The Pushary mobile app: answer approvals and send commands from your phone
Pair by QR, approve an AI agent action from your lock screen, and queue a command back to a running agent. Native iOS and Android.
A push notification that says "your agent needs you" is only half the loop. You still had to walk back to the machine, read the terminal, and type a decision. The Pushary mobile app closes that gap. You pair your phone once, and from then on you can approve or deny an agent action from the lock screen, and queue an instruction back to the agent without touching the keyboard.
It is a native app, built with Expo, on the App Store and Google Play. It is not a wrapper around the web dashboard.
Key takeaways
- Pair your phone to your workspace by scanning a QR code. No account juggling, no copy-pasting tokens.
- Approve or deny a pending agent action from the lock screen with the app closed. One tap, headless, via a device-token answer endpoint.
- Type a command on your phone and the running agent picks it up at its next stop. The phone sends as well as receives now.
The problem it solves
Agents like Claude Code, Codex, Gemini CLI, and Cursor run long. They hit a point where they want to push to a branch, delete a file, run a migration, or spend more money, and they stop and ask. If you are not at the desk, that stop is dead time. The agent waits, you are somewhere else, and the work parks until you get back.
Pushary already sent the notification. What was missing was a fast, trustworthy way to respond from the device that is already in your hand. A notification you cannot act on is just an interruption.
How pairing works
Open the app, point your camera at the QR code in your Pushary dashboard, and the phone is linked to your workspace. Deep links handle the same flow if you tap a pairing URL on the phone itself instead of scanning. Sign in with email or with Apple. That is the whole setup.
Once paired, the device registers a token that the answer endpoint trusts, which is what makes one-tap approval from a notification possible. You are not logging in again every time a decision comes through.
Approving from the lock screen
When an agent asks for permission, the request lands as a push notification. You can act on it without opening the app to a full screen. Approve or deny straight from the notification. The app can be fully closed and it still works, because the decision goes through a device-token answer endpoint rather than requiring a live session.
Deny is not a dead end. You can deny with feedback and send a reason back to the agent, so instead of just blocking the action you tell it what to do differently. Approval cards carry the context you need to decide: a risk signal on the dangerous action, so a git status and a git push --force do not look identical on a small screen.
Every decision is recorded with its source. The audit trail knows whether a given approval came from the phone, the web, or Slack. See the agent audit trail and the audit log docs.
Sending a command back
This is the part that makes the phone two-way. You can type an instruction in the app and send it to a running agent. The stop-hook on the agent side picks up the phone-queued instruction at its next natural stopping point and feeds it in. So you can be on a train, see that your agent finished the first task and is idle, and tell it "now write the tests and open a PR" without opening a laptop.
It works like a queue. The agent reads what you left for it the next time it checks in.
Live updates and subscriptions
The app stays current over SSE, so pending questions, session state, and answers update without a manual refresh. When an agent asks and then times out, or another device answers first, your phone reflects it.
Subscriptions are handled in-app through RevenueCat, so you can start or manage a plan from the device. Pricing is the same everywhere: Agent at $9.99 and Agent Pro at $19.99. There is no free agent tier. Full breakdown is on the pricing page.
What the mobile app is part of
The phone is one surface on a larger control panel. The policy engine decides which actions even reach you: it matches on tool arguments, not just the tool name, so you can auto-allow git status while still gating git push. A read-only safe floor auto-approves proven read-only shell commands like cd, ls, cat, and git log, a decision we made from 1,721 real production questions rather than a guess. Read more on permission policies and the policy docs.
Approvals also reach you over web push and Slack, and any backend can ask a human and wait through a REST endpoint. The mobile app is the surface most people want when they are away from the desk, which is the whole point of controlling Claude Code from your phone.
Honest caveats
On iOS the cross-origin deep link from a notification into the home-screen PWA is broken, so the PWA route uses a pending-questions inbox instead of a tap-through link. The native app does not have that limitation, which is part of why we shipped it.
Pushary is GDPR-aligned, but that is self-assessed. We do not hold SOC 2 or ISO certification, and we say so rather than imply otherwise on the security page.
Getting started
Set up an agent first with the quickstart, then install the app and scan the QR code from your dashboard. From there, the next time your agent stops to ask, your phone is enough to keep it moving. See what the rest of the platform does on the AI agents page.