API Configuration
These environment variables are required for authenticating with AI providers.API key for Anthropic Claude models.You can also use the OAuth configuration flow:
OAuth refresh token for Anthropic. Alternative to To get your refresh token:
ANTHROPIC_API_KEY.Useful for Docker/container deployments where you want to use OAuth instead of API keys.- Run
agentuse auth login anthropiclocally - Extract from
~/.local/share/agentuse/auth.json
API key for OpenAI GPT models.
API key for OpenRouter service.
API key for OpenCode Go open coding models.
Optional base URL override for OpenCode Go. Defaults to
https://opencode.ai/zen/go/v1.AWS access key ID for Amazon Bedrock authentication (SigV4). Used together with
AWS_SECRET_ACCESS_KEY and AWS_REGION.AWS secret access key for Amazon Bedrock authentication (SigV4).
AWS region for Amazon Bedrock API calls (e.g.
us-east-1). Falls back to AWS_DEFAULT_REGION if unset. Required when using Bedrock.Optional AWS session token for temporary credentials (e.g. STS / assumed roles) when using Amazon Bedrock.
Bedrock API key (Bearer token). When set, used instead of AWS SigV4 authentication.
AWS named profile from
~/.aws/credentials / ~/.aws/config. Used when no static keys or Bearer token are set: the SDK credential provider chain resolves SSO cache, assumed roles, instance metadata, etc.Custom API Key Suffixes
You can use multiple API keys by adding suffixes:Serve Mode
API key for authenticating requests to the serve mode HTTP server.
Required when binding to exposed hosts (not Clients authenticate via Bearer token:
127.0.0.1 or localhost).Approval Gates
Slack bot token used to post and update channel messages when
channels.slack listens for approval, completion, or failure. The app needs the chat:write bot scope, and the bot must be in the target channel unless you also grant chat:write.public for public channels.Optional Slack app-level token used for Socket Mode approval actions in Slack. Web approval pages and channel-only Slack messages do not require this token. If set, the app-level token needs
connections:write; plain thread-reply comments also require Slack message event subscriptions and the relevant channel history scopes.Default Slack channel id for Slack channels. Agents can override this with
channels.slack.channel_id.Fallback public base URL used to build approval review links. Prefer
agentuse serve --public-url ... or serve.publicUrl for hosted deployments.Behavior Control
Override the maximum number of conversation steps (LLM generation cycles) an agent can take.
Default: 100Precedence: This environment variable overrides the
maxSteps value in agent YAML files.This prevents infinite loops and controls cost by limiting the number of LLM calls. Each step typically involves an LLM generation with potential tool calls.The default was reduced from 1000 to 100 for better cost protection. Most agents complete successfully within 100 steps.
Mock Mode (Testing)
Mock all tool outputs with the LLM instead of executing them. Mirror the--mock flags on
agentuse run; see Testing with Mocked Tools.
1 to mock all tool outputs (no real bash/filesystem/MCP/store side effects). Same as --mock. Requires AGENTUSE_MOCK_MODEL.Model that generates mock outputs. Required whenever mock mode is on (same as
--mock-model). Not defaulted to the agent’s model on purpose: mock fires an LLM call per tool result, and running that on the agent’s premium, rate-limited token caused opaque 429s.Use the lowest-end model you can reach here: mocking only fabricates a plausible tool result, not real reasoning, so a small fast model is plenty and keeps cost and rate-limit pressure low. Good picks: anthropic:claude-haiku-4-5, openai:gpt-5.4-nano, or openrouter:deepseek/deepseek-v4-flash.Set it for one run with --mock-model, or as a global default in the shell, ~/.agentuse/.env, or the env block of ~/.agentuse/config.json. --mock-model overrides whichever source supplies it.1 to also mock the await_human approval gate instead of suspending. Same as --mock-approval.Context Management
Enable or disable automatic context compaction when approaching model limits.
Default: true (enabled)When enabled, AgentUse automatically compacts older messages when context approaches the model’s token limit.
Percentage of context limit to trigger compaction.
Default: 0.7 (70%)Must be a decimal between 0 and 1.
Number of recent messages to preserve during compaction.
Default: 3These messages are never compacted to maintain conversation flow.
Minimum active-context size that triggers opportunistic compaction at an approval gate.
Default: 64000This is separate from
COMPACTION_THRESHOLD: a 64k-token context may be far
below a large model’s window, but still expensive to resend after a human
approval pause. Set to 0 to disable approval-boundary compaction while
keeping normal model-limit compaction enabled.Minimum active-context size that triggers opportunistic compaction between LLM
steps after the first tool call.
