phone_opus

phone_opus is a deliberately narrow MCP server for consultative Claude Code calls.

It exposes one blocking domain tool:

• consult: run the system claude install in print mode, wait for the answer, and return the response plus execution metadata
• a fixed consult prefix is prepended before the caller-supplied prompt
• each consult is a fresh one-shot invocation

The server keeps the public MCP session in a durable host, isolates the actual Claude invocation in a disposable worker, and ships standard health and telemetry surfaces:

• health_snapshot
• telemetry_snapshot

Runtime posture

Each consult call runs Claude Code with:

• the system claude binary
• --model claude-opus-4-7
• --effort max
• a baked-in consult prefix telling Claude it is acting in read-only advisory mode for another model and should return a prioritized actionable report
• no configured MCP servers (--strict-mcp-config --mcp-config '{"mcpServers":{}}')
• a read-only built-in toolset:
• Bash,Read,Grep,Glob,LS,WebFetch
• --dangerously-skip-permissions
• --output-format json for the simplest single-result print-mode contract
• an external systemd-run --user sandbox instead of Claude's internal permission gate
• the filesystem stays globally read-only under ProtectSystem=strict
• phone_opus gives Claude a separate persistent home and XDG state under its own state root
• /tmp and /var/tmp stay writable
• when the consulted cwd sits inside a writable tree such as /tmp/..., that consulted tree is remounted read-only so Claude cannot accidentally edit the target repo
• a progress watchdog that aborts consults if Claude makes no observable progress for 20 minutes, using transcript growth and pipe activity as the liveness signal
• successful consult outputs are mirrored to /tmp/phone_opus-consults as timestamped JSON files with a prompt-derived slug and light auto-pruning
• internet access remains available

Development

Run the fast gate with:

python check.py

Run the server locally with:

cargo run -- mcp serve