SmartBoxes
SmartBoxes is a persistent agent sandbox you can leave running. It’s a power tool with best-effort safety—users accept responsibility for what they permit.
The Short Version
Picture this: you wake up, and overnight your AI has documented your entire codebase, fixed three bugs, and deployed a new feature to production. Not because you asked it to—because you enabled autonomous mode and it noticed they needed doing. SmartBox is an always-on AI coding agent that lives in its own persistent environment. It has a filesystem, memory, and the ability to build its own capabilities over time.
The Problem
Right now, the most powerful AI coding experiences are reserved for developers who can set up Claude Code, configure MCP servers, manage API keys, and orchestrate complex toolchains. Projects like Daniel Miessler’s Personal AI Infrastructure show what’s possible—AI that remembers, learns, and evolves. But they require technical skill to deploy and maintain.
SmartBox takes this power and packages it. One click to start. A dashboard to manage. Pay only for what you use.
Our Approach
This is a Power Tool
SmartBox is a hosted, persistent agent-computer. It is not “Copilot in your repo”—it’s an agent with a real compute environment: filesystem, tools, and network access that can run continuously and execute multi-step work. This inherently introduces unpredictable side-effects.
We implement best-effort safeguards against obvious credential mistakes, but we do not claim the system is error-free or guaranteed secure. Users should use least-privilege, disposable credentials and assume responsibility for the actions they permit.
Explicit Risk Acceptance
The onus is on the user: they explicitly opt into the risk. To enable Unlocked mode, users must complete a deliberate typed acknowledgment—not just a click. This acceptance is recorded with a timestamp and policy version. A persistent badge appears across the UI, visible in every screenshot, making it unmissable that the system is operating in power-tool mode.
Safety Baseline
Even in Unlocked mode, we implement obvious guardrails that don’t reduce capability:
- Secrets never appear in transcripts or logs—redaction is automatic
- Pre-push scanning blocks common credential files from being committed to git
- Emergency stop kills compute and network access instantly
- Revoke button invalidates all stored secrets
- Activity timeline shows every command, network request, deployment, and git push
We prioritise visibility, hygiene, and kill switches so it stays capable.
How It Works
SmartBox hosts agent execution on Nomos Cloud, providing:
- Persistent filesystem and session state
- Capability-scoped access to tools and APIs
- Integration with the Nomos event-sourced architecture for full auditability
Architecture
┌─────────────────────────────────────────────────────────────────────────────┐│ USER ││ (Browser / API) │└─────────────────────────────────────────────────────────────────────────────┘ │ ▼┌─────────────────────────────────────────────────────────────────────────────┐│ WEB DASHBOARD ││ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐ ┌─────────────────────┐ ││ │ Activity │ │ Secrets │ │ Deploy │ │ Billing/Credits │ ││ │ Timeline │ │ Vault │ │ Manager │ │ │ ││ └─────────────┘ └─────────────┘ └─────────────┘ └─────────────────────┘ │└─────────────────────────────────────────────────────────────────────────────┘ │ ┌───────────────┴───────────────┐ ▼ ▼┌───────────────────────────────────┐ ┌─────────────────────────────────────┐│ SMARTBOX SANDBOX │ │ NOMOS CLOUD ││ ┌─────────────────────────────┐ │ │ ┌───────────────────────────────┐ ││ │ CLAUDE AGENT │ │ │ │ Event-Sourced Ledger │ ││ │ ┌───────────────────────┐ │ │ │ │ (Audit Trail / Decisions) │ ││ │ │ Reasoning Engine │◄─┼──┼───┼──► │ ││ │ │ Tool Execution │ │ │ │ └───────────────────────────────┘ ││ │ └───────────────────────┘ │ │ └─────────────────────────────────────┘│ └─────────────────────────────┘ ││ ││ ┌──────────────┐ ┌─────────────┐ ││ │ Filesystem │ │ Capability │ ││ │ (R2 Storage)│ │ Packs │ ││ └──────────────┘ └─────────────┘ │└───────────────────────────────────┘ │ │ ▼ ▼┌─────────────────────────────────────────────────────────────────────────────┐│ CLOUDFLARE PRIMITIVES ││ ┌─────────────┐ ┌─────────────┐ ┌───────┐ ┌────────┐ ┌───────────────┐ ││ │ Workers │ │ Durable │ │ R2 │ │ D1 │ │ Pages │ ││ │ (Compute) │ │ Objects │ │(Blobs)│ │ (SQL) │ │ (Deploy) │ ││ └─────────────┘ └─────────────┘ └───────┘ └────────┘ └───────────────┘ │└─────────────────────────────────────────────────────────────────────────────┘ │ ▼┌─────────────────────────────────────────────────────────────────────────────┐│ EXTERNAL SERVICES ││ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐ ┌─────────────────────┐ ││ │ GitHub │ │ APIs │ │ Databases │ │ User Deploys │ ││ │ (Git) │ │ (via proxy) │ │ (via proxy) │ │ (CF Pages) │ ││ └─────────────┘ └─────────────┘ └─────────────┘ └─────────────────────┘ │└─────────────────────────────────────────────────────────────────────────────┘Data Flow
- User interacts via Dashboard or API
- Dashboard manages sandbox lifecycle, secrets, and deployments
- SmartBox runs the Claude agent with persistent filesystem
- Nomos Cloud captures every decision for audit/replay
- Cloudflare provides the underlying compute and storage
- External Services are accessed through capability-scoped proxies
The capabilities are infinite because the box can build its own capabilities. Want architecture documentation? It clones RepoSwarm and configures it. Want to monitor competitors’ pricing? It builds a scraper. Want to automate invoicing? It connects to your accounting API.
