Part of the weekly series: Replacing SaaS One Product at a Time
I run an IT company with a Mac Mini and an AI agent.
That's not a pitch. That's what my day actually looks like. Claude Code sits at the center of nearly everything we do at ForIT---writing code, managing invoices, reviewing resumes, syncing data between systems, even drafting the blog post you're reading right now.
What started as "let me try this CLI tool" turned into a full operating system for the business. Here's what the stack looks like, why it works, and where we're taking it next.
What Claude Code Actually Does for Us
Most people hear "AI coding assistant" and think autocomplete. Claude Code is closer to a department head who never sleeps and has access to every system we use.
It doesn't just write code. It runs our HR and finance operations.
Finance
Claude Code is connected directly to Xero and handles real accounting work:
- Creating and issuing invoices --- I describe what needs to be billed and it creates the invoice, codes it to the right accounts, and sends it
- Payment reconciliation --- Matching payments to invoices, tracking outstanding balances
- Expense tracking --- Our Ramp corporate card syncs transactions automatically, and Claude Code categorizes and reconciles them
- Travel billing --- Per diem reports generated daily, client trip invoicing tracked end-to-end through SharePoint
HR
The entire hiring pipeline runs through Claude Code:
- Candidate assessment --- Downloads resumes from SharePoint, reads them, writes structured evaluations, and updates the candidate record
- Employee onboarding --- Creates accounts in Azure AD, sets up email, configures devices through Jamf, adds employees to the right SharePoint lists and security groups
- Document creation --- Generates OneNote pages, SharePoint entries, email signatures---all the paperwork that comes with bringing someone on
- Ongoing management --- Employee records, phone directories, org structure updates
Everything Else
- Writing and deploying code --- Our website, customer portal, and internal tools are all built and maintained in Claude Code sessions
- Microsoft 365 administration --- Exchange, SharePoint, Teams, Azure AD---all accessible through a single PowerShell session pool
- Credential management --- 1Password integration for secure secret access with circuit breakers
- Research --- Google Search API for real-time research without leaving the terminal
- Communication --- Beeper integration for cross-platform messaging
This isn't a demo environment. These are production systems running a real business. The same AI that writes our website also issues our invoices and onboards our employees.
The Secret: MCP Servers
The thing that makes Claude Code actually useful for business operations is MCP (Model Context Protocol). Think of MCP servers as plugins that give the AI access to external tools and data.
We run 16 MCP servers covering:
| Category | Servers | What They Do |
|---|---|---|
| Business Tools | Xero, 1Password | Finances and credentials |
| Microsoft | M365 PowerShell, OneNote | Exchange, SharePoint, Teams, Azure |
| Communication | Beeper | Chat across platforms |
| Memory | OpenMemory, ClaudeMem | Persistent knowledge across sessions |
| Search | Google Search | Web research and content extraction |
| Development | Auto-Claude, Desktop Commander | Multi-agent coding, file operations |
| Other | Reddit, Hevy, Google Cloud | Research, fitness tracking, cloud ops |
The result: I can say "check the candidate list in SharePoint, download their resumes, and give me assessments" and it just does it. No switching between 5 browser tabs. No copy-pasting between systems.
Making It Safe: Custom Hooks
Giving an AI agent access to production systems sounds terrifying. It should. That's why we built a custom hook system---6 scripts that act as guard rails around every action Claude Code takes.
Here's what they do:
- Session recovery --- Automatically loads context from the previous session so you don't start cold
- Smart prompting --- Detects what you're trying to do and injects relevant reminders (use the right MCP server, check memory first, don't guess)
- Safety guards --- Blocks destructive operations on production systems. Trying to run raw Azure CLI? Blocked---use the MCP server instead. Trying to delete a Xero invoice? Needs explicit confirmation
- Autonomous loop control --- Claude Code can run for hours without stopping, but the loop has a 200-iteration ceiling and won't quit until all tasks are actually complete
- Parallel task detection --- Automatically identifies when multiple tasks can run simultaneously and suggests parallelization
The philosophy: trust but verify. The AI has broad access, but every tool call passes through a guard that understands what's safe and what needs a human in the loop.
The Skills System
On top of hooks and MCP servers, we use a skills framework called Superpowers---14 structured workflows that enforce discipline:
- Test-Driven Development --- Write tests before code, every time
- Systematic Debugging --- No guessing. Reproduce, isolate, fix, verify
- Brainstorming --- Explore ideas before writing code. This blog post went through it
- Code Review --- Automated review against the plan before merging
- Verification Before Completion --- Run the actual commands and confirm output before claiming anything is done
Skills aren't suggestions. They're mandatory. The system checks whether a skill applies before every task and won't let you skip it.
