Documentation

Everything you need to integrate AgentSteer into your AI agent framework.

Set up in 30 seconds

Install and set up

Run in your terminal

npx agentsteer

This opens your browser to sign in (Google, GitHub, or email/password), installs the hook globally for all repos, and verifies the connection.

You're done

Every Claude Code, Cursor, and Gemini CLI session is now monitored. View local logs with agentsteer log --list or on the cloud dashboard (if using cloud mode).

API key required for scoring: You need an API key from any supported provider (OpenRouter, Anthropic, OpenAI, Google, Groq, or AWS Bedrock). Set it in your account settings (cloud BYOK) or run npx agentsteer --local to use it locally. See supported providers below.

Framework Integration

Option A: Quickstart (recommended)

Run in your terminal

npx agentsteer

This signs you in, installs the PreToolUse hook to ~/.claude/settings.json, and verifies the connection. Works across all repos globally.

Option B: Install hook only

npx agentsteer install claude-code

Option C: Copy into settings.json

Paste into ~/.claude/settings.json for personal use, or into managed-settings.json for org-wide deployment. Replace the API key with your own from any supported provider.

Paste into ~/.claude/settings.json or managed-settings.json

{
  "hooks": {
    "SessionStart": [{
      "hooks": [{ "type": "command", "command": "npx -y agentsteer@latest install-binary" }]
    }],
    "PreToolUse": [{
      "matcher": "*",
      "hooks": [{ "type": "command", "command": "node ~/.agentsteer/hook.js hook" }]
    }]
  },
  "env": {
    "AGENT_STEER_OPENROUTER_API_KEY": "sk-or-v1-your-key-here"
  }
}

How it works: Every tool call (Bash, Write, Edit, etc.) is scored against the task description. If the score exceeds 0.80 (highly suspicious), the tool call is blocked. The agent sees the block reason and continues normally.

Deploy to Your Team

Need help configuring AgentSteer for your organization? Email team@agentsteer.ai

Option 1: Managed deployment (Claude Code)

Deploy a managed-settings.json file system-wide. Developers need zero setup. Hooks auto-bootstrap on first Claude Code session. See the Claude Code settings reference and managed settings docs.

allowManagedHooksOnly: true prevents developers from adding their own hooks. Env vars in the env block are injected into every Claude Code session.

Local mode (data stays on device)

Each tool call is scored on the developer's machine. No data goes through AgentSteer servers. Replace the env key with any supported provider (e.g. AGENT_STEER_ANTHROPIC_API_KEY, AGENT_STEER_BEDROCK_BEARER_TOKEN).

{
  "hooks": {
    "SessionStart": [{
      "hooks": [{ "type": "command", "command": "npx -y agentsteer@latest install-binary" }]
    }],
    "PreToolUse": [{
      "matcher": "*",
      "hooks": [{ "type": "command", "command": "node ~/.agentsteer/hook.js hook" }]
    }]
  },
  "env": {
    "AGENT_STEER_OPENROUTER_API_KEY": "sk-or-v1-your-org-key",
    "AGENT_STEER_MODE": "local"
  },
  "allowManagedHooksOnly": true
}

Generate via CLI: npx agentsteer org-setup --mode local --key sk-or-v1-your-org-key

Cloud mode (centralized dashboard)

Scoring via AgentSteer API. View all sessions, blocked actions, and risk patterns on the dashboard. API key stays server-side.

{
  "hooks": {
    "SessionStart": [{
      "hooks": [{ "type": "command", "command": "npx -y agentsteer@latest install-binary" }]
    }],
    "PreToolUse": [{
      "matcher": "*",
      "hooks": [{ "type": "command", "command": "node ~/.agentsteer/hook.js hook" }]
    }]
  },
  "env": {
    "AGENT_STEER_TOKEN": "org-token-from-dashboard",
    "AGENT_STEER_API_URL": "https://api.agentsteer.ai",
    "AGENT_STEER_MODE": "cloud"
  },
  "allowManagedHooksOnly": true
}

Generate via CLI: npx agentsteer org-setup --mode cloud --token your-org-token

Deploy paths

OS	Path
Linux	`/etc/claude-code/managed-settings.json`
macOS	`/Library/Application Support/ClaudeCode/managed-settings.json`

# Linux
sudo mkdir -p /etc/claude-code
sudo cp managed-settings.json /etc/claude-code/managed-settings.json

# macOS
sudo mkdir -p "/Library/Application Support/ClaudeCode"
sudo cp managed-settings.json "/Library/Application Support/ClaudeCode/managed-settings.json"

Or use the dashboard org page to generate and download the config interactively.

Option 2: Team members join

npx agentsteer --org ORG_TOKEN

Connects the developer's machine to your org and installs hooks automatically for all detected frameworks.

