by kill136
Open source AI coding platform with Web IDE, multi-agent system, 37+ tools, MCP protocol. MIT licensed.
# Add to your Claude Code skills
git clone https://github.com/kill136/claude-code-openGuides for using ai agents skills like claude-code-open.
Last scanned: 5/30/2026
{
"issues": [
{
"type": "npm-audit",
"message": "@anthropic-ai/claude-code: Claude Code: Trust Dialog Bypass via Git Worktree Spoofing Allows Arbitrary Code Execution",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@discordjs/rest: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@larksuiteoapi/node-sdk: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@protobufjs/utf8: protobufjs has overlong UTF-8 decoding",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@trpc/client: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@trpc/server: tRPC 11 WebSocket DoS Vulnerability",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@vitest/mocker: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@vitest/ui: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@xmldom/xmldom: xmldom: XML injection via unsafe CDATA serialization allows attacker-controlled markup insertion",
"severity": "high"
},
{
"type": "npm-audit",
"message": "ajv: ajv has ReDoS when using `$data` option",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "ajv-formats: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "axios: Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF",
"severity": "high"
},
{
"type": "npm-audit",
"message": "brace-expansion: brace-expansion: Zero-step sequence causes process hang and memory exhaustion",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "conf: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "cos-nodejs-sdk-v5: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "discord.js: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "dompurify: DOMPurify contains a Cross-site Scripting vulnerability",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "electron: Electron: AppleScript injection in app.moveToApplicationsFolder on macOS",
"severity": "high"
},
{
"type": "npm-audit",
"message": "esbuild: esbuild enables any website to send any requests to the development server and read the response",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "fast-uri: fast-uri vulnerable to path traversal via percent-encoded dot segments",
"severity": "high"
},
{
"type": "npm-audit",
"message": "fast-xml-parser: fast-xml-parser has an entity encoding bypass via regex injection in DOCTYPE entity names",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "file-type: file-type affected by infinite loop in ASF parser on malformed input with zero-size sub-header",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "flatted: flatted vulnerable to unbounded recursion DoS in parse() revive phase",
"severity": "high"
},
{
"type": "npm-audit",
"message": "follow-redirects: follow-redirects leaks Custom Authentication Headers to Cross-Domain Redirect Targets",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "form-data: form-data uses unsafe random function in form-data for choosing boundary",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "imap: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "imap-simple: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "ip-address: ip-address has XSS in Address6 HTML-emitting methods",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "lodash: lodash vulnerable to Code Injection via `_.template` imports key names",
"severity": "high"
},
{
"type": "npm-audit",
"message": "mailparser: Vulnerability found",
"severity": "low"
},
{
"type": "npm-audit",
"message": "minimatch: minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
"severity": "high"
},
{
"type": "npm-audit",
"message": "monaco-editor: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "node-notifier: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "nodemailer: Nodemailer has SMTP command injection due to unsanitized `envelope.size` parameter",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "path-to-regexp: path-to-regexp vulnerable to Denial of Service via sequential optional groups",
"severity": "high"
},
{
"type": "npm-audit",
"message": "picomatch: Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching",
"severity": "high"
},
{
"type": "npm-audit",
"message": "postcss: PostCSS has XSS via Unescaped </style> in its CSS Stringify Output",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "protobufjs: Arbitrary code execution in protobufjs",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "qs: qs's arrayLimit bypass in comma parsing allows denial of service",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "request: Server-Side Request Forgery in Request",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "rollup: Rollup 4 has Arbitrary File Write via Path Traversal",
"severity": "high"
},
{
"type": "npm-audit",
"message": "semver: semver vulnerable to Regular Expression Denial of Service",
"severity": "high"
},
{
"type": "npm-audit",
"message": "tar: node-tar Symlink Path Traversal via Drive-Relative Linkpath",
"severity": "high"
},
{
"type": "npm-audit",
"message": "tmp: tmp has Path Traversal via unsanitized prefix/postfix that enables directory escape",
"severity": "high"
},
{
"type": "npm-audit",
"message": "tough-cookie: tough-cookie Prototype Pollution vulnerability",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "undici: Undici has an unbounded decompression chain in HTTP responses on Node.js Fetch API via Content-Encoding leads to resource exhaustion",
"severity": "high"
},
{
"type": "npm-audit",
"message": "utf7: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "uuid: uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "vite: Vite Vulnerable to Path Traversal in Optimized Deps `.map` Handling",
"severity": "high"
},
{
"type": "npm-audit",
"message": "vite-node: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "vitest: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "ws: ws: Uninitialized memory disclosure",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "xlsx: Prototype Pollution in sheetJS",
"severity": "high"
}
],
"status": "FAILED",
"scannedAt": "2026-05-30T16:00:31.961Z",
"npmAuditRan": true,
"pipAuditRan": true
}claude-code-open is an open-source ai agents skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by kill136. Open source AI coding platform with Web IDE, multi-agent system, 37+ tools, MCP protocol. MIT licensed. It has 158 GitHub stars.
