Ƒ
Devboxes

Private beta

Your next hire won’t be human.

A devbox is a coding agent with its own machine. You hand it a task in Slack, Linear, or GitHub. It comes back with a tested pull request.

Free on your own machine · Cloud hosted in Germany, free during beta

Slack#product
D
Dana14:02
We’re shipping .zip uploads in v3.2. @devbox can you make a proof of concept?
Ƒ
devboxAgent14:41
Draft #712 opened. .zip upload is now supported and available in the upload dialog.
0:14  demo
Proof of concept
Alertmanager#incidents
AlertmanagerAPP09:10
AnomalyDetection: UploadFailure spiked
Ƒ
devboxAgent09:12
Upload failures across all services, inspecting further…
Root cause: media-service CrashLoopBackOff
Faulty migration in #712 crashed it, fix underway
Fix landed in #714
Incident response
Sentrymedia-service
ERRORMemoryError
Unable to allocate 2.9 GiB for the archive buffer
productionpython 3.11media-service
Ƒ
devbox02:58
#740 opened. Uploads are now capped at 200 MB to prevent further crashes.
Automatic hotfix
Google Chateng
L
Leo14:52
the 200mb cap is blocking real users. we need an actual fix
31 replies
A
Ana15:40
@devbox summarize the thread and open a Linear issue
Ƒ
devbox15:41
Created ENG-312 with a link to this thread
Chat into tickets
LinearENG-312
Stream zip extraction
BackendP1
Decided on stream_unzip and s3fuse to reduce memory usage based on thread
Ƒdevboxes created the issue · 3h ago
Ƒdevboxes self-assigned the issue · 3h ago
devboxes moved from Todo to In Progress · 3h ago
Keeps tickets up-to-date
GitHubPR #766
extract.pylines 44–45Resolved
44+ class ZipStreamer:
45+    def __init__(self, path):
m
mariaReviewer
no need for a new abstraction here, keep it inline
Ƒ
devbox
Good call, inlined it and pushed.
Acts on review feedback
Microsoft Teams#community
D
Dana16:30
@devbox draft the v3.2 release notes
Ƒ
devbox16:32
The draft is attached in a reply to this message. The main feature in this release was ZIP uploads.
v3.2 release notes
Custom reports
Slack  ·  1 / 7
Works where you workLinearSentryGitHubGoogle ChatJiraDiscord

01 / What happens

Every task runs a blueprint.

A blueprint is the recipe a devbox follows for one kind of work. The agent takes the parts that need judgment. A harness runs the parts that must not be skipped, like lint, tests, and review. When a step fails, the work stops there instead of landing in your repo. Devboxes ships with ready-made blueprints, and you can build your own.

Coding agentHarness · enforced

02 / The queue

The backlog finally moves.

Every task gets its own devbox, so ten run as easily as one. You queue them from the tracker you already use, and what goes in at night comes back as pull requests by morning.

PROJ-1142
Fix date parsing in CSV export
In progress
PROJ-1143
Update error message for 403
In progress
PROJ-1144
Add retry logic to webhook handler
In progress
PROJ-1145
Remove deprecated API v1 endpoint
In progress
PROJ-1146
Fix null check in user lookup
In progress
PROJ-1147
Update timezone handling in scheduler
In progress
PROJ-1148
Add input validation to settings form
In progress
PROJ-1149
Fix pagination off-by-one error
In progress
PROJ-1150
Update cache TTL for session tokens
In progress
PROJ-1151
Remove unused feature flag checks
In progress
PROJ-1152
Fix race condition in queue worker
In progress
PROJ-1153
Add missing index on events table
In progress
PROJ-1154
Update CORS headers for new subdomain
In progress
PROJ-1155
Fix truncated logs in error reporter
In progress
PROJ-1156
Add rate limiting to public API
In progress

03 / On your machine

Free on your own machine.

The listener installs in a minute and connects the subscription you already pay for: ChatGPT, GitHub Copilot, or any API key. Tasks run in containers on your hardware.

Claude Code and Codex can dispatch tasks and pick up the results later.

Tokens are billed by your provider. Devboxes adds nothing on top.

$ devboxes login
$ devboxes connect
$ devboxes listen

Signed builds, published checksums

04 / Your code

Where your code goes, and where it doesn’t.

A devbox works on real repositories with real credentials. Here is exactly how that is handled.

