Skip to content
Cordum Edge for Claude Code

Govern Claude Code before risky actions run.

Deny dangerous shell commands, require approval for production changes, and export redacted audit evidence without storing raw prompts or secrets.

  • Shell and file action hooks
  • Approval-bound retries
  • Redacted evidence
Claude Code · pre-tool gate
Illustrative decision
$ kubectl apply -f deploy/prod.yaml
classifierproduction_change
policyREQUIRE_APPROVAL
evidenceredacted + hashed

Held before execution

An authorized reviewer can approve or reject this exact action hash.

Raw prompts and secrets are not shown in this evidence view.

Concrete outcomes

Policy at the moment an action becomes risky.

These examples are from the included demo policy. Your deployed rules remain the authority.

Included demo policy

ALLOW

Known-safe tests and repository inspection can continue without an approval prompt.

Included demo policy

DENY

Credential reads and explicitly forbidden paths stop at the hook boundary.

Included demo policy

REQUIRE_APPROVAL

Guarded source writes pause until an authorized reviewer decides.

Policy capability

CONSTRAIN

Policy can bound network, path, or action scope instead of granting a blanket allow.

Decision path

A policy boundary between intent and execution.

Claude Code remains the developer experience; Cordum supplies the decision and evidence path.

  1. 01

    Claude proposes

    A PreToolUse hook emits a bounded action envelope before the tool runs.

  2. 02

    agentd classifies

    Local agentd redacts sensitive fields and maps the action to policy intent.

  3. 03

    Safety Kernel decides

    Gateway policy returns allow, deny, approval, throttle, or constraints.

  4. 04

    Reviewer decides

    Approval binds to the exact tenant, requester, action, and input hash.

  5. 05

    Evidence remains

    The session timeline keeps redacted descriptors, hashes, and decision context.

Developer path

Launch Claude Code through Cordum Edge

Point the wrapper at your local Gateway, verify the resolved config, and use the included demo policy before changing enforcement rules.

  1. 1Configure Gateway accessSet the HTTPS Gateway URL, CA certificate, API key, and tenant.
  2. 2Launch the wrapperRun cordumctl edge claude with Claude arguments after --.
  3. 3Verify decisionsReview policy and approval evidence in Cordum.
Claude Edge quickstart
bash
export CORDUM_GATEWAY=https://localhost:8081
export CORDUM_TLS_CA=./certs/ca/ca.crt
export CORDUM_API_KEY="replace-with-your-api-key"
export CORDUM_TENANT_ID=default
cordumctl edge claude -- --print "summarize this repo"

Local convenience is not fleet enforcement.

The wrapper makes evaluation and demos concrete, but an unmanaged developer can still launch another binary or remove local settings.

  • Deploy administrator-managed Claude Code settings for team enforcement.
  • Control endpoint permissions and verify hook and agentd binaries.
  • Bootstrap credentials through a service or keychain, not checked-in settings.

Frequently Asked Questions

Does Cordum store raw Claude prompts?
The Edge evidence model is designed around redacted action descriptors, hashes, policy snapshots, approval references, and artifact pointers rather than raw prompts or secrets.
Can developers bypass the local wrapper?
Yes in an unmanaged local environment. The developer wrapper is an adoption and demo path; fleet enforcement requires managed settings, endpoint controls, trusted binaries, and service or keychain bootstrap.
Which actions are blocked by default?
Outcomes depend on the active policy. The examples on this page describe the included demo policy, not universal defaults for every deployment.

Put a decision in front of the next risky command.

Start with the documented Claude Code path, then plan managed rollout controls with your security and endpoint teams.