Product preview waitlist

Control agents anywhere

AgentD lets you supervise Claude Code and Codex sessions from a phone or browser: approve risky actions, watch output, switch sessions, and keep repo-aware work moving while you are away.

Join waitlist View architecture Read security model
Claude Code and Codex Local, relay, and hosted preview paths E2E encrypted relay payloads

Control path

Daemon to relay to PWA, with keys at the edges. Relay routes encrypted envelopes. The operator approves the risky moment.
  1. 01 Developer daemon

    Starts Claude Code and Codex sessions, tracks repo state, and owns session keys.

    AES-256-GCM payloads
  2. 02 Relay path

    Routes by session ID for remote access. Payload content stays opaque.

    Routing only
  3. 03 PWA control surface

    Streams output, queues approvals, switches sessions, and pairs by QR.

  • Deny-by-default approvals
  • Self-host relay option
  • Local LAN mode
  • Hosted preview for teams
developer daemon 
$ agentd list
agt-7f3e   claude-code   running
agt-9c4d   codex         waiting

$ agentd pair --refresh
# QR ready for PWA pairing
9:41 relay locked

Approval Required

1 of 3 approvals
medium bash

Command

git push origin feature/relay-approval

Codex wants to run a command that changes the remote repository.

Deny Approve

Pair new device

Code: 7K9-LM3-2QH

The relay cannot decrypt payloads.

Approvals are explicit at risky moments.

Local-only and self-hosted relay paths stay available.

Product overview

A control loop built from inspectable parts

AgentD is not a black box around your agent. The daemon, PWA, relay, and hosted preview path each have a narrow job.

01

agentd daemon

Runs beside Claude Code and Codex

Starts sessions, routes approvals, tracks repo state, and owns encryption keys.

02

PWA control surface

Phone and browser supervision

Streams output, shows approval cards, switches sessions, and scans QR pairing codes.

03

Relay path

Remote access without payload visibility

Routes encrypted envelopes by session ID. Self-hosted relay is supported.

04

Cloud preview

Hosted path for teams

Waitlist scope for shared control, policy, audit metadata, and budget visibility.

Core features

Everything in the path has a reason to exist

Operator loop

Control

Remote mobile/browser control

Check and steer long-running coding sessions from your phone or desktop browser.

Approval gates

Review commands, file writes, and risky actions before they continue.

Real-time output

Watch terminal output, tool calls, and code context as the agent works.

Multi-session management

Switch between active Claude Code and Codex sessions without losing state.

Local, relay, hosted

Transport

Local LAN mode

Connect directly to the daemon on your trusted network.

Self-hosted relay

Route remote sessions through your own relay when you want that boundary.

QR pairing

Pair a phone with relay-backed session material instead of typing keys by hand.

Push notifications

Receive approval moments when the PWA is backgrounded and push is configured.

Preview scope

Teams

Team dashboard

Shared visibility into sessions, owners, and operational status.

Policy engine

Rules for command, file, branch, and risk-level decisions.

Audit metadata

Structured session activity for review and incident follow-up.

Budget enforcement

Preview controls for spend limits and cost-aware session operations.

How it works

Run daemon, pair phone, approve from anywhere

Three steps take a local agent process to a remote, explicit operator decision.

  1. 01

    Run the daemon

    Start agentd beside your project. It owns session lifecycle, repo awareness, and approval routing.

    agentd start --project ~/repo
  2. 02

    Pair your phone

    Use local LAN mode or scan a QR code for relay-backed access when you need control away from WiFi.

    agentd pair
  3. 03

    Approve and control

    Review output, risky actions, sessions, and repo state from the PWA before the agent continues.

    Approve command: npm run build

Security model

Built so routing does not become custody

AgentD's relay path is designed around encrypted envelopes, edge-held keys, and explicit approval decisions. The hosted preview adds business controls without changing that baseline.

edge daemon

Holds session keys and encrypts approval payloads before transport.

relay boundary relay visibility

Encrypted envelopes pass through unchanged while the relay routes by session ID.

  • Sees routing metadata
  • Cannot decrypt payloads
edge PWA

Decrypts at the operator surface and returns an explicit approval decision.

Keys stay at the edges

Relay session keys are generated for pairing and are not stored by the relay.

Relay sees routing, not content

Encrypted envelopes are routed by session ID; payloads remain opaque to the relay.

Deny-by-default approvals

Hook failures deny by default, and risky operations require explicit operator action.

Self-host when required

Run local-only or use a self-hosted relay path when your boundary model requires it.

Use cases

Made for the moments when agents keep working

01

Keep work moving

Continue long-running coding work while commuting, in meetings, or away from your desk.

02

Approve the right moments

Respond to a file write, command, or sandbox request without opening a laptop.

03

Supervise parallel sessions

Watch multiple agents or projects and jump into the one that needs attention.

04

Give teams guardrails

Bring policy, shared visibility, and budget awareness to autonomous coding sessions.

Preview access

Join the AgentD waitlist

Tell us what you need to supervise first: solo sessions, remote approvals, team policy, or hosted controls.

Uses the waitlist endpoint when configured. Otherwise, it opens a prefilled email draft.

FAQ

The buyer questions before the call

Which agents does AgentD support?

AgentD supports Claude Code and Codex paths. Claude Code uses the hook binary for approvals, while Codex flows through the Codex app-server approval protocol.

Do I need the relay?

No. Local LAN mode connects the PWA directly to the daemon. The relay path is for remote access when your phone and dev machine are not on the same trusted network.

What can the relay see?

The relay routes encrypted envelopes and session metadata needed for routing. It cannot decrypt agent output, prompts, approval details, or file context.

Can I self-host it?

Yes. Public components include the daemon, PWA, shared protocol, and relay server. The hosted Cloud path is a waitlist product preview.

Is the team product available now?

The site is a waitlist and preview offer. Team policy, budget, audit, relay, and dashboard capabilities are preview scope or component-backed, while hosted business workflows remain private.

Which parts are open source?

The shared protocol is public today. Other components are linked from this page only after their public repos are opened; hosted Cloud business workflows remain private.