flieger

One command turns localhost → a safe public URL. We scan your code for leaked secrets, then open the tunnel. Built for humans and the agents shipping with them.

npx flieger share

Free forever. No signup. Works with Claude Code, Cursor, Cline, Aider.

TL;DR

You (or your AI agent) are one command away from a public URL that doesn't leak.

• For humans → npm i -g flieger → flieger share → done.
• For agents → it's a CLI. If your agent can run shell commands, it can run flieger share --json and parse the URL from the response. No API key. No signup. See Use it from an AI agent.

Why flieger exists

AI coding tools put a public URL within reach in minutes — and the safety step got skipped. There's no layer between localhost and the internet that knows what's in your code. ngrok and cloudflared happily expose a URL to leaked keys, open CORS, and committed .env files. flieger scans first, then opens the tunnel.

Every "my vibe-coded app got pwned" thread on X starts with one of these:

• An AI agent inlines an OpenAI key into App.tsx → scraper finds it → $8k bill
• .env isn't in .gitignore → next git push → Supabase service-role key on GitHub search
• CORS is origin: '*' → any site can ride logged-in user sessions

Install in 5 seconds. Share in 10.

Prerequisites

Before the first run, make sure these two things exist on your machine:

| | How to check | How to install | |---|---|---| | Node.js 18+ | node --version | nodejs.org | | cloudflared | cloudflared --version | macOS: brew install cloudflared · Linux: pkg.cloudflare.com · Windows: winget install --id Cloudflare.cloudflared |

That's it. No account, no API key, no Docker.

Optional:

• git — only needed if you use the Security Pro --deep git-history scan
• A package.json in your project — used for framework auto-detection; without it, pass --port manually
• A Lemon Squeezy license key — only if you want Pro (*.flieger.app slugs) or Security Pro (deep scans + CI). See Activating Pro / Security Pro below.

Three steps

01 — Install the CLI

npm i -g flieger

Or skip install and run one-shot via npx flieger share — useful when an AI agent is doing it for you in a throwaway session.

02 — Start your dev server

npm run dev

Next.js, Vite, SvelteKit, Nuxt, Express — all auto-detected. Anything else (FastAPI, Hono, Go, Rails, …): pass --port 5173 (or whatever port your server is listening on).

03 — Share safely

flieger share

Safety pass runs, tunnel opens, you get a URL and a QR code:

⚡ flieger v0.2.1
🔍 Detected: Next.js + Supabase on port 3000

🔒 Running Safety Pass...
  ✅ Exposed API keys
  ⚠️  .env exists but is not in .gitignore
  ✅ CORS policy

🌍 Starting tunnel...
✔ Tunnel is live

🚀 Live at https://refused-intersection-disclose-affiliates.trycloudflare.com
📱 [ASCII QR code]
⏱  Active until you close this terminal (Ctrl+C to stop)
🔒 Safety: 2/3 passed, 0 critical, 1 warning

Activating Pro / Security Pro

After checkout on Lemon Squeezy, activation is three commands. Same flow for both paid tiers.

01 — Grab your license key from the Lemon Squeezy receipt email (also visible in the customer portal linked in the receipt).

02 — Activate on this machine

flieger login <YOUR-LICENSE-KEY>

03 — Verify it worked

flieger whoami

Should print Tier: pro (or security for Security Pro) plus your customer email and the machine instance name.

That's it — Pro features (stable *.flieger.app slugs, 3 concurrent shares, share history) or Security Pro features (--deep, --strict, check --ci) are now live on every command.

Multiple machines? One license covers up to 3 instances. Run flieger logout on a machine you no longer use to free up a slot. Cancel anytime in the Lemon Squeezy customer portal.

Use it from an AI agent

flieger is a plain CLI. Anything that can run a shell command can use it — Claude Code, Cursor, Cline, Aider, a GitHub Action, a bash one-liner, a cron job. No API key, no SDK, no OAuth dance.

1. Just ask

Once flieger is on the machine, tell your agent in plain English:

Share this app with flieger so I can show it to someone.

The agent will run flieger share --json and paste back the URL. That's the whole integration.

2. Or give the agent a rule so it does it automatically

Claude Code — add to CLAUDE.md:

## Sharing / deploying the app
When the user asks to "share", "deploy a preview", "send a link", or similar:
1. Run `flieger share --json` from the project root.
2. Parse the JSON response — use `.url` for the public URL.
3. Report the URL back. If `.safety.criticals > 0`, surface them first and ask before retrying.
4. If flieger isn't installed, run `npm i -g flieger` first.

Cursor — same snippet, but in .cursorrules at the repo root.

Cline / Aider — same snippet in your system prompt or project instructions.

3. The JSON contract

Every invocation of flieger share --json emits a single JSON object on stdout and exits 0 on success, non-zero on failure:

{
  "ok": true,
  "url": "https://my-app.flieger.app",
  "id": "abc123",
  "tier": "pro",
  "safety": {
    "passed": 2,
    "total": 3,
    "criticals": 0,
    "warnings": 1,
    "findings": [
      { "check": "gitignore-secrets", "severity": "warning", "message": ".env is not in .gitignore", "file": ".env" }
    ]
  }
}

No interactive prompts. No TTY required. Plays nice with piping, logs, and CI.