Default: 64000This enables split-turn compaction for long autonomous runs: older context can
be summarized before the next model call even when the full model window is not
close to exhausted. Set to
0 to disable step-boundary compaction while
keeping approval-boundary and model-limit compaction enabled.Tool Output
Large tool results are re-sent to the model on every subsequent step, so a single oversized output (a big diff, a verbose log, a huge file) inflates input tokens for the rest of the run. These variables cap how much of any one tool result reaches the model. When session storage is available, truncatedbash output keeps the full stdout/stderr stream as a session-local tool output artifact; runner-level truncation of other tool results also saves the full raw result and adds a reference to the bounded preview. Defaults match historical behavior, so you only need to set them to tune.
Maximum size (in characters) of a single model-facing tool result, also used by the built-in
bash stream cap. Output over this limit is truncated to a head + tail slice, dropping the middle, with a marker noting how much was omitted.
Default: 30720 (30KB)Fraction of Must be a decimal between 0 and 1.
AGENTUSE_TOOL_MAX_OUTPUT_BYTES kept as the head when truncating; the remainder is kept as the tail. Errors and context often appear early, while the most recent output appears at the end, so both ends are preserved.
Default: 0.4 (40% head / 60% tail)Default number of lines
read_file returns when no explicit limit is given (and the truncation cap for file reads).
Default: 2000Per-line character cap for
read_file output. Longer lines are truncated with a ... (truncated) suffix.
Default: 2000Prefer not generating bloat in the first place over raising these caps. For example, use
git diff --stat instead of a full git diff of high-churn files. Truncation is a safety net, not a substitute for asking the tool for less.Logging and Debug
Set the logging level for AgentUse output.
Default: INFOControls which messages are displayed during execution.
Enable debug logging and verbose output.
Default: falseShows detailed execution information, tool calls, and internal state.
Telemetry
Disable anonymous telemetry collection. No prompts, code, or file paths are ever collected.
Default: false (telemetry enabled)
Storage
Override the default data directory for session logs and project data.
Default: Session logs are stored at
~/.local/share$XDG_DATA_HOME/agentuse/project/{git-hash}/session/.See Session Logs for more details.Development Variables
For local development with self-signed certificates (HTTPS testing).
MCP Server Environment Variables
Security by Design: AgentUse intentionally prevents hardcoding secrets in
.agentuse files. All sensitive values must come from environment variables, keeping your secrets secure and out of version control.The Security Model
MCP servers can access environment variables through two fields:requiredEnvVars: Variables that MUST exist or the agent fails immediatelyallowedEnvVars: Variables that are passed through if they exist (optional)
Why This Design?
- No Secrets in Code:
.agentusefiles are often committed to version control - Clear Requirements: Developers know exactly what env vars are needed
- Early Failure: Missing required vars fail fast with clear error messages
- Security Allowlist: Only explicitly allowed vars are passed to MCP servers
Setting Environment Variables
- Option 1: .env File (Recommended)
- Option 2: Shell Export
- Option 3: Inline Command
- Option 4: Secret Managers
Create a AgentUse automatically loads
.env file in your project root:.env files from the project root (detected via .git/, .agentuse/, or package.json).Override Options:Error Messages
AgentUse provides clear, actionable error messages:Complete Example
.env file:
Using .env Files
For a full overview of user-facing configuration files and directories, see Configuration Files. AgentUse automatically loads.env files if present in your project directory:
Never commit
.env files to version control. Add them to .gitignore.Priority Order
Environment variables are loaded in this order (later overrides earlier):- System environment variables
.envfile in current directory- Command-line environment variables
Security Best Practices
Store Secrets Securely
Never hardcode API keys in agent files:Use .gitignore
Always exclude sensitive files:Validate Required Variables
For MCP servers that require specific environment variables, they will fail with clear error messages if the variables are not set.Troubleshooting
API key not found
API key not found
Verify the environment variable is set:If empty, set it:Or use the auth command:
Wrong API key being used
Wrong API key being used
Check which key is being used:The tool prioritizes OAuth tokens over API keys for Anthropic.
MAX_STEPS not working
MAX_STEPS not working
Ensure you’re setting it before running the agent:
Next Steps
Model Configuration
Set up model providers and API keys
MCP Configuration
Configure MCP servers