DangerouslyDangerously skip permissions
Auto-approve the 98% of safe actions, escalate the 2% that matter
Keep track and manage multiple Claude Code sessions at once
Runs locally using Apollo's cloud monitoring platform
git clone https://github.com/ApolloResearch/watcher.git
cd watcher
./watcher.sh
FAQ
How much does it cost to use Watcher?
What happens to my data?
Do I need to bring an API key?
What about future integrations?
What features are coming next?
Claude.md, better rulesets, better agent steering for your org from grading historical trajectories. If there's something you wish Watcher would do, we'd love to know.
How reliable are the monitors?
Can I configure the monitors and rules?
How is this different from auto-mode?
Products like Claude Code's auto-mode and Codex's auto-review mode address the same core problem: reducing permission fatigue while maintaining safety. We think these are good products and are glad the labs are investing in safety by default.
Watcher comes at the problem from a different angle:
- Consistent rules across all coding agents. Watcher integrates across Claude Code and Codex. Your security policies are defined once and applied everywhere, rather than configured separately in each tool.
- Organization-wide visibility. Auto-mode and auto-review are designed for a single developer using a single agent. Watcher gives teams centralized policy management, multi-session supervision, and Analyzer for reviewing failure patterns across all developers and sessions.
- Cross-model monitoring. Built-in safety features use models from the same company as monitors. In practice, we've found that different models have different blind spots and biases. GPT models tend to be overly suspicious, Claude models can be too trusting of their own reasoning. Watcher lets you mix models across the pipeline (e.g., Gemini Flash for fast triage, Claude Sonnet for gateway) to get monitoring that doesn't share the agent's biases.
- Admin-managed policy. Built-in modes are developer-controlled. Watcher supports locked settings, admin-distributed rules, and MDM deployment so that security teams can enforce policy, not just suggest it.
Apollo is working directly with the auto-mode and auto-review teams at Anthropic and OpenAI to ensure Watcher integrates well with these features as they evolve. The goal is not to replace built-in controls, but to provide the organizational layer on top of them that security teams need.
For more details on our enterprise offering, please see Enterprise.