Skip to main content
hc
Submit
toolsSource-backedReview first Safety Privacy

Qwen Code

Open-source terminal AI coding agent from Qwen with Auto-Memory, Auto-Skills, SubAgents, Agent Teams, dynamic workflows, MCP support, multi-provider model routing, IDE plugins, desktop app, daemon mode, SDKs, IM bots, sandboxing, and worktree-aware coding workflows.

by Qwen·added 2026-06-18·
CLI
HarnessCLI
Review first review before installing

Open the source and read safety notes before installing.

Safety notes

  • Qwen Code can edit files, run commands, use MCP servers, launch subagents, apply skills, use hooks, operate in sandboxes, and manage worktrees; keep destructive or credentialed actions behind explicit approval.
  • Auto-Memory and Auto-Skills can persist or reuse context across tasks; review what is stored, updated, and replayed before using sensitive repositories or customer data.
  • Daemon mode and IM bot channels can expose a shared agent session over HTTP+SSE or messaging platforms; require authentication, network controls, audit logs, and operator visibility.
  • MCP servers can expose databases, SaaS accounts, browsers, cloud resources, files, or internal APIs to the agent; apply least privilege per server.
  • Multi-provider routing means prompts and code may go to different model providers at runtime; lock down provider choices for regulated or confidential work.

Privacy notes

  • Prompts, selected files, memory, skills, subagent transcripts, MCP tool arguments, MCP tool results, hooks, shell output, worktree paths, daemon traffic, IM bot messages, SDK messages, and provider responses may contain sensitive data.
  • Do not expose provider API keys, OAuth tokens, Qwen credentials, private repository content, customer data, or internal system details through prompts, logs, screenshots, bot messages, or shared sessions.
  • Provider privacy, retention, billing, and telemetry behavior depends on the selected Qwen, OpenAI, Anthropic, Gemini, local, or third-party model route.
  • Desktop, daemon, IDE, SDK, and IM-bot modes may retain or relay agent context outside the terminal session; review logs and storage for each mode.

Prerequisites

  • Node.js 22 or newer for the npm package, or a supported standalone script or Homebrew install path.
  • Provider credentials for Qwen, OpenAI, Anthropic, Gemini, Ollama, vLLM, or another compatible route.
  • A project workspace where file access, shell commands, Auto-Memory, Auto-Skills, SubAgents, Agent Teams, MCP, and hooks are intentionally scoped.
  • A policy for headless mode, daemon mode, IM bot access, IDE plugins, desktop app sessions, and SDK clients before using Qwen Code outside an interactive terminal.
  • Reviewed MCP server configuration if external tools, resources, or internal systems will be exposed to Qwen Code.

Schema details

Install type
cli
Troubleshooting
No
Source repository stats
Scope
Source repo
Collection metadata
Estimated setup
20 minutes
Difficulty
intermediate
Tool listing metadata
Pricing
free
Disclosure
editorial
Application category
DeveloperApplication
Operating system
Cross-platform
Full copyable content
npm install -g @qwen-code/qwen-code@latest

About this resource

Overview

Qwen Code is an open-source terminal AI coding agent from Qwen. It provides an interactive terminal UI, headless prompt mode, Auto-Memory, Auto-Skills, SubAgents, Agent Teams, dynamic workflows, MCP support, hooks, sandboxing, git worktrees, IDE integrations, desktop app builds, daemon mode, SDKs, and IM bot channels.

Use it when a developer wants an open-source coding agent that can route across Qwen, OpenAI, Anthropic, Gemini, local, and third-party model providers while keeping MCP, skills, subagents, and terminal workflows in the same agent surface.

Install

Install with npm:

npm install -g @qwen-code/qwen-code@latest

The upstream README also documents standalone Linux/macOS and Windows install scripts plus Homebrew. After installation, launch the terminal UI and configure authentication:

qwen
/auth

Agent Capabilities

Area Qwen Code Coverage
Terminal Agent Interactive qwen UI and headless qwen -p mode
Agent Features Auto-Memory, Auto-Skills, SubAgents, Agent Teams, dynamic workflows, hooks, and plan mode
Tools MCP, file references, LSP integration, shell commands, sandboxing, computer use, and git worktrees
Providers Qwen, OpenAI, Anthropic, Gemini, Ollama, vLLM, local models, and compatible third-party routes
Surfaces Terminal, IDE plugins, desktop app, daemon mode, SDKs, and IM bots
SDKs TypeScript, Python, and Java SDK paths documented in the upstream repository
Session Modes Interactive sessions, headless scripts, shared daemon sessions over HTTP+SSE, and messaging channels

MCP and Skills Fit

Qwen Code is directly relevant to MCP and skills searches because MCP, Auto-Skills, SubAgents, and Agent Teams are core positioning points in the upstream project. It can operate as a terminal agent that connects to MCP servers and uses skills or subagents to coordinate coding tasks.

That also makes the trust boundary broader than a simple chat CLI. MCP servers, skills, hooks, subagents, and daemon or IM-bot sessions can all change what the agent sees and does. Review each configured capability before enabling it in a real repository.

