Spend · Billing Guard for Claude Desktop

Billing Guard for Claude Desktop

Billing-error detection inside Claude Desktop, for machines that cannot run RepoOps: a managed employer laptop, a locked-down workstation, anywhere you have Claude Desktop but no room for another app. The extension is a per-user install with no admin rights, and all detection is deterministic code: zero model tokens are spent detecting. Claude only reads the evidence when you ask. See the Billing Guard overview for why this exists, or the CLI docs for the terminal version of the same audit.

What it is

RepoOps Billing Guard is a Claude Desktop extension (an .mcpbbundle) that wraps the same reconciliation engine as the CLI. It reads the Claude Code session telemetry already on your machine, pulls Anthropic's Admin Usage & Cost API when you give it an Admin key, recomputes what each day should have cost from raw token counts times a versioned rate card, and flags the difference inside a tolerance band. Your telemetry never leaves the machine. Three tools appear in Claude Desktop:

  • billing_guard_audit: run the reconciliation now and return the findings table plus a coverage summary. Writes an evidence bundle JSON to disk.
  • billing_guard_report: return the last evidence bundle, both sides' raw numbers per flagged day, shaped for a finance dispute.
  • billing_guard_status: config and coverage state; whether an Admin key is configured, whether telemetry was found, when the last audit ran.

Get the bundle

Download link activates when the operator publishes the bundle
The signed .mcpbartifact is hosted the same way the desktop installers are: a repoops.ai URL the operator points at the published file. Until that hosting step is done, the download below degrades to "coming soon", and anyone with repository access can build the identical bundle from a checkout instead.
  1. Download (once published)

  2. Or build from a checkout (authorized users, works today)

    git clone https://github.com/sellingascode/repo-dashboard.git
    cd repo-dashboard
    npm install
    npm run pack:mcpb
    # -> dist/repoops-billing-guard-<version>.mcpb

Install in Claude Desktop

  1. Open the Extensions settings

    In Claude Desktop: Settings, then Extensions. This is a per-user install; no admin rights are needed, which is the point on a managed laptop.
  2. Install from file

    Choose Install from file (or drag the file onto the Extensions pane) and pick the .mcpbyou downloaded or built. Claude Desktop reads the bundle's manifest and shows the RepoOps Billing Guard configuration screen.
  3. Requirement: Node 20+

    The extension runs on the Node.js runtime (version 20 or newer). Check with node --version.

Configure the Admin key

The configuration screen has one sensitive field, Anthropic Admin key. Because the manifest marks it sensitive, Claude Desktop stores it in the operating system keychain (Windows Credential Manager, macOS Keychain), never in a plain config file. To create one: console.anthropic.com, then Settings, then API keys, then Create Admin Key.

The key is optional. Without it, audits run in telemetry-only mode: the extension reports the expected-cost ledger it can compute from local token counts plus a clear "cannot verify without an Admin key" note. It never fakes a finding. The other settings are the Claude home directory (default ~/.claude), the audit window in days (default 30), and the background sweep interval in hours (default 6; 0 turns it off).

Run an audit from chat

Ask Claude in plain language; it calls the tools:

"Run a billing guard audit for the last 30 days."
"Show me the last billing guard report."
"What's the billing guard status - is my Admin key configured?"

The audit reply is the findings table (day, model, expected, billed, delta, signature) plus a coverage summary, the same output the CLI prints. The signatures are documented in the CLI docs: variance-band, ghost-usage, rate-check, duplicate-burst, delta-alarm, contradiction. Detection ran before Claude saw anything; the model spends tokens only on reading you the evidence.

The background sweep and its limit

With the sweep enabled (default: every 6 hours), the extension reruns the audit inside its own server process and rewrites the evidence bundle on disk, so "show me the last billing guard report" is always recent. The limit is structural: the sweep only runs while Claude Desktop is open, because the extension's server lives inside the Claude Desktop session.

Want 24/7 coverage instead?
Run the CLI on a per-user scheduled task (Windows Scheduled Task or macOS LaunchAgent, no admin rights). The CLI docs include copy-paste recipes for both. The extension and the CLI share the same engine and write the same evidence bundle format.

Honest limits

  • The tolerance band is mandatory. Anthropic documents client-side cost figures as approximations, so nothing is compared for cent-equality. Expected cost is recomputed from token counts times published per-model rates and compared inside a band (default 2%). A band tighter than real-world approximation noise produces noise, not findings.
  • Telemetry is opt-in and local. The ground truth only covers machines and sessions where Claude Code transcripts exist. A day with no local capture is reported as cannot-verify, never as a finding.
  • Subscription plans without Admin API access cannot verify. The Usage & Cost reports require an organization Admin key; Claude Pro/Max plans do not expose invoice-side data this way, so those accounts get telemetry-only mode.
  • Known Admin API blind spots. Priority Tier costs are excluded from the cost report and code execution is excluded from the usage report; both surface as cannot-cross-verify annotations rather than silently mismatching.
  • The rate card is versioned, not omniscient. A model missing from the card makes its day cannot-verify rather than producing a made-up expected cost.