Cloudflare has unveiled Dynamic Workers, a groundbreaking runtime that executes AI agent code up to 100 times faster than traditional container-based solutions. The new isolate-based sandboxing system represents a fundamental shift in how enterprises can deploy AI agents at scale.
The Container Bottleneck Problem
Modern AI agents often need to execute small pieces of code on the fly鈥攖o retrieve data, transform files, call services, or automate workflows. Traditional containers, while excellent for persistent workloads, become a liability when agents need to run one quick computation, return a result, and disappear.
Containers typically take hundreds of milliseconds to boot and consume hundreds of megabytes of memory. For AI-generated tasks that only need to execute for a moment, this overhead becomes costly and slow. Developers often resort to keeping containers warm (expensive) or tolerating cold-start delays (hurts responsiveness).
Enter Isolates: A Lighter Approach
Cloudflare’s solution draws from a decade of experience with isolate-based runtimes. Dynamic Workers leverage the same technology that powers Cloudflare Workers鈥攐riginally designed for instant, globally distributed web tasks.
Unlike containers, Dynamic Workers start in milliseconds, use only a few megabytes of memory, and can run on the same machine and even the same thread as the request that created them. The result is an execution environment that scales to millions of requests per second.
Code Mode: From Tool Orchestration to Generated Logic
Dynamic Workers fit into Cloudflare’s larger “Code Mode” strategy. Instead of giving an AI agent a long list of tools to call one by one, developers can provide a programming surface and let the model write short TypeScript functions that perform the logic directly.
This approach cuts token usage by 81% when converting an MCP server into a TypeScript API. The model chains calls together, filters data, manipulates files, and returns only the final result鈥攔ather than filling the context window with every intermediate step.
Security in the Fast Lane
Cloudflare acknowledges that securing isolate-based sandboxes is trickier than relying on hardware virtual machines. V8 security bugs occur more frequently than hypervisor vulnerabilities. However, the company points to nearly a decade of experience making isolate-based multi-tenancy safe for the public web.
Security measures include automatic V8 security patches within hours, custom second-layer sandboxing, dynamic cordoning of tenants based on risk, and hardware features like MPK for extension isolation. The company also scans code for malicious patterns and can automatically block suspicious workloads.
Why TypeScript Beats HTTP for AI Agents
Cloudflare argues that TypeScript offers significant advantages over HTTP-based interfaces for AI agent communication. MCP defines schemas for flat tool calls but not programming APIs. OpenAPI can describe REST APIs but is verbose in both schema and usage.
TypeScript, by contrast, is concise, widely represented in model training data, and can communicate an API’s shape in far fewer tokens. The Workers runtime automatically establishes a Cap’n Web RPC bridge between sandbox and harness code, enabling typed interface calls across security boundaries as if using a local library.
The Bigger Picture
Cloudflare is essentially positioning sandboxing as a strategic layer in the AI stack. As agents increasingly generate code on the fly, the economics and safety of the runtime matter as much as the capabilities of the underlying model.
For enterprise decision-makers, this shift could fundamentally change how AI agents are deployed. The ability to provide every user-facing AI request with its own fresh, isolated execution environment鈥攚ithout collapsing under startup overhead鈥攐pens new possibilities for responsive, secure AI applications.
Dynamic Workers is now available in open beta, with pricing at $0.002 per unique Worker loaded per day, plus standard CPU and invocation charges.