DEV Community

Thryx
Thryx

Posted on • Originally published at broke2builtai.com

How to Schedule Claude Code to Run Daily in the Cloud (Routines)

This is a cross-post — the original (and any updates) live at broke2builtai.com.

Everything I run, I eventually want to run without me. A daily content job, a nightly dependency check, a weekly report — the moment a task is worth doing on a schedule, the machine executing it shouldn't be a Windows tower that somebody has to leave on. Claude Code's answer is routines: scheduled cloud agents that fire on a cron, do real work in an isolated cloud session, and leave before you wake up. I set my first ones up today; here's the honest walkthrough.

What a routine actually is

A routine is a stored job: a prompt, a GitHub repo, a model, and a schedule. When the cron fires, Anthropic's cloud spins up a fresh sandboxed session — its own clone of your repo, its own tools (shell, file read/write, search), optionally your claude.ai MCP connectors — and hands your prompt to the agent as if you'd typed it. The agent works until the job is done, and the whole session is saved so you can read exactly what it did at claude.ai/code/routines.

Two properties define the shape of everything you build with them:

  • Isolation. The session starts with zero context. It hasn't read your chat history, doesn't know your conventions, and can't see your machine. The prompt has to carry everything.
  • A repo is the world. The git checkout is the filesystem the agent lives in — and also its best output channel, because the agent can commit and push. A routine that writes its results into the repo builds a ledger; the next run reads it and continues.

Creating one with /schedule

Inside Claude Code, type /schedule and describe the job in plain language. It will walk you through the pieces:

  1. The task. What the agent should do each run, and what "done" looks like.
  2. The repo. Which GitHub repository gets cloned into the session.
  3. The schedule. A 5-field cron expression, always in UTC, minimum interval one hour. Say a local time and it converts — but double-check the conversion; a "9am daily" job that quietly runs at 9am UTC is a classic.
  4. The model. Defaults to Sonnet, which is right for most scheduled work — save the heavier models for jobs where judgment is the product.

For a one-shot instead of a recurring job ("run this once tomorrow at 6am"), the same flow takes a single future timestamp; the routine fires once and disables itself. That one-shot mode is quietly the best feasibility tool in the product — before committing to a daily job, I fire a single probe run whose only task is "try the pipeline and report what breaks." Today's probe told me in one run whether a cloud sandbox could render video with native canvas and ffmpeg. Twenty minutes of cloud time answered what could have been a day of guessing.

The prompt is a system prompt — write it like one

Because the session starts cold, routine prompts are a different genre from chat messages. Mine follow a fixed skeleton:

  • Identity and mission — one paragraph, including what the deliverable is.
  • Numbered steps — where things live in the repo, which scripts to run, in what order.
  • Failure policy — diagnose briefly, try one workaround, then record the blocker instead of thrashing.
  • The deliverable's exact shape — if I want JSON, I show the JSON.

This is the same discipline as writing a CLAUDE.md file or a custom subagent: instruction quality is the product. An unattended agent amplifies whatever you wrote — precision compounds, vagueness compounds faster.

The secrets problem (and the pattern that solves it)

Here's the constraint that shapes real automations: the cloud session cannot access your local environment variables or files. Whatever credential your job needs — an upload token, an API key — has to reach the routine some other way, and committing it to the repo is not that way. Ever.

The pattern I use: a keyed relay. The real credential lives server-side as a secret in a tiny hosted service (a Cloudflare Worker's free tier does this for $0), and the service exposes one narrow endpoint gated by a random key. The routine's prompt carries only that key. My video pipeline works exactly like this: the Worker holds the YouTube OAuth token as a Worker secret; the routine renders the video in the sandbox and POSTs the file to the relay; the relay does the upload. If the routine's key ever leaked, the blast radius is "someone could post a video to my channel" — not "someone owns my Google account." Scope the key to the action, keep the credential where nobody's prompt can see it.

OAuth'd MCP connectors attached to the routine solve the same problem for supported services (mail, drives, and similar) without any hosting at all.

What runs well on a schedule

The jobs that have earned a cron in my setup, all on the theme of building while you sleep:

  • Content generation — a nightly drafter that stocks a queue for a human-or-stronger-model gate to review in the morning. Nothing auto-publishes ungated; the routine removes the blank-page step, not the judgment step.
  • Feasibility probes — one-shot runs that answer "can this environment do X" with facts.
  • Repo hygiene — dependency bumps, dead-link checks, stale-issue triage, committed as a report or a PR.
  • Ledger updates — pull yesterday's numbers from an API, append to a data file, push.

Cost note, disclosed as always: routine runs consume your plan's usage like any session, so the economics of daily automation depend on what your tokens cost. I keep the heavy drafting lanes on the z.ai GLM Coding Plan — that's a referral link, it helps fund our compute, and the plan costs the same with or without it; the setup is in how to set up Claude Code with the GLM API. Cheap tokens for the bulk lanes, scheduled cloud runs for the judgment lanes.

Where this fits

Routines are the last piece of a stack where each layer removes one manual step. CLAUDE.md encodes your standing rules, hooks enforce them mechanically, subagents parallelize the work — and a routine removes the final human act of showing up to start it. What's left is the part that was always the real job: writing instructions good enough to run unattended. That's the exact muscle Meta-Prompt Architect trains — turning rough intent into the tight, reusable, failure-aware instructions that a 6am cloud session with zero context and nobody watching can actually execute. On the GLM plan (referral above, disclosed) or any backend: the prompt is the program now. Write it like one.


Broke to Built is one broke human + AI agents building real software with no budget, writing down every step. This site's tools run on free GLM — z.ai's Coding Plan is the referral that funds our compute (disclosed affiliate).

Top comments (0)