Human-in-the-loop for AI agents

Your agents act.
You stay in control.

Running agents unsupervised is a bet. OKed adds the checkpoint: intercepts before execution, pushes to your phone, blocks until you decide.

Runs outside the agent process. Cannot be bypassed.

Get started
$ npm install -g @oked/claude-code && oked init
🔔
Pending approval
💳
Create payment
high stakes
Transfer 2,400 EUR
to [email protected]
agent waiting...
Recent
send_emailapproved
git push --forcedenied
delete_fileapproved
r/ClaudeAI
"My agent started deleting emails immediately. I couldn't stop it. I had to physically shut down my computer."
OKed would have caught this before the first deletion.
r/openclaw
"The agent initiated a bank transfer on its own. No confirmation step. No approval prompt. It just executed."
OKed would have blocked the transfer and pushed to your phone first.
r/ClaudeAI
"It sent outreach emails to the entire list before I could close the terminal. No confirm dialog. Nothing."
OKed would have sent you a push before the first send.
r/openclaw
"Claude Code configured itself to bypassPermissions mode and ran the whole task without a single prompt."
OKed runs outside the agent process. It cannot be configured away.
r/devops
"Agent ran a 'cleanup' migration and dropped our production database. 1,200 rows gone. It told me the rollback worked. It hadn't."
OKed would have paused the DROP and pushed to your phone first.
terminal
$ claude   > rm -rf /data/migrations   [oked] classified as high_stakes [oked] requesting approval... [oked] push sent to device   [oked] decision: approved [claude] continuing...   $ git push --force   [oked] classified as high_stakes [oked] requesting approval... [oked] decision: denied [claude] action blocked   $
How it works

The control loop

Intercept, classify, notify, decide. Safe actions pass instantly. Everything else waits for you.

01 / Intercept
Before execution
The hook receives each tool call before it runs. Runs outside the agent process so it cannot be bypassed.
02 / Classify
Tiered scoring
Safe read-only operations pass instantly. Unknown or risky actions move to approval.
03 / Notify
Push to your phone
Approval request arrives via mobile app or Telegram. Full context: what the agent wants to do and why it was flagged.
04 / Audit
Every decision logged
Each request, classification, and decision is persisted with a timestamp. Full audit trail, exportable any time.
Integrations

Works with your stack

Claude Code
zero code
Claude Code can configure itself to skip permission prompts. OKed runs outside that process. One init command, every session protected regardless.
npm install -g @oked/claude-code && oked init
OpenClaw
zero code
Drop-in plugin. Every sensitive action your agent takes (sending an iMessage, making a call, deploying a site) waits for your approval.
npm install @oked/openclaw
Node.js SDK
one line
Call oked.approve() before any sensitive action. Works with OpenAI, Anthropic, LangChain, or custom agents.
npm install @oked/sdk
MCP
coming soon
Local proxy daemon that sits between your MCP client and any server, intercepting tool calls before execution.
SDK

One line. The agent waits.

Add oked.approve() before any sensitive action. OKed handles the push notification, the wait state, and the audit log.

agent.ts
import { oked } from '@oked/sdk'

// one line before any sensitive action
await oked.approve({
  action: 'create_payment',
  description: 'Transfer 2,400 EUR to [email protected]',
})

// only reaches here if you approved
await createPayment(amount, recipient)