A side project that became a safety net.

What PromptBeat is

PromptBeat is a free mobile app that does two specific things for AI coding agents:

• Permission control. Every shell command, file write, or external API call your AI agent wants to make is intercepted by a small Python hook on your laptop and forwarded to your phone in under 2 seconds. You approve, deny, or edit before it runs — biometric every time.
• Remote AI Chat. When you’re away from your laptop, you can drive Claude Code, Codex, Gemini, or Copilot CLI from your phone. A small background agent runs the AI tool inside a real PTY on your machine; the conversation streams to your phone live.

It works with the four major AI coding agents available today — Claude Code, OpenAI Codex CLI, Google Gemini CLI, and GitHub Copilot CLI — through small hooks that ship with the installer. No patching the agents themselves.

Why it exists

I started running AI coding agents heavily in 2025. The first time Claude Code ran git push on a feature branch I hadn’t reviewed yet, I felt the gap. The agents were good enough to do real work but lacked a thoughtful place to pause and ask — especially when I was stepping away from my desk.

The available options were:

• Auto-approve everything (and accept the occasional disaster)
• Manually approve every tool call in the terminal (and lose your flow with every rm, git push, or webhook call)
• Don’t use AI agents at all (which defeats the point)

None of those felt right. So PromptBeat became the missing third option: a phone in your pocket that knows when to interrupt you and when to stay quiet. Rules auto-resolve the safe stuff. Anything genuinely dangerous — or anything you haven’t taught it about yet — comes to your phone for a 2-second decision.

Who built it

PromptBeat is built by Ashish Bansal, a software engineer based in India. The whole thing is one engineer’s side project — not a startup, not VC-funded, not racing to a valuation. The pace is deliberately slow: ship something useful, get feedback, repeat.

Press, partnerships, bug reports, feature ideas, or just notes: use the feedback form on the home page or email support@promptbeat.online. Replies usually come within a few days.

How it’s funded

The hosted service runs on a tiny Hetzner Cloud VPS in Germany. Server costs are roughly $4–$8 a month at the current scale, paid out of pocket. The mobile apps are free on the App Store and Google Play.

To support ongoing development, we may introduce third-party advertising on the marketing site and/or inside the mobile apps. If and when that happens, the privacy policy will be updated with the specific ad networks involved and the data they receive, along with any consent or opt-out mechanisms required by law (GDPR, CPRA, etc.).

What the server sees

PromptBeat is a relay. The product can’t deliver an approval to your phone without receiving the request, and it can’t stream a chat session to your phone without holding the messages. The database stores a meaningful amount of data as part of doing that job:

• Permission requests. Tool name, the command or file path, your decision, timestamps. Completed requests are pruned after 24 hours by default. The audit log retains event-level summaries (decisions, rule changes, device events) for 90 days.
• Chat messages and AI responses, while a session is open and until you delete it.
• Account info (email, bcrypt-hashed password), paired devices (FCM tokens, platform, device names), API keys (SHA-256 hashed, tagged to hostname).
• Server access logs from Caddy: IP, user agent, path, status, timestamp.

For specifics on retention, third-party processors, and your access/export/deletion rights, see the privacy policy. If you would rather the server not see your tool inputs at all, the optional HMAC-CTR end-to-end encryption keeps command arguments as ciphertext server-side.

How we think about the product

A few things about how the product is run, with the caveat that some of these may evolve as the product does. The privacy policy is the authoritative source for current state.

• The hosted service is a relay; data flows through our server, plus the third-party processors named in the privacy policy (currently Hetzner, Firebase Cloud Messaging, formsubmit.co, and the App Store / Google Play distribution channels).
• We may add third-party usage analytics (e.g. Google Analytics or equivalent) on the marketing site and inside the apps, to understand which features get used, what AI agents are popular, and how the product is performing. We may publish aggregated, de-identified developer trends derived from that data.
• We may serve third-party advertising and marketing partnerships on the website and inside the apps. Your individual account data, prompts, commands, and chat history are not handed to advertisers as part of that; if you click an ad and submit information directly to the advertiser, that’s your transaction with them.
• Your prompts, commands, and chat history are not used to train AI models — ours or anyone else’s.
• The intent is to keep the core feature set free for solo developers. If pricing, advertising, or analytics changes meaningfully, the privacy policy is updated and the change is announced.

Privacy

The full privacy policy has the formal version: exact data fields collected, retention windows, third-party processors, and your access/export/deletion rights. The summary: data is stored only because the product needs it to function, you can delete it from the app, and the optional E2E encryption hides command contents from the server entirely.

What’s next

PromptBeat is intentionally narrow. It does two things well rather than ten things badly. If you have ideas about what should come next — or what should change about what’s already there — the feedback form is the right place to start.