Most automation around code editing either runs an LLM on the host (risking mess and permissions) or builds bespoke CI jobs. Sandcastle takes a different approach: it treats each agent run as an orchestrated sandboxed workstream, making agent-driven code changes reproducible, auditable, and safe to run in parallel.
What Sets It Apart
- Sandboxed-first orchestration: runs agents inside configurable isolated environments (bind-mount or fully isolated) so changes are produced in a contained workspace — this reduces accidental host-side corruption and makes runs reproducible.
- Provider-agnostic plumbing: first-class support for Docker, Podman, and Vercel microVMs plus an API to add custom providers — so you can choose local containers for fast iteration or isolated VMs for CI and secrets separation.
- Git-aware branch strategies and session capture: agents commit to temporary or named branches and Sandcastle can capture Claude Code sessions to enable resume and audit trails — this fits code-review workflows and automated PR generation.
- Lightweight developer API: a single run() / createSandbox() surface lets you script one-shot or multi-run flows (implement → review, parallel planners), making it straightforward to embed into local developer tooling or CI.
Who It's For & Trade-offs
Great fit if you want to: integrate autonomous or semi-autonomous LLM agents into repo workflows, prototype agent-driven fixes or parallelize work across branches, or run reproducible review pipelines in CI. Works well for teams that can run containers or use Vercel microVMs. Look elsewhere if: you need a full-featured task manager, tight enterprise policy around hosted LLMs without local container/VM options, or prefer a GUI-first product — Sandcastle is an orchestration library (TypeScript) with CLI focus, not a SaaS portal.
How It Works (practical gist)
You write an agent prompt (inline or in a prompt file), pick an agent provider (e.g., claudeCode), and choose a sandbox provider. run() creates a worktree/sandbox according to the branch strategy, executes the agent in the sandbox, collects commits and logs, and (for isolated providers) merges or syncs changes back. Built-in features like prompt expansion (shell-block insertion), promptArgs substitution, structured output extraction, and lifecycle hooks make it flexible for pipelines while keeping the orchestration explicit and scriptable.