Use Cases

  • Run an open-source coding agent from the terminal.
  • Use Qwen, OpenAI, Anthropic, Gemini, Ollama, vLLM, or compatible provider routes from one coding-agent surface.
  • Connect MCP servers for custom repository, browser, cloud, or internal tools.
  • Use Auto-Skills, SubAgents, Agent Teams, hooks, and worktrees for larger implementation tasks.
  • Run headless prompts in scripts or CI after permissions and output parsing are constrained.
  • Share a session through daemon mode or IM bots only after authentication and logging are reviewed.

Source Review

Verified on 2026-06-18:

  • The upstream repository describes Qwen Code as an open-source AI coding agent that lives in the terminal.
  • The README lists Auto-Memory, Auto-Skills, SubAgents, Agent Teams, MCP, dynamic workflows, multi-protocol provider support, IDE plugins, desktop app, daemon mode, SDKs, and IM bots.
  • package.json declares the @qwen-code/qwen-code package, qwen binary, GitHub repository, workspace layout, channel packages, and Node.js >=22.0.0 engine requirement.
  • The docs cover the user overview and provider authentication.
  • The npm registry resolves @qwen-code/qwen-code at version 0.18.3.

Safety and Privacy

Qwen Code is a local coding agent with many expansion points. Start from a version-controlled workspace, review commands and file edits, scope MCP servers and skills tightly, and avoid enabling daemon, IM, SDK, or headless modes until the operator, credential, and logging model is clear.

Because Qwen Code is multi-provider, prompts, source files, tool results, memory, skills, and subagent transcripts can cross different model providers or local gateways depending on runtime configuration. Lock provider choices for sensitive work and keep credentials out of prompts, logs, and repository files.

Duplicate Check

Checked current content/tools/, content/mcp/, content/agents/, content/skills/, guides, open pull requests, and repository-wide content for QwenLM/qwen-code, Qwen Code, @qwen-code/qwen-code, Qwen terminal coding agent, Qwen Code MCP, Qwen Code Auto-Skills, Qwen Code SubAgents, and Qwen Code daemon mode. Existing content only mentions Qwen Code as a compatible MCP client in a Windows MCP entry; no dedicated Qwen Code tools entry, exact source URL duplicate, target file, or open duplicate PR was found.

#qwen#cli#terminal-agent#ai-coding#mcp#skills#subagents

Source citations

Add this badge to your README

Show that Qwen Code is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

Listed on HeyClaude
[![Listed on HeyClaude](https://heyclau.de/badge/tools/qwen-code.svg)](https://heyclau.de/entry/tools/qwen-code)

How it compares

Qwen Code side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

FieldQwen Code

Open-source terminal AI coding agent from Qwen with Auto-Memory, Auto-Skills, SubAgents, Agent Teams, dynamic workflows, MCP support, multi-provider model routing, IDE plugins, desktop app, daemon mode, SDKs, IM bots, sandboxing, and worktree-aware coding workflows.

Open dossier 		Qwen-Agent

Open-source Qwen agent framework for building LLM applications with function calling, tools, planning, memory, RAG, MCP support, Docker-based code interpreter, Gradio GUI demos, BrowserQwen, Custom Assistant, and Qwen Chat backend usage.

Open dossier 		Gemini CLI

Google's open-source terminal AI agent for Gemini-powered coding and automation, with code understanding, file edits, shell commands, web fetching, Google Search grounding, MCP server integrations, checkpointing, GEMINI.md context files, and GitHub workflow automation.

Open dossier 		OpenCode

Terminal-first AI coding agent for local development workflows, codebase edits, and model-flexible automation.

