Documentation

Step 1: Install @askance/cli

npm install --save-dev @askance/cli

Installs the Askance CLI as a development dependency. This includes the hook handler, MCP server, and CLI tools.

Step 2: Initialize configuration

npx askance init

This creates a config file and configures hooks in your Claude settings:

{
  "apiUrl": "https://api.askance.app",
  "projectId": "",
  "keepAlive": {
    "enabled": true,
    "duration": 3600,
    "pollInterval": 30
  }
}

Policy rules are managed via the dashboard, not locally. The hooks config:

{
  "hooks": {
    "PreToolUse": [
      {
        "matcher": "^(?!mcp__askance__).*",
        "hooks": [
          {
            "type": "command",
            "command": "node \"node_modules/@askance/cli/dist/hook-handler/index.js\"",
            "timeout": 120
          }
        ]
      }
    ],
    "Stop": [
      {
        "matcher": "",
        "hooks": [
          {
            "type": "command",
            "command": "node \"node_modules/@askance/cli/dist/hook-handler/stop-hook.js\"",
            "timeout": 10
          }
        ]
      }
    ]
  },
  "mcpServers": {
    "askance": {
      "command": "node",
      "args": ["node_modules/@askance/cli/dist/mcp-server/index.js"]
    }
  }
}

Step 3: Log in

npx askance login

Opens your browser for OAuth sign-in. Your credentials are saved to .askance/credentials and your project is linked automatically.

Step 4: Restart Claude Code session

Claude Code loads hooks and MCP servers at session start. After configuring Askance, restart your Claude Code session so it picks up the new hooks.

How it works

When Claude Code tries to use a tool (like running a Bash command or editing a file):

1. The PreToolUse hook intercepts the tool call and sends it to the Askance cloud API
2. The API evaluates it against your policy rules configured in the dashboard
3. If the rule says allow, it proceeds immediately
4. If the rule says gate, it appears in your dashboard for approval
5. If the rule says deny, it's blocked automatically
6. You approve or deny from any device — the agent continues based on your decision

How it works with Claude Desktop

Claude Desktop can execute local tools on your machine. When configured with Askance, the same hook system intercepts these tool calls before execution.

• •The hook handler intercepts tool calls and routes them to the daemon
• •The MCP server provides tools for the agent: wait, pending, status, check_instructions
• •Keep-alive polling prevents timeouts during long sessions

Configuration

The same .claude/settings.json configuration applies. Run npx askance init in your project directory and Claude Desktop will pick up the hooks when executing local tools.

MCP Tools Available to Claude

When the MCP server is configured, Claude gets these additional tools:

Step 1: Install @askance/cli

npm install --save-dev @askance/cli

Step 2: Initialize with Cursor configuration

npx askance init --cursor

This creates .cursor/settings.json with hook and MCP server configuration:

{
  "cursor.hooks": {
    "preToolUse": {
      "command": "node",
      "args": ["node_modules/@askance/cli/dist/hook-handler/index.js"],
      "matchTools": [".*"],
      "excludeTools": ["mcp__askance__.*"]
    }
  },
  "cursor.mcp": {
    "servers": {
      "askance": {
        "command": "node",
        "args": ["node_modules/@askance/cli/dist/mcp-server/index.js"]
      }
    }
  }
}

Step 3: Log in

npx askance login

Authenticates with Askance and links your project.

Step 4: Restart Cursor

Restart Cursor to load the hooks and MCP server. After restarting, Cursor's AI agent will route all tool calls through Askance for policy evaluation.

How it works

Askance hooks into Cursor's tool execution pipeline using the same PreToolUse hook mechanism used for Claude Code:

1. The hook handler intercepts the tool call and sends it to the Askance cloud API
2. The policy engine evaluates your project's rules
3. If gated, the approval appears in your Askance dashboard
4. You approve or deny from any device — web, desktop, or mobile

Step 1: Install @askance/cli

npm install --save-dev @askance/cli

Step 2: Initialize with Copilot configuration

npx askance init --copilot

This creates .github/copilot-config.json with hook configuration:

{
  "copilot.agent": {
    "hooks": {
      "preToolUse": {
        "command": "node",
        "args": ["node_modules/@askance/cli/dist/hook-handler/index.js"],
        "matchTools": [".*"]
      }
    }
  }
}

Step 3: Log in

npx askance login

Authenticates with Askance and links your project.

How it works

When GitHub Copilot's agent attempts to execute tools (file edits, terminal commands, etc.), Askance intercepts the call and routes it through the Askance cloud API for evaluation against your policy rules.

Rule Structure

Each rule has a name, regex patterns for tool and command matching, an action, and a risk level. Rules are evaluated top-to-bottom; the first match wins.

{
  "Name": "Human-readable rule name",
  "ToolPattern": "^Bash
quot;,           // Regex matching tool name
  "CommandPattern": "npm (test|run)", // Regex matching command/input (optional)
  "Action": "Allow",                 // Allow | Gate | Deny
  "Risk": "Low"                      // Low | Medium | High
}

Rules are managed via the dashboard or by applying a template: npx askance template moderate

Actions

Risk Levels

Risk levels are informational — they help you understand the danger level at a glance in the dashboard.

Policy Templates

Apply a pre-built set of rules with a single command:

npx askance template moderate

Available templates:

You can also create and edit individual rules in the dashboard.

Keep-Alive Configuration

The keep_alive section controls how the MCP server maintains the connection. poll_interval sets how often it pings the API (default: 30 seconds), and duration sets the total keep-alive time (default: 3600 seconds / 1 hour).

Approval Cards

Each pending tool call appears as an approval card showing:

• Tool name and risk level (color-coded badge)
• Tool input (command, file path, or content preview)
• Context summary from the agent's recent work
• Timestamp and time elapsed

You can:

• Approve — let the tool call proceed
• Deny — block the tool call
• Other — provide a custom response or instruction
• Approve Always — approve and create an auto-approval rule

Sending Instructions

Each project panel has an instruction input field. Type a message and send it — the agent will pick it up via the MCP server's check_instructions tool. Use this to redirect the agent, provide clarification, or adjust priorities without waiting for a tool call.

Multi-Project View

The dashboard supports monitoring up to 4 projects simultaneously in a grid layout. Select projects from the dropdown in each panel. Real-time updates sync across all panels via SignalR.

Audit Log

The audit log shows a complete history of every tool call, including the decision made, which policy rule matched, timestamps, and risk levels. Filter by project and paginate through history.

npx askance init

Initializes Askance in the current project. Creates .askance/config.json (settings), configures agent hooks and MCP server, and adds Askance instructions to CLAUDE.md.

Options: --cursor (Cursor IDE), --copilot (GitHub Copilot), --all (all agents).

npx askance login

Authenticates with the Askance cloud service. Opens your browser for OAuth sign-in (GitHub, Google, or Microsoft). Saves credentials to .askance/credentials and links your project automatically.

npx askance template <name>

Applies a pre-built policy template to your project. Available templates: conservative, moderate, permissive, ci-safe.

npx askance help

Shows CLI usage information and available commands.