Show HN：一個受 Claude.ai/Code 啟發的代理沙盒啟動器

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

To see all available qualifiers, see our documentation.

A self-hostable base for building and running custom agents that's heavily inspired by Claude Code on the web.

License

lebovic/agent-quickstart

Folders and files

Latest commit

History

Repository files navigation

Agent quickstart

This agent quickstart is a self-hostable app for running sandboxed coding agents, and it's a starting point for building any custom agent. It's heavily inspired by Claude Code on the web, and the API is unofficially interoperable with Claude Code.

It's built as a base for quickly prototyping domain-specific custom agents. You can fork this repo, point Claude Code at it, and quickly get to a working and usable prototype.

This project is not affiliated with nor endorsed by Anthropic. All credit for the API design with which this is interoperable, as well as the UX patterns, go to the Anthropic team. It uses the official Claude Code package, but some of the features it uses are undocumented.

Getting started

If you just want to try it out, there's a hosted demo at code.sproutling.dev.

The demo is running on two small VMs with a limited LLM budget, so it's easily overwhelmed. If the demo is out of credits when you visit, you can change the provider to "BYOK" and add your own API key at Settings > Developer.

To get started locally:

In development mode, magic links for login are printed to the server logs.

How sandboxing works

When a new task is submitted, an agent session is spawned inside of a sandbox. That sandbox is either a Docker container or a Modal sandbox. (PRs for additional sandboxes welcome!)

To limit the impact of a hijacked session, most credentials live outside of the sandbox. Only one session-scoped temporary authentication token is inside the container boundary. GitHub and Anthropic credentials are outside of the agent's sandbox, and authenticated requests are routed through a credential injecting proxy.

A unique branch that's generated for the session is the only branch to which the agent can push; the git proxy limits push access to the session's branch.

Each session is authenticated with the proxy using a session-scoped JWT. Agent sessions are isolated from the data from other sessions, though they have shared access to the stateful routes within the Anthropic workspace (e.g. /v1/files, /v1/skills, etc.).

When the agent starts, it pulls the repo, checks out a new branch, and starts Claude Code. Mechanically, this is what the actual Claude Code command looks like:

Note that this uses a API key authentication, not the OAuth mechanism that Claude Code uses with /login.

Limitations (and PR ideas!)

There's a lot of low hanging fruit to make this project usable in production:

Feel free to open issues or PRs!

To make deployment as easy as possible, adding any of the features above should try to avoid adding more services. New UX should be intuitive for users who are used to Claude Code on the Web.

Security

See SECURITY.md

About

A self-hostable base for building and running custom agents that's heavily inspired by Claude Code on the web.

Resources

License

Security policy

Uh oh!

There was an error while loading. Please reload this page.

Stars

Watchers

Forks

Contributors

  3

Languages

Footer

Footer navigation