mikael-lovqvists-claude-agent
67c1c3f9a4
Each request is signed with HMAC-SHA256 over timestamp+body using a per-user secret loaded from a --secrets file (never env vars or git). Users have a canApprove list controlling who may approve queued actions. Queue entries track submitted_by for permission checks on approve/deny. Also renames all identifiers to snake_case throughout the codebase. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
claude-code-conduit
A supervised action bridge between Claude Code and the host system.
Claude requests structured actions. The server applies per-action policies:
- auto-accept — executed immediately (e.g. open a file in editor)
- auto-deny — rejected immediately
- queue — held for user approval (e.g. open a browser URL)
Setup
npm install
Running the server
node server/index.js
# or
CONDUIT_PORT=3333 CONDUIT_ROOT=/workspace node server/index.js
Using the CLI client
# List available actions
node client/index.js list-actions
# Open a file in the editor (auto-accepted)
node client/index.js edit-file filename=/workspace/myfile.js
# Open a URL (queued for user approval)
node client/index.js open-browser url=https://example.com
When a queued action is submitted, the server prints the approve/deny URLs to stdout:
[QUEUE] New request #a1b2c3d4
Action: open-browser
Params: {"url":"https://example.com"}
Approve: POST /queue/a1b2c3d4.../approve
Deny: POST /queue/a1b2c3d4.../deny
User approves via:
curl -X POST http://localhost:3333/queue/<id>/approve
Environment variables
| Variable | Default | Description |
|---|---|---|
CONDUIT_PORT |
3333 |
Server port |
CONDUIT_ROOT |
/workspace |
Workspace root for path resolution |
CONDUIT_URL |
http://localhost:3333 |
Server URL (client-side) |
Adding actions
Edit server/actions.js. Each action needs:
description— shown in list-actionsparams— array of{ name, required, type }policy—"auto-accept"|"auto-deny"|"queue"handler(params, helpers)— async function that performs the action