Get started

Track every AI model your code uses, find out before any of them retire, and migrate cleanly when they do. Install in one line, no account needed.

Install

Three install paths — pick whichever fits your machine. The tab below auto-defaults to your OS.

$ curl -fsSL https://llmstatus.ai/install.sh | bash

Installs a self-contained binary (~60 MB, no Node required) to ~/.local/bin/mm. Detects arm64 vs x64. The binary is Developer ID signed + Apple-notarized, and the installer verifies its signature before installing.

After install you have two binaries: mm (short) and llmstatus (descriptive). Same binary — pick whichever you like to type.

5-minute walkthrough

From a fresh install to your first alert. You can stop at step 2 if all you want is the free health check.

Run a free health check

From any repo:

$ mm status

The CLI pulls a signed registry snapshot from cdn.llmstatus.ai, scans the directory on-device, and prints every AI model it finds along with its lifecycle status and the soonest retirement date.

LLM Status — registry 20260528T060033Z (today), 380 models
Scanned ./apps/web: 12 reference(s) → 6 model(s), 1 custom

Models in use:
  🔴 retired     openai/gpt-4-0314          retires 2024-06-13   → openai/gpt-4-1  (2)
  🟠 retiring    anthropic/claude-opus-4    retires 2026-06-15   → anthropic/claude-opus-4-7  (1)
  🟢 ok          openai/gpt-5                                                       (3)

⚠ 2 model(s) need attention before they retire.

No account, nothing about your code leaves your machine, fully offline-capable after the first run. (Anonymous usage analytics — event counts only, never code or paths — can be turned off anytime:mm config analytics off or MM_NO_ANALYTICS=1.)

Fix the dying ones

Rewrite deprecated/retiring ids to their current replacement — with a preview first:

$ mm fix --dry-run
$ mm fix

Boundary-safe (gpt-4 never rewrites inside gpt-4o), style-preserving, and chain-aware — if the replacement is itself dying, it follows the chain to the first live model. In the TUI, press f on any model for a red/green diff preview; nothing is written until you confirm.

Sign in (for cloud inventory + alerts)

If you want alerts on deprecations / retirements across your team, or an inventory of models across repos, sign in. Opens a browser tab, no terminal-paste of API keys needed:

$ mm login

Map a project

One scan finds every model call, lets you pick what to track, and uploads to your account:

$ mm scan

Or bare mm launches the TUI (inventory · scan · what's new · alerts) if you'd rather browse. Detection sources include filesystem, env, aws-secrets, k8s,helm, and sql — secret values never leave your machine, only model ids upload.

Set up alerts

In the web app: Notifications → Add rule. Pick scope (my models / providers / all), event types (deprecation / retirement / new model), severity, lead-time chips (90 / 30 / 7 days), and channels (email, Slack, SMS). Or upgrade to Pro from the CLI: mm upgrade.

Drop it into CI

Catch regressions when someone pins a deprecated model:

# .github/workflows/mm.yml
- run: npx @modelstatus/cli scan --check

Fails the build if any usage maps to a retiring or retired model.

Command reference

Command	What it does
mm status [dir]	Free offline model-health check — no account needed
mm fix [dir]	Rewrite dying model ids to their replacement (`--dry-run` previews)
mm [dir]	Launch the TUI on a folder (defaults to the current one) — runs locally
mm update	Update the binary in place (Homebrew installs: `brew upgrade`)
mm login [api_key]	Browser sign-in with polling (or paste a key)
mm signup	Create an account in the browser
mm scan [dir]	Scan + upload usages; interactive TUI, or `--ci`/`--json` for pipelines
mm sources	List detection sources and whether each can run here
mm upgrade	Open Stripe checkout, poll until Pro is active
mm logout	Forget the saved API key

Common flags

--api <url> · --key <key> · --project <id|name> ·--yes · --json · --ci · --dry-run ·--sources <list> · --region <r> · --namespace <ns> ·--kube-context <c> · --db <dsn> · --sql-table <t>

