cc-plugin-codex 0.1.4__tar.gz

cc_plugin_codex-0.1.4/.agents/plugins/marketplace.json

@@ -0,0 +1,20 @@
+{
+  "name": "cc-plugin-codex",
+  "interface": {
+    "displayName": "Claude Code (for Codex)"
+  },
+  "plugins": [
+    {
+      "name": "cc-plugin-codex",
+      "source": {
+        "source": "local",
+        "path": "./"
+      },
+      "policy": {
+        "installation": "AVAILABLE",
+        "authentication": "ON_USE"
+      },
+      "category": "Developer Tools"
+    }
+  ]
+}

cc_plugin_codex-0.1.4/.codex-plugin/plugin.json

@@ -0,0 +1,24 @@
+{
+  "name": "cc-plugin-codex",
+  "version": "0.1.4",
+  "description": "Call Claude Code from Codex for bounded, independent code review and second opinions",
+  "author": { "name": "Brian Connelly", "url": "https://github.com/briandconnelly" },
+  "repository": "https://github.com/briandconnelly/cc-plugin-codex",
+  "license": "MIT",
+  "keywords": ["claude", "code-review", "collaboration", "mcp"],
+  "skills": "./skills/",
+  "mcpServers": "./.mcp.json",
+  "interface": {
+    "displayName": "Claude Code (for Codex)",
+    "shortDescription": "Ask Claude Code to review and critique your work.",
+    "longDescription": "cc-plugin-codex lets Codex call the Claude Code CLI for bounded, independent critique — code review, adversarial review, and second opinions — with read-only safety and structured findings.",
+    "developerName": "Brian Connelly",
+    "category": "Developer Tools",
+    "capabilities": ["MCP", "Skills"],
+    "defaultPrompt": [
+      "Ask Claude to review my current diff.",
+      "Have Claude attack this plan for weaknesses.",
+      "Get an independent second opinion from Claude."
+    ]
+  }
+}

cc_plugin_codex-0.1.4/.github/workflows/ci.yml

@@ -0,0 +1,75 @@
+name: CI
+
+on:
+  pull_request:
+  push:
+    branches: ["main"]
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  test:
+    name: Ruff, ty, pytest (py${{ matrix.python }})
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        python: ["3.11", "3.12", "3.13"]
+    steps:
+      - name: Check out repository
+        uses: actions/checkout@v6
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v8.2.0
+        with:
+          enable-cache: true
+          cache-dependency-glob: uv.lock
+
+      - name: Set up Python
+        uses: actions/setup-python@v6
+        with:
+          python-version: ${{ matrix.python }}
+
+      - name: Sync dependencies
+        run: uv sync --locked --python ${{ matrix.python }} --group dev
+
+      - name: Lint
+        run: uv run ruff check src tests
+
+      - name: Format check
+        run: uv run ruff format --check src tests
+
+      - name: Type check
+        run: uv run ty check
+
+      - name: Test
+        run: uv run pytest -q
+
+  live-integration:
+    name: Live Claude integration
+    if: github.event_name == 'workflow_dispatch'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out repository
+        uses: actions/checkout@v6
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v8.2.0
+        with:
+          enable-cache: true
+          cache-dependency-glob: uv.lock
+
+      - name: Set up Python
+        uses: actions/setup-python@v6
+        with:
+          python-version: "3.12"
+
+      - name: Sync dependencies
+        run: uv sync --locked --group dev
+
+      - name: Run integration tests
+        env:
+          ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
+        run: uv run pytest -m integration --no-cov

