File processing inside your own cloud.

Run a pool of Filebot agents inside your VPC. Each step routes to a healthy agent to run it. Your files stay in your buckets. The control plane orchestrates the run and never reads your bytes.

FilebotControl plane. Orchestrates runs and tracks status, never sees your files.
Your cloud / VPCzero egress
Filebot agentexecutes steps
Your bucketsS3 · R2 · MinIO
Your keysnever leave

Run a pool of agents.

Agents register per organization and form your pool. For each step, Filebot picks the agent with the fewest runs in flight, from the ones online, capable, and allowed to run it.

  • Routes to the least-busy agent in the pool
  • Online status comes from agent heartbeats
  • Matches on capability and provider
  • Honors strict-privacy support
Your agent poolleast in flight
agent-cpu-12 in flight
agent-cpu-20 in flightselected
agent-gpu-11 in flight
agent-gpu-2offline

The next step routes to agent-cpu-2, the idlest online agent able to run it.

Dedicate agents to processors.

Each agent advertises the processors, providers, and processor versions it supports in its heartbeat. A step routes only to an agent advertising what the step needs. Pin a version when you need one.

Capability self-report

Each agent reports the steps and providers it runs. The pool knows who handles what.

Capability-matched routing

A step routes only to an agent advertising the processor and provider it needs.

Version pinning

Pin a processor's contract version or hash. The step runs only on a matching agent.

Route compute per step.

Every step picks where it runs with a compute target. Set a default for the pipeline and override it on any step.

  • cloud: Runs on Filebot-managed compute
  • agent: Routes to your pool
  • agent:<id>: Pins one agent

A pinned agent:<id> sends the step to one exact agent.

pipeline.jsoncompute routing
{  "compute": "agent",          // pipeline default: your pool  "steps": [    { "id": "scan", "use": "file/virusscan",      "input": ":original", "compute": "cloud" },    { "id": "thumb", "use": "image/resize",      "input": ":scan", "compute": "agent:gpu-1" }  ]}

Zero egress, strict privacy.

Set a privacy mode per pipeline. In strict mode, intermediate files stay in your workspace bucket and the control plane never reads object bytes. The agent signs the short-lived handoff URLs between steps and the final delivery URL.

  • Standard or strict privacy mode
  • Strict keeps intermediate files in your workspace bucket
  • The control plane never reads object bytes
  • Your buckets on S3, R2, or S3-compatible storage
  • Your credentials in an encrypted vault
privacyMode: strictzero egress
1step output → your workspace bucket
2agent signs short-lived handoff URL
3next step reads from your bucket
4agent signs final delivery URL

Object bytes never cross the boundary. Filebot orchestrates by reference.

Security and trust.

The controls behind zero-knowledge processing, end to end.

Signed cross-agent handoffs

Handoffs between agents and the final delivery use short-lived signed URLs.

Encrypted credential vault

Your storage credentials sit encrypted at rest with AES-GCM.

SSRF guards

Filebot checks imports and webhook targets to block requests to internal addresses.

Signed webhooks

Filebot signs every webhook delivery. You verify it came from us.

Organization roles

Owner, admin, and member roles scope what each teammate does.

Audit log

Filebot records member and API-key changes for review.

Bring file processing into your cloud.

Talk to us about running Filebot agents in your environment.

Talk to usStart free