Claude Code Remote Control: Build While You Walk
Claude Code Remote Control lets you start a coding session in your terminal and pick it up from your phone — while Claude keeps running on your own machine, with all your local tools still intact. On February 24th, 2026, Anthropic shipped this feature to Max plan subscribers in a research preview, and the developer community reacted: the official @claudeai announcement quickly garnered tens of thousands of likes. Developer coverage from Help Net Security noted that Remote Control positions Claude Code as a bridge between desktop and mobile development, allowing developers to step away from their machine without interrupting long-running processes.
This is the practical builder's guide that's missing from the news coverage — including setup, security patterns, and how we're actually using it at Context Studios.
What Claude Code Remote Control Actually Does
Before diving into setup, let's be precise about what this feature is — and what it isn't.
Claude Code Remote Control is not cloud execution. Claude isn't running on Anthropic's servers, processing your tasks somewhere in the cloud. Your Claude Code session runs exactly where it always has: on your own machine, with your local file system, your MCP servers, your custom tools, and your environment configuration fully intact.
What Remote Control adds is a remote interface. You start a session in your terminal as usual, and then a mobile interface (phone, tablet, or browser) lets you check in on that session, review what Claude is doing, respond to permission requests, and give new instructions — from anywhere.
The mental model: it's like SSH with a proper mobile UI, built specifically for agentic coding sessions. You're not running code remotely; you're supervising your local agent remotely.
This distinction matters for two reasons. First, your local tools — MCP servers, file access, custom scripts — continue working exactly as configured. There's no migration, no cloud credentials, no containerization required. Second, the security surface is limited to your own machine, which is something you already control.
Setup Guide: Getting Started with Remote Control
Getting Claude Code Remote Control running requires three things: an active Max plan subscription, the latest version of Claude Code, and a few minutes of configuration.
Requirements:
- Claude Max plan ($100–$200/month depending on tier)
- Claude Code 2.1 (latest)
- The Anthropic mobile app (iOS or Android) or a browser session
Activation: Inside your Claude Code session, type:
/remote-control
This registers your current session with the Remote Control infrastructure and generates a connection link or QR code you can use to attach from your mobile device. According to Anthropic's official Remote Control documentation, you can also use the standalone claude remote-control command to start a fresh session directly from your terminal, without first entering an interactive session — the terminal then displays a session URL and QR code for phone access.
Once connected, your phone shows the live session: current task, tool calls being made, any pending permission requests, and the full conversation history. You can respond to Claude's questions, approve file writes, or redirect the work — all from mobile.
Research Preview note: As of February 24th, 2026, Remote Control is in research preview. Anthropic is rolling it out progressively to Max plan subscribers. If you don't see the /remote-control command yet, check that you're on the latest Claude Code version and that your Max subscription is active.
Security Patterns Deep-Dive
This is the section missing from most coverage. Remote Control opens new capabilities, but it also changes the security context of your Claude Code session — because now there's a mobile attack surface and potentially a persistent session running while you're not actively watching.
Boris Cherny, creator of Claude Code, and Anthropic's Ray Amjad have outlined three primary security patterns for teams using Remote Control in production. If you're building more broadly on Claude Code, our guide to Claude Code security patterns covers the vulnerability scanning side of the story.
Pattern 1: Dangerously Skip Permissions + Isolated Remote Server
The --dangerously-skip-permissions flag removes Claude Code's default confirmation prompts. Normally you'd never run this, but there's a legitimate use case: if you're running Claude Code on a dedicated remote server (a VPS or cloud instance you provisioned specifically for agentic work), then the blast radius of any prompt injection or runaway task is limited to that server, not your development machine.
# On a dedicated remote server only — not your local dev machine
claude --dangerously-skip-permissions
This pattern trades interactivity for throughput. Useful for long-running research or build tasks where you don't want permission prompts blocking progress.
