is no telemetry and no background sync, and the hooks make no network calls at all. Two things reach the internet, both only if you configure them: an LLM provider for the optional AI cron tasks, and a remote team workspace if you explicitly run openwolf link — and even then nothing leaves until you run openwolf push. Anything wrapped in <private> tags never leaves the machine.
Does it only work with Claude Code?
No. Hooks auto-deploy for Codex, Gemini CLI and OpenCode as well, and openwolf mcp exposes recall and resume to any MCP client — Claude Desktop included, via a one-click .mcpb extension.
Is it a drop-in replacement for OpenWolf?
Yes. The CLI command is still openwolf, the .wolf/ layout is compatible, and legacy data is migrated automatically. You can install it over an existing OpenWolf project.
What's different from the original?
Bounded storage (capped ledger/bug log/backups), openwolf doctor for self-maintenance, citation-backed recall, an MCP server, multi-agent hook support, model-agnostic AI cron tasks, dashboard authentication, removal of command-injection, path-traversal and SSRF risks, CRLF and secret-file data-loss fixes, .gitignore support, and several adopted upstream bug fixes. See the CHANGELOG.
Does it really reduce token usage?
The token-saving mechanism is unchanged from OpenWolf: Claude reads a file's description and token estimate before opening it, and repeated reads are flagged. On real projects the underlying tool reports around 80% fewer tokens versus the bare CLI, though this varies by project.
What license is it under?
AGPL-3.0 — the same as the original OpenWolf, whose copyright and attribution are preserved. As a network-copyleft license, running a modified version as a service requires making the source available to its users.
Make Claude Code smarter
One install. One init. Then it's invisible — and it stays bounded.
OpenWolf Enhanced is a community fork of OpenWolf by Cytostack Pvt Ltd, licensed under AGPL-3.0. Full credit to the original authors for the design and the idea.