The Open Source Drop #1: Agent sandboxes, semantic diffs, and a database TUI you'll actually enjoy

Coldcast Lens

Goose is Block's (Square's) open-source AI coding agent — not an autocomplete tool like Copilot, but a full autonomous agent that can plan, build, test, and debug entire features. Think Claude Code but model-agnostic: use Claude for complex work, GPT-4o for routine tasks, or a local Ollama model for private code, all in the same session. If you want AI coding without vendor lock-in or monthly subscriptions, Goose is compelling. Claude Code costs $200/month and locks you to Anthropic. Cursor is $20-200/month with its own model preferences. Goose is free (Apache 2.0) — you just pay for API calls. Block reports 60% of their workforce uses it weekly. The catch: Goose is still young and rough around the edges compared to Claude Code's polish. The extension ecosystem is thin. And "model-agnostic" means you're responsible for picking the right model for each task — there's no single provider optimizing the experience for you. The ceiling is high, but so is the setup cost.

Coldcast Lens

Boxlite gives AI agents their own sandboxed VMs with actual hardware isolation — not containers, not namespaces, but real separate kernels. Each "Box" is persistent, stateful, and snapshot-able, so your agent can install packages, modify files, and pick up where it left off. Run it locally first, scale out when ready. If you're building AI agents that execute code and need isolation stronger than Docker, Boxlite is the self-hosted option. E2B is the market leader with Firecracker microVMs and half the Fortune 500 as customers. Modal handles GPU workloads and serverless compute that Boxlite doesn't touch. Daytona offers development environments as a service. The catch: Boxlite is nascent — 1,600 stars, early-stage project. E2B has years of production hardening and a massive SDK ecosystem. Boxlite's persistence model is a differentiator but also means you're managing stateful VMs, not ephemeral sandboxes. The project runs on your infrastructure, so you own the scaling, security, and maintenance. For production agent workloads, E2B is the safer bet today.

Coldcast Lens

Sem is git diff for people who think in functions, not lines. It parses code through tree-sitter into an AST and computes semantic diffs — showing you that a function was renamed, a parameter was added, or a method moved between classes. Not "line 42 changed," but "getUserById was renamed to findUserById and gained a cache parameter." Supports 21 languages. If you're doing code review and want diffs that match how you actually think about changes, sem is a revelation. Standard git diff is the baseline everyone tolerates. Difftastic is the structural diff alternative focused on display quality. GitHub's code review UI is what most teams use daily but only shows line-level changes. The catch: sem is nascent — 945 stars, early-stage CLI tool. The 21-language support via tree-sitter is broad but parser quality varies by language. Impact analysis ("what breaks if I change this function") is promising but depends on accurate dependency graphs that aren't always complete. And integrating sem into existing git workflows and CI pipelines requires custom scripting — there's no GitHub Action or IDE plugin yet.

Coldcast Lens

sqlit is lazygit but for databases. A keyboard-driven TUI that connects to basically everything — Postgres, MySQL, SQLite, SQL Server, DuckDB, Snowflake, even Turso and Cloudflare D1. Vim-style editing for queries, syntax highlighting, and SSH tunneling built in. DBeaver is the heavyweight GUI alternative that does everything but slowly. TablePlus is the polished commercial option ($99). psql/mysql CLI clients are free but raw. lazysql is another Go-based TUI alternative with fewer database drivers. Use sqlit if you live in the terminal and need to quickly inspect or query databases without leaving your workflow. The connection manager and Docker container auto-detection are nice touches. MIT licensed, Python-based. The catch: it's very new (3.9K stars, early 2026 launch). Expect rough edges — missing features, undocumented behaviors, and the occasional crash. Python TUI apps can feel sluggish compared to Rust/Go alternatives on large result sets. And if you're already happy with TablePlus or DataGrip, the TUI workflow might be a downgrade, not an upgrade.