Anthropic adds self-hosted sandboxes and MCP tunnels to Claude Managed Agents
Key Takeaways
- Anthropic introduces self-hosted sandboxes for running AI agent tools on company infrastructure.
- MCP tunnels allow agents to access internal databases and APIs securely without exposing them to the public internet.
- Agent orchestration remains on Anthropic’s servers, allowing companies more control over tool execution but not full model execution.
Anthropic has expanded its Claude Managed Agents by adding self-hosted sandboxes and MCP tunnels. This move grants companies greater autonomy in managing where their AI agents run tools and what internal services they can access.
The introduction of these features means that tool execution for AI agents is now carried out within the customer’s own infrastructure, ensuring sensitive files and repositories remain contained. Companies have the flexibility to choose their CPU, memory, and runtime image, or opt for managed providers like Cloudflare, Daytona, Modal, or Vercel.
MCP tunnels further enhance this by enabling agents to connect securely with internal databases and APIs without being exposed to the public internet. This is achieved through a lightweight gateway that sets up an end-to-end encrypted connection, allowing agents to interact with their company’s private systems as tools.
While these additions provide significant control over where AI agent tools are executed, Anthropic has maintained the responsibility for orchestrating the actual agent loop on its own servers. This ensures context management, error handling, and the execution of the agent loop remain within Anthropic’s infrastructure.
The features are currently in early stages; self-hosted sandboxes are available as a public beta, while MCP tunnels are only accessible via request for research purposes.
Stay ahead of AI. Get the most important stories delivered to your inbox — no spam, no noise.
