{"id":"mng-dev-ai-agentrove","name":"agentrove","homepage":null,"repo_url":"https://github.com/Mng-dev-ai/agentrove","category":"devtools","subcategories":[],"tags":["ai-ml","devtools","automation","infrastructure","sandbox","agent","claude-code","fastapi","react","typescript","mcp"],"what_it_does":"Agentrove is a self-hosted Claude Code workspace: a React web UI with a FastAPI backend that provisions per-workspace sandboxes (Docker or host), runs Claude Code via claude-agent-sdk/Claude Code CLI, and routes requests to Anthropic directly or through an Anthropic-compatible bridge for other providers (OpenAI/OpenRouter/GitHub Copilot/custom compatible endpoints). It also supports extension surfaces like MCP servers, skills/agents/commands, and streaming with SSE and cancellation.","use_cases":["Self-hosted web IDE for Claude Code-style agent workflows with sandboxed execution","Multi-provider model routing while keeping a shared workspace filesystem/context","Team/project workspace management with isolated sandboxes per project","Running Claude Code tools in Docker/host isolation for safer code execution","Extending workflows via MCP servers/skills/commands/plugins","Web-based operation with health/readyz endpoints and admin UI"],"not_for":["Compliance-first environments that require formally documented security controls, audit logs, and hardened deployment guidance without review","Situations needing a lightweight, single-purpose API (this is a full application stack)","Users who cannot manage Docker/Compose or local sidecar/container runtime dependencies","Environments where provider credentials cannot be stored/handled by a self-hosted service without additional controls"],"best_when":"You want to run Claude Code capabilities on your own infrastructure (web IDE + sandboxed execution) and need provider switching/routing while keeping consistent workspace state and tool/MCP orchestration.","avoid_when":"You cannot secure JWT/API endpoints and sandbox/runtime secrets, or you require a stable API contract without anticipating breaking changes (the project states it is under active development).","alternatives":["Open-WebUI-style wrappers for model providers (if you don’t need Claude Code CLI/sandbox harness)","Self-hosted Claude Code alternatives/variants that integrate a code-execution sandbox directly","Other agent orchestration platforms with sandboxing (e.g., generic agent frameworks)","Standalone Claude Code CLI with your own local web front-end"],"af_score":44.8,"security_score":52.5,"reliability_score":22.5,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:35:31.273049+00:00","interface":{"has_rest_api":true,"has_graphql":false,"has_grpc":false,"has_mcp_server":false,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":"http://localhost:8080/api/v1/docs","webhooks":false},"auth":{"methods":["JWT (SECRET_KEY used for JWT signing per .env)","Provider tokens in UI/settings (Anthropic token; OpenAI device flow; GitHub Copilot device flow; OpenRouter API key; custom Anthropic-compatible base_url + token)","Basic use via browser session (implied by web UI; exact auth flow not specified in README)"],"oauth":true,"scopes":false,"notes":"Authentication for the app API/UI appears to rely on JWT signing using SECRET_KEY. Provider authentication varies by provider: Anthropic token directly; OpenAI and Copilot use device-flow in UI; OpenRouter uses API key; custom uses base_url+token. README does not document JWT claim structure or fine-grained scope model for API authorization."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"Self-hosted open-source (Apache 2.0) per README; cost depends on your infrastructure and upstream provider usage."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":44.8,"security_score":52.5,"reliability_score":22.5,"mcp_server_quality":30.0,"documentation_accuracy":55.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":55.0,"rate_limit_clarity":10.0,"tls_enforcement":80.0,"auth_strength":55.0,"scope_granularity":30.0,"dependency_hygiene":45.0,"secret_handling":50.0,"security_notes":"Security posture can’t be fully verified from README. The app requires a SECRET_KEY for JWT signing, which is a positive signal, but scope/authorization granularity and safe secret handling practices (e.g., no logging of tokens) are not documented. Sandboxed execution via Docker/host helps isolate code execution, but the deployment hardening, network isolation, and credential storage practices are not specified. TLS enforcement for API is not explicitly stated (assumed via typical deployment), so score is moderate rather than definitive.","uptime_documented":0.0,"version_stability":35.0,"breaking_changes_history":20.0,"error_recovery":35.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Breaking changes are expected because the project is under active development.","Provider routing and sandbox execution introduce operational complexity; agent workflows may fail if sandbox runtime or bridge services are misconfigured.","Per-workspace sandbox provider is locked at creation time; switching may require recreating workspaces.","README mentions streaming SSE with cancellation and resumable events, but does not specify agent retry/resumption semantics or idempotency guarantees."]}}