Pattern 2: Sandboxed Web Access
Claude Code can run with specific web access restrictions. Instead of giving Claude unrestricted browser/search capabilities, you define:
- Allowed domains: A whitelist of sites Claude can research (e.g., only
docs.anthropic.com,github.com, specific API documentation) - Denied tools: Disable bash execution, file writes, or external API calls for sessions focused purely on research
This creates a research agent that can browse and synthesize information from trusted sources without any risk of accidentally modifying your codebase or hitting unintended endpoints.
// Example tool restriction config
{
"allowedDomains": ["docs.anthropic.com", "github.com/anthropics"],
"deniedTools": ["bash", "write_file", "edit_file"]
}
Pattern 3: Proxy-Controlled Web Access
The most sophisticated pattern involves routing all Claude Code web requests through a proxy you control. This gives you:
- Complete logging of what URLs Claude accessed during a session
- Rate limiting to prevent runaway API calls
- The ability to inject or block specific requests in real time
- An audit trail for compliance or debugging
For teams running agentic coding at scale — multiple Claude Code instances across multiple developers — a shared proxy layer becomes your control plane. You can see exactly what your AI agents are accessing across the whole team.
These three patterns aren't mutually exclusive. A production setup might use Pattern 1 (skip permissions) on an isolated build server, Pattern 2 (domain whitelist) for research sub-agents, and Pattern 3 (proxy) as a monitoring layer across everything.
Real Use Cases
1. The Long Build → Walk → Review pattern Start a substantial refactoring task or feature build, launch Remote Control, and leave your desk. Check in from your phone every 20 minutes. Claude handles the mechanical work; you review diffs and answer questions when needed. The session doesn't pause when you're not watching.
2. Meeting + Code Review You're in a meeting. Claude Code is running tests and fixing failures from this morning's CI run. Instead of blocking your laptop or losing the context when you switch tasks, you monitor from your phone. When Claude hits a decision point — "should I refactor this interface or keep the old signature?" — you respond right there.
3. Remote Research Agents Set up a sandboxed session with domain-restricted web access, kick off a research task (competitive analysis, documentation survey, API exploration), and let it run. Come back an hour later to a structured summary. No babysitting required.
4. Multi-Machine Workflows Start a session on your desktop workstation, monitor it from a MacBook at a coffee shop, hand off to a tablet on the couch. Same session, same context, multiple physical locations. This is the async agentic coding workflow that developers have been approximating with tmux and Tailscale for years — now it's a supported, native feature. For teams already running Claude Code Agent Teams workflows, Remote Control adds a mobile supervision layer to what you're already doing.
5. Video Editing and File Tasks Claude Code isn't only for software engineering. As Ray Amjad demonstrated, you can use Remote Control to trigger longer-running file operations — video encoding pipelines, batch image processing, bulk downloads — and supervise them remotely. Any task that runs on your machine and benefits from occasional supervision is a candidate.
Remote Control vs. Alternatives
Remote Control isn't the only way to get async agentic coding. Here's how it stacks up:
| Claude Code Remote Control | tmux + Tailscale | OpenClaw | |
|---|---|---|---|
| Setup | Built-in, activate with /remote-control | Manual: VPN config, tmux session management | Separate product, dedicated setup |
| Mobile UI | Native, purpose-built | SSH terminal — functional, not ergonomic | Yes, purpose-built |
| Scheduled Tasks | Not yet (research preview) | Via cron | Yes, first-class feature |
| Security | 3 configurable patterns | Manual (depends on your Tailscale config) | Managed |
| Requires Max plan | Yes ($100–$200/mo) | No (uses your existing Claude plan) | Separate subscription |
Greg Isenberg's reaction — "claude is really starting to look like OpenClaw everyday" (695 likes) — captures the direction. Remote Control is currently more passive than OpenClaw's full scheduled task system. But for developers already in the Claude Code ecosystem, it removes 80% of the friction with zero new tools.
"Claude Code still doesn't have a documented mechanism for running things on a schedule, which is the other killer feature of the Claw category of software." — Simon Willison, developer and creator of Datasette (simonwillison.net, February 25, 2026)
The tmux + Tailscale workflow works, and plenty of experienced developers will keep using it for the control it provides. Remote Control trades that fine-grained control for simplicity and a mobile UI that's actually built for the use case.
