Reference
Capability Matrix
Maturity per feature and target.
The capability matrix is the source of truth for what's stable, useful, experimental, or designed-for. The full live matrix is maintained in the repo at docs/capability-matrix.md — read that for the most accurate detail. This page summarizes the high-level shape.
| Target | Status |
|---|
| Node | Stable MVP. |
| Temporal worker | Stable MVP / controlled production-pilot path; hosted-runner live workflow smoke is passing with real gRPC readiness. |
| Virtual sandbox | Stable MVP default first-run path. |
| Docker sandbox | Useful MVP (live tests gated by FABRIC_DOCKER_TEST=1). |
| Cloudflare Workers + Sandbox / Shell Workspace | Pilot/live-gated; Shell Workspace is pilot-ready after manual live validation and should stay under live workflow coverage. |
| Foundry Hosted Agents | Build scaffold + Agent Service client/tools; live tests opt-in. |
| Azure Container Apps / ACI / AKS | ARM control-plane tools; full SandboxEnv backends roadmap. |
| Databricks | SQL/Jobs/Notebook/Unity Catalog/MLflow tools + workspace filesystem source; full sandbox/deploy target roadmap. |
| Feature | Status |
|---|
Metadata agents (agent({...})) | Stable. |
| Skills (Markdown) | Stable; richer YAML & schemas roadmap. |
| Roles (Markdown) | Stable. |
| Built-in tools (read/write/edit/bash/grep/glob/task) | Stable. |
Agent/session/prompt cwd scoping | Stable. |
session.fs / agent.fs out-of-band filesystem helper | Stable MVP. |
| Scoped commands | Stable. |
| Typed result validation | Stable. |
| Tasks (durable child runs) | Stable on Node + Temporal. |
| Approvals | Stable. |
| Checkpoints | Stable; sandbox snapshot integration partial. |
| Artifacts | Stable. |
| Compaction | Stable. |
| Replay | Stable. |
| Provenance + attestation | Stable. |
| SBOM (Syft) | Stable when Syft is on PATH. |
| Cosign signing | Stable when cosign is on PATH. |
Authenticated admin aliases + /openapi.json | Stable MVP. |
| Workers AI Gateway metadata + model context-window metadata | Stable MVP. |
| Store | Status |
|---|
| File (default) | Stable. |
| SQLite | Stable. |
| Postgres | Stable. |
| Cloudflare Durable Object | Useful MVP; session route parity implemented, live Worker tests opt-in. |
| Cloudflare R2 artifacts/source files | Useful MVP; live Worker/R2 tests opt-in. |
| S3/Azure Blob filesystem sources | Useful MVP via dependency-free connector adapters. |
| Backend | Status |
|---|
| Empty / virtual bash (in-memory) | Stable; virtual is the default simple/no-container path. |
| Local (host repo) | Stable; use for intentional CI/repo host access. |
| Docker | Useful MVP; preferred for untrusted shell/data-analysis work. |
| Cloudflare Sandbox | Pilot/live-gated. |
Cloudflare Shell Workspace (@cloudflare/shell + Worker Loader code tool) | Pilot-ready; local tests, Wrangler dry-run, and manual live deployment smoke have passed. Keep CI/live smoke enabled before broader rollout. |
| Daytona / E2B / Modal | Package-level structural adapters + live-gated smoke tests. |
| Kubernetes / Firecracker | Provider-neutral RemoteSandboxApi adapter path; first-class adapters roadmap. |
