Skip to main content
hc
Submit
AI coding agents · tools · 16 picks

Best AI coding agents

AI coding agents and assistants for building, editing, and shipping code — from terminal agents to AI-native editors.

Curated by @heyclaude-editors Updated 2026-06-19

AI coding agents and assistants for building, editing, and shipping code — from terminal agents to AI-native editors.

Compared at a glance

The top 5 picks side by side on trust, install, platform support, and disclosed notes — full rationale for each below.

FieldArchon

Open-source workflow engine for AI coding agents that runs YAML-defined development processes with deterministic phases, isolated git worktrees, validation gates, and integration with Claude Code and other AI assistants.

Open dossier 		Crush

Terminal-based agentic AI coding assistant from Charm that works with many LLM providers, uses LSP and MCP for context, manages per-project sessions, and asks permission before running tools by default.

Open dossier 		HumanLayer

Open-source project behind CodeLayer, an IDE for orchestrating AI coding agents built on Claude Code, with keyboard-first workflows, team context engineering, and parallel Claude Code sessions across worktrees and cloud workers.

Open dossier 		Qwen Code

Open-source terminal AI coding agent from Qwen with Auto-Memory, Auto-Skills, SubAgents, Agent Teams, dynamic workflows, MCP support, multi-provider model routing, IDE plugins, desktop app, daemon mode, SDKs, IM bots, sandboxing, and worktree-aware coding workflows.

Open dossier 		AnythingLLM

Local-first AI application for private chat, document RAG, workspace agents, MCP-compatible tools, model routing, memories, scheduled tasks, multimodal workflows, multi-user Docker deployments, and self-hosted agent automation.

