Limitations
Intentional constraints and design decisions in claudeBase CLI.
Design Philosophy
claudeBase CLI is intentionally minimal and conservative. These limitations are features, not bugs. They exist to maximize security, ensure predictability, and maintain user control.
No Auto-Updates
CLI and plugins never update automatically. All updates require explicit user action.
Why: Ensures predictability and prevents surprise behavior changes.
No Background Sync
Catalog never refreshes in the background. Network calls only happen when you run a command.
Why: No hidden network activity, works predictably offline.
Fail-Closed Validation
Unknown schema versions or fields cause immediate failure, not silent fallback.
Why: Prevents attacks that exploit lenient parsing.
No Plugin Execution
CLI is a package manager only. It never runs plugin code. Only Claude Code executes plugins.
Why: Minimal attack surface, clear separation of concerns.
No Shared Cache
Each user has their own cache. No system-wide or corporate cache support.
Why: Simplicity and clear ownership of cached data.
No Credential Storage
CLI does not store any credentials. No login/logout functionality.
Why: Minimal footprint, uses npm for package auth.
Limited Plugin Surfaces
Only specific directories and files are allowed in plugins (.claude-plugin/, skills/, .mcp.json).
Why: Prevents code injection and restricts attack surface.
No Dependencies
Plugins cannot declare npm dependencies or include node_modules.
Why: Plugins are pure configuration, not executable code.
Supported Platforms
| OS | Version | Architecture |
|---|---|---|
| macOS | 12+ | x64, arm64 |
| Linux | glibc 2.17+ | x64, arm64 |
| Windows | 10+ | x64 |
Not supported: Windows 7/8, 32-bit, Alpine Linux (musl), FreeBSD, WSL1