siteboon/claudecodeui
Summary
CloudCLI (formerly Claude Code UI) is a web-based GUI that wraps multiple AI coding agents (Claude Code, Cursor CLI, OpenAI Codex, Gemini CLI) so you can interact with them from a browser or mobile device. It runs an Express/Node.js backend that proxies agent sessions via pseudo-terminals (node-pty), exposes a REST+WebSocket API, and serves a React/Vite frontend with chat, file explorer, Git panel, and terminal emulator. Think of it as a remote-control dashboard for AI coding agents that would otherwise require a local terminal.
Great for
Great for people interested in building browser-based interfaces for terminal-driven AI agents, or exploring how to wrap PTY sessions and streaming CLI output into a real-time web UI
Easy wins
- +Extract the massive inline WebSocket/PTY handler logic from server/index.js into dedicated service files — the file is already importing from modular route files but the core session plumbing is still inline
- +Add at least basic integration tests for the git routes (server/routes/git.js has solid input validation worth covering with tests — the project has zero test infrastructure currently)
- +Fix the obvious code duplication: detectTaskMasterFolder() is copy-pasted nearly verbatim in both server/projects.js and server/routes/taskmaster.js — consolidate into the shared mcp-detector utility pattern already used in that same file
- +Add 'good first issue' and 'help wanted' labels to the GitHub issues — currently there are 128 open issues with only 'bug' and 'enhancement' labels, making it hard for new contributors to find entry points
Red flags
- !Zero test coverage — no test runner, no test files, no CI test step despite having GitHub Actions configured (the workflow appears to only handle Discord release notifications)
- !server/index.js contains a `console.log('PORT from env:', process.env.PORT)` debug statement at the top level that would log to production output on every server start
- !The system update endpoint (POST /api/system/update) runs shell commands constructed from a hardcoded string and the installMode detection — while it's behind auth, executing npm install or git pull via spawn on request is a meaningful supply-chain risk surface
- !detectTaskMasterFolder() is duplicated verbatim across server/projects.js and server/routes/taskmaster.js — if a bug is fixed in one, the other silently diverges
- !commit_count: 1 and contributor_count: 1 in the metadata despite showing 50 contributors on GitHub — suggests the metadata was captured at an odd snapshot; worth verifying the actual commit history before assuming active multi-contributor maintenance
- !The IS_PLATFORM flag creates two significantly different security models in the same codebase (one trusts all requests, one validates JWT) — this dual-mode pattern is error-prone and the platform path in WebSocket auth calls authenticateWebSocket(null) which is semantically confusing
Code quality
The git route (server/routes/git.js) is actually well-written — it has path traversal protection, proper input validation helpers, handles edge cases like untracked/deleted files, and uses a clean spawnAsync wrapper. The agent route (server/routes/agent.js) is thoughtful with its SSEStreamWriter/ResponseCollector abstraction and branch name validation. However, server/index.js is a 1000+ line god file mixing app setup, WebSocket plumbing, PTY management, file watching, and inline route handlers; the detectTaskMasterFolder function is literally copy-pasted between projects.js and taskmaster.js with no shared module; and checkJs is commented out in tsconfig.json while the codebase mixes .js, .jsx, .ts, and .tsx freely without consistent type coverage.
What makes it unique
There are a handful of Claude Code web UI projects (claude-code-web-ui, others), but this one is meaningfully differentiated by supporting four agent backends (Claude, Cursor, Codex, Gemini) under one roof, having a working plugin system with a starter template, and including a real Git panel with staging/diff/commit rather than just chat. The commercial CloudCLI Cloud tier built on top of the OSS core is transparent and the feature comparison table is honest. It's not a toy wrapper — the PTY integration, session resumption, and MCP configuration management are substantial.