Erold is an AI-native project management platform built specifically for developers and AI agents to collaborate. It features MCP server integration, REST API, CLI tool, and a knowledge base that gives AI persistent memory across sessions.

How does Erold integrate with Claude Code?

Erold provides a native MCP (Model Context Protocol) server with 18 tools that Claude Code can use directly. This allows Claude to create tasks, update progress, access project knowledge, and manage your projects without any copy-paste.

Yes! Erold offers a free tier with 1 project and unlimited tasks. Pro is $5/month with pay-as-you-go pricing for extra resources. Only pay for what you use beyond included allocations.

What AI tools does Erold support?

Erold works with any AI tool that supports MCP or REST APIs, including Claude Code, Claude Desktop, Cursor, Windsurf, GitHub Copilot, and custom AI agents. The API-first design ensures compatibility with current and future AI tools.

What is MCP (Model Context Protocol)?

MCP (Model Context Protocol) is a standard protocol that allows AI assistants to interact with external tools and services. Erold's MCP server provides 18 tools for task management, knowledge base access, and project operations that AI assistants can use directly.

How is Erold different from Jira, Linear, or Asana?

Erold is built API-first for AI agents, not humans-first with APIs added later. Traditional tools require copy-paste to share context with AI. Erold lets AI assistants read tasks, update progress, and access project knowledge directly through MCP, API, or CLI.

What is the Knowledge Base feature?

The Knowledge Base is persistent memory for AI assistants. Store project context, coding standards, architecture decisions, and any information AI should remember across sessions. AI can read and write knowledge entries, making it smarter about your specific project over time.

Does Erold have a CLI tool?

Yes! The Yet CLI (npm install -g @erold/cli) provides full task management from your terminal. Create tasks, list projects, mark items done, and integrate with git workflows. Perfect for developers who prefer command-line tools.

When should I use Security Headers & Environment Variables?

Configuring HTTP security headers. Managing environment variables. Setting up CORS. Implementing authentication checks

When should I NOT use Security Headers & Environment Variables?

Development-only configurations. Using external security proxy (Cloudflare, etc.)

Next.js security critical

Security Headers & Environment Variables

HTTP security headers (CSP, HSTS, X-Frame-Options), environment variable safety, CORS configuration, and authentication patterns for Next.js 15.

Difficulty: intermediate
Read time: 1 min read
Version: v1.0.0
Confidence: established
Last updated: Updated Jan 8, 2026

Edit on GitHub Report Issue

Quick Reference

Set security headers in next.config.js or middleware. Use CSP to prevent XSS. HSTS forces HTTPS. Never expose secrets without NEXT_PUBLIC_ prefix (and don't use that for secrets). Use 'server-only' package for server code. Validate Origin in Server Actions. Check authentication in every Server Action.

Use When

Configuring HTTP security headers
Managing environment variables
Setting up CORS
Implementing authentication checks

Skip When

Development-only configurations
Using external security proxy (Cloudflare, etc.)

Security Headers & Environment Variables

HTTP security headers (CSP, HSTS, X-Frame-Options), environment variable safety, CORS configuration, and authentication patterns for Next.js 15.

Discussion

CSRF Protection Patterns critical Content Security Policy critical CORS Patterns critical Data Fetching Patterns critical

Security Headers & Environment Variables

Quick Reference

Use When

Skip When

Security Headers & Environment Variables

Discussion

Strictly Necessary

Analytics

Functional