cc_plugin_codex-0.1.4/.github/workflows/publish.yml

@@ -0,0 +1,96 @@
+name: Publish
+
+on:
+  push:
+    tags: ["v*.*.*"]
+
+permissions:
+  contents: read
+
+jobs:
+  test:
+    name: Ruff, ty, pytest (py${{ matrix.python }})
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        python: ["3.11", "3.12", "3.13"]
+    steps:
+      - name: Check out repository
+        uses: actions/checkout@v6
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v8.2.0
+        with:
+          enable-cache: true
+          cache-dependency-glob: uv.lock
+
+      - name: Set up Python
+        uses: actions/setup-python@v6
+        with:
+          python-version: ${{ matrix.python }}
+
+      - name: Sync dependencies
+        run: uv sync --locked --python ${{ matrix.python }} --group dev
+
+      - name: Lint
+        run: uv run ruff check src tests
+
+      - name: Format check
+        run: uv run ruff format --check src tests
+
+      - name: Type check
+        run: uv run ty check
+
+      - name: Test
+        run: uv run pytest -q
+
+  build:
+    name: Build distributions
+    needs: test
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out repository
+        uses: actions/checkout@v6
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v8.2.0
+        with:
+          enable-cache: true
+          cache-dependency-glob: uv.lock
+
+      - name: Set up Python
+        uses: actions/setup-python@v6
+        with:
+          python-version: "3.12"
+
+      - name: Build distributions
+        run: uv build
+
+      - name: Check distributions
+        run: uvx twine check dist/*
+
+      - name: Upload distributions
+        uses: actions/upload-artifact@v4
+        with:
+          name: python-package-distributions
+          path: dist/*
+          if-no-files-found: error
+
+  publish:
+    name: Publish to PyPI
+    needs: build
+    runs-on: ubuntu-latest
+    environment: pypi
+    permissions:
+      contents: read
+      id-token: write
+    steps:
+      - name: Download distributions
+        uses: actions/download-artifact@v4
+        with:
+          name: python-package-distributions
+          path: dist/
+
+      - name: Publish distributions
+        uses: pypa/gh-action-pypi-publish@release/v1

cc_plugin_codex-0.1.4/.gitignore

@@ -0,0 +1,22 @@
+# Python
+.venv/
+__pycache__/
+*.pyc
+.pytest_cache/
+.ruff_cache/
+.coverage
+.coverage.*
+htmlcov/
+
+# macOS
+.DS_Store
+
+# Claude Code local state
+.claude/debug/
+.claude/settings.local.json
+
+# Superpowers brainstorming/planning docs — kept locally, not committed
+docs/superpowers/
+
+# Codex local wrapper marketplace for testing this plugin checkout
+.codex-local-marketplace/

cc_plugin_codex-0.1.4/.mcp.json

@@ -0,0 +1,21 @@
+{
+  "mcpServers": {
+    "cc-plugin-codex": {
+      "command": "uvx",
+      "args": [
+        "--from",
+        "git+https://github.com/briandconnelly/cc-plugin-codex.git@v0.1.4",
+        "cc-plugin-codex-mcp"
+      ],
+      "env_vars": [
+        "ANTHROPIC_API_KEY",
+        "CC_PLUGIN_CODEX_ACCESS",
+        "CC_PLUGIN_CODEX_CLAUDE_CONFIG",
+        "CC_PLUGIN_CODEX_EFFORT",
+        "CC_PLUGIN_CODEX_MAX_BUDGET_USD",
+        "CC_PLUGIN_CODEX_MODEL",
+        "CC_PLUGIN_CODEX_TIMEOUT_SECONDS"
+      ]
+    }
+  }
+}

cc_plugin_codex-0.1.4/CHANGELOG.md

@@ -0,0 +1,24 @@
+# Changelog
+
+All notable changes to `cc-plugin-codex` will be documented in this file.
+
+This project uses pre-1.0 semantic versioning. Minor versions may change the
+agent-visible MCP surface; patch versions are reserved for compatible fixes.
+
+## 0.1.4 - 2026-06-06
+
+- Added PyPI-facing package metadata, long description, project links, and
+  classifiers.
+- Added changelog and security policy documentation.
+- Added a Trusted Publishing workflow for tag-triggered PyPI releases.
+- Clarified the relationship between the Codex plugin install path and the PyPI
+  server package.
+
+## 0.1.3 - 2026-06-05
+
+- Added explicit Claude CLI compatibility documentation and release lockstep
+  guidance.
+- Exposed structured readiness, review, adversarial review, second-opinion, and
+  background job tools for Codex.
+- Added local quality gates for linting, formatting, type checking, tests, and
+  coverage.

