Every AI coding agent can ship code. None of them verifies it works. AgentDesk does. A real browser verifies every push — diagnoses failures, drafts the fix, comments on the PR, ships the merge.
AgentDesk orchestrates Claude Code sessions — without the CLI installed, there’s nothing to verify.
AgentDesk is indie-built. No Apple Developer certificate yet — $99/year, on the roadmap. macOS quarantines the app on first run. One terminal command strips the flag. The details below explain why that's safe.
The released .dmg is built by a pinned GitHub Actions pipeline — not hand-crafted, not uploaded from a local machine. Every binary is traceable to a git tag in the source tree it was built from. No telemetry phones home from the app. No bundled analytics. No auto-update pinging.
The quarantine flag is macOS’s “this came from the internet” marker — not a malware detection. It trips by default on every download, signed or not. xattr -rd com.apple.quarantine is a built-in macOS utility (man xattr) that deletes one specific extended attribute on the app bundle. It doesn’t run any code, change any system setting, or touch anything else on your machine.
Source is private for now — this is an indie project, not an open-source product, and keeping the source closed while we’re pre-revenue is a deliberate call. Reach out if you need to audit it for enterprise use.
Once Apple Dev certs are on the budget the app will be signed and notarized, and this whole section gets deleted.
Shared API keys are pre-wired so the app works on first launch. You just point each session card at its live URL and its repo.
Shared TinyFish, Fireworks AI, and OpenRouter keys are wired on install — AgentDesk works out of the box. Paste your own in Settings only if you want isolation from the shared quotas.
Connect GitHub in the same panel to unlock the PR flow — Slack is optional, only if you want verification-failure alerts in a channel.
Every session card wires to one live URL, one GitHub repo, and — if you want OAuth verification — one OAuth test URL. One click per project, saved forever.
E2E scenarios, content regex, status-URL probing, and Slack alerts each live in their own tab on the same modal. Empty tabs mean no checks of that type — AgentDesk only runs what you configure.
Six steps, end to end, lifted from the app as it runs today. No reconstruction, no marketing mock-ups — these are the screens you land on five minutes after install.
Scans ~/.claude/projects every few seconds. Each session card carries the project name, branch, last commit, deploy URL, and a live pulse when the agent is still working.
The moment a git push lands on a branch tracked by AgentDesk, a verification job is queued. Claude Code's Stop hook fires when the agent finishes a turn — AgentDesk reads the session transcript, spots the push command, and kicks off the checks. No polling, no manual trigger.
TinyFish navigates the actual production site over SSE. You watch the page render in a live iframe inside AgentDesk while structured JSON streams in alongside — which selectors fired, which buttons clicked, what each network response was.
When a check fails, Fireworks AI’s gpt-oss-120b diagnoses it in about 1.4 seconds and correlates it to the commit that caused the break. Click “Suggest Fix” and Kimi K2.5 does few-shot RAG over past failures on this project and drafts the patch.
GitHub lives in a dedicated tab, wired through Composio. Click Create PR and an editable draft opens with an AI-polished title and body written from your actual commit log. Click Merge PR and the squash commit is already staged — green-check watch runs live.
Every verification run — checks, duration, commit SHA, diagnosis, Suggest Fix output — persists locally. Filter by project, date range, or failure class. Export as JSON. Re-run any check straight from the row.
One agent push. No manual clicking through the app to see if it still works. Five events, a real browser, one sentence of diagnosis, one click to ship.
Claude Code finishes a feature branch. It commits and pushes to origin like any developer would.
The toast lights up. A verification job is queued against the deployed URL the project is mapped to.
A real Chromium session navigates the production URL, runs the goal end-to-end, and streams every step into the app. You watch it happen.
If it fails, gpt-oss-120b writes the one-sentence cause and maps it to the offending commit SHA.
Open the PR in the GitHub tab. Click Merge. AgentDesk watches the required checks go green. Deployment-live toast fires.
the loop closes
No human ever opened a browser
to find out if production still worked.
No paid distribution. No asks. Every quote below is from a public post made by the named person. Screenshots of the originals are available on request.
“Great to see awesome projects coming out of this. My fav ones: AgentDesk by Afshal Gulam gives AI coding agents the ability to self-test and verify apps/features they've built. Vibe code + vibe verify in parallel.”
One post. No paid distribution. Organic reach only.
“Look at this 🤩 ai coding agents paired with web agent to verify what each of them created 🔥 all powers users of these agents would love it!”
Shared keys cover everyone today. Below is the ladder we’re building toward — live once paid tiers turn on.
Today every tier is free. You run on our pooled TinyFish / Fireworks AI / Composio keys at our cost while we figure the mix out. No credit card, no sign-up — you just install and use it.
Paste your TinyFish, Fireworks AI, and OpenRouter keys in Settings. Unlimited checks at your own cost.
Our pooled API keys. No key management. Fixed monthly check quota, zero per-run cost anxiety.
Multi-user projects. Shared Slack alerts. Higher quotas. For 2–20-dev shops running AI agents in parallel.
For orgs whose legal and IT teams need SSO, audit logs, and an SLA before anything can ship.
Patch release. One bug fix, no feature changes.
A serious polish pass on AI Chat, GitHub workflows, and the first-run experience. The app is now much more honest about what's configured, much more forgiving when things go wrong, and much harder to misuse.
Free to download. No signup. No email. No telemetry. If it works for you, tell a friend.
