原文: https://tanstack.com/blog/tanstack-ai-code-mode 作者: Jack Herrington、Alem Tuzlak、Tanner Linsley(TanStack 创始人) — 2026-04-08 本译版定位: 完整逐段翻译 + 译注。译者保留所有技术术语原文(Code Mode / Tools / V8 isolates / QuickJS WASM / Cloudflare Workers / TanStack AI 等),代码块原样保留。

译者前言

这篇文章发布于 2026-04-08,是 TanStack 团队对 LLM 工具调用范式的一次正面挑战。Tanner Linsley(TanStack Query / Router / DB 的创始人)在 2026 年的关键动作之一,就是把 AI 这个赛道纳入 TanStack 整体生态——而 Code Mode 是其首张牌。

文章核心观点很简单:与其让 LLM 一个一个调用 tools(慢、贵、且数学算不准),不如让它直接写一段 TypeScript,在沙箱里一次跑完。这种范式 Cloudflare 早在 2025 年 9 月就提出过(“Code Mode” 这个名字也是 Cloudflare 的 Kenton Varda / Sunil Pai 先用的),Anthropic 的 Claude analysis tool 也走这条路。但 TanStack 的贡献是:把它做成 provider-agnostic / framework-agnostic 的可插拔包,适配 OpenAI、Anthropic、Gemini、Groq、xAI、Ollama 等任何模型,适配 Node / QuickJS WASM / Cloudflare Workers 三种 isolate runtime。

如果你已经在做 AI agent 应用,这是一篇必读;如果你只是把它当 TanStack 生态的一次扩张来看,也能体会到 Tanner 一贯的「primitive over framework」哲学——和 Who Owns the Tree 一文的论调一脉相承。

---

Code Mode: 让你的 AI 写程序,而不只是调用工具

原文: by Jack Herrington, Alem Tuzlak, and Tanner Linsley on Apr 8, 2026.

原文:There are three things we know about LLMs and tools:

1. Tool calling is slow and expensive. Every tool call means a round-trip. The calls themselves, their parameters, and their return values all bloat the context window, which bloats the token count on every subsequent request. Even when calls can be parallelized, the overhead compounds.
2. LLMs are hilariously bad at math. Ask a model to sum a column of numbers from three API responses and you’ll get a confident, but probably incorrect answer.
3. Frontier LLMs are very good at writing TypeScript. They have an enormous amount of real-world TypeScript in their training data. They know how to Promise.all, .reduce(), .filter(), and handle async control flow.

关于 LLM 与 tools,我们已经知道三件事:

1. Tool calling 又慢又贵。 每一次 tool call 都意味着一次往返(round-trip)。调用本身、它的参数、它的返回值,都会撑大 context window;而 context 一胖,后续每一次请求的 token 数就跟着膨胀。哪怕你能让多个 call 并行,overhead 还是会累积。
2. LLM 数学差到离谱。 让一个模型把三份 API 响应里的某列数字求和,你会得到一个语气笃定、但极有可能错误的答案。
3. 前沿 LLM 写 TypeScript 非常厉害。 它们的训练数据里有海量真实世界的 TypeScript 代码。它们懂得怎么用 Promise.all、.reduce()、.filter(),也能处理 async 控制流。

原文:Put these together and they point in one direction: let the LLM do what it’s good at (write TypeScript), and let a runtime handle what it’s bad at (execution, math, orchestration).

把这三点合起来,方向就清晰了:让 LLM 干它擅长的事(写 TypeScript),让 runtime 干它不擅长的事(执行、算数、编排)。

原文:That’s exactly what Code Mode is. Code mode gives the LLM an execute_typescript tool. Instead of orchestrating tools one at a time, the model writes a short TypeScript program that composes your tools with loops, conditionals, and data transformations, then executes it in a secure sandbox. One call in, one structured result out.

