Honest comparison
ntfy is a free, open-source notification pipe you can self-host. Pushary is built for AI agents: the agent asks, your phone decides, and the agent blocks until you answer, with per-tool policy and an exportable audit trail on top.
If you want a free, open-source, self-hostable pipe to fire notifications from any script, ntfy is excellent. If you want an agent to pause for your approval, under rules you set once, with a record of every decision, that is what Pushary is for.
ntfy publishes a message to a topic and your phone receives it. That is perfect for "the build finished." It is not built for "should I run this migration?" Pushary holds the agent at the decision: it sends the question, the agent blocks on wait_for_answer for up to a minute, and your tap, choice, or typed reply is what unblocks it. The answer flows back to the agent, not just to your lock screen.
With ntfy, every notify is something you wrote into a script. Pushary lets you author the rules once: auto-approve safe reads, push on Bash, escalate git push, always deny rm -rf. The phone only buzzes for the decisions that matter, and the rule sticks across sessions and machines, so you are not hand-coding which events page you.
ntfy is a transport; it does not keep a queryable log of who approved what. Pushary keeps an immutable, attributed, exportable trail of every question and every human decision across every agent and machine. That is what a team lead or a compliance owner needs, and it is the thing a bare notification pipe does not try to be.
ntfy is free, open source under Apache 2.0, and fully self-hostable. If you want a notification pipe you own end to end, for any script and any server, and you do not need an agent-aware approval loop, ntfy is the better pick. Pushary makes the opposite bet: be the hosted, agent-native layer that asks, decides, and records.
| Feature | Pushary | ntfy |
|---|---|---|
| Agent asks a question and blocks for your answerHITL | ||
| Per-tool permission policies (set rules once)POLICY | ||
| Immutable, exportable audit trailAUDIT | ||
| One-command install into Claude Code, Codex, Cursor, Hermes | ||
| MCP server any agent can call | ||
| Enforced pre-execution gating (Claude Code) | ||
| Send a notification over HTTP | ||
| Action buttons on notifications | ||
| Self-hostable | ||
| Open source | ||
| Price | $9.99/mo | Free / self-host (Apache 2.0) |
ntfy (ntfy.sh) is a free, open-source pub-sub notification service under the Apache 2.0 license. You send a notification by making an HTTP POST or PUT to a topic, and you receive it on the ntfy app for Android and iOS, the web app, or the CLI. You can self-host the server. It is a general-purpose notification pipe for scripts, servers, and cron jobs.
ntfy delivers a message one way: your script publishes, your phone receives. Pushary is built around the round trip an AI agent needs. The agent asks a question, Pushary pushes it to you, and the agent blocks until you answer yes, no, pick an option, or type a reply. On top of that Pushary adds per-tool permission policy, an exportable audit trail, and one-command installs into the agents themselves. With ntfy you would build that agent glue and the answer loop yourself.
Yes, and people do. If all you want is a buzz when a long job ends or errors, ntfy is a great, free way to do it: have your agent or a wrapper script POST to your topic. What ntfy does not give you is the part where the agent pauses and waits for your decision before it runs a risky command, or a record of who approved what. That ask-and-wait loop, the policy that decides when to even ask, and the audit trail are what Pushary adds.
ntfy is free and open source, and you can self-host it at no cost; ntfy.sh also offers paid tiers for reserved topics and higher limits. Pushary's Agent plan is $9.99/mo with a 7-day free trial. The paid line funds the agent integrations, the policy engine, and the immutable audit trail.
Yes. They are independent. You could keep ntfy for arbitrary server and script alerts and use Pushary for the agent-specific work: ask-and-wait approvals, per-tool policy, the kill switch, and the audit trail.
Set your guardrails once, approve from your phone, and keep an exportable audit trail. Works with Claude Code, Codex, Cursor, Hermes, and any MCP client. 7-day free trial.