Where This Is Going: AI for Every Employee
Here's the thing I keep coming back to: this stack is incredibly powerful, but right now it lives on my Mac Mini. I'm the only one who uses it.
That's a problem.
We're building a system to democratize this for every employee through Microsoft Teams. The vision:
One Teams bot. Three tiers of agents.
- Dolores (the factory) --- The master agent that spawns and manages everything else
- Domain bots --- Specialized agents for IT support, HR, finance, operations. They live in Teams group chats where the whole team can interact with them
- Micro-agents --- Short-lived subagents that handle specific tasks and report back
A support tech should be able to type in Teams: "Check if this user's mailbox has any holds on it" and get an answer without knowing PowerShell. A hiring manager should be able to say "Show me all candidates who applied this week and summarize their qualifications" without touching SharePoint.
Non-technical employees will be able to request and configure their own agents through a guided wizard. Need a bot that monitors a shared mailbox and flags urgent messages? Set it up in Teams, no code required.
Each user gets their own isolated container with role-based access controls. The same hook system that keeps my local setup safe scales to the whole organization---every tool call filtered through permissions based on who's asking.
Interested?
We're building this for ourselves first, but the architecture is designed to work for any M365 shop. If you're running a business on Microsoft 365 and the idea of giving every employee their own AI agent sounds interesting, reach out.
We're looking for early design partners who want to shape what this looks like.
Book a call or drop us a line at info@forit.io.
The Full Stack (For the Technical Folks)
If you made it this far, here's the complete breakdown.
MCP Servers (16)
Communication: Beeper (streamable HTTP, port 23374)
Memory: ClaudeMem (knowledge graph), OpenMemory (localhost:8765)
Microsoft: M365 PowerShell pool (ExO, PnP, Azure, Teams - port 5200)
OneNote (NoteDrive)
Browser: Chrome MCP (Edge DevTools), Playwright, Superpowers Chrome
Search: Google Search API (search + extract + research)
Business: Xero (invoices, payments, contacts)
1Password (vault: "BT AI", destructive actions enabled)
Development: Auto-Claude (multi-agent framework)
Desktop Commander (file ops)
Cloud: Google Cloud CLI
Other: Reddit, Hevy (fitness)
Hook Scripts (6)
| Hook | Event | Purpose |
|---|---|---|
session-start |
SessionStart | Kill stale processes, recover previous context |
prompt-context |
UserPromptSubmit | Inject contextual reminders based on message content |
guard |
PreToolUse | Block destructive ops, redirect to correct MCP servers |
parallel |
PostToolUse | Detect parallelizable tasks, suggest concurrent execution |
autonomous-loop |
Stop | Prevent premature exit when tasks remain incomplete |
session-end |
SessionEnd | Cleanup orphaned processes |
Guard Rail Details
The guard hook intercepts every tool call and applies rules:
- Bash: Blocks
m365,az, Docker creation, destructive git ops --- redirects to MCP equivalents - Xero: Blocks all write operations unless explicitly approved
- M365 Graph: Auto-approves reads, blocks Azure management writes
- WebSearch: Redirects to Google MCP (better results)
- AskUserQuestion: Forces self-check before asking (reduces unnecessary interruptions)
- Emergency override:
~/.claude-emergency-overridefile bypasses all guards when needed
Skills (Superpowers v4.0.3)
brainstorming systematic-debugging
test-driven-development writing-plans
executing-plans dispatching-parallel-agents
subagent-driven-development using-git-worktrees
finishing-a-development-branch requesting-code-review
receiving-code-review verification-before-completion
writing-skills using-superpowers
Autonomous Loop
The Stop hook prevents Claude Code from exiting when:
- Tasks remain in
pendingorin_progressstatus - No completion marker detected ("ALL TASKS COMPLETE", etc.)
- Maximum 200 iterations (runaway prevention)
This means you can say "do these 15 things" and walk away. It'll work through them all, parallelizing where possible, and only stop when everything is genuinely done.
Context Recovery
The SessionStart hook checks for previous sessions less than 48 hours old and automatically injects:
- Last few messages from the previous conversation
- Any relevant state or decisions made
No more "where were we?" at the start of every session.
Ben is the founder of ForIT, an AI development house that builds software for aviation companies. He writes about replacing SaaS products, building with AI, and occasionally about fitness tracking via MCP server.
Have questions about this setup? info@forit.io