The Case for Stateful Serverless in AI Agents
Traditional serverless functions are stateless, requiring external databases to maintain context. Cloudflare’s Durable Objects solve this by providing a stateful compute unit that persists across requests. For AI agents, this is a critical primitive: it allows for long-running processes, persistent connections (WebSockets), and low-latency execution (e.g., 15ms latency in London). By using Durable Objects, developers can handle complex agent requirements like resumable streaming, multi-tab synchronization, and background scheduling out of the box, effectively offloading distributed systems complexity to the platform.
Dynamic Workers: Reclaiming 'Eval' for AI
Cloudflare is introducing Dynamic Workers, a primitive that allows developers to take a string of code—potentially generated by an LLM—and execute it within a sandboxed isolate. Unlike traditional sandboxing that attempts to secure a full VM or container after the fact, Dynamic Workers start from a "zero-trust" baseline: the code has no ambient access to APIs, fetch, or environment variables. Developers explicitly grant capabilities (e.g., allowing outgoing requests only to specific GitHub endpoints). This approach allows for safe execution of user-generated or AI-generated code, effectively acting as a secure, high-performance "eval++" for modern applications.
Practical Applications and Future Tooling
- Generative UI: Instead of generating JSON to be parsed and rendered, agents can generate React or HTML code that is executed and rendered directly, bypassing the need for complex schema-based UI definitions.
- MCP Servers: Durable Objects provide the stateful connections required by the Model Context Protocol (MCP), making them an ideal host for production-ready MCP servers.
- Agentic Harnesses: The team is building a coding agent harness entirely on Workers, leveraging the ability to spin up isolated environments on demand. This includes tools like
worker-bundler, which pulls dependencies from npm and uses Cloudflare’s cache, and a virtual file system (@cloudflare/shell) that layers SQLite and R2 storage for persistent agent state. - Security: By running plugins or user-provided code in Dynamic Workers, platforms can isolate potentially malicious code, preventing the types of security vulnerabilities common in legacy plugin architectures like WordPress.