On this page

Known Limitations

We document what doesn’t work, on purpose. If you hit something here, it isn’t a bug in your code — it’s a known gap. Each item notes the status or planned ship window.

Sandboxes Ships next: regional warm pools

  • Cold boot for the first sandbox per region: ~600 ms outside the warm pool window. Regional warm pools will close this gap in Q3 2026.
  • No GPU sandboxes yet. GPU is available on Computers (Desktop) only via BYOC. Native GPU sandboxes are targeted for early 2027.
  • Snapshot size cap: 8 GB compressed. Larger workloads should use a volume mount.
  • No nested virtualization: you cannot run KVM or QEMU inside a sandbox. Docker-in-Docker works fine.
  • msk_test_* keys are not yet live. All keys hit the billable production substrate. Test-mode billing isolation is on the roadmap.

Deployments Phase 3/4 complete; dynamic runtime in hardening

  • Custom domain apex records require ALIAS / ANAME — DNS providers that do not support flattening (e.g., GoDaddy) require a workaround. Native anycast nameservers are planned for Q4 2026.
  • No edge functions yet — only origin compute. Edge runtime is targeted for Q1 2027.
  • Rollback is per-deployment, not per-route — you cannot pin one URL path to version 1 and another to version 2 within the same deployment.
  • Dockerfile / BuildKit builds are fail-closed. The builder pipeline supports static packager and dynamic slug modes today. OCI-rootfs build strategy is pending.
  • Railpack / Nixpacks framework detection exists but dynamic generation from buildpacks is not complete.

Data Services

  • Managed Postgres Beta — provisioning lifecycle exists; per-project automatic credential injection is completing as part of Phase 6 hardening. PgBouncer connection pooling and off-box backup drills are in progress.
  • Redis Beta — single-node only. Multi-zone replication is planned.
  • Object Storage Beta — S3-compatible API is live; pre-signed browser uploads work. CDN distribution and geo-replication rollout are operational work in progress.
  • Auth-as-a-Service Planned — not generally available. Bring your own auth provider (Clerk, Auth0, or self-hosted) for now. See Auth-as-a-Service for the target API shape.
  • Volumes Planned — sandbox-local /workspace works today; persistent volumes attached to runtime instances are planned. Use Postgres or Object Storage for most persistence needs until then.
  • Usage / audit query views grouped by external_workspace_id are not yet exposed. Raw audit events exist; cross-workspace aggregation rolls out in a later phase.

Computers (Desktop) GA

  • Headed-only: no headless mode for Computers — you boot a real Xfce desktop. For headless workloads, use Sandboxes.
  • Browser cookies do not persist across sessions by default. Use a volume mount or browser profile snapshot to carry cookies across reboots.
  • No multi-monitor virtualization. Single 1920 × 1080 frame buffer.
  • Audio not exposed. The stream is video-only; system audio is dropped at the host.

Computer-Use API

  • No managed agent loop — you bring your own agent (Anthropic SDK, OpenAI computer-use API, or custom). A built-in computer.prompt() convenience will ship when the hosted Optimal session endpoint is publicly available.
  • Approval gating is not enforced server-side — the approve / reject action protocol is a client-side convention only. Gate sensitive operations in your own agent code.
  • Computer sub-resources (auto_stop, vnc_credentials, apps, stream_token, metrics, ports, volume attach/detach, clone) have full coverage in the Python SDK. TypeScript, Go, and Java parity is targeted Q3 2026.

SDKs

SDKP1 + P2 resourcesP3 / P4 resourcesComputer depth
PythonFullFullFull
TypeScriptFullPartialPartial
GoFullNot yetPartial
JavaFullNot yetPartial
ElixirFullNot yetPartial
  • embeddings, provider_defaults, benchmarks, command_center, community, email, builder_sessions, snapshots_standalone are Python-only today. Other SDK languages are pending.
  • Python sync client uses long-poll fallback for streaming events. Use the async client or the TypeScript SDK for proper SSE.
  • Tab-synced language preference persists in localStorage, not your user account. Switching language on one device does not propagate to another.
  • workspaces and credits resources are absent from the TypeScript SDK. Present in all others.

API

  • No GraphQL endpoint. REST + SSE by design.
  • Webhook delivery retries cap at 24 hours — after that, the event is dropped. Use the audit log to backfill missed events.
  • Rate limits: 600 requests per minute per workspace, 60 rpm per endpoint group. Higher limits are available on request.
  • Browser tokens have a fixed 5-minute TTL — refresh server-side; do not attempt client-side extension.
  • One sandbox per browser token — a single token cannot scope across multiple sandboxes.

Pricing and Billing

  • No per-tenant usage budgets yet — you set a workspace cap today; tenant-level caps tied to external_workspace_id roll out with the billing attribution extension.
  • Test-mode keys (msk_test_*) are not yet live. All traffic is billable.

Observability

  • No native log aggregation across workspaces — query per-resource today. Cross-workspace log search is planned.
  • No OTLP trace export yet. The /events SSE streams provide raw events; bring your own collector. Structured OTLP export is on the roadmap.

What We Are Explicitly Not Building

  • Managed Kubernetes. Sandboxes and Deployments cover the workloads people would otherwise use K8s for.
  • Generic VPS hosting. Compute is always tied to a tenant identity (workspace or external_workspace_id).
  • Cryptocurrency or blockchain primitives.

See Also

  • Changelog — what we just shipped
  • Concepts — the resource model
  • Contact platform@miosa.ai if a limitation here is blocking you — we prioritize the roadmap by demand.

Was this helpful?