这正是 Code Mode 要做的事。Code Mode 给 LLM 一个 execute_typescript 工具。模型不再是一次一次地编排 tools,而是写出一段简短的 TypeScript 程序——用循环、条件分支和数据变换把你的 tools 组合起来——然后在一个安全沙箱里执行。一次进、一个结构化结果出。

原文:If you’ve tried to connect an LLM to your APIs, you know the pain. The model has no concept of N+1 problems. It will happily fetch a list of 50 users, then make 50 individual requests to get each user’s profile. It doesn’t batch. It doesn’t parallelize. It doesn’t know how to aggregate results without burning a reasoning step per intermediate value.

如果你试过把一个 LLM 接到你自己的 API 上,你就知道这有多痛苦。模型没有 N+1 问题的概念。它会兴高采烈地先取出 50 个用户列表,然后再逐个发起 50 次请求拉每个用户的 profile。它不会 batch、不会 parallelize、也不知道怎么聚合结果——除非你愿意为每个中间值烧掉一步 reasoning。

原文:Code Mode hands those problems to TypeScript. The model writes Promise.all to batch API calls. It uses .reduce() to aggregate instead of asking the LLM to reason about each value. Math happens in the JavaScript runtime, not in the model’s token prediction. The N+1 problem disappears. The arithmetic is correct. Every time.

Code Mode 把这些问题交给 TypeScript。模型写 Promise.all 来批量发起 API 调用,用 .reduce() 做聚合,而不是让 LLM 对每个值挨个推理。算数发生在 JavaScript runtime 里,而不是模型的 token 预测里。N+1 问题消失。算数正确。每一次都正确。

原文:This is a game changer for any application that wants to put an LLM in front of real APIs.

对任何想把 LLM 摆到真实 API 之前的应用来说,这都是一次范式切换。

🟢 译者注:Tanner 这里的修辞节奏很 TanStack 风格——开篇三连击,把整个论证压缩成「LLM 擅长写代码、不擅长算数」的极简前提。后面所有 API 设计都是在还这一笔。

先驱:为什么 Code Execution 重要

原文:We’re not the first to recognize this pattern.

我们不是第一个发现这个 pattern 的人。

原文:Anthropic’s computer use and tool-use research has shown that LLMs are dramatically more capable when they can write and execute code rather than being limited to predefined tool signatures. Their work on Claude’s analysis tool demonstrated that giving models a code sandbox reduces error rates and increases task completion on complex multi-step problems.

Anthropic 在 computer use 和 tool-use 上的研究已经表明:相比被限制在预定义的 tool signatures 里,LLM 在能写并能执行代码时,能力会显著更强。他们在 Claude analysis tool 上的工作证明了:给模型一个 code sandbox,可以降低错误率,并在复杂多步问题上提升任务完成率。

原文:Cloudflare coined the term “Code Mode” in their September 2025 blog post by Kenton Varda and Sunil Pai. Their insight was simple: LLMs are better at writing code to call APIs than at calling APIs directly. Sunil Pai has been a driving force in this space, pushing the idea that agents should generate and execute TypeScript against typed SDKs rather than making individual tool calls. Cloudflare’s Dynamic Workers pioneered running that untrusted code at the edge in V8 isolates, and their execution model (send code to an isolated runtime, bridge specific capabilities in, get a result back) is exactly what we adopted. Code Mode supports Cloudflare Workers as a first-class isolate driver.

Cloudflare 是「Code Mode」这个术语的提出者——见 Kenton Varda 和 Sunil Pai 在 2025 年 9 月发表的博客。他们的洞察很简单:LLM 更擅长写代码去调用 API,而不是直接调用 API。Sunil Pai 一直是这个方向的推手,他主张 agents 应当针对 typed SDK 生成并执行 TypeScript,而不是发起一个个独立的 tool call。Cloudflare 的 Dynamic Workers 率先把这种 untrusted code 放到 edge 上的 V8 isolates 里运行,他们的执行模型(把代码发给一个隔离 runtime、把具体能力 bridge 进去、把结果拿回来)正是我们采用的模型。Code Mode 把 Cloudflare Workers 作为一种一等的 isolate driver 来支持。

原文:What we’ve done is turn this pattern into a composable, model-agnostic tool that plugs into any TanStack AI chat pipeline. Code Mode works with any model that can write TypeScript and reason well. Use it with OpenAI, Anthropic, Gemini, Groq, xAI, Ollama, or any other provider through our adapter system. You don’t need to build the sandbox infrastructure, the type stub generation, or the system prompt engineering. Define your tools, pick a driver, pick your model, and the LLM gets a TypeScript sandbox with typed access to your entire tool surface.

