v0.1.0 — Beta · BYOK · 6 providers

The AI coding agent
for production codebases.

DevPilot reads repositories, searches code semantically, applies precise patches, runs tests, and opens pull requests — autonomously. Bring your own API keys. Connect any provider.

Start building →View on GitHub

avg latency

1.1s

tokens/run

820

patch accuracy

98.4%

providers

tools

devpilot — agent

Architecture

Full-stack agent infrastructure, not a chatbot wrapper.

DevPilot runs an autonomous agent loop with real tool access. The system retrieves precise code context using semantic embeddings (RAG), reads and writes actual files via GitHub API, executes shell commands, and routes LLM calls across providers based on task type.

—Agent loop with configurable max steps

—ChromaDB-backed semantic code search

—Unified diff generation + GitHub write-back

—Provider routing: task-type aware

—Supabase auth + per-user BYOK key storage

Developer

DevPilot UI

Agent Loop

RAG / Embeddings

GitHub API

LLM Providers

Core

UI / Auth

LLM Providers

Capabilities

Six tool primitives.
Infinite task surface.

Every agent run is a composition of these six tools. The agent decides which to call, in what order, based on the task. Tool calls are logged in real time in the execution panel.

search_repo()

Semantic code search via embeddings

read_file()

Read file contents from any branch

write_file()

Write modified file back to repo

list_files()

Enumerate repository structure

run_command()

Execute shell commands and tests

generate_patch()

LLM-powered unified diff generation

Agent Workflow

Deterministic by default.
Adaptive when needed.

The agent loop is configured with a maximum step count. Each step has a defined action and produces a logged observation. You see exactly what the agent does — no black boxes.

⌥

Connect Repository

Point DevPilot at any GitHub repository. The agent indexes code semantically using embeddings for precise context retrieval.

github.com/org/repo@main

◊

Describe the Task

Write a natural-language instruction. Refactor, fix, document, test — any coding intent expressed in plain language.

"Add rate limiting to /api/auth endpoints"

⟳

Agent Executes

The agent loop runs autonomously: search → read → reason → patch. Each step is logged and inspectable in real time.

4 steps · 1.4s · 891 tokens

⎇

Review & Apply

Inspect the unified diff before committing. Accept, reject, or iterate. The agent can open PRs directly from the interface.

feat/rate-limiting → open PR

Bring Your Own Keys

Your keys. Your models.
Your cost control.

DevPilot stores your API keys encrypted per-user in Supabase. When you run an agent task, your key is retrieved and sent directly to the provider — DevPilot never proxies or logs your requests. Platform fallback keys are used only when no user key is found.

# Key resolution order

1. user.api_keys[provider] → BYOK

2. env.PLATFORM_KEY → fallback

3. raise HTTPException(400) → no key

OpenAI

gpt-4ogpt-4-turbo+1

Anthropic

claude-3.5-sonnetclaude-3-haiku

Groq

llama-3.1-70bmixtral-8x7b

Gemini

gemini-1.5-progemini-flash

DeepSeek

deepseek-coderdeepseek-chat

OpenRouter

any model via proxy

Security

⊕

Zero-proxy key handling

API keys are retrieved server-side only at runtime. Never stored in logs or sent to client.

⊗

JWT auth via Supabase

All API routes require a valid Supabase JWT. User identity is verified on every request.

⊘

Scoped GitHub access

Repository access uses OAuth tokens with minimum required scopes. Read by default, write only when explicitly applied.

Ship faster with an agent that
actually understands your code.

Connect a repository, describe a task, and watch DevPilot execute — with full observability at every step.

Get started for free Read the docs

The AI coding agentfor production codebases.