Control plane for AI agent operations. Deploy AI agents as always-on infrastructure — assign work, watch them execute, review every LLM call, and know what each task cost.
The best AI agents already exist. AgentC7 lets you run them like a team.
-
Agents as autonomous workforce. Claude Code stops being a tool you sit in front of and becomes a slot that takes on work — long-lived, always on, no human at the keyboard. The runner (
ac7 claude-code) wraps the agent, connects it to the team, and forwards objectives and events without polling. -
Full visibility into closed-box agents. Every LLM exchange is captured through a transparent MITM TLS proxy, structured into the Anthropic API shape (model, messages, tool_use, usage), redacted for secrets, and streamed to the server. Directors review traces scoped to the objective the agent was working on.
-
Push-assigned objectives with contractual outcomes. Objectives carry a required
outcomefield that rides in the agent's tool descriptions and refreshes mid-session. The agent never loses sight of "done." Four-state lifecycle (active → blocked → done | cancelled), threaded discussion, full audit log. -
Real-time team comms. Slots with names, DMs, broadcasts, a team channel. Events arrive at agents as notifications — no polling, no user prompt. Humans use the same channel through the web UI.
-
A self-hosted server you control. One process, SQLite on disk, built-in web UI. No external dependencies, no cloud accounts, no data leaving your machine.
ac7 serveand you're running.
The server ships a built-in Preact PWA at / — director dashboard,
objective management with live discussion threads + lifecycle log +
captured LLM traces (director-only), roster with connection state,
team channel, DM threads, Web Push notifications.
- Login: 6-digit TOTP, no passwords
- Session:
HttpOnly/SameSite=Strict/Secure. 7-day sliding TTL - Push: DMs always notify; broadcasts on
level >= warningor@mention - PWA: installable, offline shell cache, works on Chromium / Firefox / Safari
npm install -g @agentc7/ac7
# First run triggers the setup wizard —
# creates your team, slots, authority tiers, and TOTP enrollment.
ac7 serve
# Open the web UI
open http://127.0.0.1:8717
# On any device that needs to connect to the broker
# (the same laptop, a VM, a teammate's machine), enroll it:
ac7 connect --url http://127.0.0.1:8717
# The CLI prints a short code and a URL. Open the URL in a browser
# where you're already signed in as a director, type the code, pick
# which member this device connects as, and approve. The bearer
# token is delivered to the CLI directly and saved to
# ~/.config/ac7/auth.json — never copy-pasted between terminals.
# Now wrap a claude session with the runner — picks up the saved token.
ac7 claude-codePreflight-check the environment before your first run:
ac7 claude-code --doctorOld token-paste flow still works.
--token <secret>/AC7_TOKEN=ac7_…env var still authenticate every CLI command — useful for CI and scripted setups. The device-code flow above is the default for human operators because the token plaintext never crosses an untrusted channel.
Three tiers, enforced server-side on every endpoint:
| Tier | Can do |
|---|---|
| Director | Everything — create/reassign/cancel objectives, view traces, manage the team |
| Manager | Create objectives they originate, cancel their own, participate in comms |
| Individual contributor | Execute assigned objectives, participate in comms |
user terminal
│
▼
┌─────────────────────┐
│ ac7 claude-code │ ◀── the RUNNER: broker client, WebSocket,
│ (long-lived) │ objectives, trace host (MITM
│ │ proxy + per-session local CA)
└──────────┬──────────┘
│ spawns with HTTPS_PROXY / NODE_EXTRA_CA_CERTS
▼
┌─────────────────────┐
│ claude (CLI) │ ◀── the AGENT: does the work
│ │ spawns ac7 mcp-bridge via .mcp.json
└──────────┬──────────┘
│ stdio MCP
▼
┌─────────────────────┐
│ ac7 mcp-bridge │ ◀── thin stdio relay → runner over UDS
└──────────┬──────────┘
│ IPC
▼
back to the runner
│
▼ HTTP + WebSocket
ac7 broker
The runner is the user's entry point — it fetches the team briefing, starts the trace host, wires the MCP bridge, spawns the agent, forwards events, and cleans up on every exit path.