我们做的事是:把这个 pattern 变成一个可组合、model-agnostic 的工具,能插到任何 TanStack AI chat pipeline 里。Code Mode 能配合任何能写 TypeScript 又会推理的模型。通过我们的 adapter 系统,你可以把它和 OpenAI、Anthropic、Gemini、Groq、xAI、Ollama 或其他任何 provider 一起用。你不用自己搭沙箱基础设施、不用搞 type stub 生成、不用调 system prompt——你只需要定义你的 tools、选一个 driver、选一个模型,LLM 就拿到了一个能 typed 访问你全部 tool surface 的 TypeScript 沙箱。

🟢 译者注:这一段是 TanStack 一贯的卖点——provider-agnostic + 不和某个平台绑死。这个理念在后面的 Who Owns the Tree(关于 RSC)中也会再次出现:Start 不内置 "use cache" directive,理由就是「我们要保持 portable」。

How It Works(它是怎么工作的)

原文:Code Mode is modeled as a single tool called execute_typescript. When the LLM decides it needs to compose multiple operations, it writes TypeScript code and passes it to this tool. The code runs inside an isolate: a sandboxed environment with no access to the host file system, network, or process.

Code Mode 被建模成一个单独的 tool,叫 execute_typescript。当 LLM 判断它需要组合多个操作时,它写一段 TypeScript 代码并传给这个 tool。这段代码在一个 isolate 里运行——一个无法访问宿主文件系统、网络或进程的沙箱环境。

原文:Your existing tools become external_* functions inside the sandbox. If you have a fetchWeather tool and a searchProducts tool, the sandbox sees external_fetchWeather() and external_searchProducts(), fully typed, fully async, fully isolated.

你现有的 tools 在沙箱里会变成 external_* 函数。如果你有一个 fetchWeather tool 和一个 searchProducts tool,沙箱里看到的就是 external_fetchWeather() 和 external_searchProducts()——完全 typed、完全 async、完全 isolated。

N+1 example(N+1 示例)

原文:Consider an e-commerce app where the user asks: “What are the top 5 best-selling products, and what’s the average rating for each?”

设想一个电商应用,用户问:「Top 5 畅销商品是什么?每件的平均评分是多少?」

原文:Without Code Mode, the LLM calls getTopProducts, waits for the result, then calls getProductRatings five separate times (one per product), waits for each result, then tries to compute averages in its head. That’s seven tool calls, seven round-trips, and the averages are likely wrong because the model is doing mental math on floating-point numbers.

没有 Code Mode 的时候,LLM 会先调用 getTopProducts,等结果,然后调用 getProductRatings 5 次(每件商品一次),每次都等结果,然后尝试在脑子里算平均值。这就是 7 次 tool call、7 次 round-trip,而且平均值大概率是错的——因为模型是在用心算去处理浮点数。

原文:With Code Mode, the LLM writes this:

有了 Code Mode,LLM 会直接写出这段:

const top = await external_getTopProducts({ limit: 5 })

const ratings = await Promise.all(
  top.products.map((p) => external_getProductRatings({ productId: p.id })),
)

return top.products.map((product, i) => {
  const scores = ratings[i].ratings.map((r) => r.score)
  const avg = scores.reduce((sum, s) => sum + s, 0) / scores.length
  return {
    name: product.name,
    sales: product.totalSales,
    averageRating: Math.round(avg * 100) / 100,
  }
})

原文:One tool call. Five API fetches in parallel. Math computed in JavaScript, not in the model. The averages are correct to the penny. The context window savings compound fast: every round-trip you eliminate is hundreds of tokens you don’t spend.

