An open-source background agents coding system inspired by Ramp's Inspect.
Open-Inspect provides a hosted background coding agent that can:
Important: This system is designed for single-tenant deployment only, where all users are trusted members of the same organization with access to the same repositories.
The system uses a shared GitHub App installation for git operations (clone, fetch, push). The control plane mints short-lived installation tokens server-side and brokers them to sandboxes through the git credential helper on demand. This means:
| Token Type | Purpose | Scope |
|---|---|---|
| GitHub App Token | Brokered git clone/fetch/push auth | All repos where App is installed |
| User OAuth Token | Create PRs, user info | Repos user has access to |
| Sandbox Auth Token | Sandbox-to-control-plane session calls | Single session |
| WebSocket Token | Real-time session auth | Single session |
This architecture follows Ramp's Inspect design, which was built for internal use where all employees are trusted and have access to company repositories.
For multi-tenant deployment, you would need:
ALLOWED_GITHUB_ORGS) ┌──────────────────┐
│ Clients │
│ ┌──────────────┐ │
│ │ Web / Slack │ │
│ │ GitHub / Lin.│ │
│ │ Webhooks │ │
│ └──────────────┘ │
└────────┬─────────┘
│
▼
┌────────────────────────────────────────────────────────────────────┐
│ Control Plane (Cloudflare) │
│ ┌──────────────────────────────────────────────────────────────┐ │
│ │ Durable Objects (per session) │ │
│ │ ┌─────────┐ ┌─────────┐ ┌─────────┐ ┌───────────────┐ │ │
│ │ │ SQLite │ │WebSocket│ │ Event │ │ GitHub │ │ │
│ │ │ DB │ │ Hub │ │ Stream │ │ Integration │ │ │
│ │ └─────────┘ └─────────┘ └─────────┘ └───────────────┘ │ │
│ └──────────────────────────────────────────────────────────────┘ │
│ ┌──────────────────────────────────────────────────────────────┐ │
│ │ D1 Database (repo-scoped secrets) │ │
│ └──────────────────────────────────────────────────────────────┘ │
└────────────────────────────────┬───────────────────────────────────┘
│
▼
┌────────────────────────────────────────────────────────────────────┐
│ Data Plane (Sandbox Backend) │
│ ┌──────────────────────────────────────────────────────────────┐ │
│ │ Session Sandbox │ │
│ │ ┌───────────┐ ┌───────────┐ ┌───────────┐ │ │
│ │ │ Supervisor│──│ OpenCode │──│ Bridge │─────────────────┼──┼──▶ Control Plane
│ │ └───────────┘ └───────────┘ └───────────┘ │ │
│ │ │ │ │
│ │ Full Dev Environment │ │
│ │ (Node.js, Python, git, agent-browser) │ │
│ └──────────────────────────────────────────────────────────────┘ │
└────────────────────────────────────────────────────────────────────┘
| Package | Description |
|---|---|
| control-plane | Cloudflare Workers + Durable Objects |
| web | Next.js web client |
| sandbox-runtime | Shared in-sandbox agent runtime |
| modal-infra | Modal sandbox infrastructure |
| daytona-infra | Daytona snapshot infrastructure |
| opencomputer-infra | OpenComputer template infrastructure |
| slack-bot | Slack integration (sessions from messages) |
| github-bot | GitHub integration (auto-review, @mention) |
| linear-bot | Linear integration (issue → coding session) |
| shared | Shared types and utilities |
For a practical setup guide (local + contributor + deployment paths), start with docs/SETUP_GUIDE.md.
See docs/GETTING_STARTED.md for deployment instructions.
To understand the architecture and core concepts, read docs/HOW_IT_WORKS.md.
To set up recurring scheduled tasks, see docs/AUTOMATIONS.md.
Sessions start near-instantly through multiple layers of warming:
Multiple users can collaborate in the same session:
Commits are attributed to the user who sent the prompt:
// Configure git identity per prompt
await configureGitIdentity({
name: author.scmName,
email: author.scmEmail,
});
Choose the AI model that fits your task, with per-session reasoning effort controls:
| Provider | Models |
|---|---|
| Anthropic | Claude Haiku 4.5, Sonnet 4.5/4.6, Opus 4.5/4.6/4.7/4.8, Fable 5 |
| OpenAI | GPT 5.2, GPT 5.4, GPT 5.5, GPT 5.2 Codex, 5.3 Codex, 5.3 Codex Spark |
| OpenCode Zen | Kimi K2.5/K2.6, MiniMax M2.5, Qwen3.7 Max, GLM 5/5.1 (opt-in) |
| Z.AI Coding Plan | GLM 5.2 (opt-in) |
OpenAI models work with your existing ChatGPT subscription via OAuth — no separate API key needed. See docs/AVAILABLE_MODELS.md for the full model list and docs/OPENAI_MODELS.md for OpenAI setup instructions.
Interact with agents from wherever your team already works:
Schedule recurring tasks or react to external events — no human in the loop:
See docs/AUTOMATIONS.md for setup instructions.
Every session runs in an isolated sandbox backend with a full development environment:
/workspace/.tunnels.env before .openinspect/start.sh runs
(details).env paste importAgents can decompose work into parallel child sessions:
spawn-task creates a child session in its own sandbox and returns immediatelyget-task-status and cancel-task for coordinationRepositories can define two optional startup scripts under .openinspect/:
# .openinspect/setup.sh (provisioning)
#!/bin/bash
npm install
pip install -r requirements.txt
# .openinspect/start.sh (runtime startup)
#!/bin/bash
docker compose up -d postgres redis
setup.sh runs for image builds and fresh sessionssetup.sh is skipped for repo-image and snapshot-restore startssetup.sh failures are non-fatal for fresh sessions, but fatal in image build modestart.sh runs for every non-build session startup (fresh, repo-image, snapshot-restore)start.sh failures are strict: if present and it fails, session startup failsSETUP_TIMEOUT_SECONDS (default 300)START_TIMEOUT_SECONDS (default 120)OPENINSPECT_BOOT_MODE (build, fresh, repo_image, snapshot_restore)MIT
Inspired by Ramp's Inspect and built with:
$ claude mcp add background-agents \
-- python -m otcore.mcp_server <graph>