Installation
Get Hyperflow running in Codex and terminal CLIs.
Covers quick install, platform compatibility, security, and verification.
Where it runs
Terminal CLI environments and host plugin loaders.
Hyperflow loads as a plugin into terminal CLI environments (and related host plugin loaders). It does not run inside Claude Desktop or claude.ai web without the portable bridge fallback. Codex CLI, app-server, and desktop App are tracked as separate claim rows — see the Codex support matrix.
| Environment | Works? | Notes |
|---|---|---|
Claude Code CLI (claude binary) |
yes — primary certified target | Loads plugins from ~/.claude/plugins/cache/; slash commands, auto-routing, skills, and Claude Code dynamic workflow routing are active |
Codex CLI (codex binary) |
preview / not certified | Marketplace install, skills, hooks, AGENTS.md, textual aliases, collaboration-mapped subagents, portable workflow adapter, and inline worker/reviewer fallbacks ship in-repo. Certificate lanes (minimum / currentStable / latestStable) are still uncertified — see Codex support matrix |
| Codex app-server | preview / not certified | Certified independently of CLI when certificates exist. Not claimed from CLI plugin-list alone |
| Codex desktop App | pending / uncertified | Requires CI App attestation for an exact build. Never inferred from CLI or app-server PASS |
OpenCode CLI (opencode binary) |
yes | Same plugin loader convention; portable workflow adapter uses task/subagent support when available and inline phases otherwise |
Grok CLI / Grok Build (grok binary) |
yes | Loads skills from ~/.grok/skills/; portable function router + workflow adapter |
| Antigravity IDE | yes | Loads skills from host skill paths; single-agent doctrine applies (no sub-agent dispatch) |
| Cursor | yes | Reads AGENTS.md natively; sub-agent dispatch depends on whether the host shells out to a multi-agent CLI |
| Claude Code Desktop (Mac/Windows GUI) | no — platform limitation | Does not load terminal-installed plugins; /hyperflow:* returns isn't a recognized command here |
| claude.ai web | no | No plugin loader; skills are terminal-CLI artefacts |
| Other IDE extensions (VS Code, JetBrains) | depends | Works if the extension shells out to the claude binary; not if it talks directly to the API |
| Windows / WSL (Codex lanes) | unsupported until certified | Linux/macOS are the only OS classes eligible for Codex lane claims; empty until certificates fill osArch |
If /hyperflow:plan returns isn't a recognized command here. Some commands only work in the Claude Code terminal., you are in Desktop or web — open a terminal in the same project directory and run claude.
Codex invocation: /hyperflow:* is a textual Hyperflow alias, not a native Codex slash command. Prefer hyperflow plan (and similar) as the portable form; aliases are recognized when session-start context/skills are loaded. Full matrix, OS policy, and certificate state: docs/codex.md. Policy source: config/codex-compatibility.json (updated: 2026-07-18).
Workarounds for Desktop / web users
- Switch to the CLI for hyperflow work. Open Terminal in the same project directory and run
claude. Project memory at.hyperflow/memory/is shared between CLI and any surface that reads from disk. - Hand-write the autonomy rules, commit-cadence rule, and no-AI-attribution rule into the project's root
CLAUDE.md— those rules are loaded by Desktop, web, and API. This is a lossy fallback: no auto-routing, no skill dispatch, no per-step Worker → Reviewer pattern — but useful for the simpler behavioral constraints.
Quick install
Two commands for Codex and Claude Code. One wizard for everything else.
Claude Code
claude plugin install hyperflow@hyperflow-marketplace
Works immediately out of the box (security on). Hyperflow runs on whatever model your agent session uses — there is no model configuration. To customize security, run the setup wizard:
Codex CLI (preview)
codex plugin add hyperflow@hyperflow-marketplace
Marketplace install ships packaging, skills, hooks, and the portable workflow adapter, but certificate lanes remain uncertified. Verify in a fresh session (skills visible when the host lists them; session-start when hooks are trusted). Listed in plugin list ≠ certificate-certified workflow support. CLI, app-server, and desktop App are separate claim rows — current state uncertified; see Codex support matrix.