Option 3: Individual setup

Each developer runs the interactive quickstart. Or copy a provider config from the Supported Providers section directly into ~/.claude/settings.json (for personal use) or into managed-settings.json (for org-wide deployment).

npx agentsteer

Supported Providers

AgentSteer works with 6 LLM providers for scoring. Pick any one — the hook auto-detects the provider from your API key prefix. No CLI needed: copy the config into ~/.claude/settings.json and you're done.

Recommended

Routes to the best model automatically. Cheapest option. Single key for all models. Get a key at openrouter.ai/keys. Default model: openai/gpt-oss-safeguard-20b.

Paste into ~/.claude/settings.json or managed-settings.json

{
  "hooks": {
    "SessionStart": [{
      "hooks": [{ "type": "command", "command": "npx -y agentsteer@latest install-binary" }]
    }],
    "PreToolUse": [{
      "matcher": "*",
      "hooks": [{ "type": "command", "command": "node ~/.agentsteer/hook.js hook" }]
    }]
  },
  "env": {
    "AGENT_STEER_OPENROUTER_API_KEY": "sk-or-v1-your-key-here"
  }
}

Works in ~/.claude/settings.json (personal) or managed-settings.json (org-wide). For org deployment, add "allowManagedHooksOnly": true.

Custom model

Add AGENT_STEER_MONITOR_MODEL to the env block to override the default scoring model:

"env": {
  "AGENT_STEER_OPENROUTER_API_KEY": "sk-or-v1-...",
  "AGENT_STEER_MONITOR_MODEL": "anthropic/claude-haiku-4-5-20251001"
}

Provider auto-detection: The hook detects the provider from your API key prefix (sk-or- = OpenRouter, sk-ant- = Anthropic, sk- = OpenAI, AI = Google, gsk_ = Groq, ABSK = AWS Bedrock) and selects the right default model automatically.

Local vs Cloud Mode

	Local	Cloud
Scoring	On your machine via any supported provider	Via AgentSteer API (uses your BYOK key)
Data	Never leaves your machine	Tool metadata sent to API (secrets redacted)
Dashboard	Local logs only (`agentsteer log`)	Full dashboard at app.agentsteer.ai
API key	Your own key (OpenRouter, Anthropic, OpenAI, Google, Groq, or AWS Bedrock)	Free tier or pay-as-you-go
Switch	`agentsteer mode local`	`agentsteer mode cloud`

Switch anytime with agentsteer mode local or agentsteer mode cloud. Hooks stay the same — only the scoring backend changes.

Cloud BYOK (Bring Your Own Key)

In cloud mode, you can use your own API key instead of AgentSteer credits. Go to Account Settings and paste any supported provider key. Scoring runs server-side using your key — you only pay your provider directly.

Supported BYOK keys: OpenRouter (sk-or-), Anthropic (sk-ant-), OpenAI (sk-), Google (AI), Groq (gsk_), AWS Bedrock (ABSK).

How It Works

1. Intercept

Hook captures every tool call before execution (file writes, commands, API calls)

2. Score

A security model scores the action against the task description (0 = safe, 0.9 = malicious)

3. Decide

Score >= 0.80 = block the action. Agent sees the block reason and continues its main task.

Security Policy

The monitor evaluates each action on two dimensions: whether it aligns with the user's intent (P1-P4 policies), and whether it poses risk requiring explicit approval (R1-R8 risk categories including exfiltration, data destruction, credential access, and more).

View the full security policy on GitHub

Configuration

Variable	Default	Description
`AGENT_STEER_OPENROUTER_API_KEY`	—	OpenRouter key (`sk-or-` prefix)
`AGENT_STEER_ANTHROPIC_API_KEY`	—	Anthropic key (`sk-ant-` prefix)
`AGENT_STEER_OPENAI_API_KEY`	—	OpenAI key (`sk-` prefix)
`AGENT_STEER_GOOGLE_API_KEY`	—	Google/Gemini key (`AI` prefix)
`AGENT_STEER_GROQ_API_KEY`	—	Groq key (`gsk_` prefix)
`AGENT_STEER_BEDROCK_BEARER_TOKEN`	—	AWS Bedrock bearer token (`ABSK` prefix, from Bedrock API keys)
`AGENT_STEER_MODE`	—	Force scoring mode: `local` or `cloud` (overrides config.json)
`AGENT_STEER_TOKEN`	—	Cloud API token (for org managed deployment)
`AGENT_STEER_API_URL`	https://api.agentsteer.ai	Cloud API endpoint
`AGENT_STEER_AUTO_UPDATE`	true	Auto-update hook binary (`false` to pin version)
`AGENT_STEER_MONITOR_MODEL`	—	Override scoring model (see examples)
`AGENT_STEER_MONITOR_DISABLED`	unset	Bypass monitor (`1` to disable, debugging only)
`AGENT_STEER_DEBUG`	unset	Enable debug logging to ~/.agentsteer/

