You're paying $20 a month for Claude Code but only sitting at your desk two to three hours a day. The remaining 230 hours? Your subscription sits idle. That's the "Desk Tax," as Yanli Liu describes it in the Level Up Coding article "Claude Code Just Got Channels. Is It Enough?"
The math sounds compelling. If you're only at the terminal evenings and weekends, you're wasting most of your paid capacity. So you need mobile access — from anywhere, anytime.
Liu then compares five tools that promise exactly that: Anthropic's own Channels and Remote Control, plus third-party apps like Happy Coder, HAPI, and Tailscale+SSH. Liu's conclusion: Channels are promising but not ready yet. Remote Control works but has limitations. The third-party tools fill the gap.
The thesis holds. But it holds only for a specific user profile. And that's where it gets interesting — because the Desk Tax isn't a universal phenomenon. It's a symptom of a particular usage pattern.
Who Actually Pays the Desk Tax?
Liu's entire analysis rests on implicit assumptions never made explicit — assumptions that probably feel self-evident to most readers: a single user with a personal $20 account, coding beside a full-time job away from the terminal, only evenings and weekends. One instance, personal money, the pressure to maximize every dollar. A hobby expense that needs justifying.
For this profile, the Desk Tax is real and the frustration completely understandable. $20 a month isn't nothing, and when you feel like you're using a fraction of it, wanting mobile access makes perfect sense.
But this isn't the only profile. And it isn't — despite being the vast majority, as Anthropic's own numbers show — the only relevant one.
Three User Profiles
| Casual User | Regular User | Power User | |
|---|---|---|---|
| Usage | 2–3 h/day | 4–6 h/day | 8+ h/day |
| Instances | One | Occasionally parallel | Multiple simultaneous |
| Account | Personal ($20/month) | Personal or company | Company (Team Premium + Max-200) |
| Main Limit | Time at the desk | Mix of time and tokens | Token budget, context window |
| Desk Tax | High — relevant | Noticeable but lower | Irrelevant — other limits kick in |
Liu describes the casual user. That's not a niche case — it's the clear majority. When Anthropic introduced weekly limits in August 2025, fewer than 5% of users were affected. Over 95% don't even hit their limits. They don't use Claude Code intensively enough to reach token boundaries.
Average API costs confirm the picture: roughly $6 per developer per day, with 90% staying under $12. These numbers come from Anthropic's own Economic Index Reports (November 2025 through March 2026). The overwhelming majority uses Claude Code moderately — as a supplementary tool, not a primary one. Exactly the profile Liu describes.
But there's the other side. Startups account for 32.9% of all Claude Code conversations — disproportionate to their user base. And Anthropic's own engineers use Claude for 59% of their daily work, up from 28% twelve months ago. A doubling in one year. These users don't sit at the terminal for two evening hours. They work with it all day. The Desk Tax question doesn't even arise.
Where the Desk Tax Disappears
For power users, the math looks fundamentally different. Claude Code isn't the evening side tool — it's the primary work instrument. All day, multiple parallel instances, often with Bypass Permissions as the default mode so the agent works autonomously without asking permission for every file operation. The desk is the default state, not the exception.
The 230 idle hours Liu calculates? With full-day usage and parallel instances, the bottleneck is the token budget, not desk availability. There's no idle capacity — quite the opposite. Capacity gets consumed, often faster than you'd like. If you spin up three instances on a problem in the morning, you might hit the weekly limit by Wednesday.
The real "tax" for power users is context window limits, weekly token caps, and the costs your employer covers. The limiting factor is never physical access to the computer — it's always the token budget running out before the weekend, or the context window filling up after a complex debugging session. Not whether you happen to be at your desk.
Plan Context: Why One Account Isn't Enough
What Liu doesn't address: Claude Code's plan structure fundamentally shapes whether the Desk Tax is even a problem.
| Max-200 (Company) | Team Premium (Company) | |
|---|---|---|
| Cost | $200/month | $100–150/seat/month |
| Sonnet | 240–480 h/week | 50–95 h/week |
| Opus | 24–40 h/week | 3–7 h/week |
The gap is massive. A Team Premium seat offers at most 95 hours of Sonnet per week and only 3–7 hours of Opus. With intensive usage — multiple parallel instances, complex tasks requiring Opus — that's regularly exhausted. That's why I need an additional Max-200 account as a backup so I can keep working when the Premium seat hits its limit. My employer pays for both.
