Open Source — MIT OR Apache-2.0 Phase 1 Ready

Governance Layer
for AI Agents

Sandbox execution, permissions, secrets, observability, cost controls. Run agents with total control. Open source. Local-first. Run on your machine or ours.

View on GitHub Run Locally

Requires: Docker + Rust (auto-installed) · Full requirements

Phase 1 — Shipped

Governance Capabilities

Sandbox Execution

Shipped

Container-based execution with full lifecycle management. Agents run in isolated Docker containers that start and stop on demand.

Execution Permissions

Shipped

Per-agent permissions: terminal, filesystem (RO/RW), browser, network (allowlist/localhost/offline). Define what agents can do.

Filesystem Governance

Shipped

Read/write files with path resolution guards preventing escapes. Configurable allowed roots per agent.

Session Persistence

Shipped

SQLite-backed session management with model config, permissions, and status tracking across restarts.

Terminal Access

Shipped

Execute shell commands inside the sandbox with timeout controls, output capture, and PTY support.

Native Desktop Console

Shipped

Tauri desktop UI (no Electron) for managing agents, viewing sessions, and monitoring resources.

Browser Automation

In Dev

Playwright integration for web interaction. Agents navigate, click, type, and extract data headlessly.

Secret Governance

Planned

API keys, tokens, credentials — injected securely at runtime via OS keyring or Vault without exposure.

Observability & Audit

Planned

Per-agent logs, metrics, traces. See what agents do, how long it takes, and what it costs.

Cost Governance

Planned

Per-agent billing, usage quotas, and budget alerts for production deployments.

Firecracker MicroVMs

Future

Lightweight microVMs for stronger isolation and faster cold starts than containers.

Policy Engine + Multi-Agent

Future

Advanced policy evaluation and coordinated multi-agent workflows.

Roadmap

What's Next

Phase 1 — Ready

Core Sandbox Runtime

Container lifecycle, terminal, filesystem, permissions, sessions, Tauri desktop, OpenAI-compatible API. Shipped.

Phase 2 — In Development

Browser Automation & Secrets

Playwright integration for web automation. Secure secret injection (keyring/Vault). Basic observability (log streaming).

Phase 2.5 — Near Term

CLI Polish & Dashboard

agenticbox deploy CLI, real-time log streaming dashboard, waitlist → beta onboarding flow.

Phase 3 — Future

Production Infrastructure

Firecracker microVMs, advanced policy engine, cost controls, multi-agent orchestration, managed cloud offering.

Pricing

Start free, scale when you're ready

Free (Self-Hosted)

$0/mo

Run on your own machine — no limits, no cloud required.

  • Full sandbox runtime
  • All Phase 1 features
  • Local-first, no telemetry
  • MIT OR Apache-2.0
Get Started on GitHub
Most Popular

Pro (Cloud Beta)

$49/mo

Managed hosting for solo devs building agent products.

  • Hosted sandbox infrastructure
  • Dashboard with logs/metrics
  • Secret management
  • Browser automation
  • Email support
Join Waitlist

Enterprise

$199/mo

Teams deploying multiple agents to production.

  • Everything in Pro
  • SSO / RBAC
  • Custom SLAs
  • Dedicated support
  • On-prem / VPC option
Contact Sales

Want managed hosting when it launches?

Join the waitlist for early access to AgenticBox Cloud. We're onboarding beta users in batches.

Or star on GitHub to follow progress.