cc_plugin_codex-0.1.4/COMPATIBILITY.md

@@ -0,0 +1,87 @@
+# Compatibility
+
+`cc-plugin-codex` is an MCP server that the Codex CLI loads and that shells out to
+the Claude Code `claude` CLI.
+It therefore depends on two fast-moving upstreams: the `claude` binary (the
+delegate it drives) and the Codex host (which loads it).
+This document maps every external assumption to where it lives in the code, how a
+break is detected, and what to change when it breaks.
+
+Every `claude`-side assumption is centralized in
+[`src/cc_plugin_codex/cli_contract.py`](./src/cc_plugin_codex/cli_contract.py).
+Changing an assumption should be a one-file edit there.
+
+## How the plugin degrades
+
+The design goal is to **fail loudly and safely**, never silently weaken a
+guarantee:
+
+- **Guarantee-bearing flags are always sent** (`cli_contract.ALWAYS_SEND_FLAGS`).
+  If `claude` removes or renames one, it rejects the invocation at argument
+  parsing — *before any model call, so zero spend* — and the failure is reported
+  as `cli_contract_changed` with repair guidance.
+  These flags carry a security, cost, or behavioral guarantee, so they are **never**
+  gated on `--help` parsing (a parsing false-negative must never drop one).
+- **Depth/cosmetic flags are feature-detected** (`cli_contract.HELP_GATED_FLAGS`).
+  They are dropped (and noted in `meta.compat_warnings`) when the installed
+  `claude --help` does not list them, so a minor upstream change degrades instead
+  of aborting a paid run.
+- **Version is advisory.** A `claude` major outside the tested range warns
+  (`claude_status.version_warning`) but does not block; `ready` depends only on the
+  CLI being found and authenticated.
+
+## `claude` CLI assumptions
+
+| Assumption | Code (cli_contract constant) | How a break is detected | If it breaks |
+| --- | --- | --- | --- |
+| Binary on PATH | `CLAUDE_BIN` | `claude_status.claude_found = false` | install Claude Code |
+| `-p --output-format json` (core) | `CORE_INVOCATION` | every call errors → `cli_contract_changed`; golden-envelope test | update `CORE_INVOCATION` + `normalize.py` |
+| `--no-chrome` (no interactive picker) ⚠️ | `ALWAYS_SEND_FLAGS` | `cli_contract_changed` at run time | update the constant |
+| `--append-system-prompt` (critic guardrails) ⚠️ | `ALWAYS_SEND_FLAGS` | `cli_contract_changed` | update the constant; the prompt is `config.INDEPENDENT_CRITIC_PROMPT` |
+| `--max-budget-usd` (spend cap) ⚠️ | `ALWAYS_SEND_FLAGS` | `cli_contract_changed` | update the constant |
+| `--tools` (read-only / no-tool guarantee) ⚠️ | `ALWAYS_SEND_FLAGS` | `cli_contract_changed` | update the constant in `config.access_flags` |
+| `--strict-mcp-config` / `--mcp-config` (drop user MCP fleet) ⚠️ | `ALWAYS_SEND_FLAGS` | `cli_contract_changed` | update `config.config_mode_flags` |
+| `--setting-sources` / `--bare` (mode isolation) ⚠️ | `ALWAYS_SEND_FLAGS` | `cli_contract_changed` | update `config.config_mode_flags` |