一次 tool call。5 次并行 API 取数。算数在 JavaScript 里完成,不在模型里。平均值精确到分。context window 的节省会快速累积:你每砍掉一次 round-trip,就是几百个不必花的 token。

Why math matters(为什么数学很重要)

原文:LLMs predict tokens. They don’t execute arithmetic. When the model says “the average is 4.37,” it’s pattern-matching, not computing. Code Mode moves all calculation into a real runtime. Sums, averages, percentages, currency conversions, date math: all of it runs as actual JavaScript. The model decides what to compute. The sandbox computes it correctly.

LLM 是在预测 token,不是在执行算数。当模型说「平均值是 4.37」,它是在做模式匹配,不是在算。Code Mode 把所有计算都搬进一个真实的 runtime——求和、平均值、百分比、货币换算、日期运算,统统作为实际的 JavaScript 来跑。模型决定算什么,沙箱负责算对。

Setting It Up(配置)

Install(安装)

pnpm add @tanstack/ai @tanstack/ai-code-mode zod

原文:Pick an isolate driver:

挑一个 isolate driver:

# Node.js: fastest, V8 isolates via isolated-vm
pnpm add @tanstack/ai-isolate-node

# QuickJS WASM: no native deps, works in browsers and edge runtimes
pnpm add @tanstack/ai-isolate-quickjs

# Cloudflare Workers: run on the edge
pnpm add @tanstack/ai-isolate-cloudflare

Define tools(定义 tools)

原文:Same toolDefinition() API you already use. Nothing changes here:

还是你已经在用的那个 toolDefinition() API,这里完全没变:

import { toolDefinition } from '@tanstack/ai'
import { z } from 'zod'

const fetchWeather = toolDefinition({
  name: 'fetchWeather',
  description: 'Get current weather for a city',
  inputSchema: z.object({ location: z.string() }),
  outputSchema: z.object({
    temperature: z.number(),
    condition: z.string(),
  }),
}).server(async ({ location }) => {
  const res = await fetch(`https://api.weather.example/v1?city=${location}`)
  return res.json()
})

Create Code Mode and use it with chat()(创建 Code Mode 并配合 chat() 使用)

import { chat } from '@tanstack/ai'
import { openaiText } from '@tanstack/ai-openai'
import { createCodeMode } from '@tanstack/ai-code-mode'
import { createNodeIsolateDriver } from '@tanstack/ai-isolate-node'

const { tool, systemPrompt } = createCodeMode({
  driver: createNodeIsolateDriver(),
  tools: [fetchWeather],
  timeout: 30_000,
})

const result = await chat({
  adapter: openaiText('gpt-5.4'),
  systemPrompts: ['You are a helpful assistant.', systemPrompt],
  tools: [tool],
  messages,
})

原文:createCodeMode returns two things: the execute_typescript tool and a system prompt containing typed function stubs for every tool you passed in. The model sees exact input/output types, so it generates correct calls without guessing parameter shapes. TypeScript annotations are stripped automatically before execution.

createCodeMode 返回两个东西:execute_typescript 这个 tool,以及一段 system prompt——里面包含了你传进去的每一个 tool 的 typed function stub。模型看到的是精确的输入/输出类型,所以它能生成正确的调用,而不用去猜参数形状。TypeScript 注解会在执行前被自动剥除。

Three Sandbox Runtimes(三种沙箱 Runtime)

原文:Code Mode is runtime-agnostic. All three drivers implement the same IsolateDriver interface. Swap them without changing any other code.

Code Mode 是 runtime-agnostic 的。三种 driver 实现同一个 IsolateDriver 接口。换 driver 不需要改任何其他代码。

Driver	最适合	Native deps	Browser
@tanstack/ai-isolate-node	服务端 Node.js	是(C++ addon)	否
@tanstack/ai-isolate-quickjs	浏览器、edge、可移植	无(WASM)	是
@tanstack/ai-isolate-cloudflare	Cloudflare edge	无	N/A

原文:The Node driver uses V8 isolates via isolated-vm for maximum performance. JIT compilation, no serialization overhead beyond tool call boundaries. The QuickJS driver compiles to WASM and runs anywhere JavaScript runs, including the browser. The Cloudflare driver sends code to a deployed Worker and bridges tool calls back to your server via HTTP round-trips.

Node driver 通过 isolated-vm 使用 V8 isolates 以追求最大性能。JIT 编译,除了 tool call 边界以外没有序列化开销。QuickJS driver 编译成 WASM,任何能跑 JavaScript 的地方都能跑——包括浏览器。Cloudflare driver 把代码发给一个部署好的 Worker,再通过 HTTP round-trip 把 tool call bridge 回你的服务器。

原文:Each execution creates a fresh sandbox context. Configurable timeouts and memory limits prevent runaway scripts. The sandbox is destroyed after every call.

每次执行都会创建一个全新的沙箱 context。可配置的超时和内存上限会阻止脚本失控。沙箱在每次调用后销毁。

🟢 译者注:三种 driver 选型的现实考量——Node 性能最好但要 native addon;QuickJS 万能但慢一档;Cloudflare 适合 edge agent。如果你在做开源工具或 demo,QuickJS 是合理默认。

Skills:持久化、可复用的代码库

原文:Code Mode is powerful on its own. But what if your LLM could get smarter over time?

Code Mode 本身已经很强,但如果你的 LLM 能随时间变得更聪明呢?

原文:Right now the model rewrites the same logic every time. If it figures out a good way to fetch and rank NPM packages, that knowledge disappears when the conversation ends.

目前模型每次都在重写同一段逻辑。如果它摸索出了一个抓取并排名 NPM 包的好办法,这些经验在会话结束后就消失了。

原文:Skills fix this. The @tanstack/ai-code-mode-skills package lets the LLM save working code as a named, typed, persistent skill. On future requests, relevant skills are loaded from storage and exposed as first-class tools. The LLM calls them directly without rewriting the logic.

Skills 解决了这个问题。@tanstack/ai-code-mode-skills 包让 LLM 把跑通的代码保存为一个有名字、typed、持久化的 skill。后续请求中,相关 skill 会从存储里加载出来,作为一等 tool 暴露。LLM 直接调用它们,不必重写逻辑。

The lifecycle(生命周期)

原文:

1. The LLM writes code via execute_typescript to solve a problem
2. The code works. The LLM calls register_skill to save it with a name, description, and schemas
3. On the next conversation, the system loads skill metadata and uses a cheap/fast model to select relevant skills
4. Selected skills appear as direct tools the LLM can call, no sandbox needed
5. Execution stats are tracked. Skills earn trust through successful runs

1. LLM 通过 execute_typescript 写代码解决一个问题
2. 代码能跑通。LLM 调用 register_skill,带上名字、描述、schema 把它保存下来
3. 下一次会话中,系统加载 skill metadata,用一个便宜/快速的模型挑出相关 skill
4. 被挑中的 skill 作为可直接调用的 tool 出现,不再需要进沙箱
5. 执行统计被持续追踪。Skill 通过成功运行逐步赢得信任

Two integration paths(两种集成方式)

原文:High-level: codeModeWithSkills() handles everything. Skill selection via a cheap LLM call, tool registry assembly, system prompt generation.

高层方式:codeModeWithSkills() 包办一切——通过一个便宜 LLM 调用做 skill 选择,组装 tool registry,生成 system prompt。

import { codeModeWithSkills } from '@tanstack/ai-code-mode-skills'
import { createFileSkillStorage } from '@tanstack/ai-code-mode-skills/storage'
import { createNodeIsolateDriver } from '@tanstack/ai-isolate-node'
import { openaiText } from '@tanstack/ai-openai'

const storage = createFileSkillStorage({ directory: './.skills' })

const { toolsRegistry, systemPrompt } = await codeModeWithSkills({
  config: {
    driver: createNodeIsolateDriver(),
    tools: [myTool1, myTool2],
    timeout: 60_000,
  },
  adapter: openaiText('gpt-5.4-mini'), // cheap model for skill selection
  skills: { storage, maxSkillsInContext: 5 },
  messages,
})

const stream = chat({
  adapter: openaiText('gpt-5.4'), // strong model for reasoning
  toolRegistry: toolsRegistry,
  messages,
  systemPrompts: ['You are a helpful assistant.', systemPrompt],
})

原文:Manual: use createCodeMode, skillsToTools, and createSkillManagementTools individually when you want full control over which skills load and how they’re assembled.

