# Acceptable Use: Claude Code for Autoresearch

While building our autoresearch harness — an automated loop that calls `claude --print` programmatically to generate code, train, evaluate, and iterate — we paused to investigate whether this use pattern is actually permitted under Anthropic's policies.

## The question

Our orchestrator calls Claude Code's CLI 20 times in a loop with no human intervention between iterations. Is this allowed?

## What we found

**The activity itself is clearly supported.** Claude Code provides `--print` mode, `--output-format json`, `--allowedTools`, and `--no-session-persistence` specifically for scripted and programmatic use. The docs include examples of fan-out loops. GitHub Actions integration is a first-party feature with zero human involvement.

**But the authentication method matters:**

- **API keys** (Commercial Terms): No prohibition on automated use. This is the clean path for automated pipelines.
- **Consumer plan OAuth** (Free/Pro/Max): The Consumer Terms of Service prohibit access "through automated or non-human means, whether through a bot, script, or otherwise" — with exceptions for API keys and where Anthropic explicitly permits it.

The Consumer Terms also state that advertised usage limits "assume ordinary, individual usage." Running 20 iterations of Opus with high effort in an automated loop is arguably outside ordinary individual usage.

## The relevant AUP restrictions

From Anthropic's Acceptable Use Policy, the restrictions most relevant to ML research automation:

1. **Don't use outputs to train competing AI models** — Training a Fashion-MNIST classifier is fine; training a competing LLM would not be.
2. **Don't bypass guardrails** — We disabled a plugin that false-positived on `model.eval()`, but we're not circumventing safety measures.
3. **Don't build competing products/services** — Research tooling for your own use is not a competing product.

Nothing in the AUP prohibits automated code generation loops, ML research, or programmatic CLI usage per se.

## What we changed

We added a `.env` file to our autoresearch project that holds an `ANTHROPIC_API_KEY`. The orchestrator loads it and injects it into the `claude --print` subprocess environment only. This means:

- **Experiment loop**: Uses API key → Commercial Terms → automated use explicitly allowed
- **Interactive sessions**: Keep using OAuth/Max subscription → unaffected

The `.env` is gitignored to prevent accidental key exposure.

## Takeaway

If you're building automated pipelines around Claude Code, use an API key. The CLI is designed for programmatic use, but the legal terms around it depend on how you authenticate. API keys under Commercial Terms have no automation restrictions. Consumer plan OAuth is designed for interactive, individual use — even though the CLI technically supports both patterns under either auth method.

This is a case where the technical capability and the legal permission don't perfectly overlap, and the fix is straightforward: use the right auth method for the right context.