Open Agents is an open-source reference app for building and running background coding agents on Vercel. It includes the web UI, the agent runtime, sandbox orchestration, and the GitHub integration needed to go from prompt to code changes without keeping your laptop involved.
The repo is meant to be forked and adapted, not treated as a black box.
Open Agents is a three-layer system:
Web -> Agent workflow -> Sandbox VM
The agent does not run inside the VM. It runs outside the sandbox and interacts with it through tools like file reads, edits, search, and shell commands.
That separation is the main point of the project:
A few details that matter for understanding the current implementation:
3000, 5173, 4321, and 8000, can optionally use a configured base snapshot, and hibernate after inactivity.See apps/web/.env.example for the full list. Summary:
POSTGRES_URL=
BETTER_AUTH_SECRET=
NEXT_PUBLIC_VERCEL_APP_CLIENT_ID=
VERCEL_APP_CLIENT_SECRET=
NEXT_PUBLIC_GITHUB_CLIENT_ID=
GITHUB_CLIENT_SECRET=
GITHUB_APP_ID=
GITHUB_APP_PRIVATE_KEY=
NEXT_PUBLIC_GITHUB_APP_SLUG=
GITHUB_WEBHOOK_SECRET=
REDIS_URL=
KV_URL=
OPEN_AGENTS_RESOURCE_PROFILE=
VERCEL_PROJECT_PRODUCTION_URL=
NEXT_PUBLIC_VERCEL_PROJECT_PRODUCTION_URL=
VERCEL_SANDBOX_BASE_SNAPSHOT_ID=
ELEVENLABS_API_KEY=
REDIS_URL / KV_URL: optional skills metadata cache (falls back to in-memory when not configured).OPEN_AGENTS_RESOURCE_PROFILE: optional deployment resource profile. Set to hobby to use Hobby-compatible defaults for chat and sandbox resources; leave unset for standard behavior.VERCEL_PROJECT_PRODUCTION_URL / NEXT_PUBLIC_VERCEL_PROJECT_PRODUCTION_URL: canonical production URL for metadata and some callback behavior.VERCEL_SANDBOX_BASE_SNAPSHOT_ID: optional base snapshot for fresh sandboxes. If unset, sandboxes start from Vercel's standard Sandbox runtime. Use a snapshot created in/accessible to your own Vercel scope.ELEVENLABS_API_KEY: voice transcription.bash
openssl rand -base64 32 # BETTER_AUTH_SECRET
env
POSTGRES_URL=
BETTER_AUTH_SECRET=
text
https://YOUR_DOMAIN/api/auth/callback/vercel
env
NEXT_PUBLIC_VERCEL_APP_CLIENT_ID=
VERCEL_APP_CLIENT_SECRET=
If you want the full GitHub-enabled coding-agent flow, create a GitHub App using:
Homepage URL: https://YOUR_DOMAIN
https://YOUR_DOMAIN/api/auth/callback/githubhttps://YOUR_DOMAIN/api/github/app/callbackIn the GitHub App settings:
- use the GitHub App's Client ID and Client Secret for NEXT_PUBLIC_GITHUB_CLIENT_ID and GITHUB_CLIENT_SECRET
- make the app public if you want org installs to work cleanly
OPEN_AGENTS_RESOURCE_PROFILE=hobby for Hobby-compatible resource defaults, the canonical production URL vars, and your own VERCEL_SANDBOX_BASE_SNAPSHOT_ID if you want fresh sandboxes to start from a preconfigured image.bash
corepack enable
pnpm install
bash
cp apps/web/.env.example apps/web/.env
apps/web/.env.bash
pnpm web
If you already have a linked Vercel project, you can pull env vars locally with vc env pull.
Authentication is handled by Better Auth with Vercel and GitHub as social providers. All auth routes are served from the /api/auth/[...all] catchall.
Create a Vercel OAuth app and use this callback:
https://YOUR_DOMAIN/api/auth/callback/vercel
For local development, use:
http://localhost:3000/api/auth/callback/vercel
Then set:
NEXT_PUBLIC_VERCEL_APP_CLIENT_ID=...
VERCEL_APP_CLIENT_SECRET=...
You do not need a separate GitHub OAuth app. Open Agents uses the GitHub App's OAuth credentials as a Better Auth social provider, plus the App's installation tokens for repo access.
Create a GitHub App for installation-based repo access and configure:
https://YOUR_DOMAINhttps://YOUR_DOMAIN/api/auth/callback/githubhttps://YOUR_DOMAIN/api/github/app/callbackFor local development, use http://localhost:3000 as the homepage URL, http://localhost:3000/api/auth/callback/github as the callback URL, and http://localhost:3000/api/github/app/callback as the setup URL.
Then set:
NEXT_PUBLIC_GITHUB_CLIENT_ID=... # GitHub App Client ID
GITHUB_CLIENT_SECRET=... # GitHub App Client Secret
GITHUB_APP_ID=...
GITHUB_APP_PRIVATE_KEY=...
NEXT_PUBLIC_GITHUB_APP_SLUG=...
GITHUB_WEBHOOK_SECRET=...
GITHUB_APP_PRIVATE_KEY can be stored as the PEM contents with escaped newlines or as a base64-encoded PEM.
pnpm web # run dev server
pnpm check # lint + format check
pnpm fix # lint + format fix
pnpm typecheck # typecheck all packages
pnpm run ci # full CI: check, typecheck, tests, migration check
pnpm sandbox:snapshot-base # refresh sandbox base snapshot
apps/web Next.js app, workflows, auth, chat UI
packages/agent agent implementation, tools, subagents, skills
packages/sandbox sandbox abstraction and Vercel sandbox integration
packages/shared shared utilities
$ claude mcp add open-agents \
-- python -m otcore.mcp_server <graph>