Monthly costs then start at $300 per developer — on the company's dime. At that investment level, the Desk Tax is a non-issue. The relevant question isn't "How do I get mobile access?" It's "How do I avoid burning through the token budget before Friday?"
Liu calculates with $20 a month out of pocket and 230 wasted hours. I calculate with $300+ a month on the company's dime and zero wasted hours — but with the problem that capacity still isn't enough. Same tool, completely different reality. The Desk Tax is a problem of the casual user segment, not of the tool itself.
In my case, I hit the Team Premium limit two to three times a week — then I simply switch to my Max-200 account and keep working.
Channels: What Liu Misses
Liu presents Channels as a promising feature — a Research Preview with a restricted plugin allowlist where permission prompts unfortunately can't be confirmed via Telegram. That sounds like a feature that just needs some polish. The reality is more complex, and the security implications are more serious than Liu's article suggests.
The Actual Security Model
Channels do have an authentication model — that should be said upfront, since early coverage suggested otherwise. The architecture is based on a sender allowlist with pairing codes. The flow: you send a DM to the bot, the bot responds with a pairing code, you confirm in the terminal with /<platform>:access pair <code>, and the allowlist policy gets set.
Platforms: Telegram, Discord, and iMessage — no Slack. With iMessage, Channels reads ~/Library/Messages/chat.db directly. For Teams and Enterprise, the feature is disabled by default and requires an admin opt-in via channelsEnabled. Only plugins from an Anthropic-vetted allowlist are permitted; custom channels require the --dangerously-load-development-channels flag.
Sounds solid? The details paint a different picture.
Permission Relay — De Facto Shell Access
Since version 2.1.81, all users on the allowlist can remotely approve or reject tool executions — Bash commands, file writes, file edits. That's not just "sending a message to Claude." That's de facto shell access for every paired user. Anyone on the allowlist can have code executed on your machine — with the same privileges Claude Code has on your system.
For teams, this means: every colleague who was paired once has potential access to your filesystem. Control doesn't sit with a central admin but with each individual user's allowlist configuration.
Prompt Injection as a Documented Risk
The official documentation warns explicitly:
"An ungated channel is a prompt injection vector. Anyone who can reach your endpoint can put text in front of Claude."
Anthropic, Channels Documentation
This isn't a theoretical risk or speculation from security researchers — it's Anthropic's own warning in the official documentation. In group chats, message.from.id (sender) and message.chat.id (room) are different. The docs explicitly warn to gate on the sender, not the room. One configuration mistake — and in group chats, this mistake is easy to make — is enough to open the channel to arbitrary participants.
Bypass Permissions Makes It Worse
This is where it gets particularly critical: anyone running Claude Code in Bypass Permissions mode — which many power users do by default so the agent can work autonomously — makes Permission Relay irrelevant. All operations get approved automatically anyway. Every message from an allowlisted user then gets executed directly, without any further confirmation. No "Do you want to run this Bash command?", no review step.
The bot token, stored locally at ~/.claude/channels/<platform>/.env, is treated by Anthropic like an SSH key. Whoever has the token can add themselves to the allowlist. Protection rests entirely with the user — and the token sits as a file on disk.
A Related Risk Pattern
This echoes the OpenClaw issue that sparked discussion in early 2026: not the same problem — OpenClaw was about malicious code via Skills, Channels is about prompt injection via messages. But the underlying pattern is related: an open interaction interface to a code agent running with full user privileges on your machine. The attack vectors differ, the consequence is the same.
Channels have been available since March 20, 2026 (v2.1.80+) and still carry the "Research Preview" label. Given the risks described, that's understandable. The question isn't whether Channels are a good idea — mobile access to a code agent has obvious value. The question is whether Telegram and Discord are the right platforms for it. Chat tools are chat tools, not security infrastructure.
The Tool Landscape: All Relay Services
Liu also compares third-party tools for mobile Claude Code access alongside Remote Control and Channels, presenting them as distinct solutions with individual strengths. Look closer, and they're all variations of the same concept. The two most notable ones deserve contextualization:
Happy Coder
A mobile/web client for Claude Code — a CLI wrapper installed via npm install -g happy-coder that uses happy instead of claude as the command. The architecture is based on a relay server with E2E encryption (TweetNaCl, comparable to the Signal protocol) and QR code pairing. Available for iOS, Android, and web. Developed by slopus/ex3ndr — a small team.
