upvote

points

by dceddia20 hours ago |
comments
upvoteby joshstrange19 hours ago|
next
[-]
But their docs also say:

> Unless previously approved, Anthropic does not allow third party developers to offer claude.ai login or rate limits for their products, including agents built on the Claude Agent SDK. Please use the API key authentication methods described in this document instead.

Which I have interpreted means that you can’t use your Claude code subscription with the agent SDK, only API tokens.

I really wish Anthropic would make it clear (and allow us to use our subscriptions with other tools).

reply
upvoteby ceroxylon18 hours ago|
parent|
[-]
Didn't Thariq make it clear three weeks ago when they shut down 3rd party tool access and the OpenCode users were upset?

> Third-party harnesses using Claude subscriptions create problems for users and are prohibited by our Terms of Service.

https://xcancel.com/trq212/status/2009689809875591565

reply
upvoteby swyx12 hours ago|
parent|
[-]
i think thats conflating two things (am not an expert). opencode exploited unauthorized use/api access, but obviously whatever that is using claude code sdk is kosher because its literally anthropic's blessed way to do this

thariq did a good intro here https://www.youtube.com/watch?v=TqC1qOfiVcQ

reply
upvoteby jimminyx20 hours ago|
prev|
next
[-]
OP here. Yes! This was a big motivation for me to try and build this. Nervous Anthropic is gonna shut down my account for using Clawdbot.

This project uses the Agents SDK so it should be kosher in regards to terms of service. I couldn't figure out how to get the SDK running inside the containers to properly use the authenticated session from the host machine so I went with a hacky way of injecting the oauth token into the container environment. It still should be above board for TOS but it's the one security flaw that I know about (malicious person in a WhatsApp group with you can prompt inject the agent to share the oauth key).

If anyone can help out with getting the authenticated session to work properly with the agents running in containers it would be much appreciated.

reply
upvoteby dceddia19 hours ago|
parent|
next
[-]
I went down this rabbit hole a bit recently trying to use claude inside fence[0] and it seems that on macOS, claude stores this token inside Keychain. I'm not sure there's a way to expose that to a container... my guess would be no, especially since it seems the container is Linux, and also because keeping the Keychain out of reach of containers seems like it would be paramount. But someone might know better!

0: https://github.com/Use-Tusk/fence

reply
upvoteby gronky_19 hours ago|
parent|
[-]
True. There’s a setting for Claude code though where you can add apiKeyHelper which is a script you add that gets the token for Claude Code. I imagine you can use that but haven’t quite figured out how to wire it up
reply
upvoteby skerit7 hours ago|
parent|
prev|
[-]
Can you do everything via the SDK as via regular API calls? Caching etc all works? You can get reasoning, responses, tool call info, ... ?
reply
upvoteby hebejebelus20 hours ago|
prev|
[-]
Wow, thanks for posting that, news to me! In this case I don’t understand why there was a whole brouhaha with OpenClaw and the like - I guess they were invoking it without the official SDK? Because this makes it seem like if you have the sub you can build any agentic thing you like and still use your subscription, as long as you can install and login to Claude code on the machine running it.
reply
upvoteby disillusioned20 hours ago|
parent|
next
[-]
Tons of chatter on Twitter making it sound like you'll get permabanned for doing this but... 1) how would they know if my requests are originating from Claude Code vs. OpenClaw? 2) how are we violating... anything? I'm working within my usage limits...

$70 or whatever to check if there's milk... just use your Claude Max subscription.

reply
upvoteby zarzavat20 hours ago|
parent|
next
[-]
> how would they know if my requests are originating from Claude Code vs. OpenClaw

How wouldn't they know? Claude Code is proprietary they can put whatever telemetry they want in there.

> how are we violating... anything? I'm working within my usage limits...

It's well known that Claude code is heavily discounted compared to market API rates. The best interpretation of this is that it's a kind of marketing for their API. If you are not using Claude code for what it's intended for, then it's violating at least the spirit of that deal.

reply
upvoteby dceddia19 hours ago|
parent|
prev|
next
[-]
The Claude Code client adds system prompts and makes a bunch of calls to analytics/telemetry endpoints so it's certainly feasible for them to tell, if they inspect the content of the requests and do any correlation between those services.

And apparently it's violating the terms of service. Is it fair and above board for them to ban people? idk, it feels pretty blatantly like control for the sake of control, or control for the sake of lock-in, or those analytics/telemetry contain something awfully juicy, because they're already getting the entire prompt. It's their service to run as they wish, but it's not a pro-customer move and I think it's priming people to jump ship if another model takes the lead.

reply
upvoteby cypherpunks0115 hours ago|
parent|
prev|
next
[-]
Hate to ask the obvious question but.. how does Claude check for milk?
reply
upvoteby firloop20 hours ago|
parent|
prev|
[-]
Was there a brouhaha with OpenClaw or was that with OpenCode?
reply
upvoteby disillusioned20 hours ago|
parent|
next
[-]
It was with OpenCode, but a LOT of the commentariat is insisting that running OpenClaw through subscription creds instead of API is out of TOS and will get you banhammered.
reply
upvoteby hebejebelus20 hours ago|
parent|
prev|
[-]
I think you’re right and it was OpenCode. The semantic collisions are going to becpme more of a problem in the coming Cambrian explosion of software
reply