But that's the sole reason why all of the tools have headless modes. Headless mode is textbook definition of supporting automation.
From gemini docs: [1]
> Headless mode allows you to run Gemini CLI programmatically from command line scripts and automation tools without any interactive UI.
And claude code:
> Use the Agent SDK to run Claude Code programmatically from the CLI, Python, or TypeScript
Why does headless mode exist if using it is a bannable offense?
[1] https://google-gemini.github.io/gemini-cli/docs/cli/headless...
>Unless previously approved, Anthropic does not allow third party developers to offer claude.ai login or rate limits for their products, including agents built on the Claude Agent SDK. Please use the API key authentication methods described in this document instead.
Seems clear-cut to me.
But these tools, including openclaw, didn't have to snatch the OAuth tokens, they could have used claude code built in headless stdio and consequences for Anthropic would be exactly the same. OAuth was just faster to plug in.
So if I open source my solution that allows opencode & openclaw to go through claude cli's headless mode, is this allowed? Is this a product that allows claude.ai login?
What if I open source a 1 line bash loop (e.g. ralph loop) that does the same?
What if I build a more complex bash loop that goes through my tasks in a text file, and calls claude cli for each?
I don't know at which point this becomes "offering claude.ai login" or a "product", or "building agents".
Here's my product:
while :; do cat PROMPT.md | claude ; done
Am I blacklisted now?
My guess is, and others have said this as well in the thread: "when you start utilizing your weekly quotas fully".
But obviously, they can't put "you can't use your weekly allocated quota fully". That would be way too honest and we can't accept that.
But you just made this up? There's no text on the page that says this. What the linked page does is explain technical differences between Agent SDK and Client SDK, and Agent SDK and cli (Agent SDK is just a wrapper around cli anyway).
Neither tab says anything remotely like "if a third-party app prompts the Agent SDK and uses the output for tool calls, that's not allowed." You entirely fabricated this from the comparisons.
And your assumption is wrong on another level. The Agent SDK specifically exists so that you can write your own harness and give it custom tools - that's its entire purpose. It's even documented in their custom tools guide [1]. So not only "using a third-party harness with the Agent SDK" isn't forbidden, it's the product's primary use case. There's no such thing as "harness provided by claude for the agent SDK" - you bring the harness.
The only policy statement on that page is this:
> Unless previously approved, Anthropic does not allow third party developers to offer claude.ai login or rate limits for their products..
But I've already addressed this, so it seems we're going in circles.
[1] https://platform.claude.com/docs/en/agent-sdk/custom-tools
Yea, you don't seem to even understand what you are writing. This in no way contradicts any statement I or Anthopic has said.
>Neither tab says anything remotely like "if a third-party app prompts the Agent SDK and uses the output for tool calls, that's not allowed." You entirely fabricated this from the comparisons.
From: https://platform.claude.com/docs/en/agent-sdk/overview#agent...
>The Anthropic Client SDK gives you direct API access: you send prompts and implement tool execution yourself. The Agent SDK gives you Claude with built-in tool execution.
>With the Client SDK, you implement a tool loop. With the Agent SDK, Claude handles it:
Python
# Client SDK: You implement the tool loop
response = client.messages.create(...)
while response.stop_reason == "tool_use":
result = your_tool_executor(response.tool_use)
response = client.messages.create(tool_result=result, \*params)
# Agent SDK: Claude handles tools autonomously
async for message in query(prompt="Fix the bug in auth.py"):
print(message)