The criticisms are numerous: an undocumented in-app purchase of $19.99/month ("Plus Plus") that isn't communicated during installation. QR code rendering issues in some terminals. And the fundamental trust question: despite the zero-knowledge architecture, all traffic flows through a third-party relay server. If you find that acceptable, you can use Happy Coder — but it's a trust decision, not a purely technical one.
HAPI
Positions itself as a local-first solution for AI coding agents — not just Claude Code, but also Codex, Gemini, Cursor Agent, and OpenCode. The architecture is a self-hosted hub (SQLite + REST API + Socket.IO on localhost:3006) with remote access via Cloudflare Tunnel, Tailscale, or ngrok. There's a PWA and a Telegram Mini App. A standout feature is the seamless handoff between terminal and mobile via double-spacebar.
Developed by tiann/weishu, known for KernelSU (14,800+ GitHub stars) — a credible security background. Architecturally, HAPI is superior: no third-party server needed, WireGuard + TLS, data stays on your machine. But the price is a tunnel setup that requires configuration effort — and the added value over Remote Control remains questionable when you honestly assess the setup cost.
The Assessment
Both tools — and ultimately Channels too — are relay services: they forward interactions between your smartphone and a Claude Code instance on your machine. They solve the same problem Remote Control already solves, with different tradeoffs in security, comfort, and cost. I haven't tested any of them myself — the assessment is based on architecture analysis and documentation.
The critical commonality: all these tools require a running Claude Code instance on your machine. They don't give you additional compute, tokens, or capacity. They just give you a different way to interact with an existing session. For the casual user wanting to use idle time, that's valuable. For the power user whose instances run all day anyway, it's irrelevant — the capacity isn't idle, it's actively being used.
Remote Control — Anthropic's own solution with QR code pairing and an authenticated session token — does fundamentally the same thing. And it's not all smooth sailing either: a known rendering bug causes interaction dialogs on the smartphone to sometimes not display. Workaround: restart the app. A bug that destroys the time advantage Remote Control is designed for.
I'd probably use Remote Control a lot more if it weren't for that bug. Currently, I use my iPad to monitor and control my various Claude Code sessions on my MacBook Pro from outside my home office — it works, as long as no AskUserQuestion dialogs vanish into thin air. When it happens, I restart the app — the only available workaround.
But none of this changes the fundamental assessment: if you're already at the desk all day, you don't need any of these relay services. And if you do need them, you should prefer Remote Control as the first-party solution — despite the current bugs. Better a bug at Anthropic than a trust decision with a third party.
The Bottom Line
Yanli Liu's Desk Tax exists. It's real, it's measurable, and for the casual user with a personal $20 account, it's a legitimate problem. Liu's analysis is accurate for this segment, and the article provides a useful overview of available tools. If you sit at the terminal two hours in the evening and feel like you're wasting 90% of your subscription, you're right — and for this use case, mobile access solutions make sense.
But the Desk Tax isn't a universal problem. It's a phenomenon of the casual user segment, and while that segment represents the clear majority of users, it doesn't define the entire Claude Code landscape. For users who treat Claude Code as their primary work tool — all day, multiple parallel instances, on the company's dime — the Desk Tax is simply irrelevant. Their limitations lie elsewhere: token budgets, context window limits, weekly caps, whether to use Opus or Sonnet for the current task. Not whether they happen to be at their desk.
The tools Liu presents as solutions — Channels, Happy Coder, HAPI — aren't solutions for the core problem. They're relay services with their own, sometimes significant, tradeoffs. Channels bring real security risks that Liu doesn't address: Permission Relay gives paired users de facto shell access, prompt injection is a documented risk, and Bypass Permissions makes both worse. The third-party tools are either paid with undocumented in-app purchases, require complex tunnel setup, or both. And Remote Control from Anthropic itself — the most obvious solution — has a reproducible rendering bug that regularly interrupts the mobile workflow.
The Desk Tax is a myth — not because it doesn't exist, but because it only applies to one segment. And that segment, looking at Anthropic's own numbers, is the vast majority: over 95% of users don't even hit their limits, average API costs sit at $6 per day. For them, Liu's math checks out, and mobile access solutions make sense.
For the other 5%? They're already at the desk. And they have very different problems.