cockpit
agent
Basarisiz
Health Uyari
- License — License: MIT
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Low visibility — Only 6 GitHub stars
Code Basarisiz
- process.env — Environment variable access in bin/cock-browser.mjs
- network request — Outbound network request in bin/cock-browser.mjs
- process.env — Environment variable access in bin/cock-dev.mjs
- process.env — Environment variable access in bin/cock-terminal.mjs
- network request — Outbound network request in bin/cock-terminal.mjs
- exec() — Shell command execution in bin/cock.mjs
- spawnSync — Synchronous process spawning in bin/cock.mjs
- process.env — Environment variable access in bin/cock.mjs
- network request — Outbound network request in bin/cock.mjs
- execSync — Synchronous shell command execution in bin/postinstall.mjs
- process.env — Environment variable access in bin/postinstall.mjs
Permissions Gecti
- Permissions — No dangerous permissions requested
Purpose
This is a graphical user interface designed to run parallel AI coding sessions using the official Claude Agent SDK. It provides a local-first dashboard with built-in terminal access, browser control, and database management.
Security Assessment
Risk Level: Medium to High. The tool is designed to orchestrate complex development tasks, which inherently requires high system permissions. The automated scanner flagged multiple instances of shell command execution (`exec()`, `spawnSync`, `execSync`), which is expected given its deep integration with your terminal and the Claude Code environment. The code makes outbound network requests to communicate with APIs and relies on environment variables to manage credentials safely. No hardcoded secrets or dangerous requested permissions were found. However, the most significant vulnerability is the `postinstall.mjs` script, which automatically executes shell commands during the `npm install` process. Running unverified installation scripts from a low-visibility project always carries the risk of executing malicious code on your machine.
Quality Assessment
The project is very new and currently has minimal community adoption with only 6 GitHub stars. Because of this low visibility, it has not been widely audited by independent security researchers, meaning you are placing a high degree of trust solely in the original developers. On a positive note, it is actively maintained (last updated today), has a clear description, and uses the standard, permissive MIT license.
Verdict
Use with caution. While its architecture and features are exactly what developers need for complex AI workflows, its minimal community presence combined with highly privileged automatic post-install shell scripts means you should thoroughly review the installation code before running it on your machine.
This is a graphical user interface designed to run parallel AI coding sessions using the official Claude Agent SDK. It provides a local-first dashboard with built-in terminal access, browser control, and database management.
Security Assessment
Risk Level: Medium to High. The tool is designed to orchestrate complex development tasks, which inherently requires high system permissions. The automated scanner flagged multiple instances of shell command execution (`exec()`, `spawnSync`, `execSync`), which is expected given its deep integration with your terminal and the Claude Code environment. The code makes outbound network requests to communicate with APIs and relies on environment variables to manage credentials safely. No hardcoded secrets or dangerous requested permissions were found. However, the most significant vulnerability is the `postinstall.mjs` script, which automatically executes shell commands during the `npm install` process. Running unverified installation scripts from a low-visibility project always carries the risk of executing malicious code on your machine.
Quality Assessment
The project is very new and currently has minimal community adoption with only 6 GitHub stars. Because of this low visibility, it has not been widely audited by independent security researchers, meaning you are placing a high degree of trust solely in the original developers. On a positive note, it is actively maintained (last updated today), has a clear description, and uses the standard, permissive MIT license.
Verdict
Use with caution. While its architecture and features are exactly what developers need for complex AI workflows, its minimal community presence combined with highly privileged automatic post-install shell scripts means you should thoroughly review the installation code before running it on your machine.
Claude Code GUI for parallel AI coding — multi-project sessions, terminal, browser & DB bubbles, code review, slash modes. Built on the official Claude Agent SDK. Local-first, MIT.
README.md
Cockpit — A Claude Code GUI for parallel AI coding
One seat. One AI. Everything under control.
/ˈkɒkpɪt/ — like an aircraft cockpit
Cockpit is an open-source Claude Code GUI. Run multiple Claude Code Agent SDK sessions in parallel across projects, with a built-in terminal, Chrome control, PostgreSQL / MySQL / Redis bubbles, code review, and slash modes — all local, zero config.
https://github.com/user-attachments/assets/18f1a5dc-64f3-4ff6-b9fc-9cd08181fbb8
npm i -g @surething/cockpit && cockpit
Why Cockpit?
Anthropic ships Claude Code as a CLI. That's the right call for power users — but the moment you have more than one project in flight, your terminal turns into mission control with no instruments.