Product Features
Sandbox Core
The foundation: a persistent, isolated environment running an AI coding agent. Includes filesystem storage, session memory, git integration, and the ability to install and run any tool. Accessible via web dashboard or API.
Capability Packs
Pre-configured, tested, and optimised agent skills:
- Architecture Documentation (RepoSwarm)
- Competitor Monitoring
- Invoice Automation
- Content Publishing
- Data Pipeline Management
Some packs are free, some are premium. All are one-click installs that your agent immediately knows how to use.
Deploy Service
Integrated deployment to Cloudflare Workers and Pages. Your agent builds a website, API, or scheduled job—you approve it in the dashboard—it’s live globally in seconds. Includes custom domains, SSL, and basic analytics.
Secrets Vault
Store API keys and tokens for your agent to use. We provide best-effort protections: redaction in logs and transcripts, scanning to prevent common accidental commits, and immediate revoke/disable controls. The proxy architecture means real credentials don’t enter the sandbox directly—the agent uses short-lived tokens we can revoke instantly.
Web Dashboard
Control plane for your agent: view activity, manage secrets, configure deployments, install capabilities, monitor usage, and control billing. Includes an activity timeline, kill switch, and one-click secret revocation.
Who It’s For
The Non-Technical Creator
You have ideas for tools, websites, automations—but you can’t code. Today, you either learn to code (months), hire a developer (expensive), or use no-code tools (limited). SmartBox gives you a developer that understands plain English, works 24/7, and costs a fraction of a contractor.
The Convenience Buyer
You could set up Claude Code, configure MCP servers, manage your own infrastructure. You know how. But your time is worth more than the hours it would take. SmartBox is the convenience premium: someone else handles the infrastructure, the updates, the security, the scaling.
The Small Business
You need custom software—integrations, automations, internal tools—but you can’t justify a full-time developer. SmartBox becomes your fractional technical team. It builds what you need, maintains it over time, and costs less than a single day of contractor rates per month.
The Content Creator
Your workflow is unique. Off-the-shelf tools don’t quite fit. SmartBox builds tools tailored to exactly how you work. No compromises. No workarounds. Just tools that fit.
Business Model
Credits-First PAYG
Prepaid credits prevent surprise bills. Usage draws down prepaid credits; when credits run out, the sandbox pauses until topped up. No monthly minimums. No commitment. Start with a generous free trial, then top up credits as needed.
This aligns incentives: we only earn when your agent delivers value, and you’re never surprised by a bill.
Pricing Streams
- Compute Usage: PAYG for agent runtime
- Capability Packs: Free and premium one-click skills
- Deployment Credits: Small margin on top of Cloudflare’s infrastructure
Enterprise & Teams
Same sandbox core, different policy presets. Guided mode adds approval workflows, extended audit retention, and safer defaults. SSO, RBAC, and compliance controls for regulated industries. Enterprise pricing is seats plus usage, with volume discounts at scale.
Roadmap
M0: Foundation
Dashboard, auth, billing, and risk acceptance. Productise the existing infrastructure: user authentication, credits-first metering, Stripe billing, and the Unlocked mode acceptance flow.
M1: Capabilities
Build the capability system: a framework for packaging agent skills, a marketplace for discovering them, and one-click installation. Launch with 3-5 first-party capabilities including RepoSwarm integration.
M2: Deploy
Integrate deployment to Cloudflare Workers and Pages. Users can deploy websites, APIs, and scheduled jobs directly from the dashboard.
M3: Marketplace
Open the capability marketplace to community contributions. Creators can publish capabilities, set pricing, and earn revenue. Reviews, ratings, and quality controls.
M4: Teams & Enterprise
Launch team workspaces with shared agents, capabilities, and deployments. Add SSO, RBAC, and audit logging. Pursue SOC 2 certification.