Per-harness notes

Harness-specific notes for Claude Code, Codex, OpenCode, Grok, and Cursor.

Proliferate runs five harnesses today: Claude Code, Codex, OpenCode, Grok, and Cursor. Most of what's in this section applies the same way across all of them, but a few details are harness-specific.

Warning:

Gemini CLI is no longer a supported harness. Google's upstream Gemini CLI project moved to an enterprise-only distribution, so it was removed rather than left in a broken state. If you have older material referencing it, treat it as retired.

Claude Code

  • Route options: native, one API key, or the gateway. Only one at a time.
  • Suggested key variable: ANTHROPIC_API_KEY.
  • Native sign-in: claude login's OAuth flow, or a cached credential Claude Code already stores locally.
  • Gateway models: current Claude Sonnet, Haiku, and Opus releases.

Codex

  • Route options: native, one API key, or the gateway. Only one at a time.
  • Suggested key variable: OPENAI_API_KEY.
  • Native sign-in: codex login's OAuth flow, or a cached credential Codex already stores locally.
  • Gateway models: current GPT-5 family releases.

OpenCode

  • Route options: the gateway plus any number of API key rows, all at once. OpenCode is the one harness built to call more than one provider in the same session.
  • Suggested key variable: none fixed. Use Add provider to search a vendored list of well over a hundred providers (Anthropic, OpenAI, Groq, OpenRouter, Together AI, and more); picking one prefills the right variable name for you.
  • Because there's no single required credential, OpenCode is ready to run as soon as any one provider, or the gateway, is turned on.

Grok

  • Route options: native, one API key, or the gateway. Only one at a time.
  • Suggested key variables: XAI_API_KEY or GROK_API_KEY.
  • Native sign-in: a cached login token from grok login.
  • Grok isn't bundled with the desktop app the way Claude Code and Codex are; it downloads the first time you use it.
  • Gateway models: current Grok releases, served through xAI.

Cursor: why it's different

Cursor doesn't have an Authentication tab with routes to pick. It always signs in with its own account (cursor-agent login) on both local and cloud runs, and it isn't part of the gateway or BYOK system at all.

This isn't a temporary gap, it's how Cursor's CLI is built: there's no supported way to hand it a bare provider API key or point it at another gateway, so Proliferate doesn't pretend otherwise. If Cursor is already signed in on your machine, Proliferate picks that up automatically; there's nothing else to configure.

On this page