How it works

The model lifecycle registry is published as a date-versioned, signed snapshot oncdn.llmstatus.ai. The CLI verifies a mini-TUF trust chain on every fetch and refuses any rollback to an older version:

pinned root key (in the CLI binary)
   → root-signs ─→ keys.json (names the current signing key)
                       → signing-key-signs ─→ latest.json (pointer + sha256)
                                                  → blob: <version>.json (immutable)

Falls back to a local cache when offline (~/.config/llmstatus/registry-cache.json). The signing key can be rotated without shipping a new CLI release. Registry updates auto-publish every 6 hours from sources like models.dev, OpenRouter, and provider lifecycle APIs.

Privacy: all secret-aware scan sources (env, aws-secrets,k8s, helm, sql) shell out to your already-authenticated CLIs, run read-only, redact every snippet, and only ever upload model ids. Secret values never leave your machine. Use--dry-run to preview what would upload before it does.

CI checks — block retiring models in pull requests (Pro)

Catch a deprecated or retiring model before it merges. On every push and PR, LLM Status scans the changed files, and fails the check (with an inline annotation on the exact line) if you've introduced a model at or past your threshold. Two ways to turn it on — pick whichever fits your security posture:

Option A — GitHub App (one-click)

Best for fast setup. From your dashboard go to CI runs → Connect GitHub, pick repos, and install. We scan each PR on our side and post a Check Run + a summary comment as the app — no workflow file, no secrets. This is a Pro feature (it runs on our infrastructure and reads your code), and each run is recorded in your CI-drift dashboard.

Option B — GitHub Action (your CI, no code egress)

Best for security-conscious teams: your source never leaves your runners — only resolved model ids + counts are sent (and only if you pass a key). Add .github/workflows/llmstatus.yml:

name: AI model lifecycle
on: [push, pull_request]
jobs:
  llmstatus:
    runs-on: ubuntu-latest
    permissions: { contents: read, pull-requests: write, checks: write }
    steps:
      - uses: actions/checkout@v4
        with: { fetch-depth: 0 }   # so PRs gate only changed files
      - uses: randomartifact/modelmanager/packages/action@v1
        with:
          fail-on: retiring        # retired | retiring | deprecating | none
          api-key: ${{ secrets.LLMSTATUS_API_KEY }}   # omit for the free offline check

The offline check (annotations + the pass/fail gate) is free. Adding your LLMSTATUS_API_KEY(a Pro key) also records each run to your CI-drift dashboard and routes findings to your alert channels.

Free vs Pro

	Free (this CLI)	Pro ($5/yr)
`mm status` on any repo	✓ unlimited	✓
Signed registry, offline cache	✓	✓
Resolve + health on-device	✓	✓
Secret-source aware scans	✓	✓
Cloud inventory across projects	—	✓
Alerts on deprecations / retirements	—	✓ email / Slack / SMS
CI integrations + web dashboard	—	✓

Troubleshooting

macOS: "cannot verify the developer" on first run

The binaries are currently unsigned. The shell installer clears the com.apple.quarantinexattr automatically; if you installed via npm and still see the warning, run xattr -d com.apple.quarantine "$(which mm)". Notarization is a planned follow-up.

`mm status` says my model is "custom"

The string didn't match any canonical id, slug, or alias in the registry. If it's a real production model we missed, ping it@llmstatus.ai and we'll add it. The registry refreshes every 6 hours, so additions roll out automatically.

Offline / behind a corp proxy

The CLI caches the snapshot at ~/.config/llmstatus/registry-cache.json and falls back to it when fetches fail. Run online once to seed the cache, then it works offline. SetLLMSTATUS_REGISTRY_URL to point at a private mirror if you'd rather not hitcdn.llmstatus.ai from your network.

Questions? it@llmstatus.ai · Source for the CLI is published on npm.