termdeck log in Get started
[ beta · claude code + codex ]

Ship agents,
not terminals.

One control plane for every local Claude Code and Codex agent. Watch sessions stream, approve tool calls, and take over a run from any screen — without babysitting a terminal.

Open dashboard   See how it works
$ curl -fsSL termdeck.sh | sh
hosts.json 3 online
# point the hub at every agent
{
  "local": "ai",
  "hosts": [
    { "name": "laptop",   "engine": "claude" },
    { "name": "build-vm", "engine": "codex"  },
    { "name": "cloud",    "engine": "claude" }
  ]
}

 hub live · loopback:4520 — one sidebar
any host → any screen
plugs into Claude Code · OpenAI Codex · tmux · Tailscale · any PWA device
[ 01 / features ]

The control a terminal
can’t give you.

01

Interactive approvals

Every tool call pauses for you — allow once, always this session, or bypass. Termdeck pushes the “approval needed” moment to your phone, so you allow or deny from anywhere without babysitting a terminal. Pending prompts survive a refresh.

PERMISSION · write_file
Write patch to server/auth.js?
Allow once Deny
02

Both engines, any device

Claude Code or OpenAI Codex, chosen per chat. Stream transcripts and reply from the browser or your phone — one sidebar, transcript, and model picker for both.

claude codex
03

One agent fleet

Add a laptop, desktop, VM, or cloud box and browse every session from one sidebar — all your machines under a single proxy.

laptoponline
build-vmonline
cloudidle
04

Safe terminal takeover

Move a live run from terminal to browser and back. A live-registry lock keeps two writers from forking the session.

05

Private by design

Agents run on your machine with your own Claude or Codex auth. Termdeck orchestrates the sessions — it never proxies your code or hosts the model.

06

Fleet board at a glance

See every run in one board — working, done, or blocked. An attention badge flags the sessions waiting on you, so nothing stalls unseen.

auth-refactorworking
db-migratedone
api-testsneeds you
07

Diff-first edits

Every file edit renders as a readable diff, not a raw JSON tool call — see exactly what changed before you approve.

server/auth.js
- const token = req.query.t
+ const token = req.header('x-termdeck')
08

Cost & limits in view

Token usage, estimated cost, context window, and account limits update live as the run works — no surprises at the end.

context124k / 200k
est. cost$0.84
[ 02 / how_it_works ]

From scattered terminals to one hub.

1/ connect

Point it at your agents

Every machine runs the same self-contained agent. List the remotes in hosts.json; the hub proxies REST and opens a socket to each.

$ termdeck add build-vm
 proxied · ws open
2/ stream

Watch every session stream

Token deltas, the tool ticker, and permission prompts render live — straight from disk, so a turn typed in the terminal shows up the same in the browser.

tokens18.4k / 200k
context · 62% · claude-opus
3/ control

Approve & take over anywhere

Allow, deny, or take the wheel from your phone. Close an idle terminal client and drive the session from the web — the lock keeps two writers from forking it.

Take over Resume
2
engines, one UI
hosts, one sidebar
100%
rendered from disk
4520
local, loopback-bound
[ 03 / engines ]

Complements your terminal.

A front end for the CLIs you already run — not a replacement.

CC
Claude Code CLI
agentic terminal loops
  • Direct file-system access
  • Fast local keyboard shortcuts
  • Locked to one terminal screen
  • No approvals UI on your phone
CX
Codex CLI
local codebase agent
  • Granular local context control
  • Low latency for small edits
  • Compressed .jsonl.zst rollouts
  • Separate toolset from Claude Code
Termdeck Hub
unified control surface
  • One sidebar for both engines
  • Approve from any device
  • Push through approval blocks
  • Seamless terminal takeover
[ 04 / security ]

Your transcripts stay private.

Termdeck is built to be exposed carefully. It binds loopback, refuses to serve a non-loopback interface without a token, and fails closed the moment anything looks like a forwarded request it can’t trust.

  • Loopback bind by default — a non-loopback bind without a token refuses to start
  • A mandatory token gates every /api and WebSocket call behind a tunnel
  • Same-origin WebSocket upgrade checks block cross-site hijacking
  • Forwarded proxy headers fail closed with a 403 until the token is set
~ node server.js
 bind 127.0.0.1:4520  (loopback)
 token required for /api + /ws
 same-origin WS upgrade enforced
 proxy header w/o token → 403
 transcripts stay private
[ get_started ]

Stop babysitting terminals.

Get a bird’s-eye view of every agent. Approve, resume, and stream edits across all your machines — from any screen.