CLI Reference

Command	Description
`npx agentsteer`	Interactive setup: login + install hook + test
`npx agentsteer --local`	Local setup with your own OpenRouter key
`agentsteer login`	Sign in to cloud dashboard (browser OAuth)
`agentsteer logout`	Sign out and switch to local mode
`agentsteer install <framework>`	Install hook (claude-code, cursor, gemini, openhands)
`agentsteer install-binary`	Bootstrap/update ~/.agentsteer/hook.js (used by SessionStart)
`agentsteer update`	Refresh hook bundle after upgrading
`agentsteer mode [local\|cloud]`	View or switch scoring mode
`agentsteer org-setup`	Generate managed-settings.json for org deployment
`agentsteer status`	Show current config and connection status
`agentsteer key set openrouter`	Store OpenRouter key (keychain or file fallback)
`agentsteer score <task> <action>`	Score a single action (for testing)
`agentsteer test`	Verify hook setup
`agentsteer version`	Print version

Claude Code Setup Guide

Claude Code uses a PreToolUse hook system that lets external programs inspect and approve every tool call before execution.

How the hook works

When Claude Code is about to execute a tool (Bash, Write, Edit, Read, etc.), it calls the AgentSteer hook with the tool name and parameters. The hook scores the action and returns either "approve" or "block" with a reason.

Settings file location

~/.claude/settings.json

The hook is installed globally and applies to all Claude Code sessions across all repositories.

OpenHands Setup Guide

OpenHands supports the same PreToolUse hook format via a hooks.json configuration file.

Configuration file

~/.openhands/hooks.json

How task detection works

The monitor automatically detects the task from conversation context. For Claude Code, it reads the transcript. For OpenHands, it captures user messages via hook events. No manual configuration needed.

Where does my data go?

Your source code stays on your machine. AgentSteer only sends tool call metadata (tool name, parameters, task description) for scoring.

Cloud mode (default): Metadata is sent to the AgentSteer API, which scores it via your OpenRouter key (BYOK). API keys and secrets are stripped before scoring.
Local mode: Run npx agentsteer --local with your own OpenRouter key. Scoring happens on your machine via OpenRouter. No data goes through AgentSteer servers.

What happens if scoring is unavailable?

If the AI scorer is unavailable (missing credentials, server down, API error, or unparseable response), AgentSteer switches to degraded-mode fallback rules: pattern-based safety checks that block known dangerous operations (curl, rm -rf, writing to .env, sudo, etc.) while allowing safe ones (reads, greps, task management). Every action in degraded mode shows a warning with instructions to restore full AI scoring.

Custom Monitor Model

By default, AgentSteer uses a specialized security model for scoring. You can override it with any OpenRouter model — for example, to use a cheaper/faster model like Claude Haiku.

Option 1: Environment variable

export AGENT_STEER_MONITOR_MODEL=anthropic/claude-haiku-4-5-20251001

Set this in your shell profile (~/.bashrc, ~/.zshrc) to persist across sessions.

Option 2: Config file (persistent)

echo '{"monitorModel": "anthropic/claude-haiku-4-5-20251001"}' > ~/.agentsteer/config.json

Option 3: Org deployment

Add AGENT_STEER_MONITOR_MODEL to the env block in your managed-settings.json:

"env": {
  "AGENT_STEER_MODE": "local",
  "AGENT_STEER_OPENROUTER_API_KEY": "sk-or-v1-...",
  "AGENT_STEER_MONITOR_MODEL": "anthropic/claude-haiku-4-5-20251001"
}

Resolution order

First non-empty value wins:

AGENT_STEER_MONITOR_MODEL environment variable
monitorModel in ~/.agentsteer/config.json
Default: openai/gpt-oss-safeguard-20b

Popular choices: anthropic/claude-haiku-4-5-20251001 (fast, cheap), anthropic/claude-sonnet-4-6 (balanced), google/gemini-2.0-flash-001 (fast). The active model is logged in every hook result entry as monitor_model.

Troubleshooting

Hook not firing

Check that the hook is installed correctly:

agentsteer status

This shows your current configuration, whether the hook is installed, and tests the connection to the scoring service.

False positives (legitimate actions blocked)

If the monitor is blocking actions that should be allowed, you can:

Make sure your project has a CLAUDE.md with clear task context
Adjust the threshold: export AGENT_STEER_THRESHOLD=0.90
Enable debug logging: export AGENT_STEER_DEBUG=1

Debug logging

export AGENT_STEER_DEBUG=1
# Logs are written to ~/.agentsteer/debug.log

Connection issues

If you see connection errors:

Check your internet connection
Verify your token is valid: agentsteer status
For local mode, verify your key: agentsteer key status openrouter

Reinstalling

npx agentsteer@latest