MCP server is coming — for now, stdout JSON is the contract.

How it compares

| | flieger | ngrok | cloudflared | |---|---|---|---| | One command, zero config | ✅ | ~ signup | ✗ flags | | Scans code for leaked secrets | ✅ | ✗ | ✗ | | Blocks tunnel on critical finding | ✅ Security Pro | ✗ | ✗ | | Structured --json for AI agents | ✅ first-class | ~ API | ✗ | | Stable subdomain | ✅ Pro €9 | ~ $8+ | ~ domain req. |

flieger sits on top of Cloudflare's proven tunneling infrastructure. What's new is the gate — the thing that runs before the URL goes public.

Requirements

• Node.js 18+
• cloudflared installed and on $PATH
  • macOS: brew install cloudflared
  • Linux: pkg.cloudflare.com
  • Windows: winget install --id Cloudflare.cloudflared

Commands

| Command | What it does | |---|---| | flieger share | Safety pass + live URL via Cloudflare Tunnel | | flieger share --json | Structured output for AI agents | | flieger share --port 5173 | Override detected port | | flieger share --slug my-app | Stable my-app.flieger.app URL · Pro | | flieger share --deep | Include extended Security scans · Security Pro | | flieger share --strict | Hard-block on any critical finding · Security Pro | | flieger share --no-check | Skip safety pass (not recommended) | | flieger check | Run the safety pass only, no tunnel | | flieger check --deep | Full scan · Security Pro | | flieger check --ci | CI mode: JSON output + fail on criticals · Security Pro | | flieger fix | Apply available auto-fixes to findings | | flieger list / flieger ls | Show running shares | | flieger stop [id] | Stop a running share (all if no id) | | flieger history | Past shares with per-share safety reports · Pro | | flieger login <KEY> | Activate a Pro or Security Pro license | | flieger logout | Deactivate license on this machine | | flieger whoami | Show current tier | | flieger pricing | Pricing + checkout link |

Pricing — by the pain it solves

flieger is really two products: a sharing tool (ngrok-shaped) and a security layer for AI-written code. Each tier solves a different pain.

| | Free | Pro — Workflow (€9/mo) | Security Pro (€19/mo) | |---|---|---|---| | Pain it solves | "Just share this quickly" | "Random URLs are embarrassing" | "Don't let me ship a secret" | | Unlimited flieger share | ✅ | ✅ | ✅ | | All 3 basic safety checks | ✅ | ✅ | ✅ | | Agent-friendly --json output | ✅ | ✅ | ✅ | | URL | random trycloudflare.com | your-slug.flieger.app | your-slug.flieger.app | | Concurrent shares | 1 | 3 | 3 | | Slug reservation | — | ✅ | ✅ | | Share history + per-share safety report | — | ✅ | ✅ | | Deep scan engine (AST-based) | — | — | ✅ | | Git history scan | — | — | ✅ | | Dependency risk warnings | — | — | ✅ | | Pre-share hard-block on criticals | — | — | ✅ | | CI integration (check --ci) | — | — | ✅ |

Upgrade:

• Pro → flieger.lemonsqueezy.com/checkout/buy/8ac97f20-…
• Security Pro → flieger.lemonsqueezy.com/checkout/buy/1a433522-…

After purchase: flieger login <YOUR-LICENSE-KEY>.

Troubleshooting

cloudflared: command not found — install it (see Prerequisites). flieger shells out to cloudflared, so it needs to be on $PATH.

Invalid port or detection picked the wrong port — pass it explicitly: flieger share --port 5173.

Tunnel hangs or times out — check that your dev server is actually running on the port flieger detected (curl http://localhost:3000). flieger doesn't start your server for you.

License invalid or inactive when trying to use Pro / Security Pro — run flieger logout then flieger login <KEY> again. Licenses re-validate every 24h; a stale cache can trigger this.

share anyway prompt annoys your agent — use --json (agents) or --no-check (you know what you're doing). For CI, use flieger check --ci which is non-interactive by design.

Something else — open an issue at github.com/pfehringer4/flieger/issues with the command you ran and the full output. I reply fast.

Honest caveats

• Free-tier URLs are valid while your laptop is running. Close the terminal → URL dies.
• Free tier uses Cloudflare Quick Tunnels. Free for reasonable use, no sign-up.
• Pro's --slug needs cloudflared on $PATH too (same binary, different run mode).
• No tool catches everything. flieger covers the biggest, most-common leak patterns — for the rest, you still need a human review.
• No code ever leaves your laptop. Scans run locally. The tunnel just forwards HTTP traffic between Cloudflare's edge and your dev server.

License

MIT. See LICENSE.

Links

• Home: flieger.app
• npm: npmjs.com/package/flieger
• Issues: github.com/pfehringer4/flieger/issues
• Development docs: DEVELOPMENT.md