deer-flow is ByteDance's open-source SuperAgent orchestration framework, designed for tasks that take minutes to hours rather than seconds. Rather than a single agent loop, deer-flow implements a lead agent that decomposes complex tasks into parallelizable sub-tasks, spawns scoped sub-agents with isolated contexts, runs them concurrently, and synthesizes their outputs into coherent results. Each agent runs in an isolated Docker container with real filesystem access and a bash terminal — actual compute, not a sandbox emulation. At 62,800+ GitHub stars and #1 on GitHub Trending in February 2026, it is one of the largest agent frameworks in the ecosystem. Built on LangGraph and LangChain, deer-flow targets enterprise-grade deployment with explicit production hardening documentation: 8+ vCPU / 16GB RAM minimum, IP allowlisting, VLAN isolation, and Docker-based production mode.
deer-flow reframes the agent problem: instead of making a single agent smarter, it gives agents better infrastructure. The framework’s core abstraction is a lead agent that plans at the task level — decomposing complex requests into sub-tasks that can run concurrently — while sub-agents handle execution within Docker-isolated environments with real compute access. The design targets tasks that “take minutes to hours”: research pipelines, multi-step code generation, content workflows, and autonomous data processing.
At 62,800+ stars and #1 on GitHub Trending when version 2 launched in February 2026, deer-flow is one of the largest agent frameworks available. The ByteDance engineering team has produced production-deployment documentation that is notably serious for an open-source project: minimum hardware specifications, Docker-based deployment modes, and explicit network isolation recommendations.
Task decomposition: The lead agent receives a complex task and produces a decomposed execution plan — a directed graph of sub-tasks with dependency relationships. Sub-tasks that don’t depend on each other are marked for concurrent execution.
Sub-agent spawning: Each sub-task spawns a sub-agent with a scoped context window containing only what it needs. This prevents context bloat that degrades reasoning quality in long-horizon tasks.
Isolated execution: Sub-agents execute within Docker containers. They have access to a bash terminal and filesystem — they run commands, install packages, write files, and call APIs. The agent does not suggest a bash command; it runs it.
Memory persistence: An asynchronous debounced queue tracks user preferences, project state, and discovered facts across sessions. Sub-agents can read from and write to this shared memory, enabling continuity across multi-session tasks.
Convergent synthesis: The lead agent aggregates sub-agent outputs into a coherent final result, resolving conflicts and filling gaps where sub-tasks produced inconsistent results.
ByteDance provenance: VentureBeat noted that “ByteDance provenance may trigger organizational review processes.” Regulated industries and US government-adjacent environments should route procurement review before deploying. The codebase is MIT-licensed and fully auditable — but organizational origin matters for some compliance frameworks.
Security posture: The Docker sandbox is the primary security boundary. deer-flow’s own documentation warns against untrusted network exposure and recommends IP allowlisting and VLAN isolation for server deployments. Sub-agent spawning rates should be monitored; an unconstrained lead agent can generate significant compute load.
Resource requirements: 8+ vCPU and 16GB RAM minimum for server deployment. The parallel execution model is compute-intensive by design.
Engineering teams building long-horizon autonomous workflows — research pipelines, content automation, multi-step code generation — who need the infrastructure layer to run agents reliably at scale. Teams already using LangGraph for orchestration will find deer-flow’s architecture immediately familiar. Not recommended for customer-facing deployments where adversarial users could reach agents with untrusted input without additional input sanitization.
Persistent memory layer for AI coding agents — benchmark-backed (95.2% on LongMemEval-S), 92% fewer tokens per session vs full-context pasting, zero manual memory.add() calls.
Open-source AI pair programming tool that works in your terminal to edit code across your entire repository.
AWS's AI-powered coding assistant that helps developers build, deploy, and optimize applications on AWS with code generation and transformation.