DEV.co
AI Frameworks · langchain-ai

open-swe

Open SWE is an open-source framework for building internal coding agents that automate software tasks like writing code, running tests, and opening PRs. It runs tasks in isolated cloud sandboxes with integrations to Slack, Linear, and GitHub, following architectural patterns used by companies like Stripe and Ramp.

Source: GitHub — github.com/langchain-ai/open-swe
10.1k
GitHub stars
1.2k
Forks
Python
Primary language
MIT
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositorylangchain-ai/open-swe
Ownerlangchain-ai
Primary languagePython
LicenseMIT — OSI-approved
Stars10.1k
Forks1.2k
Open issues11
Latest releaseUnknown
Last updated2026-07-08
Sourcehttps://github.com/langchain-ai/open-swe

What open-swe is

Built on LangGraph and Deep Agents, Open SWE orchestrates LLM-driven code automation using a sandbox-first architecture with middleware-based flow control, subagent composition, and curated tool sets (shell execute, fetch_url, http_request, Linear/Slack APIs). Supports multiple sandbox backends (Modal, Daytona, Runloop, E2B, LangSmith) and optional observability/guardrail integrations (Datadog, LangSmith, Corridor).

Quickstart

Get the open-swe source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/langchain-ai/open-swe.gitcd open-swe# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Internal Coding Bot for Engineering Teams

Deploy as a Slack/Linear-integrated agent to automate routine code tasks (refactoring, test writing, PR creation) across your organization's repositories, with full audit trails and permissioning boundaries.

Multi-Repo Code Generation & Validation

Use subagent orchestration and sandbox isolation to parallelize large-scale code changes (dependency bumps, API migrations) across multiple repositories with automatic PR submission and test validation.

Custom LLM-Based Development Workflows

Extend the framework with your own tools and middleware to encode organization-specific conventions (AGENTS.md), approval workflows, and safety guardrails for autonomous code operations.

Implementation considerations

  • Choose and configure a sandbox backend (Modal, Daytona, Runloop, E2B, or LangSmith) based on cost, latency, and compliance requirements; each has different pricing and geographic availability.
  • Implement AGENTS.md at the root of each repository to encode coding conventions, testing requirements, and architectural rules the agent should follow—this is critical for consistent, org-specific behavior.
  • Set up role-based access control and message queue polling so agents can pick up mid-run feedback from Slack or Linear without blocking, and ensure observability credentials (Datadog, LangSmith) are stored encrypted and scoped to read-only operations.
  • Define a PR approval flow: Open SWE creates draft PRs by default, but integrate with your CI/CD and code review process to prevent bypassing critical safety gates.
  • Test middleware ordering carefully (message queue checks, error handling, step limit notifications) to ensure graceful failure modes and user visibility when agents exhaust token budgets or encounter unavoidable errors.

When to avoid it — and what to weigh

  • Simple Scripts or Offline Agents — If you need a lightweight, self-contained LLM agent without cloud infrastructure dependencies, the sandbox-centric design and external service requirements may be overengineered.
  • Production Code Without Human Review — The framework is designed to reduce manual overhead, but autonomous code generation still carries risk. Avoid deploying agent-written PRs directly to production without human gatekeeping on critical paths.
  • High-Isolation or Air-Gapped Environments — Open SWE relies on external LLM APIs (OpenAI, Anthropic) and cloud sandbox providers. It is not suitable for fully air-gapped or on-premise-only deployments without significant custom integration work.
  • Teams Without DevOps / Infrastructure Expertise — Sandbox provisioning, secret management, and observability integration require infrastructure competency. Teams new to cloud deployments may face a steep learning curve.

License & commercial use

MIT License. Permissive OSI-approved license allowing commercial use, modification, and distribution with minimal restrictions (requires license/attribution preservation).

MIT is a permissive license compatible with commercial deployment. However, verify that any external dependencies (LangGraph, Deep Agents, sandbox providers, LLM APIs) have compatible or separately licensed terms. LLM API usage (OpenAI, Anthropic) will incur separate commercial charges. No assertion can be made about open-source projects' upstream dependency chains without explicit review.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationStrong
License clarityClear
Deployment complexityHigh
DEV.co fitStrong
Assessment confidenceHigh
Security considerations

Sandbox isolation is the primary containment boundary; each task runs in its own remote environment with no direct production access. Blast radius is limited by sandbox provider's isolation guarantees. Key risk areas: (1) Observability credentials (Datadog, LangSmith) are server-side only and scoped to read-only, but observability data itself is attacker-influenced (prompt injection vector); (2) Corridor guardrails are optional and server-side; use only if governance is critical; (3) GH_TOKEN proxy model via LangSmith means GitHub auth is not local; verify LangSmith's security posture; (4) Agent system prompt is a trust boundary—malicious context injection (user-supplied Linear/Slack messages) can prompt-inject the agent, similar to web_search tools; (5) No explicit mention of secret scanning, audit logging, or compliance controls (SOC 2, FedRAMP, etc.); Requires review for regulated environments.

Alternatives to consider

GitHub Copilot Workspace / Models

GitHub's native LLM coding assistant offers simpler setup and GitHub-native UX, but is closed-source, less customizable for internal tools, and does not support arbitrary sandbox or multi-repo orchestration patterns.

Anthropic's Artifacts / Claude + Custom Tools

Lower-level approach: build your own agent orchestration on Claude API with custom tool wrappers. Offers more control but requires significant engineering to achieve Open SWE's Slack/Linear integration, sandbox management, and subagent composition.

Replit Agent / Codeium Copilot

Lightweight alternatives for code generation and assistant workflows, but lack the sandbox isolation, multi-platform invocation (Slack, Linear, GitHub), and orchestration depth of Open SWE's architecture.

Software development agency

Build on open-swe with DEV.co software developers

Evaluate Open SWE's architecture, sandbox options, and Slack/Linear integrations for your team. Assess infrastructure requirements, LLM API costs, and custom AGENTS.md onboarding before pilot deployment.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

open-swe FAQ

Does Open SWE require external cloud sandboxes, or can it run locally?
Open SWE is designed for external cloud sandboxes (Modal, Daytona, Runloop, E2B, LangSmith). Local execution is not a documented use case; the architecture assumes isolated, ephemeral remote environments for safety and scale.
Can I use Open SWE without Slack or Linear?
Slack and Linear are the primary invocation surfaces. GitHub is supported for pull request review feedback. Custom invocation sources would require extending the framework; Requires review of source code for feasibility.
What happens if an agent makes a breaking change to the codebase?
The sandbox is isolated and disposable. The agent creates draft PRs for human review. Automated rollback is not mentioned in the framework; relies on your organization's code review and CI/CD gates to catch and prevent bad changes from merging.
Is Open SWE suitable for production code generation without human oversight?
Not recommended for critical paths. The framework reduces manual work but does not eliminate human gatekeeping. Use draft PRs, test automation, and code review as mandatory safety layers. Governance/guardrail tools (Corridor) are optional and require explicit setup.

Work with a software development agency

DEV.co is a software development agency delivering custom software development services to companies building on open source. Our software developers and web developers design, integrate, and ship production systems — spanning web development, APIs, AI, data, and cloud. If open-swe is part of your ai frameworks roadmap, our team can implement, customize, migrate, and maintain it.

Ready to Deploy an Internal Coding Agent?

Evaluate Open SWE's architecture, sandbox options, and Slack/Linear integrations for your team. Assess infrastructure requirements, LLM API costs, and custom AGENTS.md onboarding before pilot deployment.