claude-code-open failed SkillsLLM's automated security scan, which flagged one or more high-severity issues. Review the Security Report section carefully before using it.
Clone the repository with "git clone https://github.com/kill136/claude-code-open" and add it to your Claude Code skills directory (see the Installation section above).
claude-code-open is primarily written in TypeScript. It is open-source under kill136 on GitHub, so you can review or fork the full source.
Yes. SkillsLLM lists many other AI Agents skills you can browse and compare side by side. Open the AI Agents category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh claude-code-open against similar tools.
No comments yet. Be the first to share your thoughts!
Requires a passing catalog security scan. Resolve the flagged issues and resubmit to enable featuring.
Use any model. Extend with plugins. Let AI agents build your project.
Website | Live Demo | User Guide | Discord | 中文
Watch on YouTube | Download video | Try Live Demo
Axon is a free, open-source AI coding assistant with a built-in Web IDE, multi-agent task system, and self-evolution capabilities. It gives you full control — choose your AI provider, extend functionality through plugins and MCP servers, and even let the AI modify its own source code.
# Install
npm install -g axon
# Set your API key (Anthropic, OpenRouter, DeepSeek, or any OpenAI-compatible provider)
# No API key? Get one at https://api.chatbi.site (Claude Sonnet & Opus, OpenAI-compatible)
export ANTHROPIC_API_KEY="sk-..."
# Terminal mode
axon
# Web IDE mode (opens at http://localhost:3456)
axon-web
Windows: Download install.bat and double-click.
macOS / Linux:
curl -fsSL https://raw.githubusercontent.com/kill136/claude-code-open/private_web_ui/install.sh | bash
China mirror:
curl -fsSL https://gitee.com/lubanbbs/claude-code-open/raw/private_web_ui/install.sh | bash
# Web IDE
docker run -it \
-e ANTHROPIC_API_KEY=your-api-key \
-p 3456:3456 \
-v $(pwd):/workspace \
-v ~/.axon:/root/.axon \
wbj66/axon node /app/dist/web-cli.js --host 0.0.0.0
# Terminal only
docker run -it \
-e ANTHROPIC_API_KEY=your-api-key \
-v $(pwd):/workspace \
-v ~/.axon:/root/.axon \
wbj66/axon
git clone https://github.com/kill136/claude-code-open.git
cd claude-code-open
npm install && npm run build
node dist/cli.js # Terminal
node dist/web-cli.js # Web IDE
macOS / Linux:
curl -fsSL https://raw.githubusercontent.com/kill136/claude-code-open/private_web_ui/uninstall.sh | bash
China mirror:
curl -fsSL https://gitee.com/lubanbbs/claude-code-open/raw/private_web_ui/uninstall.sh | bash
Windows (PowerShell):
irm https://raw.githubusercontent.com/kill136/claude-code-open/private_web_ui/uninstall.ps1 | iex
Windows (cmd):
curl -fsSL https://raw.githubusercontent.com/kill136/claude-code-open/private_web_ui/uninstall.bat -o uninstall.bat && uninstall.bat
A full browser-based IDE — not just a chat window.
