cd /news/developer-tools/open-source-claude-codex-cursor-limi… Β· home β€Ί topics β€Ί developer-tools β€Ί article
[ARTICLE Β· art-46256] src=github.com β†— pub= topic=developer-tools verified=true sentiment=↑ positive

Open-source Claude/Codex/Cursor limits tracker for Mac

CreditWatcher, an open-source macOS menu bar app and CLI, now monitors Codex, Claude Code, and Cursor subscription usage limits locally with no telemetry. The tool reads credentials from official tools, caches data locally, and provides a rich terminal dashboard or native menu bar popover. It is designed for privacy-conscious developers who want to track their AI API usage without third-party servers.

read6 min views1 publishedJul 1, 2026
Open-source Claude/Codex/Cursor limits tracker for Mac
Image: source

A macOS menu bar app and CLI to monitor Codex, Claude Code, and Cursor subscription usage limits β€” locally, read-only, with no telemetry.

Inspired by the design spirit of Stats (lightweight macOS menu bar utility).

Download CreditWatcher for macOS

Prebuilt installers are published through GitHub Releases.

Three providersβ€” Codex (OpenAI), Claude Code (Anthropic), Cursor in one place** macOS menu bar app**β€” native Swift, no Node.js required at runtime** CLI dashboard**β€” rich terminal view with color-coded progress bars** Read-only usage checks**β€” never proxies inference or scrapes web UIs** Local credentials**β€” reads existing logins from official tools; tokens stay on your machine** Shared cache**β€” CLI and menu bar app share~/.creditwatcher/

quota cache60-second cooldownβ€” on-demand refresh, avoids hammering provider APIs** Optional local web UI**β€”creditwatcher serve

on127.0.0.1

only

CreditWatcher is designed to be local-first:

Data Where it lives
OAuth / session tokens Read from local files only (menu bar app never reads Keychain)
Usage responses Cached under ~/.creditwatcher/
Network calls Direct to official provider APIs only

No telemetryβ€” no analytics, crash reporters, or third-party servers** No token logging**β€” access/refresh tokens are not printed in normal operation** No Keychain in the menu bar app**β€” Claude auth uses JSON files and env vars only; no macOS Keychain prompts from the app** Optional CLI import**β€”creditwatcher login claude

may read Keychain once in Terminal to copy credentials into~/.creditwatcher/claude-auth.json

Sandbox-free macOS appβ€” required to read local credential stores and call provider APIs; seeSECURITY.md

CLI: Node.js 18+macOS app: macOS 14+ (Sonoma), Xcode 15+Provider logins: sign in with official tools first (codex login

,claude

, Cursor.app)

git clone https://github.com/aalksii/creditwatcher.git
cd creditwatcher
npm install
npm run build
npm link   # optional β€” install `creditwatcher` on your PATH

Without linking:

npm run dashboard       # rich terminal dashboard (all providers)
npm run status          # detailed text output per provider
npm run quota           # JSON output (used by menu bar integration)
open macos/CreditWatcher.xcodeproj

Or from the command line:

xcodebuild -project macos/CreditWatcher.xcodeproj -scheme CreditWatcher -configuration Debug build

The built app is under Xcode DerivedData or build/

when using xcodebuild

.

For a local drag-to-Applications installer:

npm run macos:dmg

The DMG is written to dist/macos/CreditWatcher-<version>.dmg

.

For public distribution, sign and notarize it with an Apple Developer ID:

SIGN_IDENTITY="Developer ID Application: Your Name (TEAMID)" \
NOTARY_PROFILE="notarytool-profile" \
npm run macos:dmg

Create the notarytool

profile once with xcrun notarytool store-credentials

.

Command Description
creditwatcher dashboard
Rich terminal dashboard β€” all providers
creditwatcher dashboard --force
Skip the 60-second usage cooldown
`creditwatcher status [codex claude
Detailed usage per provider
creditwatcher quota --json
Machine-readable quota JSON
`creditwatcher login [codex claude
Import or OAuth login helpers
creditwatcher serve
Optional local web UI at

Example:

creditwatcher dashboard
creditwatcher status claude
creditwatcher quota --json
  • Launch CreditWatcher from Xcode (⌘R) or open the built.app

  • A gauge icon appears in the menu bar (no Dock icon)

  • Click the icon for a popover with Codex, Claude, and Cursor usage cards

  • Use the gear button to show/hide providers, reorder cards, and sign in or out per tool

  • Icon tint reflects worst-case usage: system default <70%, yellow 70–90%, red >90%

Refresh: auto-refresh on open; Refresh button bypasses the 60s cooldown. Background refresh every 60 seconds.

Quit: click Quit in the popover or right-click the menu bar icon and choose Quit CreditWatcher.