+| `--effort` + accepted levels | `HELP_GATED_FLAGS`, `VALID_EFFORTS` | dropped with `compat_warnings`; a removed *level* → `cli_contract_changed` | update `VALID_EFFORTS` |
+| `--model`, `--disallowed-tools`, `--no-session-persistence` | `HELP_GATED_FLAGS` | dropped with `compat_warnings` | update the constant |
+| JSON envelope keys (`is_error`, `subtype`, `result`, `total_cost_usd`, `usage.*`, `session_id`, `modelUsage`, `permission_denials`) | `ENVELOPE_KEYS`, `USAGE_KEYS`, `SUCCESS_SUBTYPES` | golden-envelope test (`tests/test_golden_envelope.py`); cost silently null if renamed | update `normalize.py` + the golden sample |
+| `claude --version` format (`MAJOR.MINOR.PATCH`) | `VERSION_ARGS`, `SUPPORTED_MAJORS` | `claude_status.version_supported = null` | adjust the regex in `config.version_supported` |
+| `claude auth status --text` exit code | `AUTH_STATUS_ARGS` | `claude_status.claude_authenticated = null` | update `claude.auth_status` |
+| `claude --help` lists long flags | `HELP_ARGS` | preflight fails open (everything assumed supported) | update `preflight._parse_supported` |
+
+⚠️ = **security/cost/behavioral guarantee.** Losing one of these would weaken
+read-only access, the no-MCP boundary, the spend cap, or the critic behavior — so
+the plugin refuses to run (fails closed) rather than silently proceed.
+
+**Residual risk:** if upstream *accepts but silently no-ops* a guarantee-bearing
+flag (rather than rejecting it), the loss cannot be detected without behavioral
+testing. The drift detection only catches rejection.
+
+## Codex-host assumptions
+
+| Assumption | Where | Notes |
+| --- | --- | --- |
+| Plugin manifest (`mcpServers`, `skills`) | `.codex-plugin/plugin.json` | Codex marketplace schema |
+| MCP launch (`uvx --from git+…@tag`) | `.mcp.json` | pinned to a release tag (see below) |
+| Entry point `cc-plugin-codex-mcp` | `pyproject.toml [project.scripts]` | |
+| MCP roots as `file://` URIs | `server.py` `_file_roots` | already tolerant; falls back to server cwd |
+
+## Versioning & release (lockstep)
+
+The bundled `.mcp.json` pins the server to a **versioned release tag**
+(`vX.Y.Z`) instead of tracking the default branch, so a breaking change no longer
+auto-ships to installed users — they update deliberately. The trade-off is that
+fixes (including resilience fixes) only reach users on the next tagged release.
+
+When cutting a release, bump these **together**:
+
+1. `pyproject.toml` `version`
+2. `.codex-plugin/plugin.json` `version`
+3. `FINGERPRINT` in `src/cc_plugin_codex/schemas.py` — **only** when the
+   agent-visible surface changed (tool names, input/output schemas, the
+   `ErrorCode` set, the value enums, or the capability summary)
+4. the `@vX.Y.Z` ref in `.mcp.json`
+5. create and push the matching `vX.Y.Z` git tag
+
+The `.mcp.json` ref and the git tag must match, or a bundled install fails to
+resolve.