German infrastructure
Cloud sessions run in Germany on German infrastructure, not in the EU region of a US cloud.*
Trains nothing
Your code is never used to train anything, ours or anyone else’s.
Your retention
Sessions live for 30 days, 7 days, or end with the task. That setting is yours.
Encrypted at rest
Session data is encrypted on disk.
A container per session
Each session runs in its own container and sees nothing outside it.
Keys stay in memory
Provider keys are served per task and never written to disk or env.
Scoped credentials
Each credential is signed, tied to one run, and expires within 24 hours.
Audit trail
Every action lands in an append-only log. No keys are kept in it.
Export and deletion
Take your data out or delete it entirely, any time.
Planned
Boundary credential injection
Keys get attached at the network edge, never held inside a devbox.
Planned
Outbound lockdown
Sessions reach only the destinations their blueprint allows.

*Cloud devboxes only. Local runs keep your code on your machine; only the session event stream reaches our server, so you can resume from anywhere.

05 / Memory

It gets smarter as it works.

Every session is stored with what it read, what it decided, and why. When a new task touches the same code, the devbox already knows what happened last time, the way a colleague who was there remembers. Ask why uploads are capped and it points to the incident that made the cap necessary.

Opt-in only. It never leaves your organization.

From a review
Insight · media-service
Use the pagination helper for endpoints that return lists.
Noted from a review on PR #766 · brought into ENG-341
From a question
“Why is there an upload cap?”
Answer
A stopgap from the MEDIA-4F2 crash. Removed once streaming landed.
Source
The session behind PR #740, linked to the incident thread.

Planned · the memory starts to compound

Automatic recallPlanned
A devbox pulls the notes that fit the task, without being pointed at them.
Regression groundingPlanned
A new change gets weighed against the sessions around the last incident on that code.
Triage routingPlanned
A new report lands with the session that last touched the same files.

06 / Trust

Every change shows its work.

A pull request from a devbox is not a black box. Attached to it is the full session: which sources it read, what it decided, and the recording that proves the change runs. Your team reviews and merges the way it always has.

Developers
Send a task from Slack, Linear, or your terminal. A pull request comes back.
Reviewers
Open the session behind any change before approving it: sources, decisions, evidence.
Admins
Access is scoped per organization and per run. The audit log holds every action.
Per-person roles planned

On-prem is a white-glove deployment, at the same rates.

See pricing →

07 / Pricing

Free on your machine. Cloud by the hour.

A cloud devbox costs money only while it works, and the beta includes 20 free hours a month. Tokens stay on your own provider account, with no markup and no credits. The hourly rates below are the ones beta users lock in.

Start from a scenario
Tasks per month200
202,000

Estimated compute

$20.00 /mo

Figured at about 1 hour of active compute per task. Model charges billed by the provider.

200 tasks × 1 h × $0.10/hr

Free · local runs stay free for good · no card | 160 active hours: $16.00 Medium · $38.40 Large · $86.40 XL

Dedicated and on-prem. A white-glove deployment, at the same rates.

Contact us →

08 / FAQ

Questions

The ones that come up most. For anything else, get in touch.

Which tools does a devbox plug into?

Today a task comes from the dashboard, the API, or the CLI, and the work lands in GitHub. Slack, Google Chat, Microsoft Teams, and Linear are being built during the beta, with Sentry and Alertmanager as sources.

Which model does a devbox use?

The subscription or API key you connect, billed by that provider. There is no markup.

Is my code used to train anything?

No. Sessions are stored for you, encrypted, and used for nothing else. Code intelligence is opt-in and stays inside your organization.

Does it act on its own?

That depends on the blueprint. A human keeps the final call before a merge either way.

What happens to my code?

Locally it never leaves your machine. In the cloud it runs in Germany, encrypted, on your retention schedule, and is never used for training.

Is there a free option?

There are two: local runs stay free, and cloud devboxes are free during the beta with 20 hours a month included.

Can it run on our own infrastructure?

Yes. On-prem is a white-glove deployment: we install it with you, at the same rates.

When does cloud access open?

In stages. Signups join a queue, and confirming your email moves you up.

Not convinced? Ask your AI.

The button copies a plain description of what Devboxes does today and what is still planned. Paste it into ChatGPT or Claude and ask what you would ask us.

Ƒ

One task will tell you more than this page.

Hand a devbox one task and look at what comes back. Access opens in waves while the beta runs.