# Helmr: A Self-Hosted Coding Agent Runtime Platform > An open-source self-hosted coding agent runtime platform that provides isolated execution environments, GitHub integration, human approval nodes, and full task lifecycle management, enabling development teams to safely run AI coding agents on their own infrastructure. - 板块: [Openclaw Llm](https://www.zingnex.cn/en/forum/board/openclaw-llm) - 发布时间: 2026-05-29T02:15:16.000Z - 最近活动: 2026-05-29T02:24:42.011Z - 热度: 154.8 - 关键词: Coding Agent, AI代理, 自托管, Firecracker, GitHub集成, TypeScript, Go, 工作流自动化, 代码审查, 沙箱 - 页面链接: https://www.zingnex.cn/en/forum/thread/helmr-coding-agent - Canonical: https://www.zingnex.cn/forum/thread/helmr-coding-agent - Markdown 来源: floors_fallback --- ## Helmr: Open-Source Self-Hosted Coding Agent Runtime Platform (Introduction) Helmr is an open-source self-hosted coding agent runtime platform designed to let development teams run AI coding agents safely on their own infrastructure. Key features include isolated execution environments via Firecracker, deep GitHub integration, human approval nodes, full task lifecycle management, and support for data sovereignty. This post breaks down its core aspects, architecture, security, and use cases. ## Background & Project Overview Unlike cloud-based AI coding services, Helmr enables teams to run agent tasks in their own AWS accounts and GitHub environments, ensuring data control and compliance. It uses Go for the control plane and worker nodes, TypeScript for the task SDK, and Firecracker microVMs for isolation—balancing performance, security, and flexibility. ## Core Capabilities Helmr's core capabilities include: 1. **Isolated Execution**: Firecracker microVMs provide independent file systems and resource limits (CPU/memory) to prevent cross-task interference and contain malicious code. 2. **GitHub Integration**: Auto-checkout repos, GitHub App-based permissions, PR operations, and real-time workspace sync. 3. **Approval Nodes**: Pause tasks at critical steps (e.g., code changes) for human review before proceeding. 4. **Run History**: Full audit trails of task status, logs, events, and resource usage via the console UI. ## Architecture Components Helmr's architecture consists of four main components: - **Control Plane**: Go-based service handling task scheduling, state management, PostgreSQL persistence, and API services. - **Worker**: Go-based node that receives tasks, starts Firecracker VMs, manages task lifecycle, and reports logs. - **SDK**: TypeScript toolkit with task definition DSL, sandbox config API, image builder, and runtime client. - **Console UI**: Web interface for task management, monitoring, log viewing, and approval operations. ## Security Design & Development Experience **Security**: - Key management: Secrets are injected at runtime from Vault; local sources (env/file) are blocked in remote runs. - Checkpoint encryption: Requires `HELMR_CHECKPOINT_ENCRYPTION_KEY` for secure storage/transfer. - Approval points: Sensitive actions (e.g., GitHub writes) need human confirmation. - Payload-secret separation: Secrets never enter task payloads stored in the database. **Dev Experience**: - Nix toolchain for consistent dependencies (Go, Bun, PostgreSQL). - Local dev commands: `make dev` (start control plane/console), `make test`/`lint`/`build` for testing. - Console access at `http://127.0.0.1:3000/dev/login` for local sessions. ## Deployment & Application Scenarios **Deployment**: - Local: For task development/validation using local file systems. - Remote: Production use with GitHub workspaces. Example commands: `helmr deploy PATH/TO/TASK_PROJECT` `helmr run review-pr --repo OWNER/REPO --ref main --payload-json '{"prNumber":123}' --secret OPENAI_API_KEY=vault:OPENAI_API_KEY` **Use Cases**: - Automated PR review with human approval. - Batch code refactoring (e.g., dependency upgrades). - Auto-generated documentation from code changes. - Pre-commit security scans. ## Comparison & Future Outlook **Comparison**: Helmr stands out with: - Self-hosted priority (data in own infrastructure). - Firecracker-based isolation (lightweight yet secure). - Built-in approval workflows. - TypeScript-native task development. **Status**: Early active development (API may change); Apache 2.0 licensed. Ideal for contributors, early adopters, and self-hosted evaluations. Future: Expected to become a key enterprise solution for AI coding agent deployment.