by heypandax
Drive Claude Code or OpenAI Codex from your phone — resume sessions, stream output, approve tool permissions remotely. End-to-end encrypted, zero-knowledge relay, open source.
# Add to your Claude Code skills
git clone https://github.com/heypandax/cc-pocketcc-pocket is an open-source ai agents skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by heypandax. Drive Claude Code or OpenAI Codex from your phone — resume sessions, stream output, approve tool permissions remotely. End-to-end encrypted, zero-knowledge relay, open source. It has 50 GitHub stars.
cc-pocket's catalog security scan is still queued. You can run an instant dependency and prompt-injection check now with the "Scan for vulnerabilities" button above.
Clone the repository with "git clone https://github.com/heypandax/cc-pocket" and add it to your Claude Code skills directory (see the Installation section above).
cc-pocket is primarily written in Kotlin. It is open-source under heypandax on GitHub, so you can review or fork the full source.
Yes. SkillsLLM lists many other AI Agents skills you can browse and compare side by side. Open the AI Agents category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh cc-pocket against similar tools.
No comments yet. Be the first to share your thoughts!
Unlocks once the catalog security scan passes (runs nightly).
The deep catalog scan for this skill is still queued. Run an instant dependency check now instead.
English | 简体中文
Drive Claude Code — or OpenAI Codex — on your computer from your phone, from anywhere, not just your LAN. Start/resume sessions, browse working directories, send prompts, and approve or deny the agent's tool-permission requests remotely. Pick your agent (Claude or Codex) per session; either way, streaming output, command and file-change approvals, and interrupts all work the same. Traffic flows through a zero-knowledge relay that only ever forwards end-to-end-encrypted ciphertext. Clean-room Kotlin, MIT.
🌐 Website: https://heypandax.github.io/cc-pocket/ · 📱 Get the app: App Store (iPhone & iPad) · Android APK (GitHub Releases) · 🖥️ Desktop app: macOS (.dmg, signed) · Windows (.msi)
flowchart LR
phone["📱🖥️ CC Pocket<br/>(phone · desktop)"] -- "wss · ciphertext" --> relay["relay<br/>(zero-knowledge broker)"]
relay -- "wss · ciphertext" --> daemon["daemon<br/>(your computer)"]
daemon -- "stdio" --> agent["claude / codex CLI"]
The relay pairs phone ↔ computer and routes opaque encrypted frames between them; it holds no message content and no private keys. The phone and the daemon run an end-to-end session (P-256 ECDH + HKDF + AES-256-GCM, an X3DH/Noise-style handshake) so plaintext never leaves the two trusted endpoints.
claude --resume.Voice dictation, image attachments, slash-command autocomplete, model switching, and finish-time push notifications round it out. See the full feature list →
cc-pocket now also runs as a native desktop app (macOS / Linux / Windows), built from the same Compose Multiplatform codebase — a two-pane "mission control" for driving Claude Code or Codex on another computer with the same remote step-by-step approval, so it's no longer phone-only. Download: macOS (.dmg, signed) · Windows (.msi).
| Module | What | Stack |
|---|---|---|
:protocol |
Shared wire protocol (pocket/* frames) — single source of truth |
Kotlin Multiplatform + kotlinx.serialization |
:daemon |
Runs on your computer; drives claude as a subprocess, dials out to the relay |
Kotlin/JVM + Ktor |
:relay |
Cloud broker: device-key pairing, ciphertext routing, multi-tenant, rate-limited | Kotlin/JVM + Ktor + SQLite |
:mobile |
The CC Pocket app | Compose Multiplatform — Android · iOS · desktop |
Two pieces: the app on your phone, and a hosted-relay daemon on your computer.
1. Get the app on your phone — App Store for iPhone & iPad, or the Android APK from GitHub Releases. (On a phone, the website links straight to the store; on a computer it shows a QR to scan.)
