Loopsy: Open-Source Tool for Remote Terminal and AI Agent Control
Loopsy is a self-hosted, open-source tool that enables remote terminal access and AI agent control across machines. It allows users to control terminals like Claude Code, Cursor, or Codex from a phone via a Cloudflare Workers relay, with no port forwarding or VPN required. The system uses outbound WebSockets and HMAC-signed pair tokens for secure connections. It supports full PTY, ANSI, scrollback, resize, persistent sessions, and voice input via Web Speech API. For LAN agent-to-agent communication, daemons discover each other via mDNS and pair using ECDH (P-256) with a 6-digit SAS code. The MCP server exposes tools for session management, file transfer, and key/value state sharing. The threat model acknowledges that the relay can read terminal content; end-to-end encryption is planned for v1.1. Auto-approve for sessions defaults off and requires macOS password. The project includes a comprehensive security audit with 23 findings, 20 closed. It is released under Apache 2.0 license.
Key facts
- Loopsy enables remote terminal control from a phone via Cloudflare Workers relay.
- Supports Claude Code, Cursor, Codex, or any shell on macOS, Linux, Windows.
- Uses outbound WebSocket to relay; no port forwarding or VPN needed.
- Pair tokens are HMAC-signed; secrets SHA-256 hashed at rest.
- Full PTY with ANSI, scrollback, resize, persistent sessions.
- Voice input via Web Speech API.
- LAN agent-to-agent pairing uses ECDH P-256 with 6-digit SAS code.
- MCP tools include session start, file transfer, key/value context store.
- Threat model warns relay can read terminal content; E2E encryption planned for v1.1.
- Auto-approve defaults off; requires macOS password to enable.
- Security audit: 23 findings, 20 closed, 3 deferred to v2.
- Released under Apache 2.0 license.
Entities
Institutions
- Cloudflare Workers
- GitHub
- npm