Introducing the Plural Agent Runtime: Your Kubernetes Cluster as a Coding Agent

Every engineering team has a category of work that sits in permanent purgatory. It's not critical enough to drop everything for, but it's not trivial enough to ignore. CVE remediations that have been on the backlog for three sprints. Boilerplate dependency bumps. The "quick" refactor that nobody ever gets to. These tasks don't require brilliance. They require time. Time that your engineers simply don't have.

The promise of AI coding agents is that this category of work can finally be delegated. But there's a practical problem: where do those agents actually run? Spinning up and managing separate cloud infrastructure for agent execution introduces new complexity, new security concerns, and a new set of costs. You end up needing to manage your agents the way you used to manage your applications, before Kubernetes solved that problem.

We built the Plural Agent Runtime to solve this. Instead of standing up new infrastructure to run your agents, you use the infrastructure you already have.

What Is the Plural Agent Runtime?

The Plural Agent Runtime is a feature that allows you to use your existing Kubernetes clusters as the compute infrastructure for running coding agents. Your cluster handles the scheduling, isolation, and resource management. Plural handles the integration with your repositories, your keys, and your preferred models. You just provide the task.

The result is a fully autonomous coding agent that runs entirely within your infrastructure perimeter, sandboxed, compliant, and ready to start clearing your backlog.

How It Works: From CRD to Pull Request

The Agent Runtime is designed to feel native to a Kubernetes-centric workflow, because it is. The entire configuration lives in a Custom Resource Definition. You declare the type of coding agent you want to use, opt into the capabilities you need, and specify your keys and model configuration. Once the CRD is applied, the runtime is available for any user or group you grant access to.

From there, invoking an agent is a matter of providing a prompt and selecting the repository you want it to act on. The agent takes it from there. It runs in an isolated Docker container on your cluster, with full access to the capabilities you've configured. When it's done, you get a complete run history showing every command it executed and every decision it made. If the task was a code change, you also get a pull request ready for your review. The human stays in the loop on the output without being in the loop on the execution.

Secure by Design: Sandboxing, Networking, and Compliance

Running an autonomous agent on your infrastructure requires that you actually trust the environment it's running in. We designed the Agent Runtime with that constraint in mind.

Every agent run is executed in an isolated Docker container on your cluster. Kubernetes provides the sandbox, and you control the security and networking constraints applied to it. Because the runtime lives on your own infrastructure and uses keys you provide, you can deploy coding agents in environments with strict compliance requirements, with no need to route sensitive credentials or code through third-party services.

Built for Real Engineering Tasks: Docker, Browsers, and Testing

A coding agent that can only write code is only half-useful. The Plural Agent Runtime is built to handle the full lifecycle of a typical engineering task, including actually verifying that the change works.

We've added built-in support for Docker-in-Docker, so agents can build container images to validate their changes. They can also run tests against services orchestrated with Docker Compose, meaning an agent working on a change to a backend service can stand up the entire local environment and confirm the tests pass before creating the PR. For teams that rely on end-to-end testing, we've also included the ability to mount a headless Chromium instance, giving agents the ability to run Playwright or Cypress test suites against a real browser environment.

The result is an agent that doesn't just write code. It produces a PR you can merge with confidence.

Two Modes: Act or Analyze

Not every task requires a code change. Sometimes you need to understand a codebase before you can act on it.

The Agent Runtime supports two distinct execution modes. In the default mode, the agent analyzes the codebase, plans its approach, and implements the change, culminating in a pull request. In Analyze mode, the agent conducts the same agentic search through your repositories but delivers a summary and analysis rather than a diff. This is useful for getting implementation plans, understanding an unfamiliar service, or exploring the scope of a potential change before committing to it.

A Natural Starting Point: CVE Remediation

One of the most immediate applications for the Agent Runtime is CVE remediation. Plural already surfaces detected vulnerabilities directly in the platform. With the Agent Runtime, you can take any of those CVEs and dispatch an agent to fix it in a single action.

This is a near-perfect fit for the technology. The fix is typically well-scoped and deterministic. The change needs to be validated, which Docker-in-Docker handles. And the output needs human review, which a PR provides. An engineer who used to spend an afternoon working through a list of ten CVEs can now spend ten minutes reviewing ten pull requests.

Integrating Into How Your Team Already Works

The Agent Runtime is designed to operate as a background job. You trigger it, step away, and come back to a PR. But we also recognize that the most natural place to delegate a task is wherever your team is already working.

We're actively building integrations with task tracking systems including GitHub Issues and Linear, as well as Slack, so you can assign a task to an agent directly from the channel where you're discussing it. The agent will either create a PR or return an analysis depending on what you ask for, directly in that same thread. The goal is to make delegating to an agent as frictionless as assigning a ticket to a colleague.

From Backlog to Background Job

The medium-difficulty backlog has always been a tax on engineering teams. Not important enough to prioritize, but not unimportant enough to ignore. It just sits there, slowly accumulating.

The Plural Agent Runtime gives you a way to start clearing it. By giving coding agents a secure, capable, and Kubernetes-native place to run, we're removing the biggest practical barrier to putting them to work on real tasks. You get the sandboxing and compliance guarantees of running inside your own infrastructure, the depth of execution that comes from full Docker and browser support, and the safety net of a PR-based review process. Your engineers get back their time.

Try the Plural Agent Runtime today. Book a demo to see it in action.