Feature deep dive
When an AI coding agent in Jack asks for a tool call, the same request lands in three places at once — the chat where it was raised, a global inbox across all your sessions, and a push notification on your paired phone. Approve, deny, or "always allow pnpm test" with session, workspace or global scope. No silent timeouts, no half-completed tasks because you missed a prompt. The same rule applies whether the next request comes from Claude Code, OpenAI Codex or Google Gemini.
Every AI coding agent eventually wants to do something with side effects: run pnpm test, write a file, read an environment variable, hit a network endpoint. The provider runtimes (Claude Code, Codex, Gemini) each expose a different mechanism for asking the human for approval. The permission inbox is Jack's unified surface on top of those three — one card design, one set of buttons, one place to look.
For each tool call, the agent is paused server-side until you respond. The card carries the tool name, the target file or command, a payload preview, and three actions: Deny, Allow once, Always allow.
Open the workspace settings, hit Pair phone, scan the QR code with the Jack companion app. Pairing establishes a workspace-bound key; nothing leaves your machine except signed permission payloads addressed to your paired devices. There is no Oglut account, no cloud sign-in, no email verification — the QR is the credential.
You can pair multiple devices to the same workspace. Each one receives its own copy of every permission card; whichever one you answer first wins, and the others mark the request resolved.
"Always allow" turns a permission decision into a rule. Three scopes are available:
pnpm test").git status").Rules are stored locally and reviewable from the settings panel. You can revoke a rule at any time; the next matching request will bring back the prompt.
Nothing bad. By default the agent waits — no silent 30-second timeout that quietly turns into a half-completed task. You will not come back to a "task complete" message that hides a permission you missed three hours ago.
If you prefer a TTL — say, auto-deny after 10 minutes if the user is clearly offline — you can configure one globally. The default is no timeout because the most common failure mode of "convenient" timeouts is silent loss of work.
Yes. An "always allow pnpm test" rule applies whether the next request comes from Claude Code, OpenAI Codex or Google Gemini. The inbox abstracts over Claude's canUseTool, Codex's approval policy and Gemini's request_permission; from your side it is one rule, one decision, one mental model.
That cross-provider scope is the point. If you had to grant the same approval three times — once per provider — you would either give up and disable permissions, or give up and pick one provider. Neither is acceptable.
Open Settings → Permissions. Every active rule is listed with its scope (session / workspace / global), the matching command or pattern, and a one-click revoke. Revoking a rule does not retroactively deny past calls; it just brings the prompt back next time.
Pairing happens through a QR code that establishes a workspace-bound key. Permission payloads are signed and only your paired devices can decrypt them. The agent runs on your desktop; the phone is a remote approval surface, not a copy of your sessions.
By default yes — there is no silent 30-second timeout that turns into a half-completed task. You can configure a global TTL if you prefer; you can also disable timeouts entirely. The agent waits, you decide when you are back.
Yes. The permission inbox is one mechanism on top of the per-provider permission contract: Claude Code's canUseTool, Codex's approval policy, Gemini's request_permission. The same UI gates all three. An always-allow rule applies across providers — once you approve pnpm test, Claude, Codex and Gemini all skip the prompt next time.
No. Jack is account-free. Pairing your phone uses a QR-based workspace token; no Oglut account, no cloud sign-in. The companion app is just a notification surface.
When push notifications cannot reach the phone (poor network, throttled by the OS, sleep mode), Jack falls back to a Server-Sent Events stream that keeps the channel alive over HTTPS. You still get the permission card in the companion app — just routed differently.
Locally on your machine, in Jack's SQLite database under ~/Library/Application Support/jack/. Rules are scoped: session-only (cleared when the session closes), workspace, or global. You can review and revoke them from the settings panel at any time.