cc_plugin_codex-0.1.4/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Brian Connelly
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

cc_plugin_codex-0.1.4/PKG-INFO

@@ -0,0 +1,223 @@
+Metadata-Version: 2.4
+Name: cc-plugin-codex
+Version: 0.1.4
+Summary: Call Claude Code from Codex for bounded, independent code review and second opinions
+Project-URL: Homepage, https://github.com/briandconnelly/cc-plugin-codex
+Project-URL: Repository, https://github.com/briandconnelly/cc-plugin-codex
+Project-URL: Issues, https://github.com/briandconnelly/cc-plugin-codex/issues
+Project-URL: Changelog, https://github.com/briandconnelly/cc-plugin-codex/blob/main/CHANGELOG.md
+Project-URL: Security, https://github.com/briandconnelly/cc-plugin-codex/blob/main/SECURITY.md
+Author: Brian Connelly
+License-Expression: MIT
+License-File: LICENSE
+Keywords: claude,code-review,codex,mcp,plugin
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Programming Language :: Python :: 3.14
+Classifier: Topic :: Software Development
+Requires-Python: >=3.11
+Requires-Dist: anyio>=4
+Requires-Dist: fastmcp>=3.4
+Requires-Dist: pydantic>=2
+Description-Content-Type: text/markdown
+
+# cc-plugin-codex
+
+Ask Claude Code for an independent code review or second opinion, straight from Codex.
+
+`cc-plugin-codex` is review-only: Claude reviews, critiques, and advises. It does not edit
+your code, run shell commands, or get write tools. It is the mirror image of
+[`openai/codex-plugin-cc`](https://github.com/openai/codex-plugin-cc), which lets Claude call
+Codex.
+
+## Quickstart
+
+You need:
+
+- Codex
+- the `claude` CLI, installed and authenticated
+- `uvx`
+- `git`
+
+Check the basics:
+
+```sh
+claude --version
+claude /login
+uvx --version
+git --version
+```
+
+Add this repository as a Codex marketplace, then install the plugin from it:
+
+```sh
+codex plugin marketplace add briandconnelly/cc-plugin-codex
+codex plugin add cc-plugin-codex
+```
+
+Restart Codex after installing. Then ask Codex:
+
+> Ask Claude to run `claude_status`.
+
+`claude_status` is free. It checks whether the `claude` CLI is installed, authenticated, and
+compatible, and shows the defaults a paid call would use.
+
+## Distribution
+
+The Codex plugin install path is the primary user-facing path. The bundled MCP config pins the
+server to a versioned Git tag so installed users update deliberately.
+
+The Python package publishes the MCP server entry point for direct use and release provenance.
+After a PyPI release, the server can also be launched with:
+
+```sh
+uvx --from cc-plugin-codex==0.1.4 cc-plugin-codex-mcp
+```
+
+## Use it
+
+Once `claude_status` reports `ready: true`, ask Codex in plain language:
+
+> Ask Claude to review my current diff. Pass `workspace_root` as this repository.
+
+Passing `workspace_root` matters. It keeps reviews pointed at your project instead of the
+plugin install directory when the MCP client does not provide a repo root.
+
+Other useful prompts:
+
+- "Ask Claude to review my staged changes for security issues."
+- "Have Claude attack this plan for weaknesses."
+- "Get an independent second opinion from Claude on this design."
+- "Start a background Claude review of this branch against main."
+
+Codex uses the plugin skill to choose the right tool and arguments. Direct MCP calls are also
+available:
+
+| Tool | Use | Cost |
+| --- | --- | --- |
+| `claude_review_changes` | Review a git diff now | paid |
+| `claude_review_changes_async` | Start a background diff review | paid |
+| `claude_adversarial_review` | Pressure-test a plan, claim, or change | paid |
+| `claude_ask` | Ask for a free-form second opinion | paid |
+| `claude_status` | Check readiness and defaults | free |
+| `claude_review_dry_run` | Preview diff/context before a review | free |
+
+Diff review scopes are `working_tree`, `staged`, and `branch`.
+
+```json
+claude_review_changes({
+  "workspace_root": "/absolute/path/to/your/repo",
