Vercel previews eve with durable execution and sandboxed compute

• Vercel Dev's launch post positioned eve as an open source agent framework in public preview with durable execution, sandboxed compute, human-in-the-loop, subagents, and evals.
• According to Guillermo Rauch's architecture thread, eve centers the filesystem, with agent/instructions.md as the minimal starting point and folders for tools, skills, sandbox, and schedules.
• Vercel Dev's Connect announcement and Vercel's Connect post framed Connect as a way for apps and agents to reach Slack, GitHub, Salesforce, and internal services through short-lived, narrowly scoped tokens.
• Vercel Dev's Passport announcement said Passport puts an identity provider in front of every deployment, while Vercel's enterprise apps and agents post tied that to access controls and audit trails for teams already running agents in production.
• Commentary from Fred K. Schott's reaction thread highlighted the tradeoff quickly: eve ships with a lot of wiring done for you, but today that wiring is tightly coupled to the Vercel runtime, sandbox, workflows, and cron stack.

You can open the eve launch link, jump to the Connect beta page, and check the Passport announcement. The early reactions are unusually specific: Lars Grammel's comparison drew a line between low-level AI SDK primitives and eve's higher-level assembly, Guillermo Rauch's follow-up said deployment produces an API backend plus a useEveAgent() hook, and Malte Ubl's dogfooding note claimed private beta customers were already shipping agents with evals, observability, and SDLC guardrails intact.

The public preview pitch is simple: Vercel wants agent projects to start from a filesystem contract instead of from orchestration glue. The top-level shape in Vercel's repo-style teaser names the core building blocks directly: agent.ts, instructions.md, tools/, skills/, sandbox/, and schedules/.

That product boundary is more opinionated than Vercel's earlier AI SDK framing. In Lars Grammel's comparison, AI SDK stays the lower-level provider and UI abstraction layer, while eve takes over prompt assembly, integrations, deployment wiring, and the rest of the harness.

Rauch described eve as "Next.js for agents" because the entrypoint is nearly all convention.

• agent/instructions.md is the minimum viable spec, per Rauch's thread.
• Filesystem names are meant to be self-describing, so tools/query-db.ts should read like its capability, again per Rauch's thread.
• Deploying an eve project produces an API backend, and frontends consume it through a generated useEveAgent() hook for Next, Vite, and TanStack apps, according to Rauch's deployment reply.
• Vercel's own infrastructure pieces, including Sandbox, Gateway, Workflow, and cron-style schedules, sit underneath that abstraction in Rauch's description.

That explains the "like Next.js" comparison better than the slogan does. The framework is not just scaffolding prompts, it is turning an agent directory into a deployable backend surface.

Connect is the data access layer in this launch cluster. Vercel said apps and agents can use it to reach Slack, GitHub, Salesforce, and custom services with short-lived tokens that are scoped to a specific task.

The interesting detail is the scope model. Both Vercel Dev's beta post and Vercel's security framing emphasize temporary credentials with precise permissions, which suggests Vercel is standardizing external system access as an execution-time primitive instead of leaving each agent team to hand-roll OAuth and secret distribution.

Passport handles the front door. Vercel said it can put an identity provider in front of every deployment so internal apps and agents are private by default.

The enterprise pitch is broader than auth alone. In Vercel's enterprise post, the company says it already runs more than 100 agents in production and built the surrounding product around identity, access, and audit trails after discovering that deployment was easy and securing agents at scale was not.

The sharpest outside critique came from Fred K. Schott's reaction thread, which argued that eve is currently inseparable from the Vercel stack: runtime, sandbox, workflows, and cron jobs all come bundled with the framework contract.

Schott also pointed at two design choices that feel deliberate rather than incidental:

• eve is "filesystemmaxxing," with many magic files and folders that may fit agents better than they fit humans, per Schott's thread.
• the framework appears to use a custom harness, which he contrasted with the direction of more swappable agent infrastructure in the broader ecosystem, again in Schott's thread.

That makes eve less of a generic agent framework than a managed agent product surface with open source packaging around it.

Two launch-day posts filled in how mature this stack already is inside Vercel. Malte Ubl's dogfooding note said eve spent months in dogfooding and private beta, and that customers were shipping agents in minimal time while getting evals, observability, and SDLC readiness immediately.

That lines up with Vercel's enterprise apps and agents post, which says Vercel is already operating 100-plus agents in production. The notable part of this launch is not just a new agent framework, it is that Vercel is bundling runtime, external-system access, and identity controls around a framework it claims has already been exercised internally and with beta users.