TapPass Chat
TapPass Chat
Section titled “TapPass Chat”TapPass Chat is the first-party chat product where every message is governed end-to-end.
Built as a soft fork of LibreChat, with a TapPass overlay layer that routes every LLM call, every tool call, and every MCP call through the governance Pipeline. The SMB wedge — a faster path to "governed AI for our team" than wiring TapPass into a custom agent.
This card describes TapPass Chat as a runtime in the Capability tree. The internal building blocks of TapPass Chat (overlay layout, upstream-sync workflow, hardening contract, branding) are not decomposed here — they live in the tappass-chat repo and, eventually, its own capability tree.
At a glance
Section titled “At a glance”| What it is | a chat web app with TapPass governance baked in |
| Built on | LibreChat (soft fork — minimal patches against upstream, periodic merge) |
| Repo | tappass/tappass-chat (private) |
| Targets | SMB customers + larger orgs needing a fast governed-chat onramp |
| Status | next |
What governance looks like in TapPass Chat
Section titled “What governance looks like in TapPass Chat”Every chat message goes through the standard TapPass Pipeline:
user message │ ▼ TapPass Chat UI ──▶ TapPass gateway ──▶ Pipeline (before steps) │ ▼ LLM provider call │ ▼ Pipeline (after steps) │ ▼ streamed back to UISame pipeline. Same audit trail. Same compliance packs. The only thing different is that the agent is the chat UI itself, not a customer's custom code.
Why this concept exists separately from custom integrations
Section titled “Why this concept exists separately from custom integrations”TapPass started as gateway + SDK for customers wiring agents into their own product. TapPass Chat is the opposite shape: TapPass is the product the user touches.
This shape unlocks two things:
- SMB market access. A team that wants "ChatGPT but governed" doesn't have a custom agent to integrate. TapPass Chat ships them a governed chat in days.
- Reference implementation. Every governance feature has a working consumer. New pipeline steps, new compliance packs, new audit views are tested in TapPass Chat first.
Soft fork — not a hard fork
Section titled “Soft fork — not a hard fork”The hardening contract:
- Upstream LibreChat is the base. Updates pulled regularly.
- TapPass-specific code is overlay-only. Lives in a
tappass/subdirectory; no edits in upstream files where avoidable. - Where upstream files must change, the patch is minimal and documented for each merge.
- Branding is overlay (theme, logo, copy).
- License layer lives in the overlay for airgapped deployment.
Soft fork is a deliberate trade-off: we own less code than a hard fork, but we follow upstream's release cadence rather than freezing.
Surfaces
Section titled “Surfaces”| Persona | Surface | What they do |
|---|---|---|
| End user | TapPass Chat web UI | Chat with governed LLMs / agents |
| Org admin | TapPass Admin UI | Configure which models, which compliance packs, which check packs apply |
| Operator | Audit trail | Every chat message is auditable, same as any other governed call |
| Auditor | Compliance reports | TapPass Chat sessions show up in standard compliance views |
Related concepts
Section titled “Related concepts”- runs through → Pipeline, Policy engine, Compiled Policy, LLM provider
- emits → Audit trail, Session
- scoped within ↑ Organisation — same multi-tenancy boundary as other agents
- complementary to ↔ custom-agent integrations via the runtime SDK