open-swe
Open SWE is an open-source framework for building internal coding agents that automate software tasks like writing code, running tests, and opening PRs. It runs tasks in isolated cloud sandboxes with integrations to Slack, Linear, and GitHub, following architectural patterns used by companies like Stripe and Ramp.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | langchain-ai/open-swe |
| Owner | langchain-ai |
| Primary language | Python |
| License | MIT — OSI-approved |
| Stars | 10.1k |
| Forks | 1.2k |
| Open issues | 11 |
| Latest release | Unknown |
| Last updated | 2026-07-08 |
| Source | https://github.com/langchain-ai/open-swe |
What open-swe is
Built on LangGraph and Deep Agents, Open SWE orchestrates LLM-driven code automation using a sandbox-first architecture with middleware-based flow control, subagent composition, and curated tool sets (shell execute, fetch_url, http_request, Linear/Slack APIs). Supports multiple sandbox backends (Modal, Daytona, Runloop, E2B, LangSmith) and optional observability/guardrail integrations (Datadog, LangSmith, Corridor).
Get the open-swe source
Clone the repository and explore it locally.
git clone https://github.com/langchain-ai/open-swe.gitcd open-swe# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- Choose and configure a sandbox backend (Modal, Daytona, Runloop, E2B, or LangSmith) based on cost, latency, and compliance requirements; each has different pricing and geographic availability.
- Implement AGENTS.md at the root of each repository to encode coding conventions, testing requirements, and architectural rules the agent should follow—this is critical for consistent, org-specific behavior.
- Set up role-based access control and message queue polling so agents can pick up mid-run feedback from Slack or Linear without blocking, and ensure observability credentials (Datadog, LangSmith) are stored encrypted and scoped to read-only operations.
- Define a PR approval flow: Open SWE creates draft PRs by default, but integrate with your CI/CD and code review process to prevent bypassing critical safety gates.
- Test middleware ordering carefully (message queue checks, error handling, step limit notifications) to ensure graceful failure modes and user visibility when agents exhaust token budgets or encounter unavoidable errors.
When to avoid it — and what to weigh
- Simple Scripts or Offline Agents — If you need a lightweight, self-contained LLM agent without cloud infrastructure dependencies, the sandbox-centric design and external service requirements may be overengineered.
- Production Code Without Human Review — The framework is designed to reduce manual overhead, but autonomous code generation still carries risk. Avoid deploying agent-written PRs directly to production without human gatekeeping on critical paths.
- High-Isolation or Air-Gapped Environments — Open SWE relies on external LLM APIs (OpenAI, Anthropic) and cloud sandbox providers. It is not suitable for fully air-gapped or on-premise-only deployments without significant custom integration work.
- Teams Without DevOps / Infrastructure Expertise — Sandbox provisioning, secret management, and observability integration require infrastructure competency. Teams new to cloud deployments may face a steep learning curve.
License & commercial use
MIT License. Permissive OSI-approved license allowing commercial use, modification, and distribution with minimal restrictions (requires license/attribution preservation).
MIT is a permissive license compatible with commercial deployment. However, verify that any external dependencies (LangGraph, Deep Agents, sandbox providers, LLM APIs) have compatible or separately licensed terms. LLM API usage (OpenAI, Anthropic) will incur separate commercial charges. No assertion can be made about open-source projects' upstream dependency chains without explicit review.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Strong |
| License clarity | Clear |
| Deployment complexity | High |
| DEV.co fit | Strong |
| Assessment confidence | High |
Sandbox isolation is the primary containment boundary; each task runs in its own remote environment with no direct production access. Blast radius is limited by sandbox provider's isolation guarantees. Key risk areas: (1) Observability credentials (Datadog, LangSmith) are server-side only and scoped to read-only, but observability data itself is attacker-influenced (prompt injection vector); (2) Corridor guardrails are optional and server-side; use only if governance is critical; (3) GH_TOKEN proxy model via LangSmith means GitHub auth is not local; verify LangSmith's security posture; (4) Agent system prompt is a trust boundary—malicious context injection (user-supplied Linear/Slack messages) can prompt-inject the agent, similar to web_search tools; (5) No explicit mention of secret scanning, audit logging, or compliance controls (SOC 2, FedRAMP, etc.); Requires review for regulated environments.
Alternatives to consider
GitHub Copilot Workspace / Models
GitHub's native LLM coding assistant offers simpler setup and GitHub-native UX, but is closed-source, less customizable for internal tools, and does not support arbitrary sandbox or multi-repo orchestration patterns.
Anthropic's Artifacts / Claude + Custom Tools
Lower-level approach: build your own agent orchestration on Claude API with custom tool wrappers. Offers more control but requires significant engineering to achieve Open SWE's Slack/Linear integration, sandbox management, and subagent composition.
Replit Agent / Codeium Copilot
Lightweight alternatives for code generation and assistant workflows, but lack the sandbox isolation, multi-platform invocation (Slack, Linear, GitHub), and orchestration depth of Open SWE's architecture.
Build on open-swe with DEV.co software developers
Evaluate Open SWE's architecture, sandbox options, and Slack/Linear integrations for your team. Assess infrastructure requirements, LLM API costs, and custom AGENTS.md onboarding before pilot deployment.
Talk to DEV.coRelated on DEV.co
Explore the category and the services that help you build with it.
open-swe FAQ
Does Open SWE require external cloud sandboxes, or can it run locally?
Can I use Open SWE without Slack or Linear?
What happens if an agent makes a breaking change to the codebase?
Is Open SWE suitable for production code generation without human oversight?
Work with a software development agency
DEV.co is a software development agency delivering custom software development services to companies building on open source. Our software developers and web developers design, integrate, and ship production systems — spanning web development, APIs, AI, data, and cloud. If open-swe is part of your ai frameworks roadmap, our team can implement, customize, migrate, and maintain it.
Ready to Deploy an Internal Coding Agent?
Evaluate Open SWE's architecture, sandbox options, and Slack/Linear integrations for your team. Assess infrastructure requirements, LLM API costs, and custom AGENTS.md onboarding before pilot deployment.