With the rapid adoption of coding agents and “claw-like” assistants, it’s become clear that transformative AI use, both at home and at work, involves the interconnection of four key components: LLM, interface, sandbox environments, and data.
Take away or weaken any one of those pieces and the experience goes from nearly magical to a frustrating, humorous, or even dangerous experience of “Ah well … you almost had it.” Major LLM providers have realized this, so they’ve embarked on a VC-funded quest to build walled gardens surrounding these four pieces.
We’ve been working to carve paths out of those closed gardens. The newest tools in Aperture will help organizations keep their AI systems modular, identity-aware, and easily replaceable at every layer, along with the safeguards and controls already built into Aperture. Read on to learn about our new proxy layer for agentic data access, and our alpha versions of a desktop and mobile-friendly chat UI, as well as sandbox support.
Avoiding the trap of the walled garden
The problem is that no major provider maintains a lasting advantage across all four components. New models, tools, or even terms of service or billing changes, are always just a few weeks or months away. That makes all-in-one AI purchasing risky, especially when enterprise decisions last a year or more.
If you’re an individual, you might buy a plan from one of the LLM providers and then switch every so often. It’s a pain, but it’s not insurmountable. But what if you’ve been tasked with AI enablement for every department at your company, and every decision lasts for at least 12 months?
Aligning departmental needs with those of IT and security
We’ve talked to hundreds of companies going through this exact process. It’s the Wild West out there when it comes to AI usage, visibility, and control. Spend enough time wandering, and entering that walled garden starts to look pretty appealing.
But it’s a trap. When the next step change in LLM capability, performance, or cost comes along, your users will feel stuck with a subpar experience. Not all of them, though—some simply sneak out beyond their authorized tools. You lose controls, data visibility, and usage tracking, and now you’re back in the untamed lands.
The key to preventing lock-in
Let’s say you’re ready to bring together those four key components for your best-in-class agentic AI stack: LLM, interface, sandbox, and data. And you agree with us that they won’t all be best from the same vendor. You need something to connect them, securely, flexibly, and quickly.
Enter Tailscale. Tailscale makes it easy to connect anything, anywhere: the phone in your hand, manufacturing data on a factory server, a cloud-based LLM endpoint, or a secure sandbox. Tailscale brings those pieces together in an identity-aware network for both people and agents. And Aperture fits perfectly onto that network.
Focusing on the future with Aperture
If Tailscale connects all your agentic AI pieces together, Aperture gives you one place to see and control your AI stack. With customizable hooks, logging, and guardrails, Aperture offers a universal and extensible foundation on which to build your AI strategy. With its newest offerings, Aperture makes it even easier to create a provider-agnostic AI deployment.
What we’re announcing today
Identity-aware universal data connectors (public alpha)
MCP, CLI, API, code mode, carrier pigeon—people just want to get data from where it lives to the agents and LLMs that need it. We hear over and over that all these integration paths are too much to think about.
To solve this, we’re building a new proxy layer that links tailnet identity with OAuth credentials or API keys. This enables end-to-end agentic data access while keeping tighter access controls in place. With one trackable identity system, it’s easier to expose LLM tools to our new chat interface, and to any agent connected to a tailnet using built-in MCP and API endpoints.
Responsive chat UI (public alpha)
One of the most frequent questions we’ve received about Aperture is, “It works great with coding agents, but what about everyone else who wants to experiment with AI?” Today’s tools make it easier than ever for newcomers to try a terminal. But we think chat, untethered from provider lock-in, is fertile ground for productive experimentation.
Aperture’s new responsive chat UI makes it easy to get started. It’s fully mobile-responsive, lets users switch between providers configured in Aperture, and includes support for data connectors and the new sandboxes (detailed below). It’s available today, and as always, if you want to bring your own UI, we support that too!
Sandbox support (private alpha)
If one thing has become clear in 2026, it’s that allowing agents to use a computer isn’t just valuable for coding, but for regular chat-based tasks as well.
Today we’re announcing sandbox support in private alpha. You can use sandboxes hosted by Tailscale, or third-party sandboxes seamlessly integrated with Tailscale identity. Sandboxes can be run ephemerally with the new chat-based interface, or as longer-running, workstation-like environments.
If you’d like access to either chat-based ephemeral sandboxes or workstations, please request to join the private alpha by filling out this form.
Unlock the garden doors: future-proof AI today
You can get started with Tailscale and Aperture today. Use API keys from any major LLM provider. Seamlessly configure your favorite agent using the Aperture CLI. Configure the chat UI. Connect your data. Reclaim your ability to choose the best tools, at every layer of your stack.
If you’d like to work with us on deploying sandboxes, please fill out this form, and we’ll get back to you soon!
Remy Guercio
