Skip to content

Daemon, tokens, and agents

crucible daemon and crucible version

daemon runs the HTTP server (its own flags: crucible daemon --help). version prints the build version.

API keys: crucible daemon token

The daemon's bearer keys are stored hashed in --token-file (default /var/lib/crucible/tokens.json):

crucible daemon token add --name laptop                            # unscoped (full access), prints the key once
crucible daemon token add --name agent --policy p.json --ttl 24h   # scoped + expiring
crucible daemon token list                  # id, name, scope, expiry; never the key
crucible daemon token revoke <id>           # rotate = add a new key, then revoke the old

--policy binds a key to a scoped policy the daemon enforces; --ttl sets an expiry. See SECURITY.md and the HTTP API.

crucible policy

Author and inspect scoped-token policies:

crucible policy validate p.json    # static check; the same validation token add runs (fail-closed)
crucible policy show               # what the current --token may actually do (asks the daemon /whoami)

policy validate reads a file or - (stdin). policy show -o json emits the effective policy for scripting.

crucible mcp serve

Runs a stdio MCP server so any MCP agent (Claude Code, Cursor, and friends) can drive crucible as native tools. It bridges to the daemon at --addr (with --token), so it works against a local or a remote daemon.

Operator guardrails bound what the agent can do: --default-profile, --allow-profiles, --net-allow-max, --max-sandboxes, --max-fork, --max-timeout, and --tools/--deny-tools. The full reference and the agent config example are in MCP.

Was this page helpful?