What Context Studios Is Doing With It
At Context Studios we adopted Claude Code as our primary coding agent shortly after Claude Code 2.0 launched in late 2025. Our workflow is heavily async: blog content pipelines, MCP server development, CMS tooling, social media automation — most of these are tasks that run for 20–60 minutes and don't need active supervision for most of that time.
Remote Control slots directly into that workflow. We've started kicking off longer pipeline tasks — content generation runs, dependency audits, test suite fixes — when leaving the desk for a coffee or a meeting, rather than waiting for desk time. The practical win isn't dramatic on any single task, but it compounds: we're recovering 30–90 minutes per day that was previously blocked on "waiting to get back to the keyboard."
We're running Pattern 2 (sandboxed web access) for research sub-agents — Claude browsing our own documentation and specific reference URLs, nothing else. We're evaluating Pattern 3 (proxy logging) as we scale the team.
The caveat: we're still in week one. We'll publish a more detailed production retrospective in 4–6 weeks.
Limitations and Caveats
Max plan only. Remote Control requires the Claude Max subscription ($100–$200/month). There's no indication it will be available on lower tiers. For individual developers, this is a meaningful cost consideration.
Research preview. The feature is being rolled out progressively. Not every Max subscriber has it yet. Functionality may change as Anthropic collects feedback.
No scheduled tasks (yet). Unlike OpenClaw's cron-style scheduling, Remote Control doesn't let you configure "run this at 9am." You still need to manually start sessions. Anthropic has signaled this will evolve — phone notification hooks are on the roadmap — but today it's a live-supervision tool, not a fully autonomous scheduler.
Latency is real. Reviewing and responding from mobile introduces latency compared to a focused desktop session. For time-sensitive permission prompts, you need your phone nearby. Not a dealbreaker, but worth setting expectations.
Mobile app dependency. Smooth remote access depends on Anthropic's mobile app. This adds a platform dependency that tmux + Tailscale doesn't have. If Anthropic deprecates or changes the app, your workflow changes too.
Frequently Asked Questions
What is Claude Code Remote Control? Claude Code Remote Control is a feature that lets you start a Claude Code session in your terminal and monitor or continue it from a mobile device or browser, while Claude continues running on your local machine with all your tools and files intact.
Do I need the Max plan to use Remote Control? Yes. As of February 2026, Claude Code Remote Control is only available on the Claude Max plan, which costs $100–$200 per month depending on the tier you choose.
Is Claude Code Remote Control the same as running Claude in the cloud? No. Your Claude Code session still runs on your local machine. Remote Control gives you a mobile interface to interact with that session — it's a remote interface, not remote execution. Your local files, MCP servers, and custom tools remain on your machine and are not transmitted to Anthropic's servers.
How do I activate Remote Control?
In an active Claude Code session, type /remote-control. This registers the session and generates a connection you can use from the Anthropic mobile app or a browser.
Is it safe to use Remote Control with --dangerously-skip-permissions?
Only on isolated machines dedicated to agentic work — never on your primary development machine. If you run in skip-permissions mode on a remote server, any prompt injection or runaway task affects only that server, not your local environment.
How does Remote Control compare to OpenClaw? Remote Control is simpler to set up (built into Claude Code) but currently lacks OpenClaw's scheduled task capabilities. OpenClaw is a purpose-built system for async agentic workflows; Remote Control is a supervised handoff system that's easier to adopt for existing Claude Code users.
Conclusion
Claude Code Remote Control doesn't change what Claude Code is — it changes when and where you can work with it. The async agentic workflow has been technically possible for years (tmux, Tailscale, screen sessions), but Remote Control makes it accessible enough to actually use in a daily development loop.
For developers already on the Max plan, the activation cost is a single command. The productivity recovery happens the first afternoon you run a refactor while walking the dog and come back to a finished PR.
The research preview limitations are real — no scheduled tasks, progressive rollout, Max plan required. But the direction is clear: Anthropic is building toward the kind of persistent, supervised AI coding agent that professionals need. Remote Control is the first native step in that direction.
If you're on the Max plan, run /remote-control today and see what changes in your workflow.