← Back to AI Insights
Gemini Executive Synthesis

Cush – An HTTP tunnel for AI agents to run constrained CLI commands on remote servers

Technical Positioning
A secure, temporary, outbound HTTPS tunnel that enables AI agents and HTTP clients to execute constrained CLI commands on remote servers, bypassing traditional access complexities (VPNs, firewalls, SSH) and requiring no server-side infrastructure changes.
SaaS Insight & Market Implications
Cush addresses a critical security and operational challenge in integrating AI agents with remote server environments. By providing a constrained, authenticated, and temporary HTTP tunnel, it enables agents to perform diagnostic and troubleshooting tasks without exposing the entire server or requiring complex infrastructure changes. This solution bypasses traditional access hurdles like VPNs and firewalls, significantly reducing friction for AI-driven operations. The emphasis on granular command control and short-lived tunnels ensures a secure posture, making it attractive for enterprises hesitant to grant broad access to AI. Cush facilitates safer, more efficient AI agent deployment for server management and incident response.
Proprietary Technical Taxonomy
HTTP tunnel AI agents constrained CLI commands remote server VPNs bastion hosts firewall rules access controls

Raw Developer Origin & Technical Request

Source Icon Hacker News Apr 16, 2026
Show HN: Cush – curl your shell, an HTTP tunnel for AI agents

I built cush because coding agents can be helpful to diagnose and troubleshoot server issues.The problem is that getting said agents onto a remote server, especially one you don't control, means dealing with VPNs, bastion hosts, firewall rules, access controls, or audit trails. That's assuming SSH isn't even blocked.cush takes a different approach. Instead of a shell, it opens a temporary, outbound HTTPS tunnel that lets you and your AI agent run constrained CLI commands on the server: $ cush open --allow grep,cat,tail --expiry 2h

tunnel: abc123.ngrok.io
token: a3f9c2d1...
allowed: grep, cat, tail
expires: in 2h

Now any agent or HTTP client can execute allowed commands: $ curl -X POST abc123.ngrok.io \
-H "Authorization: Bearer a3f9c2d1..." \
-H "Content-Type: application/json" \
-d '{"command": ["grep", "-r", "ERROR", "/var/log/app.log"]}'

>>> {"stdout":"ERROR database connection refused\n","stderr":"","exit_code":0}

Point any agent at the tunnel's URL: $ claude "use abc123.ngrok.io with token a3f9c2d1... to find what's causing the 500 errors"

Tunnels are authenticated, constrained, and short-lived. No server-side infrastructure changes required. Just a 7MB Rust binary + ngrok.Looking for feedback, and 2-3 design partners to build audit trails.

Developer Debate & Comments

No active discussions extracted for this entry yet.

Engagement Signals

3
Upvotes
1
Comments

Cross-Market Term Frequency

Quantifies the cross-market adoption of foundational terms like AI agents and SSH by tracking occurrence frequency across active SaaS architectures and enterprise developer debates.

Macro Market Trends

Correlated public search velocity for adjacent technologies.

Ai Agents