Give Axon a complex task and it breaks it down across multiple AI agents working in parallel.
Axon can modify its own source code, compile, and hot-reload — adding new tools and capabilities on the fly.
You: "Add a tool that queries weather data"
Axon: *writes the tool code, compiles TypeScript, restarts, tool is ready*
| Category | Tools |
|---|---|
| File ops | Read, Write, Edit, MultiEdit, Glob, Grep |
| Execution | Bash, background tasks, scheduled jobs |
| Web | Fetch pages, search the web |
| Code | Jupyter notebooks, LSP, Tree-sitter parsing |
| Browser | Playwright-based full browser automation |
| Planning | Plan mode, Blueprint, sub-agents |
| Memory | Long-term memory with semantic search, vector store, BM25 |
| Integration | MCP protocol, Skills marketplace, plugins |
| Perception | Camera (Eye), Microphone (Ear), Speech (Mouth) |
| Provider | Setup |
|---|---|
| Anthropic | ANTHROPIC_API_KEY=sk-ant-... |
| OpenRouter | ANTHROPIC_BASE_URL=https://openrouter.ai/api/v1 |
| AWS Bedrock | CLAUDE_CODE_USE_BEDROCK=1 |
| Google Vertex AI | CLAUDE_CODE_USE_VERTEX=1 |
| Any OpenAI-compatible | Set ANTHROPIC_BASE_URL to your endpoint |
Share your API key or Claude subscription with other devices on your network.
# On the host (has the API key)
axon-proxy -k my-secret
# On client machines
export ANTHROPIC_API_KEY="my-secret"
export ANTHROPIC_BASE_URL="http://<host-ip>:8082"
axon
| Flag | Default | Description |
|---|---|---|
-k, --proxy-key |
auto-generated | Key clients use to authenticate |
-p, --port |
8082 |
Port to listen on |
-H, --host |
0.0.0.0 |
Bind address |
--anthropic-key |
auto-detect | Override Anthropic API key |
--auth-token |
auto-detect | Override OAuth access token |
--target |
https://api.anthropic.com |
Upstream API URL |
The proxy auto-detects credentials: ANTHROPIC_API_KEY env var > ~/.axon/.credentials.json (OAuth).
| Variable | Description | Default |
|---|---|---|
ANTHROPIC_API_KEY |
API key (required) | - |
ANTHROPIC_BASE_URL |
Custom API endpoint | https://api.anthropic.com |
AXON_LANG |
Language (en/zh) |
auto-detect |
AXON_CONFIG_DIR |
Config/data directory | ~/.axon |
Add external tool servers in .axon/settings.json:
{
"mcpServers": {
"filesystem": {
"type": "stdio",
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-filesystem", "/path"]
}
}
}
axon # Interactive mode
axon "Analyze this project" # With initial prompt
axon -p "Explain this code" # Print mode (non-interactive)
axon -m opus "Complex task" # Specify model
axon --resume # Resume last session
axon-web # Web IDE
axon-web -p 8080 -H 0.0.0.0 # Custom port and host
axon-web --ngrok # Public tunnel
axon-web --evolve # Self-evolution mode
PRs and issues are welcome! See CONTRIBUTING.md for guidelines.
The fastest way to extend Axon is to write a Skill (a prompt file with structured instructions) or a Plugin (a JS/TS module with lifecycle hooks). Both are auto-loaded from ~/.axon/skills/ and ~/.axon/plugins/.
Axon is free and open-source. Sponsorships keep development going. See sponsor tiers →
Your name/logo here — become a sponsor
Axon is dual-licensed: