Skip to main content
New aislop v0.12.0: terminal-native agent repair sessions, calibrated scoring, and cleaner command output. Read the changelog →
Documentation

aislop Agent.

An LLM coding agent gated by a deterministic score. Not another PR reviewer, but an agent that improves the code until the engine says it's good.

Status

Private beta. Rolling out to all hosted-platform customers through 2026. Request access to be in the first wave.

What it is

Most "AI code review" tools are LLMs reviewing code after a human writes it. The Agent is the inverse: an LLM that writes code, with the deterministic aislop engine acting as judge.

You point it at a path: /auth, packages/checkout, a single file, anything. It iterates:

  1. 01 scan: runs aislop scan against the path, gets a score and a list of findings.
  2. 02 propose: sends findings + file contents to the LLM, gets back a JSON diff (no shell access, no arbitrary code execution).
  3. 03 apply: writes the proposed edits inside an isolated microVM (E2B sandbox).
  4. 04 re-scan + gate: if the score regressed, revert the edit and try again. If it improved but is below threshold, loop. If above threshold, exit.
  5. 05 PR: when the threshold is met, push to a fresh branch and open a pull request with the diff, cost report, and per-iteration trail.

Sample run

Real session output from a 6-file refactor: 

# Spawn agent on /auth, target score 90, budget $1.00

[i] Cloning your-org/your-repo · sandbox up in 84ms
[i] Initial scan · aislop ci /auth78 / 100 · 9 findings

> Iteration 1 · LLM proposed 4 edits · $0.038
  - auth/middleware.ts:47  fix swallowed exception
  - auth/users.ts:12       remove narrative comments
  - auth/sessions.ts:8     drop unused import
  - auth/jwt.ts:91         narrow as any cast

[ok] Re-scan → 86 / 100 · 4 findings · accepted

> Iteration 2 · LLM proposed 3 edits · $0.041
[ok] Re-scan → 94 / 100 · 1 finding · accepted · threshold met

[i] Pushed branch aislop/agent/abc123
[i] Opened PR #274

────────────────────────────────────────
   94 / 100 Healthy · +16 from 78
   2 iterations · 6 files · 47 sec wall-clock
   Cost: $0.32 (LLM $0.30 + sandbox $0.02)

Why this is structurally different

Three properties no LLM-only tool has:

Reproducible convergence

The score is deterministic. Same code in, same number out. The agent is measured against a fixed target, so it actually converges. CodeRabbit and Greptile use one LLM to score another LLM's work, so both sides drift, no fixed point.

Hard score gate

If a proposed edit drops the score, it's reverted. If iterations exhaust without hitting threshold, the agent exits with partial changes. The agent literally cannot ship code that's worse than what it started with.

Sandboxed by default

Every session runs in an ephemeral Firecracker microVM (via E2B). Cloned repo, no persistent state, killed on exit. The LLM never gets shell access; it proposes JSON edits the host applies. Tight blast radius.

Cost model

Each session costs a few cents in compute, dominated by LLM tokens:

Component Per session
LLM (Claude Sonnet, ~3 iterations) ~$0.12
Sandbox (2 vCPU, ~90 sec wallclock) ~$0.006
Total typical ~$0.13

Per-session and per-org budgets are enforced server-side. The agent will not exceed your spend cap.

Pricing tiers

Sessions are bundled into hosted plans. See full pricing.

Team
$20 / dev / month

50 agent sessions/month included · $0.20 per additional

Business
$40 / dev / month

200 agent sessions/month included · $0.10 per additional

Enterprise
From $30k / year

Unlimited sessions · bring-your-own LLM key

Trigger surfaces

  • Dashboard button: every project page has a "Spawn aislop agent" action. Live session view streams iteration deltas. (v1)
  • Slack slash command: /aislop fix /auth kicks a session, posts updates back to the channel. (v2)
  • PR mention: @scanaislop-bot fix the warnings in any PR comment spawns a session targeting the changed files. (v2)
  • Public-repo agent: open-source maintainers will be able to invite the agent on their repos via instant-scan URLs. (post-v1)

Safety guarantees

  • Always opens a pull request, never direct-commits to any branch.
  • Branch naming is deterministic: aislop/agent/<session-id>.
  • The LLM proposes JSON edits; the host applies them. The LLM never has shell access inside the sandbox.
  • Each session runs in a fresh microVM. Killed on completion. No persistent state.
  • Per-session budget cap. Per-org daily budget cap. Per-org concurrency cap. None overrideable from the LLM.
  • Full audit log: every spawn, every iteration, every cost event recorded.

Get access

The Agent is in private beta with hosted-platform customers. To join the first wave:

Request beta access