Open dossier
Trust
Install riskReview firstReview firstReview firstReview firstReview first
Notes Safety Privacy Safety Privacy Safety Privacy Safety Privacy Safety Privacy
Categorytoolstoolstoolstoolstools
Sourcesource-backedsource-backedsource-backedsource-backedsource-backed
Authorcoleam00CharmHumanLayerQwenMintplex Labs
Added2026-06-162026-06-052026-06-052026-06-182026-06-18
Platforms
CLI
CLI
CLI
CLI
CLI
Source repo
Safety notesReview YAML workflow nodes before running bash or git operations in isolated worktrees. Self-hosted deployments require patching and backup like other internal developer platforms. Archon telemetry is documented in the repository; review before enterprise rollout. Workflow runs can create branches and pull requests; scope repository permissions narrowly.Crush executes tools and commands; by default it asks for permission before each tool call. The --yolo flag skips all permission prompts; the project warns to be very careful with it, so avoid it on untrusted work. The crush.json config is trusted code — any $(...) in it runs at load time with your shell's privileges, so review config files before use. LSP and MCP servers can read your codebase and influence agent behavior; only connect servers you trust.CodeLayer orchestrates AI coding agents that edit files and run commands in your repositories, so it inherits the execution risks of the underlying Claude Code agent. MultiClaude runs multiple Claude Code sessions in parallel across git worktrees; review changes per worktree before merging to avoid conflicting or unreviewed edits. Remote cloud workers can run agent sessions on external infrastructure; understand where code executes before enabling them. Scaling agent workflows to a whole team increases the blast radius of automated edits, so keep human review and branch protections in place.Qwen Code can edit files, run commands, use MCP servers, launch subagents, apply skills, use hooks, operate in sandboxes, and manage worktrees; keep destructive or credentialed actions behind explicit approval. Auto-Memory and Auto-Skills can persist or reuse context across tasks; review what is stored, updated, and replayed before using sensitive repositories or customer data. Daemon mode and IM bot channels can expose a shared agent session over HTTP+SSE or messaging platforms; require authentication, network controls, audit logs, and operator visibility. MCP servers can expose databases, SaaS accounts, browsers, cloud resources, files, or internal APIs to the agent; apply least privilege per server. Multi-provider routing means prompts and code may go to different model providers at runtime; lock down provider choices for regulated or confidential work.AnythingLLM can run agents, scheduled tasks, MCP-compatible tools, browser-like workspace actions, developer APIs, and external model calls; scope tools and credentials before enabling them for users. The upstream Docker guide includes examples that add the SYS_ADMIN capability to the container. Review whether that capability is acceptable for the host before copying production run commands. Multi-user Docker deployments need normal production controls: authentication, TLS, network isolation, secret management, persistent-volume ownership, backups, and upgrade planning. Agent tools, custom agents, model routing, memories, and scheduled tasks can change behavior over time; use least privilege, logging, review gates, and rollback plans for write-capable workflows. Localhost services such as Ollama, Chroma, LocalAI, or LM Studio may need Docker host routing adjustments; avoid exposing local provider ports wider than intended.
Privacy notesWorkflow execution data stays in your Archon deployment, git worktrees, and connected repositories. AI assistant clients may send prompts and tool output to model providers per client privacy settings. Shared workflow repos may expose internal process details; restrict repository access accordingly. Review Archon repository privacy and telemetry sections before processing sensitive codebases.Your code context and prompts are transmitted to the LLM provider you configure. API keys are read from environment variables or config files and sent to the configured provider; store them as secrets. Crush records pseudonymous usage metrics tied to a device-specific hash; prompts and responses are never collected. Opt out with CRUSH_DISABLE_METRICS=1 or DO_NOT_TRACK=1.Because it builds on Claude Code, repository code and context are sent to Anthropic's API to power the agent. Remote cloud workers process your code and context on external infrastructure; review the provider's terms before sending private code. Any API keys or credentials used by Claude Code and CodeLayer should be stored as secrets, not committed to source control. Team and context-engineering features can share prompts, context, and workflow data across collaborators, so avoid placing secrets in shared context.Prompts, selected files, memory, skills, subagent transcripts, MCP tool arguments, MCP tool results, hooks, shell output, worktree paths, daemon traffic, IM bot messages, SDK messages, and provider responses may contain sensitive data. Do not expose provider API keys, OAuth tokens, Qwen credentials, private repository content, customer data, or internal system details through prompts, logs, screenshots, bot messages, or shared sessions. Provider privacy, retention, billing, and telemetry behavior depends on the selected Qwen, OpenAI, Anthropic, Gemini, local, or third-party model route. Desktop, daemon, IDE, SDK, and IM-bot modes may retain or relay agent context outside the terminal session; review logs and storage for each mode.Uploaded documents, parsed chunks, embeddings, workspace memories, prompts, chat history, agent state, scheduled task inputs, MCP payloads, provider responses, logs, and API calls may contain sensitive data. The README documents anonymous telemetry and an opt-out through DISABLE_TELEMETRY=true or the in-app privacy setting; review this before using regulated or confidential data. Even with telemetry disabled, outbound calls may still go to configured LLMs, embedding models, vector databases, external tools, cdn.anythingllm.com, GitHub, or GitHubusercontent depending on the deployment. Keep provider keys, JWT secrets, workspace invite links, storage paths, private documents, and generated citations out of public prompts, screenshots, issues, and examples.
Prerequisites
  • Local environment capable of building the Archon repository from source.
  • Git access to clone https://github.com/coleam00/Archon.
  • Target project repository where workflow files will be stored.
  • An API key from a supported LLM provider such as Anthropic, OpenAI, or a compatible API.
  • A supported terminal on macOS, Linux, Windows (PowerShell or WSL), or BSD.
  • On Linux/BSD, clipboard helpers (wl-copy/wl-paste for Wayland or xclip/xsel for X11) for clipboard features.
  • Claude Code, since CodeLayer is built on top of it and orchestrates Claude Code sessions.
  • An Anthropic account or API access for the underlying Claude Code agent.
  • A recent CodeLayer build from the project's GitHub releases or the waitlist for early access.
  • Git, since parallel-session workflows rely on worktrees.
  • Node.js 22 or newer for the npm package, or a supported standalone script or Homebrew install path.
  • Provider credentials for Qwen, OpenAI, Anthropic, Gemini, Ollama, vLLM, or another compatible route.
  • A project workspace where file access, shell commands, Auto-Memory, Auto-Skills, SubAgents, Agent Teams, MCP, and hooks are intentionally scoped.
  • A policy for headless mode, daemon mode, IM bot access, IDE plugins, desktop app sessions, and SDK clients before using Qwen Code outside an interactive terminal.
  • Docker for the documented self-hosted path, or the desktop application for a local workstation install.
  • At least the upstream minimum host resources, with disk sized for documents, embeddings, vector storage, models, logs, and backups.
  • A local or remote LLM provider, embedding provider, and optional speech or image models for the workflows the workspace will run.
  • A storage, backup, retention, and access-control plan before ingesting private documents or opening a multi-user Docker instance.
Install
npm install -g @qwen-code/qwen-code@latest
docker pull mintplexlabs/anythingllm
Config
Citations
ClaimUnclaimedUnclaimedUnclaimedUnclaimedUnclaimed
  1. 01
    tools

    Archon

    YAML workflow engine for deterministic, repeatable AI coding agent development.

    Review firstSource-backedReview firstAdded 3d ago
    Safety Privacy
    Why it made the cut

    Archon is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  2. 02
    tools

    Crush

    Terminal-based AI coding agent from Charm with multi-model support, LSP and MCP context, and permission prompts before running tools.

