Core Concepts

NanoTerm gives agents a governed workspace instead of a raw shell. This page is positioning, not a manual — every concept has a deep-dive page in the sidebar.

Workspaces

A workspace is an isolated, stateful Linux environment. Files persist across commands; resources are bounded; the agent sees only its own process tree. Each workspace has a lifecycle (running, stopped, removed) and a size class for CPU and memory.

Execution

Two modes. One-shot for deterministic steps that produce a result an agent can parse. Interactive PTY for multi-step workflows that need live feedback — the mode you want when running a coding agent inside the workspace.

Organizations

Top-level tenant. Workspaces, API keys, audit logs, and billing all scope here. Teams join an organization by invitation.

API Keys

Programmatic access is authenticated with API keys. Each key has a permission level, an optional expiry, and can be revoked at any time. The full key value is visible once at creation — store it immediately.

Snapshots

Capture a workspace's state at a point in time and restore it into a new workspace. Useful for branching experiments, rolling back a failed run, or caching expensive setup.

Audit & Governance

Every command the agent runs is recorded with its outcome. Policies (coming soon) let you constrain what an agent is allowed to execute and which network destinations it can reach — so autonomy doesn't mean loss of control.

Workspaces​

Execution​

Organizations​

API Keys​

Snapshots​

Audit & Governance​