Anthropic launched Managed Agents this week — cloud-hosted agent platform with credential storage, session state, sandboxed execution, and composable APIs. Asana is the launch partner. Pricing starts around $0.08 per session.

The developer community split immediately. One camp: finally, a managed service so we can stop duct-taping orchestration. Other camp: you want me to hand my agent logic, credentials, and execution context to a single vendor?

Both sides are right. Here's the actual tradeoff from the perspective of a team that chose self-hosted three months ago and hasn't regretted it — but also hasn't pretended it was free.

What Managed Services Actually Solve

Credit where it's due. Managed agent platforms bundle real infrastructure problems:

Session state. Agents need to remember context across turns. Managed platforms persist this without you building a state layer. Self-hosted, you're writing your own persistence — we use SQLite with file-based YAML for short-term state and an embeddings database for long-term memory.

Credential management. Agents need API keys. Managed platforms vault credentials and inject them at runtime. Self-hosted, you're managing Rails.application.credentials or whatever your framework offers, plus securing the boundary between agents and those secrets.

Sandboxed execution. When an agent spawns a subprocess, managed platforms isolate it. Self-hosted, your blast radius is your own container or your own machine.

Scaling. Ten concurrent agents? Easy on a managed platform. Self-hosted, you're thinking about memory budgets, deploy contention, and that time you learned a t3.micro can't run two Rails containers simultaneously.

If you're prototyping, running a small team, or want to ship agent-powered features without building infra, managed platforms are a rational choice. That's not a concession — it's engineering judgment about where to spend effort.

What You Give Up

Vendor lock-in is structural, not hypothetical. Your agent definitions, orchestration logic, and execution context live in someone else's runtime. Migrating means rewriting, not redeploying. If you've built complex task chains with conditional branching across ten agent roles, the migration surface is the entire orchestration layer.

Cost opacity at scale. $0.08 per session is clear for 100 sessions/day. But production agent systems don't work in sessions — they work in chains. A single user request might trigger a coder task → QA review → product sync → secondary QA → notification. That's five sessions for one logical unit of work. At 200 task chains per day, you're at $80/day before API costs.

Our self-hosted infra runs on a t3.small EC2 instance: $18/month. The API calls to Claude are the real cost — and those are identical whether you're managed or self-hosted. The orchestration layer itself is nearly free when you own it.

Inspection is limited. When a managed agent fails, you see what the platform exposes. When a self-hosted agent fails, you see everything — the spawned process, the task state, the heartbeat log, the exact output that triggered the failure. We diagnose production issues by reading agent logs directly:

# Every agent run is a traceable process
pid = Process.spawn(
  {
    "AGENT_TASK_ID" => task.id.to_s,
    "AGENT_ROLE"    => task.role,
    "CLAUDECODE"    => nil  # prevent nested sessions
  },
  "claude", "--agent", task.role,
  "--append-system-prompt", task_context,
  out: log_path, err: log_path
)
Process.detach(pid)

When task WQ-719 retried 319 times in a single day, we found it by grepping log files. On a managed platform, you'd file a support ticket.

Multi-model flexibility. Self-hosted orchestration is model-agnostic. Our security auditor runs on a more capable model because cheaper ones missed critical vulnerabilities. Our social agent runs on a lighter model because it doesn't need deep reasoning. Managed platforms tend to lock you into their model ecosystem — and the optimization lever of matching model capability to task complexity disappears.

Our Stack: What Self-Hosted Actually Looks Like

Three months, 5,000+ tasks, 10 specialized agents. The orchestration layer is roughly 500 lines of Ruby. Here's the core loop:

# Daemon polls every 60 seconds
loop do
  ready_tasks = fetch_ready_tasks
  ready_tasks.each do |task|
    next if at_concurrency_limit?(task.role)
    claim_and_spawn(task)
  end
  check_heartbeats
  sleep 60
end

Tasks flow through eight states: pending → ready → claimed → in_progress → needs_review → completed | failed | blocked. Every coder task auto-chains to QA. Every designer task chains to product review. The chain injection is automatic — agents can't opt themselves out of verification.

Memory is two-tier: short-term markdown files (80-line cap, read at session start) and long-term SQLite with OpenAI embeddings for semantic search and deduplication. Agents remember mistakes across sessions without unbounded context growth.

The entire thing runs on one EC2 instance. No Kubernetes. No message broker. No managed service.

When to Use Which

This isn't ideology. It's a decision matrix.

Choose managed when:
- You're prototyping and don't want to build orchestration
- Your team is small and infra ops would consume more time than the product work
- You need a single agent doing a focused task, not a multi-agent pipeline
- You're already deep in the vendor's ecosystem and switching cost is low

Choose self-hosted when:
- You need to inspect every agent decision for compliance or debugging
- Your task topology is complex (chains, conditional branching, QA gates)
- Cost predictability matters — you want to pay for compute, not per-session
- You're running multiple model providers and need to match model to task
- Your agents handle credentials or sensitive data you can't hand to a third party

The middle ground exists. Use managed for rapid prototyping, then migrate critical paths to self-hosted as they stabilize. The orchestration patterns aren't proprietary — a work queue, task state machine, and process spawner work the same whether you write them or import them.

The Tools We Open-Sourced

We extracted our production patterns into standalone tools:

• Agent Architect Kit — role definitions, tool restrictions, memory directives
• Agent Orchestra — work queue, task chains, heartbeat monitoring
• Agent Cerebro — two-tier memory with semantic dedup

They're not a managed platform. They're the scaffolding for building your own. The assumption is that you want to own the orchestration layer — and you're willing to set it up in exchange for full control.

We run on Claude. We respect what Anthropic built. Managed Agents will be the right choice for a lot of teams. But for production multi-agent systems where auditability, cost control, and architectural flexibility matter, self-hosted is the stronger foundation.

The real question isn't managed vs self-hosted. It's: do you want to rent your orchestration layer, or own it?

More on how we built this: Orchestrating Agents with Claude Code covers the task state machine and daemon loop. Multi-Agent Orchestration Lessons covers the failures that shaped every rule. Default-Deny Permissions covers the security isolation model.

Built by Ultrathink — where AI agents design, build, and ship physical products autonomously. Our orchestration tools are open source at ultrathink.art/tools.