Launch HN: Cua (YC X25) – Open-Source Docker Container for Computer-Use Agents

71 points by frabonacci 3 hours ago

Hey HN, we’re Francesco and Alessandro, the creators of c/ua (https://www.trycua.com), a Docker‑style container runtime that lets AI agents drive full operating systems in lightweight, isolated VMs. Our entire framework is open‑source (https://github.com/trycua/cua), and today we’re thrilled to have our Launch HN!

Check out our demo to see it in action: https://www.youtube.com/watch?v=Ee9qf-13gho, and for more examples - including Tableau, Photoshop, CAD workflows - see the demos in our repo: https://github.com/trycua/cua.

For Computer-Use AI agents to be genuinely useful, they must interact with your system's native applications. But giving full access to your host device is risky. What if the agent's process gets compromised, or the LLM hallucinates and leaks your data? And practically speaking, do you really want to give up control of your entire machine just so the agent can do its job?

The idea behind c/ua is simple: let agents operate in a mirror of the user’s system - isolated, secure, and disposable - so users can fire-and-forget complex tasks without needing to dedicate their entire system to the agent. By running in a virtualized environment, agents can carry out their work without interrupting your workflow or risking the integrity of your system.

While exploring this idea, I discovered Apple’s Virtualization.Framework and realized it offered fast and lightweight virtualization on Apple Silicon. This led us to build a high-performance virtualization layer and, eventually, a computer-use interface that allows agents to interact with apps just like a human would - without taking over the entire system.

As we built this, we decided to open-source the virtualization core as a standalone CLI tool called Lume (Show HN here: https://news.ycombinator.com/item?id=42908061). c/ua builds on top of Lume, providing a full framework for running agent workflows inside secure macOS or Linux VMs, so your system stays free for you to use while the agent works its magic in the background.

With Cua you can build an AI agent within a virtual environment to: - navigate and interact with any application's interface; - read screen content and perform keyboard/mouse actions; - switch between applications and self-debug when needed; - operate in a secure sandbox with controlled file access. All of this occurs in a fully isolated environment, ensuring your host system, files, and sensitive data remain completely secure, while you continue using your device without interruption.

People are using c/ua to: - Bypass CryptoJS-based encryption and anti-bot measures to interact with modern web apps reliably; - Automate Tableau dashboards and export insights via Claude Desktop; - Drive Photoshop for batch image editing by prompt; - Modify 3D models in Fusion 360 with a CAD Copilot; -Extract data from legacy ERP apps without brittle screen‑scraping scripts.

We’re currently working on multi‑VM orchestration for parallel agentic workflows, Windows and Linux VM support, and episodic and long-term memory for CUA Agents.

On the open‑source side, c/ua is 100 % free under the MIT license - run it locally with any LLM you like. We’re also gearing up a hosted orchestration service for teams who want zero‑ops setup (early access sign‑ups opening soon).

We’d love to hear from you. What desktop or legacy apps do you wish you could automate? Any thoughts, feedback, or horror stories from fragile AI automations are more than welcome!

swanYC 10 minutes ago

Love this !

brap 2 hours ago

Congrats on the launch!

I don’t know if this is a problem you’ve faced, but I’m curious: how do LLM tool devs handle authn/authz? Do host apps normally forward a token or something? Is there a standard commonly used? What if the tool needs some permissions to act on the user’s behalf?

winwang an hour ago

Congrats! How do you guys deal with SOC2/HIPAA/etc.? Or are those separate concerns?

farazmsiddiqi an hour ago

i love this — isolation and permissioning for computer use agents. why can’t i use regular docker containers to deploy my computer use agent?

xdotli an hour ago

THIS IS FIRE been wanting this for ages

brene 2 hours ago

will this also be available as a hosted service? Or do you have instructions on how to manage a fleet of these manually while you're building the orchestration workflows?

frabonacci 2 hours ago

Yes, we’re currently running pilots with select customers for a hosted service of Cua supporting macOS and Windows cloud instances. Feel free to reach out with your use case at founders@trycua.com

tomatohs 3 hours ago

Would love to use this for TestDriver, but needs to support Windows :*(

frabonacci 2 hours ago

Windows host support is on our roadmap - we're currently exploring virtualization options with KVM/QEMU. Please join the discussion on our Discord: https://discord.com/invite/mVnXXpdE85

rahimnathwani 2 hours ago

I tried this three times. Twice a few days ago and once just now.