    Review firstSource-backedReview firstAdded 14d ago
    Safety Privacy
    Why it made the cut

    Crush is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  3. 03
    tools

    HumanLayer

    Open-source IDE for orchestrating AI coding agents, built on Claude Code, with parallel sessions, worktrees, and team context engineering.

    Review firstSource-backedReview firstAdded 14d ago
    Safety Privacy
    Why it made the cut

    HumanLayer is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  4. 04
    tools

    Qwen Code

    Run Qwen Code as a terminal coding agent with Auto-Memory, Auto-Skills, SubAgents, Agent Teams, MCP, multi-provider routing, IDE plugins, desktop app, daemon mode, and SDKs.

    Review firstSource-backedReview firstAdded 21h ago
    Safety Privacy
    Why it made the cut

    Qwen Code is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  5. 05
    tools

    AnythingLLM

    Run a local-first AI workspace with document chat, RAG, agents, MCP-compatible tools, model routing, memories, scheduled tasks, and Docker self-hosting.

    Review firstSource-backedReview firstAdded 21h ago
    Safety Privacy
    Why it made the cut

    AnythingLLM is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  6. 06
    tools

    CAMEL-AI CAMEL

    Python multi-agent framework for agent societies, ChatAgent workflows, RAG, tool use, MCP examples, data generation, and large-scale agent research.

    Review firstSource-backedReview firstAdded 21h ago
    Safety Privacy
    Why it made the cut

    CAMEL-AI CAMEL is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  7. 07
    tools

    Cherry Studio

    Use Cherry Studio as a desktop AI client with many model providers, local models, assistants, document handling, WebDAV backup, and MCP support.

    Review firstSource-backedReview firstAdded 21h ago
    Safety Privacy
    Why it made the cut

    Cherry Studio is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  8. 08
    tools

    CopilotKit

    Build agent-native apps with CopilotKit: generative UI, shared state, human-in-the-loop flows, AG-UI, React, mobile, chat, and agent skills.

    Review firstSource-backedReview firstAdded 21h ago
    Safety Privacy
    Why it made the cut

    CopilotKit is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  9. 09
    tools

    Daytona

    Open-source sandbox infrastructure for executing AI-generated code in isolated environments, with SDKs, snapshots, and an optional managed cloud.

    Review firstSource-backedReview firstAdded 14d ago
    Safety Privacy
    Why it made the cut

    Daytona is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  10. 10
    tools

    DeerFlow

    Run a ByteDance super-agent harness with skills, memory, subagents, sandboxes, MCP server support, messaging channels, and LangGraph workflows.

    Review firstSource-backedReview firstAdded 21h ago
    Safety Privacy
    Why it made the cut

    DeerFlow is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  11. 11
    tools

    E2B

    Open-source cloud sandboxes for executing AI-generated code, with Python and JavaScript SDKs and a Code Interpreter package.

    Review firstSource-backedReview firstAdded 14d ago
    Safety Privacy
    Why it made the cut

    E2B is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  12. 12
    tools

    Flowise

    Visual builder for AI agents, RAG apps, chatbots, agentic workflows, multi-agent systems, LangChain components, and self-hosted flow deployment.

    Review firstSource-backedReview firstAdded 21h ago
    Safety Privacy
    Why it made the cut

    Flowise is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  13. 13
    tools

    Hermes Agent

    Run a Nous Research agent with skills, memory, MCP integration, messaging gateway, scheduled automations, subagents, and OpenClaw migration.

    Review firstSource-backedReview firstAdded 21h ago
    Safety Privacy
    Why it made the cut

    Hermes Agent is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  14. 14
    tools

    LangChain4j

    Java/JVM LLM framework for agents, RAG, tool calling, MCP tool providers, vector stores, chat memory, and enterprise Java integrations.

    Review firstSource-backedReview firstAdded 21h ago
    Safety Privacy
    Why it made the cut

    LangChain4j is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  15. 15
    tools

    LibreChat

    Self-hosted ChatGPT-style platform with agents, MCP tools, Skills, Subagents, Code Interpreter, web search, artifacts, multi-provider routing, and auth.

    Review firstSource-backedReview firstAdded 21h ago
    Safety Privacy
    Why it made the cut

    LibreChat is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  16. 16
    tools

    LiveKit Agents

    Realtime voice and multimodal agent framework with STT, LLM, TTS, telephony, MCP, testing, and LiveKit deployment support.

    Review firstSource-backedReview firstAdded 21h ago
    Safety Privacy
    Why it made the cut

    LiveKit Agents is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

Missing a pick? Propose an edit to this list — every change goes through the same review queue as new entries.

Suggest a pick
Weekly · Sundays

Get the weekly brief

One calm read on Claude workflows. Sundays. No tracking pixels.

Unsubscribe any time. No tracking pixels. No partner blasts.