Claude Code / MCP Integration MCP

Configure Heed as an MCP (Model Context Protocol) server so that Claude Code, Cursor, and other MCP clients can request human approval natively. No custom code required — just a config entry.

Prerequisites

RequirementDetails
Heed API KeyGet one free at heed.run/signup — looks like hd_live_... or hd_test_...
Python3.10 or later
Claude CodeLatest version with MCP support enabled
heed-mcpHeed's MCP server: pip install heed-mcp

The MCP server handles polling and webhooks for you — your agent just calls request_approval and gets back a decision.

Quick Start

1

Install the Heed MCP server

pip install heed-mcp

Or run without installing: uvx heed-mcp (after publishing to PyPI).

2

Set your API key as an environment variable

export HEED_API_KEY="hd_live_your_key_here"
3

Add Heed to your Claude Code MCP config

Open your Claude Code settings and add the heed server:

{
  "mcpServers": {
    "heed": {
      "command": "heed-mcp",
      "env": {
        "HEED_API_KEY": "hd_live_your_key_here",
        "HEED_BASE_URL": "https://heed.run"
      }
    }
  }
}
4

Create a policy that gates your action

curl -X POST https://heed.run/api/v1/hitl/policies \
  -H "Content-Type: application/json" \
  -H "X-API-Key: $HEED_API_KEY" \
  -d '{
    "name": "gate-destructive",
    "description": "Require approval for destructive actions",
    "rules": [
      {
        "action": "delete_record",
        "requires_approval": true
      },
      {
        "action": "send_email",
        "requires_approval": true
      }
    ],
    "is_active": true
  }'
5

Tell Claude to use it

Instruct Claude to request approval before consequential actions. It will call the request_approval tool automatically.

Configuration Reference

Claude Code

Edit your MCP settings file. The location depends on your OS:

{
  "mcpServers": {
    "heed": {
      "command": "heed-mcp",
      "env": {
        "HEED_API_KEY": "hd_live_your_key_here",
        "HEED_BASE_URL": "https://heed.run"
      }
    }
  }
}

Cursor Cursor

Open Cursor Settings → MCP → Add new server. Use the same config format, or edit .cursor/mcp.json in your project:

{
  "mcpServers": {
    "heed": {
      "command": "heed-mcp",
      "env": {
        "HEED_API_KEY": "hd_live_your_key_here",
        "HEED_BASE_URL": "https://heed.run"
      }
    }
  }
}

Other MCP Clients Generic

Any MCP-compatible client that supports stdio transport can use Heed. The config format is the same — specify heed-mcp as the command and provide the HEED_API_KEY and HEED_BASE_URL environment variables.

{
  "mcpServers": {
    "heed": {
      "command": "heed-mcp",
      "args": [],
      "env": {
        "HEED_API_KEY": "hd_live_your_key_here",
        "HEED_BASE_URL": "https://heed.run"
      }
    }
  }
}

Tool Reference

Heed exposes a single MCP tool:

request_approval

Submits an approval request to Heed. If a policy gates the action, the server polls until a human decides. Returns the decision.

ParameterTypeDescription
actionstringThe action being gated (e.g. "send_email", "delete_record")
summarystringHuman-readable description of what the agent is about to do
contextstringJSON string with relevant details (amounts, IDs, recipients, etc.)

Returns: "approved" or "rejected"

Example Session

Here's what it looks like when Claude Code uses Heed to gate a destructive action:

User
Delete the stale records from the production database where created_at is before 2024.
Claude
I need to request approval before deleting production records. Let me check with a human first.
Tool: request_approval
action: "delete_record"
summary: "Delete stale production records where created_at < 2024"
context: '{"table": "records", "condition": "created_at < 2024-01-01", "estimated_count": 3400}'
Tool Result
"approved" — decided by sarah@company.com at 2026-07-13T10:42:15Z
Claude
The deletion was approved by Sarah. I'll proceed with removing the stale records now. Running: DELETE FROM records WHERE created_at < '2024-01-01'

While the request is pending, the MCP server blocks the tool call. Claude will wait until a decision is made. Make sure a human is monitoring the dashboard or has notification webhooks set up.

Creating the Policy

Without a policy, all actions auto-approve. To gate actions, create a policy with rules that match:

curl -X POST https://heed.run/api/v1/hitl/policies \
  -H "Content-Type: application/json" \
  -H "X-API-Key: hd_live_your_key" \
  -d '{
    "name": "gate-destructive",
    "description": "Require approval for destructive or external-facing actions",
    "rules": [
      {
        "action": "delete_record",
        "requires_approval": true
      },
      {
        "action": "send_email",
        "requires_approval": true
      },
      {
        "action": "modify_schema",
        "requires_approval": true
      }
    ],
    "is_active": true
  }'

Manage policies from the Policies dashboard or via the API.

System Prompt Tips

Add these instructions to your Claude Code system prompt or CLAUDE.md to ensure it always requests approval:

# Human-in-the-Loop Policy

Before executing any of the following actions, you MUST call the
`request_approval` tool and wait for the result:

- Deleting records from production databases
- Sending emails to external recipients
- Modifying database schema (migrations)
- Deploying to production
- Making payments or refunds

If `request_approval` returns "rejected", do NOT proceed.
Explain to the user that the action was not approved.

Environment Variables

VariableRequiredDefaultDescription
HEED_API_KEYYesYour Heed API key (hd_live_... or hd_test_...)
HEED_BASE_URLNohttps://heed.runBase URL of the Heed API (change for self-hosted)
HEED_POLL_INTERVALNo3Seconds between poll requests
HEED_MAX_POLL_WAITNo300Maximum seconds to wait for a decision

Next Steps