Open Agents is an open-source reference app for building and running background coding agents on Vercel. It includes the web UI, the agent runtime, sandbox orchestration, and the GitHub integration needed to go from prompt to code changes without keeping your laptop involved.
The repo is meant to be forked and adapted, not treated as a black box.
Open Agents is a three-layer system:
Web -> Agent workflow -> Sandbox VM
- The web app handles auth, sessions, chat, and streaming UI.
- The agent runs as a durable workflow on Vercel.
- The sandbox is the execution environment: filesystem, shell, git, dev servers, and preview ports.
The agent does not run inside the VM. It runs outside the sandbox and interacts with it through tools like file reads, edits, search, and shell commands.
That separation is the main point of the project:
- agent execution is not tied to a single request lifecycle
- sandbox lifecycle can hibernate and resume independently
- model/provider choices and sandbox implementation can evolve separately
- the VM stays a plain execution environment instead of becoming the control plane
- chat-driven coding agent with file, search, shell, task, skill, and web tools
- durable multi-step execution with Workflow SDK-backed runs, streaming, and cancellation
- isolated Vercel sandboxes with snapshot-based resume
- repo cloning and branch work inside the sandbox
- optional auto-commit, push, and PR creation after a successful run
- session sharing via read-only links
- optional voice input via ElevenLabs transcription
A few details that matter for understanding the current implementation:
- Chat requests start a workflow run instead of executing the agent inline.
- Each agent turn can continue across many persisted workflow steps.
- Active runs can be resumed by reconnecting to the stream for the existing workflow.
- Sandboxes use a base snapshot, expose ports
3000,5173,4321, and8000, and hibernate after inactivity. - Auto-commit and auto-PR are supported, but they are preference-driven features, not always-on behavior.
See apps/web/.env.example for the full list. Summary:
POSTGRES_URL=
BETTER_AUTH_SECRET=NEXT_PUBLIC_VERCEL_APP_CLIENT_ID=
VERCEL_APP_CLIENT_SECRET=NEXT_PUBLIC_GITHUB_CLIENT_ID=
GITHUB_CLIENT_SECRET=
GITHUB_APP_ID=
GITHUB_APP_PRIVATE_KEY=
NEXT_PUBLIC_GITHUB_APP_SLUG=
GITHUB_WEBHOOK_SECRET=REDIS_URL= # skills metadata cache (falls back to in-memory)
KV_URL= # Vercel KV cache (falls back to in-memory)
VERCEL_PROJECT_PRODUCTION_URL= # canonical production URL
NEXT_PUBLIC_VERCEL_PROJECT_PRODUCTION_URL= # public canonical production URL
VERCEL_SANDBOX_BASE_SNAPSHOT_ID= # override default sandbox snapshot
ELEVENLABS_API_KEY= # voice transcription-
Fork this repo.
-
Import the repo into Vercel. Neon Postgres is auto-provisioned if you use the deploy button above.
-
Generate a secret for session signing:
openssl rand -base64 32 # BETTER_AUTH_SECRET -
Add env vars in Vercel project settings:
POSTGRES_URL= BETTER_AUTH_SECRET=
-
Deploy once to get a stable production URL.
-
Create a Vercel OAuth app with callback URL:
https://YOUR_DOMAIN/api/auth/callback/vercel -
Add these env vars and redeploy:
NEXT_PUBLIC_VERCEL_APP_CLIENT_ID= VERCEL_APP_CLIENT_SECRET=
-
If you want the full GitHub-enabled coding-agent flow, create a GitHub App using:
- Homepage URL:
https://YOUR_DOMAIN - Callback URL:
https://YOUR_DOMAIN/api/auth/callback/github - Setup URL:
https://YOUR_DOMAIN/api/github/app/callback
In the GitHub App settings:
- use the GitHub App's Client ID and Client Secret for
NEXT_PUBLIC_GITHUB_CLIENT_IDandGITHUB_CLIENT_SECRET - make the app public if you want org installs to work cleanly
- Homepage URL:
-
Add the GitHub App env vars and redeploy.
-
Optionally add Redis/KV and the canonical production URL vars.
-
Install dependencies:
bun install
-
Create your local env file:
cp apps/web/.env.example apps/web/.env
-
Fill in the required values in
apps/web/.env. -
Start the app:
bun run web
If you already have a linked Vercel project, you can pull env vars locally with vc env pull.
Authentication is handled by Better Auth with Vercel and GitHub as social providers. All auth routes are served from the /api/auth/[...all] catchall.
Create a Vercel OAuth app and use this callback:
https://YOUR_DOMAIN/api/auth/callback/vercel
For local development, use:
http://localhost:3000/api/auth/callback/vercel
Then set:
NEXT_PUBLIC_VERCEL_APP_CLIENT_ID=...
VERCEL_APP_CLIENT_SECRET=...You do not need a separate GitHub OAuth app. Open Agents uses the GitHub App's OAuth credentials as a Better Auth social provider, plus the App's installation tokens for repo access.
Create a GitHub App for installation-based repo access and configure:
- Homepage URL:
https://YOUR_DOMAIN - Callback URL:
https://YOUR_DOMAIN/api/auth/callback/github - Setup URL:
https://YOUR_DOMAIN/api/github/app/callback - make the app public if you want org installs to work cleanly
For local development, use http://localhost:3000 as the homepage URL, http://localhost:3000/api/auth/callback/github as the callback URL, and http://localhost:3000/api/github/app/callback as the setup URL.
Then set:
NEXT_PUBLIC_GITHUB_CLIENT_ID=... # GitHub App Client ID
GITHUB_CLIENT_SECRET=... # GitHub App Client Secret
GITHUB_APP_ID=...
GITHUB_APP_PRIVATE_KEY=...
NEXT_PUBLIC_GITHUB_APP_SLUG=...
GITHUB_WEBHOOK_SECRET=...GITHUB_APP_PRIVATE_KEY can be stored as the PEM contents with escaped newlines or as a base64-encoded PEM.
bun run web # run dev server
bun run check # lint + format check
bun run fix # lint + format fix
bun run typecheck # typecheck all packages
bun run ci # full CI: check, typecheck, tests, migration check
bun run sandbox:snapshot-base # refresh sandbox base snapshotapps/web Next.js app, workflows, auth, chat UI
packages/agent agent implementation, tools, subagents, skills
packages/sandbox sandbox abstraction and Vercel sandbox integration
packages/shared shared utilities