Launch at login: System Settings β†’ General β†’ Login Items β†’ add CreditWatcher.

CLI button: opens Terminal with creditwatcher dashboard --verbose

(optional β€” requires the Node CLI).

Sign in with the official tools first. CreditWatcher reads existing credentials β€” it does not replace them.

Recommended:

codex login
creditwatcher status codex

Auth order:

~/.codex/auth.json

(official Codex CLI)~/.creditwatcher/auth.json

(viacreditwatcher login codex

)

Recommended (menu bar app):

claude                              # sign in with Claude Code if needed
creditwatcher login claude          # import into ~/.creditwatcher/claude-auth.json

Then click Refresh in the menu bar app.

Auth order for automatic usage checks (freshest token wins on auth failure):

CLAUDE_CODE_OAUTH_TOKEN

environment variable~/.claude/.credentials.json

~/.creditwatcher/claude-auth.json

(import copy viacreditwatcher login claude

)

The menu bar app reads only the sources above. For Claude Code installs that store credentials in Keychain (no credentials file), run creditwatcher login claude

in Terminal β€” the CLI may read Keychain once there and save a file copy the app can use.

Recommended: sign in via Cursor.app, then:

creditwatcher status cursor

Auth order:

CURSOR_SESSION_TOKEN

environment variable- Cursor IDE SQLite state DB β€” state.vscdb

keycursorAuth/accessToken

~/.creditwatcher/cursor-auth.json

(import copy viacreditwatcher login cursor

)

CreditWatcher.app (Swift)          creditwatcher CLI (Node.js)
β”œβ”€β”€ CodexProvider                  β”œβ”€β”€ src/codex/
β”œβ”€β”€ ClaudeProvider                 β”œβ”€β”€ src/claude/
└── CursorProvider                 └── src/cursor/
         β”‚                                    β”‚
         └──────── shared cache β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
                  ~/.creditwatcher/

Native app calls provider APIs directly via URLSession

. No Node.js required at runtime.

Variable Default Description
CODEX_HOME
~/.codex
Codex CLI auth directory
CLAUDE_CONFIG_DIR
~/.claude
Claude credentials directory
CURSOR_SESSION_TOKEN
β€” Cursor session cookie value
CURSOR_STATE_DB
platform default Override path to Cursor state.vscdb
CREDITWATCHER_OAUTH_PORT
1455
OAuth callback port (Codex login)

CreditWatcher is unofficial and not endorsed by OpenAI, Anthropic, or Cursor.

  • Usage APIs may change without notice (especially Cursor's unofficial endpoints)
  • Third-party tools using consumer OAuth may violate provider Terms of Service
  • Anthropic has restricted consumer OAuth in third-party tools β€” use Claude integration at your own risk - This tool performs read-only usage checks β€” do not use it to proxy inference or share tokens Use at your own riskβ€” the authors are not responsible for account actions by providers

See the Safety & Terms of Service section in this README for details on safe usage patterns.

  • Pre-built macOS release (signed .app

/ Homebrew cask) - Demo GIF for README

  • npm publish for global CLI install

Read-only usage endpoints only (GET /wham/usage

,/api/oauth/usage

,/api/usage-summary

)- Refreshes expired OAuth tokens via official token endpoints when needed

  • Stores tokens locally only - On-demand checks with a 60-second cooldown per provider - Direct calls to provider APIs β€” no third-party relay

  • Proxy inference requests

  • Scrape ChatGPT or Claude web UIs

  • Send tokens to any server except the official provider APIs

  • Background polling beyond the 60s refresh interval

  • Log or print access/refresh tokens

Pattern Why it's risky
Spoofing official client harness Routing subscription quota through third-party agents
Credential exfiltration Sending OAuth tokens to third-party servers
Inference proxying Using subscription tokens for other users/tools
Aggressive polling Hammering usage endpoints
Token sharing Distributing refresh tokens across machines

See CONTRIBUTING.md. Please report security issues via SECURITY.md.

MIT β€” Copyright (c) 2026 Aleksei Artemiev

── more in #developer-tools 4 stories Β· sorted by recency
── more on @creditwatcher 3 stories trending now
sponsored brought to you by zahid.host 4,200+ EU-deployed projects
reading about agents? ship yours in a single git push.

Run your AI side-project on zahid.host

EU-based hosting, git-push deploys, automatic HTTPS, no cold starts. Free tier with a custom domain β€” perfect for shipping the agent you just read about.

$git push zahid main
β†’ Live at https://your-agent.zahid.host βœ“
Get free account β†’ Pricing
from €0/mo Β· no card required
LIVE [news/open-source-claude-c…] indexed:0 read:6min 2026-07-01 Β· β€”