OpenCode
What the installer does
- Clones the repo to
~/.hyperflow/repo/ - Detects which providers are installed (Claude Code, Codex, OpenCode, Antigravity, Cursor, Grok)
- Installs or links the provider integration where needed
- Asks whether to enable the security layer
- Writes your choices to
~/.hyperflow/config.json
Hyperflow runs on whatever model your agent session uses — there is no model configuration step.
> Detected: OpenCode
OpenCode — linked
Security
Hyperflow's security layer prevents workers from:
- Accessing sensitive files (.env, *.pem, ~/.ssh/*, ...)
- Running dangerous commands (rm -rf, sudo, force push, ...)
- Hardcoding secrets in source code
Enable security layer? [Y/n]: y
> Security enabled
> Config saved to ~/.hyperflow/config.json
Hyperflow installed
Location: ~/.hyperflow/repo
Config: ~/.hyperflow/config.json
Update: git -C ~/.hyperflow/repo pull
Security: enabled
Manual installation (any provider)
Clone the repo and symlink to your provider's skills directory:
# Then symlink for your provider(s):
ln -s ~/.hyperflow/repo/skills/hyperflow ~/.claude/skills/hyperflow
ln -s ~/.hyperflow/repo/skills/hyperflow ~/.opencode/skills/hyperflow
Recommended settings
Full auto-pilot in one config block.
Add these to ~/.claude/settings.json for the full auto-pilot experience:
"permissions": {
"defaultMode": "auto",
"allow": [
"Bash(*)",
"Read(*)",
"Write(*)",
"Edit(*)",
"Agent(*)",
"Skill(*)",
"NotebookEdit(*)",
"WebFetch(*)",
"WebSearch(*)",
"mcp__*"
]
},
"effortLevel": "high",
"skipDangerousModePermissionPrompt": true,
"skipAutoPermissionPrompt": true
}
This eliminates all permission prompts. Hyperflow runs on whatever model your agent session uses — there is no model configuration.
Security configuration
Enabled by default. Fully customizable.
The security layer is enabled by default. It prevents workers from accessing sensitive files, running dangerous commands, and hardcoding secrets.
Customize blocked patterns
Add project-specific patterns or remove defaults that don't apply:
"security": {
"enabled": true,
"blockedFiles": {
"add": ["internal/secrets/**", "*.vault"],
"remove": []
},
"blockedCommands": {
"add": ["docker rm -f"],
"remove": []
},
"secretPatterns": {
"add": ["MYAPP_KEY_[A-Z0-9]{32}"],
"remove": []
}
}
}
The add/remove pattern extends the built-in defaults — you cannot accidentally remove critical rules by setting your own list.
Disable security
Per-session:
Permanently:
"security": {
"enabled": false
}
}
Optional
CLAUDE.md reinforcement for non-CLI surfaces.
Add this to ~/.claude/CLAUDE.md as a portable fallback for surfaces that don't load plugins:
- Never ask for confirmation — execute immediately
- Minimal text output — code over commentary
- Make decisions autonomously — only ask if truly ambiguous and irreversible
- Maximum parallel execution at all times
Verify
Confirm Hyperflow is active.
Start a fresh Claude Code or Codex session after install. Hyperflow should appear in the available skills list when the host exposes one, and session-start context should load when hooks are trusted. On Codex, textual hyperflow <verb> and /hyperflow:<skill> aliases resolve only after session-start/skill load — they are not native Codex slash commands. Do not treat a successful install as a certified Codex support lane; check docs/codex.md and ./scripts/certify-codex.sh --status.
Updates
It tells you when there's a new version.
Hyperflow checks for a newer release at session start (once per 24h, non-blocking). When one is available it tells you the version jump and asks — via a prompt — whether to update now; on Update now it runs the right command for your install and continues on the new version.
git -C ~/.hyperflow/repo pull
# marketplace install
claude plugin update hyperflow@hyperflow-marketplace
codex plugin marketplace upgrade hyperflow-marketplace
The installer path installs via symlink, so every provider picks up changes immediately — no re-copying.
To change security settings, re-run the installer:
Uninstall
Clean removal per platform.
Claude Code
Codex / OpenCode / Antigravity
~/.hyperflow/repo/install.sh --uninstall
This removes:
- Symlinks from all detected provider skills directories
- The cloned repo at
~/.hyperflow/repo/ - The config file at
~/.hyperflow/config.json
Session memory at ~/.claude/hyperflow-memory.md is preserved. Delete it manually for a clean slate.