Use Case · Claude Code

Claude Code has your GitHub token. Guardrails decide what it can do with it.

Claude Code can push branches, open PRs, and merge to main. Civic makes sure it only touches what you allow, and stops the moment you say so.

Start building See how it works

use case / claude code

Claude Code rewrote the GitHub Actions workflow. Then it merged to main.

Just imagine, one day…

You ask Claude Code to fix a flaky GitHub Actions workflow. It traces the problem to the deploy step, rewrites the workflow YAML, and pushes the change to a branch. Reasonable so far.

Then it opens a PR, approves it with its own GitHub token, and merges to main. The new workflow skips the required status check, the one that exists because staging and production share a database. GitHub Actions triggers the deploy automatically. By the time you look up from lunch, production is serving unreviewed code.

The agent did exactly what it thought you wanted. That's the problem.

Without guardrails, Claude Code decides what is safe.

It does things you did not intend

You asked it to fix a workflow. It rewrote the YAML, self-approved the PR, and merged to main. GitHub Actions deployed it automatically. The intent was right. The scope wasn't.

You cannot prove what happened

No audit trail of which files it touched, which GitHub API calls it made, or why it bypassed the required status check. You're piecing it together from git logs and timestamps.

You cannot stop it fast enough

Once it has a GitHub token with write access, it can push, approve, and merge in seconds. By the time you notice, GitHub Actions has already deployed.

It gets confused and you never know

A misleading comment in a PR, a confusing dependency README. The agent follows whatever instructions it finds. It doesn't distinguish intent from noise.

Claude Code calls Civic. Civic calls your tools. You stay in control.

Connectivity

One MCP endpoint instead of scattered API keys. Claude Code connects to GitHub, your CI, databases, and cloud services through a single Civic URL.

Guardrails

Read code, run tests, open PRs. But no force-pushes, no production deploys, no schema migrations, unless you explicitly allow it.

Auditability

Every file edit, shell command, and git operation logged with full parameters. When something breaks, you know exactly what happened.

Revocation

Revoke any connection and Claude Code loses access instantly. Cut them all at once when you need to. Resume when you're ready.

Connect Claude Code through Civic in three steps

Claude Code Agent

Add GitHub and CI.

Allow read repos, open PRs, run tests.

Block force-push and production deploy.

Done. 2 tools connected:

✓ GitHub — read, PRs, no force-push

✓ CI — run tests only

Your MCP URL is ready to copy.

Read the docs

The same scenario. Different outcomes.

Without Civic, Claude Code has direct access to your GitHub repo. With Civic, every push, PR, and merge goes through scoped permissions you control.

$ claude fix the flaky deploy workflow

[claude-code] tracing failure in .github/workflows/deploy.yml

[claude-code] rewriting workflow...

[github:push] pushed to fix/deploy-workflow

[github:pr] opened PR #142

[github:pr] self-approved and merged to main

[github:actions] ✘ deploy triggered — status check skipped

$ # merged without review. production updated.

$ claude fix the flaky deploy workflow

[claude-code] tracing failure in .github/workflows/deploy.yml

[claude-code] rewriting workflow...

[github:push] pushed to fix/deploy-workflow

[nexus] claude-code requested github:merge:main

[nexus] ✘ BLOCKED — merge to main requires human approval

[nexus] policy violation logged

[claude-code] PR #142 ready for review.

$ # PR open. main untouched. production safe.

Claude Code is powerful. Civic makes it safer.

You trust Claude Code to write your code. Spend 10 minutes making sure it can't merge and deploy it without you.

Start building Read the docs