Or get the desktop app — cc-pocket also runs on your computer (drive another machine from it): macOS .dmg (Apple Silicon · signed & notarized) · Windows .msi (unsigned — SmartScreen → "More info → Run anyway"). Linux desktop: build from source.
2. Install the daemon on your computer — the relay is hosted for you.
macOS (Apple Silicon and Intel — each gets its own signed, notarized build):
curl -fsSL https://raw.githubusercontent.com/heypandax/cc-pocket/main/scripts/install.sh | bash
cc-pocket-daemon pair # prints a QR + 6-digit code
The installer verifies the download against the release's SHA256SUMS, installs under ~/.local (one dir per version, Claude Code-style), and registers the launchd service — runs on login, auto-reconnects. Then pair your phone (open the app, scan the QR or type the 6-digit code) — full walkthrough in docs/USAGE.md. Upgrade with cc-pocket-daemon update (the daemon checks daily and notifies your phone; add --auto-update to run to apply silently).
Prefer Homebrew? brew install --cask heypandax/tap/cc-pocket does the same (upgrade via brew upgrade --cask heypandax/tap/cc-pocket — full name, there's an unrelated cask named cc-pocket).
Linux (x86_64 / arm64) is one-click too:
curl -fsSL https://raw.githubusercontent.com/heypandax/cc-pocket/main/scripts/install.sh | bash
cc-pocket-daemon pair # prints a QR + 6-digit code
The installer pulls a self-contained tarball (bundled JRE — no system Java) from GitHub Releases, drops it under ~/.local, and registers a systemd --user service; upgrade with cc-pocket-daemon update (or re-run it). Voice transcription on Linux uses ffmpeg instead of macOS's built-in afconvert.
Windows (x86_64) is one line too (needs the Claude Code CLI installed — the daemon drives it):
irm https://raw.githubusercontent.com/heypandax/cc-pocket/main/scripts/install.ps1 | iex
That downloads the latest self-contained build, registers a logon Scheduled Task (the daemon runs in the background, connecting to the hosted relay), and drops straight into pairing — one command does install + start + pair. Upgrade with cc-pocket-daemon update (or re-run the same line).
Prefer Scoop? Same result:
scoop bucket add heypandax https://github.com/heypandax/scoop-bucket
scoop install cc-pocket-daemon
cc-pocket-daemon pair # prints a QR + 6-digit code
Upgrade with scoop update cc-pocket-daemon. Other architectures: build from source — see Quick start.
No accounts, no login. The daemon generates a static keypair on first run (its account id is the public fingerprint). To add a phone:
cc-pocket-daemon pair # on your computer — prints a QR + a 6-digit code
On the phone, scan the QR (system camera or the in-app scanner) or type the 6-digit code. The phone registers its own device key and pairs end-to-end. Scanning the QR carries the daemon's key out-of-band, so even a malicious relay can't MITM that path.
See docs/SECURITY.md for the full threat model and the trust-without-trusting-us argument (open source, self-hostable, zero content logging).
Requires JDK 17 and an installed, logged-in claude CLI.
Local single-machine (no relay), for development:
./gradlew :protocol:check # protocol contract test
./gradlew :daemon:run --args="run" # daemon — local WebSocket on 127.0.0.1:8765
./gradlew :daemon:run --args="test-client" # drive it against the real claude
# dirs · ls <wd> · open <wd> [resumeId] · say <text> · cd <wd> · mode <m> · allow · deny · quit
Through the relay (off-LAN), the real product path:
./gradlew :daemon:installDist # build the launcher
daemon/build/install/cc-pocket-daemon/bin/cc-pocket-daemon \
run --relay wss://<your-relay> --claude-bin ~/.local/bin/claude
# then, in another terminal:
daemon/build/install/cc-pocket-daemon/bin/cc-pocket-daemon pair
Build the app: Android via ./gradlew :mobile:composeApp:assembleDebug; iOS via iosApp/iosApp.xcodeproj (Xcode). See [docs/ios-device.md