手动方式:当你想完全控制哪些 skill 加载、怎么组装时,可以单独使用 createCodeMode、skillsToTools、createSkillManagementTools。

Storage(存储)

原文:Skills are just TypeScript text and metadata. Your application is free to store them wherever it wants. We ship file-based and in-memory storage implementations, but anything that satisfies the SkillStorage interface works: a database, S3, Redis, whatever fits your stack.

Skill 不过是 TypeScript 文本加 metadata。你的应用想把它们存到哪儿都行。我们出厂带了 file-based 和 in-memory 两种存储实现,但任何满足 SkillStorage 接口的东西都行——数据库、S3、Redis,哪个合你架构就用哪个。

Trust(信任度)

原文:Skills start untrusted and earn trust through successful executions. Four built-in strategies control promotion thresholds:

Skill 默认是 untrusted,通过成功执行逐步赢得信任。内置 4 种策略控制晋升阈值:

策略	试用期(provisional)	受信(trusted)
默认	10+ runs,≥90% success	100+ runs,≥95% success
宽松	3+ runs,≥80% success	10+ runs,≥90% success
永远受信	立刻	立刻
自定义	你说了算	你说了算

原文:Trust is metadata today. It doesn’t gate execution. But the infrastructure is there for when you want to build approval workflows or restrict untrusted skills to sandboxed execution only.

目前 trust 只是 metadata,并不卡执行。但基础设施在这了——当你想搭审批流程,或者把 untrusted skill 强制限制在沙箱执行时,你随时可以接上。

Showing It in the UI(把它显示在 UI 里)

原文:Code Mode emits custom events through the AG-UI streaming protocol as code executes. Your client receives them via the onCustomEvent callback on useChat:

Code Mode 在代码执行过程中,会通过 AG-UI streaming 协议发出自定义事件。你的客户端通过 useChat 上的 onCustomEvent 回调接收它们:

事件	何时触发
code_mode:execution_started	沙箱开始执行
code_mode:console	每一次 console.log/error/warn/info
code_mode:external_call	在 external_* 函数运行之前
code_mode:external_result	在 external_* 调用成功之后
code_mode:external_error	当 external_* 调用失败时

原文:Every event carries a toolCallId that ties it to the specific execute_typescript call, so you can render a live execution timeline alongside the right message. Console output streaming in, external function calls with arguments and durations, errors as they happen.

每个事件都带一个 toolCallId,把它绑定到具体某次 execute_typescript 调用上,这样你就能在对应消息旁边渲染一条实时执行 timeline——console 输出流入、external function 调用连同参数和时长一起、错误实时出现。

Try It: The Code Mode Demo(试一下:Code Mode Demo)

原文:It’s hard to impart just how much of a game changer code mode really is. You have to try it for yourself. The TanStack AI monorepo includes a full working example at examples/ts-code-mode-web. It’s a TanStack Start app with multiple demo scenarios:

要把 Code Mode 到底有多颠覆这件事讲清楚是很难的——你得自己试一下。TanStack AI 的 monorepo 里在 examples/ts-code-mode-web 路径下有一个完整跑得通的例子。它是一个 TanStack Start 应用,包含多个 demo 场景:

原文:

• NPM/GitHub Chat: ask questions about packages, the LLM writes code that calls NPM and GitHub APIs in parallel
• Database Demo: natural language queries over an in-memory dataset, with skill registration
• Structured Output: Code Mode generating typed, validated output
• Reporting: an agent that builds live dashboards by writing code

• NPM/GitHub Chat:问关于某些 npm 包的问题,LLM 写代码并行调用 NPM 和 GitHub API
• Database Demo:对一个内存里的数据集做自然语言查询,带 skill 注册
• Structured Output:Code Mode 生成 typed、经过校验的输出
• Reporting:一个通过写代码搭实时 dashboard 的 agent

原文:To run it:

跑起来:

git clone https://github.com/TanStack/ai.git
cd ai
pnpm install
pnpm --filter ts-code-mode-web dev

原文:Set your API keys in the example’s .env file (OpenAI, Anthropic, or Gemini). The app lets you switch providers and isolate runtimes (Node vs. QuickJS) from the UI.