+  "scope": "staged",
+  "focus": "security"
+})
+```
+
+For a long review, launch it in the background:
+
+```json
+claude_review_changes_async({
+  "workspace_root": "/absolute/path/to/your/repo",
+  "scope": "branch",
+  "base": "main"
+})
+```
+
+Poll with `claude_job_status`, then fetch the result with `claude_job_result`.
+
+## Safety and cost
+
+- Paid tools run Claude and send code or prompts to Anthropic, billed through your existing
+  `claude` login or `ANTHROPIC_API_KEY`.
+- Free tools only inspect local state, preflight a request, or manage background jobs.
+- Claude never receives write or Bash tools from this plugin.
+- `access=toolless` is the default: Claude receives gathered context as text and cannot read
+  more files. `access=readonly` lets Claude use `Read`, `Grep`, and `Glob` for extra context.
+- Secret redaction is best-effort defense in depth. Use `access=toolless` when a workspace may
+  contain secrets.
+- `max_budget_usd` is a best-effort Claude CLI stop threshold, not a hard cap. Results report
+  actual spend in `meta.cost_usd` when available.
+- Reviews default to `effort=xhigh` for depth. Lower `effort` to `high` or `medium` for routine
+  reviews when cost matters.
+
+If a requested diff scope has no changes, the review tools return a passing result without
+invoking Claude.
+
+## Common knobs
+
+Every setting is optional. These are the knobs most users are likely to change:
+
+| Variable | Default | Purpose |
+| --- | --- | --- |
+| `CC_PLUGIN_CODEX_ACCESS` | `toolless` | `toolless` or `readonly` |
+| `CC_PLUGIN_CODEX_CLAUDE_CONFIG` | `inherit` | `inherit`, `scoped`, or `bare` |
+| `CC_PLUGIN_CODEX_EFFORT` | `xhigh` | `low`, `medium`, `high`, `xhigh`, or `max` |
+| `CC_PLUGIN_CODEX_MAX_BUDGET_USD` | `1.00` | best-effort per-call budget threshold |
+| `CC_PLUGIN_CODEX_MODEL` | unset | Claude model; unset uses the CLI default |
+| `CC_PLUGIN_CODEX_TIMEOUT_SECONDS` | `180` | per-call timeout, clamped to 10-600 seconds |
+| `ANTHROPIC_API_KEY` | unset | required only for `config_mode=bare` |
+
+Set these in the environment you launch Codex from. The bundled MCP config forwards the common
+cost, safety, model, timeout, and API-key variables to the server.
+
+`config_mode=inherit` uses your normal Claude environment without persisting a session.
+`scoped` drops user-global settings and user MCP servers but keeps `CLAUDE.md`. `bare` strips
+`CLAUDE.md`, memory, and hooks, and requires `ANTHROPIC_API_KEY`.
+
+## Troubleshooting
+
+Start with:
+
+> Ask Claude to run `claude_status`.
+
+Then:
+
+- If `claude_authenticated` is false, run `claude /login`.
+- If the workspace looks wrong, pass `workspace_root` explicitly.
+- If a review is large or expensive, run `claude_review_dry_run` first.
+- If a background job id is lost, use `claude_job_list`.
+- If `config_mode=bare` fails, confirm `ANTHROPIC_API_KEY` is set in the environment that
+  launches Codex.
+
+## Advanced reference
+
+Every tool returns a structured `ok`/`error` envelope. Paid results include usage metadata and
+cost when the Claude CLI reports it. The tool contract is experimental and pre-1.0; clients can
+pin `meta.fingerprint` to detect agent-visible changes.
+
+The Claude CLI compatibility assumptions are centralized in
+[`src/cc_plugin_codex/cli_contract.py`](./src/cc_plugin_codex/cli_contract.py) and documented
+in [`COMPATIBILITY.md`](./COMPATIBILITY.md).
+
+## Local development
+
+Run the MCP server from a checkout:
+
+```sh
+codex mcp add cc-plugin-codex -- uv run --directory "$(pwd)" cc-plugin-codex-mcp
+```
+
+Run tests:
+
+```sh
+uv run pytest
+```
+
+The full suite enforces a 95% coverage floor. For one-file iteration:
+
+```sh
+uv run pytest tests/test_jobs.py --no-cov
+```
+
+Live Claude integration tests are excluded by default:
+
+```sh
+uv run pytest -m integration --no-cov
+```
+
+They require the `claude` CLI and make a small paid API call.