Cockpit is the instrument panel. It does not replace Claude Code; it stands on top of the official Agent SDK and gives you the things a CLI can't:
| Pain with raw Claude Code | What Cockpit adds |
|---|---|
| One session at a time, terminal chaos at 3+ projects | Multi-project tabs, parallel agent sessions, red-dot inbox, desktop notifications |
| Image attachments are awkward | Drop / paste images straight into chat |
| "What was I debugging yesterday?" | Cmd+K cross-project session browser, pinning, forking |
| Agent can't reach your browser / DB | Smart Bubbles: Chrome, PostgreSQL, MySQL, Redis — drivable by the agent |
| Reviewing AI output is friction | LAN-shared review pages, line-level comments, send any comment back as AI context |
| Same "do X but don't change code" prompt every day | Slash modes /qa /fx /review /commit + custom ~/.claude/commands/*.md |
| No automation hooks | One-time / interval / cron-based scheduled tasks |
| "Cloud relay" trust concerns | Fully local. No telemetry. No API key beyond what claude already has. |
Features
Agent — AI chat that scales
- Powered by the official Claude Agent SDK — zero extra API key setup
- Multi-project concurrent sessions with desktop notifications and red-dot badges
- Session pinning, forking, cross-project session browser (Cmd+K)
!commandprefix to run shell from chat — output piped back as context- Image attachments, code references, token usage tracking
Explorer — Code & files
- 4-tab file browser: Directory · Recent · Git Changes · Git History
- Syntax highlighting (Shiki) with Vi mode editing
- Git blame, diff view, branch switching, worktree management
- LSP integration — go to definition, find references, hover info
- Fuzzy file search (Cmd+F), JSON viewer, Markdown preview
Console — Terminal & smart Bubbles
- Full xterm.js terminal with shell integration
- 🌐 Browser Bubble — control Chrome via accessibility tree (click, type, navigate, screenshot, network)
- 🐘 PostgreSQL Bubble — browse schema, run queries, export
- 🐬 MySQL Bubble — browse databases & tables, run queries
- 🔴 Redis Bubble — browse keys, inspect values, execute commands
- Drag-to-reorder, grid / maximized layout, per-tab env vars & shell aliases
Code Review — LAN-shared, no SaaS
- LAN-shareable review pages — teammates need zero install
- Line-level comments with reply threads
- Send any comment back to AI as context for an automated fix
- Red-dot badges keep unread feedback visible across projects
Slash modes — change the agent's posture
/qa— Clarify-only: restate, ask back, never code/fx— Diagnose-only: bug evidence chain, never edit/review— read the diff, write notes, no rewrites/commit— stage + draft a message in your repo's style + commit- Custom: drop any
*.mdinto~/.claude/commands/or./.claude/commands/→ instant slash command
Scheduled tasks — Cron for AI
- One-time, interval, or cron scheduling
- Pause / resume, reorder, track results across projects
Skills — extensibility
- Drop in any
SKILL.mdto teach the agent a new trick - Invoke with
/skill-namefrom chat - All managed from a single Skills sidebar
Use cases
- Solo dev, multi-repo: "I have a refactor running in API, tests writing in Web, and a bug investigation in Pipeline — all at once, all visible."
- Two-person team: Senior reviews via LAN-shared review page, no GitHub PR round-trip needed for in-progress work.
- Full-stack chore mode:
/fxin one tab on a backend bug,/reviewin another on the frontend diff,/committo wrap up — three slash modes, three different agent postures. - AI-driven QA: Browser Bubble + scheduled task = "every night at 2 AM, run this UI smoke flow and post a summary".
- Privacy-sensitive code: runs on your laptop, talks only to the Claude API your
claudeCLI is already configured with. No telemetry, no relay.
Try online
No install, no AI chat (read-only sandbox, 5 min):
Prerequisites
- Node.js ≥ 20 — nodejs.org
- Claude Code — docs.anthropic.com/en/docs/claude-code
- Git — for git features (blame, diff, worktree, etc.)
- Chrome (optional) — for Browser Bubble; install the bundled extension from
~/.cockpit/chrome-extension
Install
npm install -g @surething/cockpit
cockpit # start cockpit → http://localhost:3457
cockpit . # open current dir as a project
cockpit ~/my-project # open specified dir
cockpit -h # help
Both
cockpit(full name) andcock(short alias) ship with the package — use whichever you prefer. Docs and examples usecockpit; existing muscle memory keeps working.
From source
git clone https://github.com/Surething-io/cockpit.git
cd cockpit
npm install
npm run setup # build + npm link (registers `cockpit` and `cock`)
CLI
cockpit browser <id> snapshot # capture accessibility tree
cockpit browser <id> click <uid> # click element
cockpit terminal <id> exec "ls" # execute command
cockpit terminal <id> output # get terminal output
Comparison
| Raw Claude Code CLI | IDE plugin (Cursor, Continue) | Aider TUI | Cockpit | |
|---|---|---|---|---|
| Multi-project parallel | tmux required | multi-window | one at a time | first-class |
| Cross-project search | grep | per-window | local | Cmd+K |
| Browser / DB control | ❌ | usually ❌ | ❌ | ✅ Bubbles |
| Code review surface | git tools | PR provider | git | LAN-shared |
| Slash modes | manual | per-plugin | yes | /qa /fx /review /commit + custom |
| Local-only / no cloud relay | ✅ | varies | ✅ | ✅ |
| Day-1 SDK features | ✅ | wait | varies | ✅ official SDK |
| Open source | ✅ | mostly ❌ | ✅ | ✅ MIT |
Read the long version: Claude Code GUI: CLI vs Cockpit vs IDE plugins
Read more
- 📖 How to run 5 Claude Code sessions in parallel
- 📖 Slash modes in Claude Code: /qa /fx /review /commit
- 📖 Full blog
- 📋 Changelog
Development
npm run dev # dev server → http://localhost:3456
npm run build # production build
npm run setup # build + npm link
npm run lint # ESLint
Tech stack
Next.js 16 · React 19 · TypeScript · TailwindCSS · xterm.js · Shiki · i18next · Claude Agent SDK
Contributing
Issues and PRs welcome. See CONTRIBUTING.md and GUIDE.md.
License
MIT © Surething
If Cockpit saved you 10 minutes today, a ⭐️ on GitHub is the cheapest thank-you we know.
Yorumlar (0)
Yorum birakmak icin giris yap.
Yorum birakSonuc bulunamadi