Open dossier
Trust
Install riskReview firstReview firstReview firstReview first
Notes Safety Privacy Safety Privacy Safety Privacy Safety Privacy
Categorytoolstoolstoolstools
Sourcesource-backedsource-backedsource-backedsource-backed
AuthorQwenQwenGoogleSST
Added2026-06-182026-06-182026-06-182026-04-27
Platforms
CLI
CLI
GeminiCLI
CLI
Source repo
Safety notesQwen Code can edit files, run commands, use MCP servers, launch subagents, apply skills, use hooks, operate in sandboxes, and manage worktrees; keep destructive or credentialed actions behind explicit approval. Auto-Memory and Auto-Skills can persist or reuse context across tasks; review what is stored, updated, and replayed before using sensitive repositories or customer data. Daemon mode and IM bot channels can expose a shared agent session over HTTP+SSE or messaging platforms; require authentication, network controls, audit logs, and operator visibility. MCP servers can expose databases, SaaS accounts, browsers, cloud resources, files, or internal APIs to the agent; apply least privilege per server. Multi-provider routing means prompts and code may go to different model providers at runtime; lock down provider choices for regulated or confidential work.Qwen-Agent can call custom tools, MCP tools, built-in code interpreter tools, RAG retrievers, browser-assistant workflows, and model-service APIs; review each tool for side effects before exposing it. The code interpreter uses Docker-based isolation and the upstream README still says to use it with caution in production, so treat it as a risky execution surface rather than a full security boundary. MCP configurations can expose filesystem, memory, SQLite, SaaS, browser, or internal API tools to the agent; scope paths and credentials narrowly. RAG and long-document workflows can retrieve untrusted text into the model context; defend against prompt injection and stale or unauthorized source documents. DashScope, vLLM, Ollama, and OpenAI-compatible deployments each have different tool-call parsing, model, reasoning, and operational behavior; test the exact route before relying on agent output.Gemini CLI can read and edit local files, run shell commands, fetch web content, use Google Search grounding, and call configured MCP servers; keep it inside version-controlled workspaces and review high-impact actions. MCP integrations can expose databases, SaaS accounts, browsers, cloud resources, files, or internal APIs to the agent; apply least privilege and approval gates per server. Preview and nightly release channels may contain regressions or unvetted changes; use stable releases for shared or production workflows unless testing intentionally. Non-interactive scripting can run without the same operator attention as an interactive session; constrain prompts, output parsing, credentials, and command permissions. GitHub workflow automation through Gemini CLI should be reviewed like any other code-review or issue-triage automation before granting repository permissions.OpenCode is an agent that reads, edits, and can run code in your local repository; review proposed changes and run it in version-controlled projects.
Privacy notesPrompts, selected files, memory, skills, subagent transcripts, MCP tool arguments, MCP tool results, hooks, shell output, worktree paths, daemon traffic, IM bot messages, SDK messages, and provider responses may contain sensitive data. Do not expose provider API keys, OAuth tokens, Qwen credentials, private repository content, customer data, or internal system details through prompts, logs, screenshots, bot messages, or shared sessions. Provider privacy, retention, billing, and telemetry behavior depends on the selected Qwen, OpenAI, Anthropic, Gemini, local, or third-party model route. Desktop, daemon, IDE, SDK, and IM-bot modes may retain or relay agent context outside the terminal session; review logs and storage for each mode.Prompts, chat history, function-call arguments, tool results, MCP tool payloads, code-interpreter files, RAG documents, embeddings, browser-assistant state, GUI sessions, model responses, and logs can contain sensitive data. Do not place DashScope keys, model-service credentials, private files, customer documents, database contents, browser state, or internal URLs in public examples, notebooks, screenshots, or logs. Self-hosted Qwen model services and DashScope routes have different retention, telemetry, network, and access-control boundaries; review them before processing regulated or proprietary data. Code interpreter containers, mounted working directories, generated files, and RAG indexes need cleanup, retention, and access-control policies.Prompts, selected source files, GEMINI.md context, shell output, web fetches, MCP tool arguments, MCP tool results, checkpoints, and command output may be sent through the configured Gemini or Vertex AI route. Keep API keys, Google Cloud project IDs, service credentials, private paths, customer data, and internal code out of prompts, logs, shared terminal output, and public issues. Google account, Gemini API, Vertex AI, retention, quota, telemetry, and billing behavior depend on the selected authentication mode and organizational settings. MCP server logs, Gemini CLI logs, terminal history, GitHub workflow logs, and generated artifacts can retain sensitive code or operational context.OpenCode sends your code, prompts, and file context to the configured LLM provider to plan and apply edits; choose providers deliberately and keep secrets out of shared context.
Prerequisites
  • Node.js 22 or newer for the npm package, or a supported standalone script or Homebrew install path.
  • Provider credentials for Qwen, OpenAI, Anthropic, Gemini, Ollama, vLLM, or another compatible route.
  • A project workspace where file access, shell commands, Auto-Memory, Auto-Skills, SubAgents, Agent Teams, MCP, and hooks are intentionally scoped.
  • A policy for headless mode, daemon mode, IM bot access, IDE plugins, desktop app sessions, and SDK clients before using Qwen Code outside an interactive terminal.
  • Python environment for installing `qwen-agent` and optional GUI, RAG, code interpreter, and MCP extras.
  • DashScope API key or a self-hosted/OpenAI-compatible Qwen model service such as vLLM or Ollama.
  • Docker installed and running before using the built-in code interpreter.
  • Node.js, uv, Git, SQLite, and the target MCP server prerequisites when running MCP examples.
  • Node.js 20 or newer for the npm package, or a supported Homebrew, MacPorts, or Conda install path.
  • A Google account, Gemini API key, or Vertex AI configuration for the selected authentication route.
  • A project workspace where file access, shell commands, web fetching, and MCP server access are intentionally scoped.
  • A decision on stable, preview, or nightly release channels before using the CLI in team workflows.
— none listed
Install
npm install -g @qwen-code/qwen-code@latest
pip install -U "qwen-agent[gui,rag,code_interpreter,mcp]"
npm install -g @google/gemini-cli
Config
Citations
ClaimUnclaimedUnclaimedUnclaimedUnclaimed

Signals

Loading live community signals…

More like this, weekly

A short, calm digest of reviewed Claude resources. Unsubscribe any time.