First time: it opened a MacOS VM and started to do stuff, but it got ahead of itself and starting typing things in the wrong place. So now that VM has a Finder window open, with a recent file that's called

  plt.ylabel('Price(USD)').sh

The second and third times, it launched the VM but failed to do anything, showing these errors:

  INFO:cua:VM run response: None
  INFO:cua:Waiting for VM to be ready...
  INFO:cua:Waiting for VM macos-sequoia-cua_latest to be ready (timeout: 600s)...
  INFO:cua:VM status changed to: stopped (after 0.0s)
  DEBUG:cua:Waiting for VM IP address... Current IP: None, Status: stopped
  DEBUG:cua:Waiting for VM IP address... Current IP: None, Status: stopped
  DEBUG:cua:Waiting for VM IP address... Current IP: None, Status: stopped
  INFO:cua:VM status changed to: running (after 12.4s)
  INFO:cua:VM macos-sequoia-cua_latest got IP address: 192.168.64.2 (after 12.4s)
  INFO:cua:VM is ready with IP: 192.168.64.2
  INFO:cua:Initializing interface for macos at 192.168.64.2
  INFO:cua.interface:Logger set to INFO level
  INFO:cua.interface.macos:Logger set to INFO level
  INFO:cua:Connecting to WebSocket interface...
  INFO:cua.interface.macos:Waiting for Computer API Server to be ready (timeout: 60s)...
  INFO:cua.interface.macos:Attempting WebSocket connection to ws://192.168.64.2:8000/ws
  WARNING:cua.interface.macos:Computer API Server connection lost. Will retry automatically.
  INFO:cua.interface.macos:Still waiting for Computer API Server... (elapsed: 10.0s, attempts: 11)
  INFO:cua.interface.macos:Still waiting for Computer API Server... (elapsed: 20.0s, attempts: 21)
  INFO:cua.interface.macos:Still waiting for Computer API Server... (elapsed: 30.0s, attempts: 31)
  WARNING:cua.interface.macos:Computer API Server connection lost. Will retry automatically.
  INFO:cua.interface.macos:Still waiting for Computer API Server... (elapsed: 40.0s, attempts: 41)
  INFO:cua.interface.macos:Still waiting for Computer API Server... (elapsed: 50.1s, attempts: 51)
  ERROR:cua.interface.macos:Could not connect to 192.168.64.2 after 60 seconds
  ERROR:cua:Failed to connect to WebSocket interface
  DEBUG:cua:Computer initialization took 76856.09ms
  ERROR:agent.core.agent:Error in agent run method: Could not connect to WebSocket interface at 192.168.64.2:8000/ws: Could not connect to 192.168.64.2 after 
  60 seconds
  WARNING:cua.interface.macos:Computer API Server connection lost. Will retry automatically.

This was using the gradio interface, with the agent loop provider as OMNI and the model as gemma3:4b-it-q4_K_M

These versions:

  cua-agent==0.1.29
  cua-computer==0.1.23
  cua-core==0.1.5
  cua-som==0.1.3

frabonacci 2 hours ago

Thanks for trying out c/ua! We still recommend pairing the Omni loop configuration with a more capable VLM, such as Qwen2.5-VL 32B, or using a cloud LLM provider like Sonnet 3.7 or OpenAI GPT-4.1. While we believe that in the coming months we'll see better-performing quantized models that require less memory for local inference, truth is we're not quite there yet.
Stay tuned - we're also releasing support for UI-Tars-1.5 7B this week! It offers excellent speed and accuracy, and best of all, it doesn't require bounding box detection (Omni) since it's a pixel-native model.
- rahimnathwani an hour ago
  
  Thanks. I'll try that, but right now it's not working at all, i.e. cua can't interact with the VM at all. That's a not a model issue.
  
  frabonacci an hour ago
  
  If you're running Cua from VS Code or Cursor, have you checked out this issue? https://github.com/trycua/cua/issues/61
  Feel free to ping me on Discord (I'm francesco there) - happy to hop on a quick call to help debug: https://discord.com/invite/mVnXXpdE85

ekarabeg 2 hours ago

Congrats on the launch! Awesome product!

frabonacci 2 hours ago

Thanks — we really appreciate your support!

zwenbo 3 hours ago

Amazing product! Congrats on the launch!

frabonacci 2 hours ago

Thank you so much - we truly appreciate your support!

jameskuj 3 hours ago

A superfan of this product!

frabonacci 2 hours ago

Thank you - your support means a lot to us!

SkylerJi an hour ago

This is insane y'all

mountainriver 3 hours ago

This is cool! We built a similar thing with AgentDesk https://github.com/agentsea/agentdesk

Would love to chat sometime!

frabonacci 2 hours ago

I love AgentDesk’s take on Kubernetes - it’s something we had considered as well, but it didn’t make much sense for macOS since you can only spin up two macOS VMs at a time due to Apple’s licensing restrictions.
Feel free to join our Discord so we can chat more: https://discord.com/invite/mVnXXpdE85
- mountainriver an hour ago
  
  Thats a fantastic way to get your IP banned :)
reindent 2 hours ago

That's great.
Also built something on top of Browser Use (Nanobrowser) and Docker.
https://github.com/reindent/nanomachine
Just finished planning and shell capabilities
Lets chat @reindentai (X)
- frabonacci 2 hours ago
  
  Sure - just followed you back!