Code review experience
Review code changes and request reviews from Ona directly in the session.Leave inline comments — Review Ona’s work by leaving inline comments in the code changes panel, just like reviewing a PR. Highlight the relevant code lines, leave your questions or feedback, and send them off to Ona. Ona will act on the comments accordingly.Request a review from Ona — Ask Ona to review the current code changes before merging. Ona examines the diff, leaves inline comments with suggestions, and flags potential issues — giving you a second pair of eyes without waiting for a teammate.Create a PR directly — Once you’re happy with the changes, create a pull request straight from the session. No need to switch to your Git provider — Ona commits, pushes, and opens the PR for you.
Organization skills
Agent Skills now work at the organization level. Create reusable skills that Ona Agent discovers and uses proactively across every session in your organization. Skills capture your team’s best practices (code review checklists, test strategies, deployment procedures) and share them with everyone.What you can do:
- Create and edit skills with a name, description, and prompt. The description tells the agent when to apply the skill automatically.
- Optional slash commands. Toggle a
/triggerso users can also invoke a skill manually in the chat. - Import defaults. Start with a curated set of skills (Pull Request, Documentation, Explain Code, Catch Up) and customize from there.
- Search and filter. Find skills by name, description, or trigger.
- Migrate legacy commands. Existing slash commands can be migrated to skills with one click, preserving their trigger while enabling proactive discovery.
Manage skills from Settings → Agents in the dashboard.
Learn more about organization skills
Organization roles for groups
Delegate administrative responsibilities in your Enterprise organization without granting full admin access. Assign organization roles to groups so team members can manage specific resource types across the organization.Available roles:
| Role | Grants admin access to |
|---|---|
| Runners Admin | All runners |
| Projects Admin | All projects |
| Groups Admin | All groups |
| Automations Admin | All automations |
Toggle role checkboxes directly in the groups table under Settings → Members → Groups. When a role is assigned, all group members immediately receive admin permissions on existing and future resources of that type.
Learn more about organization roles
Automations
Automations execute multi-step workflows across your repositories — from routine maintenance to large-scale refactoring. Define steps, choose a trigger, and let them run in isolated environments with your tools, dependencies, and guardrails.
How it works:
- Define — Combine steps in sequence: prompts (agent-driven tasks), shell scripts, pull request creation, and report extraction
- Trigger — Run manually, on pull request events via webhooks, or on a time-based schedule
- Execute — Run across repositories in parallel, each action in its own isolated environment
- Review — Monitor progress in real time, inspect logs, and approve PRs before merging
Templates — Start from pre-built templates for common workflows: Sentry error triage and fix, 10x engineer (picks up your top Linear issue and delivers a PR), code review, and more. Templates are gated on required integrations, so you only see what you can run.
Sharing and access control — Share automations with everyone in your organization, individual users, or groups. Assign roles to control what recipients can do:
| Role | Permissions |
|---|---|
| Admin | Edit, delete, share, run, view all executions |
| Executor | Run and view own executions |
| Viewer | Read-only access |
Service accounts — Run automations as a service account for scheduled and event-driven workflows. Commits and PRs appear under the service account identity, separating automation work from human work.Guardrails — Control execution with concurrency limits, total action caps, command deny lists, environment isolation, and audit logging.Webhooks (Enterprise) — Create standalone webhook endpoints for GitHub or GitLab. Scope to a repository or organization, and reuse a single webhook across multiple automations.Availability — Automations are available on Core and Enterprise plans with plan-based limits on automations, concurrent actions, and features like webhooks.Learn more about automations · Create your first automation · Automations in practice
SCIM provisioning (beta)
Ona now supports SCIM (System for Cross-domain Identity Management), letting your identity provider automatically create, update, and deactivate user accounts. Link SCIM to an existing SSO provider, and directory changes in your IdP are reflected in your Ona organization without manual intervention.Currently supported identity providers:
- Microsoft Entra ID
Learn more about SCIM provisioning
New MCP integrations: Atlassian, Notion, and Sentry
Ona Agent now supports three new MCP integrations — Atlassian, Notion, and Sentry. Once enabled by an organization admin and authenticated by individual users, agents can interact with these services directly from sessions.
- Atlassian — Manage Jira issues, search Confluence, and link code changes to tickets. Configure Atlassian
- Notion — Search pages, read documentation, and access project wikis. Configure Notion
- Sentry — View errors, analyze stack traces, and track regressions. Configure Sentry
You can check the status of all MCP integrations — including connection errors and warnings — using the MCP Integrations button in the session input.
Secrets available during Dev Container builds
Organization and project secrets may now be used during Dev Container image builds via secret mounts — without baking them into the final image.Each RUN step in your Dockerfile must explicitly request the secrets it needs:
FROM node:20
RUN --mount=type=secret,id=/usr/local/secrets/npm-token,target=/tmp/npm-token \
echo "//registry.npmjs.org/:_authToken=$(cat /tmp/npm-token)" > .npmrc && \
npm ci && \
rm -f .npmrc
User secrets are not available during builds because built images are cached and shared across the project, so personal credentials could be exposed to other team members. Docker Compose mode is not yet supported.Learn more about using secrets during builds
Ona now runs on Claude Opus 4.6
We’ve upgraded Ona to Claude Opus 4.6, Anthropic’s latest flagship model. At the same price as Opus 4.5, you’ll see significantly better results across a range of tasks, especially for complex problems.
What’s new
- Adaptive thinking - The model decides when to think deeper, no manual tuning needed.
- More output tokens: Twice the previous limit, better for large refactors and file generation.
- Improved tool use: More accurate code edits and fewer mistakes.
The upgrade is live now. No action needed on your end. Credits will be consumed at the same rate as before. Try now.
AWS eu-south-2 region now supported
You can now install a Runner in AWS region eu-south-2 (Spain). When you do, a default environment class is created: Extra Large (Spot). From there, you must configure additional environment classes as custom classes.For eu-south-2, we recommend using instance types from the m7i (compute) and g6 (GPU) families.Getting started:
Automatic credit top-ups
Core plan organizations can now enable automatic credit top-ups. When your credit balance runs low, Ona automatically purchases additional credits using your default payment method.Enable auto top-up and choose a top-up amount at Settings → Billing.Learn more about auto top-up
Service account tokens and secrets
Service accounts now support tokens and secrets, enabling programmatic API access and secure credential management for automations.Tokens — Organization admins can issue long-lived tokens (up to 90 days) on behalf of service accounts. Use these for CI/CD pipelines and external scripts that need to start automations or query the API.
Secrets — Attach secrets to service accounts. When an environment runs with a service account identity, those secrets are automatically injected.
