Skip to main content

How Castari Works

Understand how Castari deploys and runs your agents.

Architecture Overview

┌─────────────┐      ┌──────────────────┐      ┌─────────────┐
│   You       │      │  Castari API     │      │  E2B        │
│  (CLI/SDK)  │ ───▶ │  (Control Plane) │ ───▶ │  Sandboxes  │
└─────────────┘      └──────────────────┘      └─────────────┘

                    ┌─────────┼─────────┐
                    ▼         ▼         ▼
              PostgreSQL    Redis    Clerk Auth
Control Plane — Manages agents, secrets, invocations, and usage tracking. E2B Sandboxes — Isolated execution environments where your agents run.

Deployment Flow

When you run cast deploy:
1

Upload Code

Your agent code is uploaded to Castari (or cloned from git).
2

Create Sandbox

An isolated E2B sandbox is created for your agent.
3

Install Dependencies

npm install runs inside the sandbox.
4

Inject Secrets

Any secrets you’ve set become environment variables.
5

Ready

Agent status becomes active. Ready to invoke.

Invocation Flow

When you run cast invoke:
1

Request Received

Your prompt is sent to the Castari API.
2

Sandbox Activated

A fresh sandbox is spun up for this request.
3

Agent Runs

Your agent code executes with the prompt as input.
4

Response Collected

Output is captured and returned to you.
5

Cleanup

Sandbox is destroyed. No state persists.

Per-Request Scaling

Every invocation gets a fresh sandbox. This means:
  • No state leaks — Each request is isolated
  • True security — No cross-request data exposure
  • Automatic scaling — Parallel invocations run in parallel sandboxes
  • No cold starts — Sandboxes are pre-warmed

Agent Entry Point Contract

Your agent communicates via stdin/stdout: 
Input:  prompt → stdin
Output: response → stdout
Example: 
// Read prompt from stdin
let prompt = "";
for await (const chunk of process.stdin) {
  prompt += chunk;
}

// Process and respond
const response = await runAgent(prompt);

// Write to stdout
console.log(response);

Security Model

LayerProtection
SandboxIsolated E2B container
NetworkEgress allowed, no ingress
SecretsEncrypted at rest, injected at runtime
CodeYour code, your sandbox, not shared

Resource Limits

ResourceLimit
Memory2 GB
CPU2 cores
Timeout120 seconds
Disk10 GB
Contact us if you need higher limits for production workloads.

See Also

Agents

Agent structure and lifecycle

Sandboxes

E2B sandbox details

Secrets

Environment variable management

Invocations

Request/response model