Most "AI agent" repos on GitHub are tech demos. You clone them, run pnpm install, get a chatbot that calls one tool in a serverless function, and realize there's no clear path from this toy to anything you'd actually deploy. Vercel Labs Open Agents is built to fix that gap.
Released in early May 2026 and trending on GitHub within a week, the project is not a framework and not a black box. It's a forkable reference app for running background coding agents — the kind that take a prompt, spin up a sandbox, edit your repo, run tests, and open a pull request without keeping your laptop awake.
The Architectural Decision That Defines It
The single most important sentence in the Open Agents README is this one:
The agent does not run inside the VM. It runs outside the sandbox and interacts with it through tools like file reads, edits, search, and shell commands.
That separation between the agent and the sandbox is the whole point. Most coding-agent projects conflate the two — the agent's code runs inside the same container that executes the user's repo. That feels simple until you try to:
- hibernate a long-running job and resume it tomorrow
- swap the model provider without rebuilding the sandbox image
- recover from a sandbox crash without losing the conversation
- run a single agent turn across multiple persisted steps
Open Agents pulls those concerns apart. The agent runs as a durable workflow on Vercel. The sandbox is a plain execution environment with a filesystem, shell, and git. The web app handles auth, sessions, and streaming chat. Three layers, three lifecycles.
What You Actually Get When You Fork It
Open Agents is a three-package monorepo built with Bun, Next.js, and TypeScript. Here's the layout straight from the repo:
| Path | What's Inside |
|---|---|
apps/web |
Next.js app, workflows, auth, chat UI |
packages/agent |
Agent implementation, tools, subagents, skills |
packages/sandbox |
Sandbox abstraction and Vercel Sandbox integration |
packages/shared |
Shared utilities |
Out of the box, the agent already does the things you'd expect a production coding agent to do:
- Chat-driven coding with file, search, shell, task, skill, and web tools
- Durable multi-step execution backed by the Workflow SDK with streaming and cancellation
- Isolated Vercel sandboxes with snapshot-based resume after hibernation
- Repo cloning and branch work inside the sandbox
- Optional auto-commit, push, and PR creation after a successful run
- Session sharing via read-only links
- Voice input via ElevenLabs transcription (optional)
The sandbox uses a base snapshot and exposes ports 3000, 5173, 4321, and 8000 for dev-server preview — so if your agent decides to bun run dev, you can see what it built. After inactivity, the sandbox hibernates. When the next chat request arrives, the agent resumes from the workflow run that left off.
How Auth Actually Works
This is the part most agent templates wave at and skip. Open Agents implements it.
Authentication is handled by Better Auth, with both Vercel and GitHub as social providers. The GitHub integration is the interesting piece — Open Agents doesn't use a separate GitHub OAuth app. Instead, it reuses the GitHub App's OAuth credentials as a Better Auth social provider, then uses the App's installation tokens for actual repo access.
That matters because installation tokens scope permissions per repository and rotate automatically. Personal access tokens, which most agent templates default to, do neither.
For a full deployment you'll need:
NEXT_PUBLIC_VERCEL_APP_CLIENT_ID
VERCEL_APP_CLIENT_SECRET
NEXT_PUBLIC_GITHUB_CLIENT_ID
GITHUB_CLIENT_SECRET
GITHUB_APP_ID
GITHUB_APP_PRIVATE_KEY
NEXT_PUBLIC_GITHUB_APP_SLUG
GITHUB_WEBHOOK_SECRET
Plus a Postgres URL and a BETTER_AUTH_SECRET generated with openssl rand -base64 32. The full list is in apps/web/.env.example.
Getting It Running
The README has a 10-step deploy path, but the practical version is short:
# Clone and install
git clone https://github.com/vercel-labs/open-agents
cd open-agents
bun install
# Local env
cp apps/web/.env.example apps/web/.env
# fill in POSTGRES_URL and BETTER_AUTH_SECRET at minimum
# Run
bun run web
If you click the "Deploy to Vercel" button on the template page instead, Neon Postgres gets auto-provisioned and you skip the database setup entirely. The GitHub App still has to be created manually — you set its callback URL to https://YOUR_DOMAIN/api/auth/callback/github and its setup URL to https://YOUR_DOMAIN/api/github/app/callback.
The useful commands once you're in:
bun run web # dev server
bun run typecheck # typecheck all packages
bun run ci # full CI: check, typecheck, tests, migration check
bun run sandbox:snapshot-base # refresh the sandbox base image
What It Isn't
Worth being clear about: Open Agents is not a hosted product. It's not Vercel selling you agent-as-a-service. It's a reference implementation of how Vercel itself thinks the pieces should fit together — the Workflow SDK for durability, Vercel Sandbox for isolation, the AI SDK for model calls, and Better Auth for identity.
It's also not framework-neutral. The repo is deeply tied to Next.js, Bun, and Vercel's platform primitives. If your stack is Python and Modal, this isn't your starting point.
Within those constraints, though, the project does something rare in the open-source agent space: it ships an opinionated, production-shaped reference rather than another generic abstraction. The choice to fork and adapt — explicitly stated in the README — is the right framing. Most agent codebases need to be shaped to a specific product anyway, and starting from a working durable workflow is a lot easier than building one from scratch.
Why This Matters Right Now
The agent ecosystem in 2026 has split into two camps. On one side are visual builders — Langflow, Dify, n8n — that target operators who want flowcharts. On the other are code-first frameworks that want to be the everything store of agent infrastructure.
Open Agents picks neither lane. It's a working coding agent that happens to be made of pieces you can read and modify. That's the kind of starting point engineering teams actually want: not a framework that locks you in, not a no-code tool that bottoms out at the first real requirement, but a real codebase you can fork and own.
The Bottom Line
Vercel Labs Open Agents is the reference implementation a lot of teams have been waiting for: a durable, sandbox-isolated coding agent with auth, repo access, PR creation, and session sharing already wired up. The agent-outside-the-sandbox architecture is the right call, the GitHub App integration is the production-grade choice, and the explicit "fork and adapt" framing matches how teams actually deploy agent systems. If you've been pricing the build effort for an internal coding agent, this is the new floor.
