If you're using Claude Code, you've already done real work to get here. You've configured your settings. You've set up your MCP servers. You've tuned your project skills. Maybe your company has enterprise policies in place. Delegation and orchestration shouldn't come at the cost of that investment, much less shipping your code off to another third party.
Cate automates a team of Claudes, but every Claude session Cate launches is your Claude Code. Your login, your settings, your skills, your MCP servers. Cate doesn't fork, patch, or wrap Claude Code. It drives it through the official Claude Agent SDK, the same public interface any tool can use.
What Cate adds
One thing: leftenant. It's an MCP server — a sidecar process that gives your Claudes access to project management tools they don't have natively: picking up tasks from the board, creating branches, running quality gates, opening PRs, and handing off between Claudes.
Claude Code spawns leftenant as a child process, just like any other MCP server
in your .mcp.json. Cate holds integration credentials in OS secure
storage (Keychain on macOS, Credential Manager on Windows) and makes
authenticated API calls on leftenant's behalf. Leftenant operates with the same
scopes you grant any GitHub, Jira, or Linear integration.
What Cate touches (and what it doesn't)
| Layer | Reads? | Writes? | Details |
|---|---|---|---|
| Authentication | No | No | Passed through via process.env |
~/.claude/settings.json |
Yes (via SDK) | Never | Your global settings are read-only |
| Enterprise policies | Yes (via SDK) | No | Enforced by the SDK, invisible to Cate |
| Global skills | Yes (via preset) | No | Loaded by the claude_code preset |
| Project skills | Yes (via cwd) |
No | Discovered by the SDK from .claude/commands/ |
| Your MCP servers | Yes | No | Read from .mcp.json, passed through |
Project .claude/settings.json |
Yes | Additive only | Enables leftenant, pre-authorizes its tools |
Project .mcp.json |
Yes | Additive merge | Adds the leftenant server entry |
The pattern: Cate reads everything, writes only to project-level files, and only adds. Never removes or overwrites.
Your login
Cate doesn't read, store, or transmit your Claude Code credentials. OAuth tokens, API keys, enterprise SSO sessions — they flow from your environment directly to the SDK.
Your global settings
Cate tells the SDK to read from the same three settings sources Claude Code uses when you run it from the terminal:
-
user— your global~/.claude/settings.json -
project— the repo's.claude/settings.json -
local— the repo's.claude/settings.local.json
Cate never writes to the global user settings file.
What Cate does write to
Cate writes to the project-level
.claude/settings.json — the one inside your repository, not
your home directory. Two things happen: leftenant is added to
enabledMcpjsonServers, and mcp__leftenant__* is added
to the project's permission allow-list so Claudes can call Cate's tools without
prompting. Both are additive merges. Your existing project
permissions, deny-lists, and other configuration are preserved.
Your enterprise policies
Cate uses the same settings resolution the SDK uses from the terminal and has no
mechanism to modify or bypass enterprise policies. Cate passes
user in settingSources, never writes to
~/.claude/settings.json, and passes the full host environment
through unchanged. The SDK enforces policies at a layer Cate doesn't touch.
Your global skills
Every session launches with the claude_code preset, defined by the
Claude Agent SDK itself. It loads the full Claude Code system prompt, including
all built-in skills and any global skills you've installed in
~/.claude/commands/. Cate-specific instructions are appended after
the preset loads. They don't replace anything.
Your project skills
Cate sets cwd to your project directory, so Claude Code discovers
and loads .claude/commands/ exactly as it does from the terminal.
Cate doesn't intercept, filter, or modify this discovery.
Your MCP servers
Your MCP servers are read from .mcp.json, environment variables in
the config are expanded (so ${FOO_TOKEN} references keep working),
and the full server map is handed to the SDK. No servers are filtered out. No
configuration is modified.
Cate merges one additional entry into your project's
.mcp.json — leftenant. The merge is additive. Your existing
servers are preserved.
What to know before you install
Cate adds mcp__leftenant__* to your project's permission allow-list
so agents can use its tools without prompting. This is a one-time change that
persists for future sessions in that project. And because agents run with your
Claude Code permissions in parallel, settings that are fine for interactive
single-agent use may warrant a second look for unattended multi-agent runs.
Your Claude. Turned up to eleven.
Ready to put your Claude Code setup to work? Request early access to Cate, or get in touch — we'd love to hear what you're building.