在示例的 .env 文件里放上你的 API key(OpenAI、Anthropic 或 Gemini)。这个应用允许你直接从 UI 切换 provider 和 isolate runtime(Node vs. QuickJS)。

What’s Next(下一步)

原文:Code Mode is available now across three packages:

Code Mode 现在分为三个包提供:

pnpm add @tanstack/ai-code-mode                # Core
pnpm add @tanstack/ai-code-mode-skills         # Persistent skills
pnpm add @tanstack/ai-isolate-node             # or quickjs, or cloudflare

原文:We’re working on:

• DevTools integration: visual timeline of sandbox execution, skill creation, and trust progression
• More isolate drivers: Deno, Docker, and AWS Lambda sandboxes

我们正在做的事:

• DevTools 集成:沙箱执行、skill 创建、trust 晋升的可视化 timeline
• 更多 isolate driver:Deno、Docker、AWS Lambda 沙箱

原文:The full documentation is in the Code Mode Guide and the Skills Guide.

完整文档见 Code Mode Guide 和 Skills Guide。

---

原文:TanStack AI is open-source, provider-agnostic, and framework-agnostic. Get started here.

TanStack AI 开源、provider-agnostic、framework-agnostic。从这里开始。

---

译者总评

1. 这篇文章为什么值得读完。 Code Mode 不是什么 TanStack 私货——它是 LLM agent 范式正在发生迁移的一个清晰信号。Anthropic、Cloudflare、TanStack 三家头部都在围着同一个 pattern 收敛:让模型写代码,而不是 schedule tool calls。这意味着「你怎么写 tool definition」这件事的工艺重心正在转向:你不再是给模型提供一个 callable function,而是给它提供一个 typed SDK,让它在沙箱里自由组合。

2. TanStack 的差异化在哪里。 对比 Cloudflare 把 Code Mode 绑死在 Workers 上,TanStack 的姿态是更「primitive」的——三种 isolate driver 你随便挑、provider adapter 也是开放的。这和 TanStack 一贯的产品姿态一致:给你 primitive,而不是给你 framework。读 Who Owns the Tree 那篇你会再看到一遍这个调子。

3. 实战时要注意的地方。

• Skills 的 trust 晋升机制目前只是 metadata,不卡执行。如果你打算把 user-facing 的 skill 上线,自己得搭 review/审批流。
• QuickJS WASM 在浏览器跑这件事很重要——意味着你可以让 Code Mode 整个跑在客户端,不暴露任何 server 资源。这是和 Cloudflare 模型的一个差异点。
• gpt-5.4 / gpt-5.4-mini 双模型 pattern:cheap model 选 skill,strong model 做 reasoning。这是 2026 年 agent 应用的标配 pattern,值得抄。
• N+1 这个例子的 ROI:一旦你的应用涉及任何表格类聚合、跨记录的统计、批量 API,Code Mode 就是必选项,不是 nice-to-have。

4. 风险与质疑。

• 沙箱出逃永远是 risk。isolated-vm 历史上有过几个 CVE,生产部署时要持续 watch。
• 模型写出错代码或者死循环时的容错策略,文章只提了 timeout/memory limit,没讲多少 retry 设计——实际项目中需要自己加 graceful degradation。
• Skills 本质上是把 LLM 写出来的 untrusted 代码当 tool 暴露,如果你的应用有合规要求,审计链不可忽视。

🔗 调研来源

• 原文 Code Mode: https://tanstack.com/blog/tanstack-ai-code-mode
• Cloudflare 原 Code Mode 概念(2025-09): https://blog.cloudflare.com/code-mode/
• TanStack AI: https://tanstack.com/ai
• 配套精读: Cursor SDK + Zed 1.0:编辑器赛道转向
• 姊妹篇全文: Tanner Linsley — Who Owns the Tree?(全文)

---

📝 配套精读 + 译者点评:Cursor SDK + Zed 1.0:编辑器赛道转向