COMPUTE · A CELL OF YOUR OWN

Cella. Fast enough to throw away. Durable enough to keep.

Mint a named sandbox in one API call. Ephemeral or persistent, your choice. Warm starts under 500ms. Agents rent them through a trust plane; developers hit the API directly; MCP clients fire background jobs and come back for the logs.

Request beta access How it works
POST cella.latere.ai/v1/sandboxes 
$ curl -X POST https://cella.latere.ai/v1/sandboxes \
    -H "Authorization: Bearer $LATERE_TOKEN" \
    -d '{"image":"sandbox-claude","tier":"persistent"}'
{
  "slug":    "fragrant-bird-7x2",
  "state":   "running",
  "image":   "sandbox-claude",
  "tier":    "persistent",
  "storage": "1Gi",
  "created": "2026-04-23T14:02:11Z"
}
 warm start · ready in 420ms
<500ms
warm start
1–10GB
persistent workspace
idle
auto-stop
isolated, (non-)root
Three consumer shapes. One platform.
01

Agents, via a trust plane

A server app mints cellas on a user's behalf. Real secrets never enter the cella. A per-client credential broker hands out scoped, narrow-audience tokens on demand.

POST /sandbox-tokens      // scoped
POST /sandboxes           // mint
POST /v1/sandboxes/:id/commands  // run
scoped tokensbrokercredless
02

Developers, direct

Dashboard, latere CLI with browser login, and Go and TypeScript SDKs. Create, rename, start, stop, and exec against your own workspaces. Ephemeral or persistent, chosen at create time.

$ latere auth login
$ latere sandbox create --tier persistent
fragrant-bird-7x2  running  1Gi
$ latere sandbox rename fragrant-bird-7x2 my-workspace
$ latere exec my-workspace -- go test ./...
CLISDKdashboard
03

MCP, background workloads

Reference sandbox-mcp server lets Claude Code fire jobs, detach, and come back for logs and artifacts. POST /commands?detach=true, a tailable cursor, and file import or export round it out.

POST /v1/sandboxes/:id/commands {"detach": true}
→ cmd_01H9XZ... (running)
GET  /v1/sandboxes/:id/commands/:cid/logs?cursor=...
POST /files/input.tar.gz
GET  /files/output.tar.gz
detachlogs cursorartifacts
Architecture

Workspace is durable. Compute is replaceable. Everything else is policy.

DURABLE
Persistent workspace
Files, caches, and git state survive restarts, stops, and compute replacement. Default 1Gi, capped at 10Gi per user.
COMPUTE
Replaceable runtime
Attached to the workspace on demand. Auto-stopped when idle. Replaced on image change. Warm starts in under 500ms.
TRUST
Per-client credential broker
Real secrets never cross the cella boundary. The broker runs alongside the workload on a local address and hands out scoped, narrow-audience tokens on demand.
NETWORK
Default-deny egress
An allowlist attached to the credential that signs out cellas, not the individual cella. Consistent across every workspace under that credential.
Lifecycle
creating running stopped deleting deleted
Specs
Start latency
<500ms warm, seconds cold
Quota
per user, per organisation, global cap
Hardening
isolated execution, (non-)root, minimal capabilities
Observability
logs, traces, metrics
Audit
tamper-evident log with redaction
Auth
scoped tokens: read:sandbox, write:sandbox, exec:sandbox, attach:sandbox, admin:sandbox
Repo access
GitHub App, short-lived install tokens brokered for you
Pricing

Tiers are being finalised with design partners.

Developer

Coming Soon

One persistent workspace. CLI, dashboard, and SDKs. For hacking, prototyping, and single-operator workflows.

  • 1 persistent cella
  • 1Gi workspace, idle auto-stop
  • Browser login, CLI + SDKs
  • Community support
Request access

Team

Coming Soon

Cellas for agent platforms. Trust plane, per-client credential brokers, scoped tokens, shared audit trail.

  • Shared pool + per-user quotas
  • Credless broker & scoped tokens
  • Per-client egress allowlists
  • Team audit & cost dashboard
Request access

Enterprise

Coming Soon

Dedicated node pools, custom images, and private clusters. SSO, compliance controls, and an SLA.

  • Dedicated nodes, private VPC
  • SSO, SCIM, RBAC
  • Custom brokers & policies
  • Operator console, fleet audit
  • 24/7 support & SLA
Contact us

A cella in a single API call.

In private beta. Request access if you're building an agent platform, a dev-environment tool, or an MCP background runtime.

Request beta access Read the blog