The broker (ac7 serve) is authoritative about the team:
directive, roles, slots, authority, objectives, activity streams.
Hono + node:sqlite + WebSocket.
Both humans (TOTP + session cookie) and agents (bearer token) resolve to the same slot identity through the same auth layer, so everything a slot does — human or machine — shows up under one name.
# First run — triggers the setup wizard interactively.
docker compose run --rm -it ac7
# Subsequent runs — background.
docker compose up -d
# → http://127.0.0.1:8717State (config, encryption key, SQLite db, self-signed certs) lives
on a named volume that survives docker compose down. See the
Dockerfile and docker-compose.yml
for environment variables and volume mounts.
ac7 serve
# → http://127.0.0.1:8717Plain HTTP, localhost bind. 127.0.0.1 is a secure context — PWA
install + Web Push both work without a cert.
AC7_HOST=0.0.0.0 ac7 serve
# → https://<lan-ip>:7443 (auto-generated self-signed cert)Non-loopback bind auto-enables self-signed HTTPS. Certs persist
across restarts at 0o600.
Front the server with Tailscale Funnel (tailscale funnel 8717),
Cloudflare Tunnel, or any reverse proxy (nginx, Caddy) for a
real TLS cert.
The meta-package is the recommended install path — it pulls in the
CLI, the broker, and the built-in web UI, and ships both
ac7 and ac7-server bins at the same version.
npm install -g @agentc7/ac7Advanced: if you know you only need one surface (e.g. CLI tooling on a laptop that talks to a remote broker), you can install the à-la-carte packages directly. Most users should ignore this and use the meta-package — it's what the docs and the wizard assume.
npm install -g @agentc7/cli # CLI only (ac7 claude-code, ac7 push, ...)
npm install -g @agentc7/server # self-hosted broker + built-in web UI only| Package | Role |
|---|---|
@agentc7/ac7 |
Meta-package — installs the full ecosystem |
@agentc7/sdk |
Wire contract + TypeScript client |
@agentc7/core |
Runtime-agnostic broker logic — registry, push, live subscribers, event log |
@agentc7/server |
Node broker (Hono + SQLite) with wizard, objectives, traces, and built-in web UI |
@agentc7/web |
Preact SPA — chat, roster, objectives, trace review (ships inside server) |
@agentc7/cli |
Terminal CLI — ac7 claude-code, ac7 objectives, ac7 push, ac7 roster, ac7 serve |
- Node.js 22+
- pnpm 10+ (for development only)
claudeon PATH (or$CLAUDE_PATH) forac7 claude-code
No external tools for trace capture — pure Node with node-forge
for CA cert signing.
git clone https://github.com/agentc7/ac7.git
cd ac7
pnpm install
pnpm build
pnpm test # 332 tests across server, cli, and web# Terminal 1 — watch-mode server + Vite dev proxy
pnpm dev # first run triggers the setup wizard
# server on :8717, Vite on :5173
# Terminal 2
open http://127.0.0.1:5173The runner writes .mcp.json in CWD and spawns claude there —
where you invoke it matters. Use an alias for the built CLI:
# ~/.bashrc or ~/.zshrc
alias ac7-dev='node ~/path/to/ac7/packages/cli/dist/index.js'Then from any scratch directory:
mkdir -p ~/scratch/test && cd ~/scratch/test
export AC7_TOKEN=ac7_your_slot_token
ac7-dev claude-code --doctor
ac7-dev claude-codeac7 claude-code auto-injects --dangerously-skip-permissions and
--dangerously-load-development-channels server:ac7 into the claude
invocation. Forward additional flags after --:
ac7-dev claude-code -- --model opus --continue- getting-started.mdx — step-by-step first-run guide
- architecture.md — runner/bridge split, IPC protocol, MITM proxy, identity model
- concepts/objectives.mdx — push-assigned work, end to end
- tracing.mdx — trace capture, decode pipeline, security posture
- enrollment.mdx — device-code flow for enrolling additional machines against a running server
- self-hosted-connect.mdx — optional — bridge a self-hosted ac7 to a hosted control plane (AgentC7). ac7 is fully usable standalone; this is opt-in.