Read every line.
No black boxes.
SAM is fully open source under AGPL-3.0. Your security team can audit the control plane, the VM agent, the credential handling, and the deployment pipeline. No vendor trust required.
Full Source Visibility
Every component is in the public repository: the Cloudflare Worker API, the React control plane, the Go VM agent, the cloud-init templates, the deployment scripts. There is no closed-source companion, no proprietary backend, no "enterprise edition" with hidden code.
Security teams can trace exactly how credentials are encrypted, how tokens are issued, how VMs are provisioned, and how agent sessions are isolated.
AGPL-3.0 License
The AGPL ensures that modifications to the platform remain open. If you self-host and modify SAM, your changes stay visible. This creates a trust guarantee that no proprietary fork can silently change the security model.
For organizations that need commercial licensing terms, reach out. But for most enterprise use cases, the AGPL is a feature, not a limitation.
No Vendor Trust Required
When you use a proprietary agent platform, you trust their claims about security, isolation, and data handling. When you use SAM, you verify. The encryption implementation, the VM isolation model, the credential storage are all auditable. Every architectural decision is documented in ADRs.
Fork If You Need To
If SAM's roadmap diverges from your needs, you can fork. Your deployment, your modifications, your timeline. You're never held hostage by a vendor's priorities, pricing changes, or product pivots.
Ready to run multi-agent workflows at scale?
Self-host on Cloudflare's free tier. Bring your own cloud. Your agents, your infrastructure.