A browser-based secure coding workspace with tenant-aware workspaces, AI pair programming, sandboxed execution, and export controls.
This repository is maintained by Karunanidhi Mishra as a professional OSS-oriented enterprise product foundation. It is intentionally nativized away from inherited demo branding and paid-service promotional framing. The goal is to make the product easy for developers to understand, run, extend, and replace paid provider dependencies with open or self-hosted alternatives where practical.
This codebase is part of Karunanidhi Mishra's Enterprise OSS Product Foundry - a public portfolio of production-minded, enterprise-ready product foundations. It is designed for developers who want to learn from real application surfaces, fork practical patterns, and replace paid SaaS dependencies with open or self-hosted alternatives where possible.
- Canonical project page: https://kmishra1204.github.io/karunanidhi-mishra/projects/secureide-workbench/
- Portfolio index: https://kmishra1204.github.io/karunanidhi-mishra/portfolio/
- Public SEO and proof metrics: https://kmishra1204.github.io/karunanidhi-mishra/metrics/
- Star this repo if you are tracking enterprise cloud, development, workbench, coding, governance patterns.
- Fork it to adapt the architecture, provider abstractions, security docs, and OSS replacement plans for your own team.
- Learn from it through the README, architecture deep dive, feature map, threat model, audit/observability plan, and testing strategy.
- Contribute back with focused issues, docs improvements, provider adapters, test coverage, or production hardening ideas.
- Explore the maintainer profile from Karunanidhi Mishra on GitHub.
This repository now includes a GitHub Codespaces/devcontainer path for contributors who want an isolated setup.
- Open in Codespaces from the GitHub Code button.
- The devcontainer uses Node.js 20 and includes GitHub CLI plus Docker-outside-of-Docker support.
- On attach, it runs the static enterprise readiness check.
- Runtime installs remain explicit so contributors understand when dependencies and provider SDKs are being installed.
Details: Codespaces And Docker
This visual summarizes the maintainer intent: make the repository readable, forkable, reviewable, and practical for enterprise-minded developers.
This repository now publishes an AAIF-adjacent readiness surface for developers who care about agentic AI governance, tool boundaries, and enterprise OSS maturity.
- Independent status: this is not an AAIF or Linux Foundation project, and no endorsement is claimed.
- Alignment doc: AAIF Alignment
- Agent instructions: AGENTS.md
- Governance: GOVERNANCE.md
- Roadmap: ROADMAP.md
- Machine-readable profile: agentic-readiness.json
The goal is to make the repo useful in technical AAIF/LF-style conversations by showing evidence: setup, security, provider alternatives, auditability, human review, and contribution paths.
- Domain: Cloud development workbench and AI coding governance
- Repository: https://github.com/kmishra1204/secureide-workbench
- GitHub Project: https://github.com/users/kmishra1204/projects/2
- Local persistent path: E:\Industry Codebases\enterprise-products\secureide-workbench
Next.js front end, workspace runtime isolation, Convex or Postgres event store, policy service, WebContainer/sandbox runner, code-session audit logs.
Prerequisites:
- Node.js 20+ or the runtime version required by this package.
- Package manager:
npm - A local
.env.localcreated from the documented example file when one exists. - No real credentials committed to Git.
Run:
cd secureide-workbench
npm installCommon checks:
npm install
npm run lint
npm run buildExample environment files found:
- None found yet.
Known environment variable names from examples:
No example environment file was found yet. Create .env.local only after reading the provider map and never commit real secrets.
Use local-only .env.local files or a secret manager. Keep real provider keys out of GitHub, README files, issues, and screenshots.
Paid or closed-service risk areas:
- LLM APIs
- hosted realtime backends
- hosted auth
- hosted deployment
Open-source or self-hosted replacement direction:
- OpenHands/SWE-agent style runner evaluation
- PostgreSQL event store
- Docker or Firecracker-style sandbox direction
- Ollama/vLLM adapters
Provider rule: any paid service must be behind an adapter, have a local development path, and include explicit cost/rate controls before production use.
Current recorded proof is blocked. See docs/RUNTIME_PROOF.md for exact command and dependency blockers.
The portfolio proof runner is:
powershell -NoProfile -ExecutionPolicy Bypass -File C:\Users\rdpadmin\Documents\Karuna-SEO-PersonalPR\scripts\run-runtime-proof.ps1 -RepoName secureide-workbench -WriteProductProofContributions should improve this codebase as an enterprise product foundation:
- Replace inherited demo wording with product-specific language.
- Improve local setup and documentation.
- Add OSS/self-hosted provider adapters.
- Reduce hard dependency on paid SaaS.
- Add tests, typechecks, health checks, audit events, and secure defaults.
- Keep secrets out of the repository.
See docs/ENTERPRISE_TRANSFORMATION.md, docs/PROVIDER_REPLACEMENT_PLAN.md, and docs/RUNTIME_PROOF.md for the current enterprise transformation state.
This flagship repo now has a concrete boundary model for AAIF-adjacent technical review:
- Secure AI Coding Tool Boundary Model
- Public issue: #3
- Machine-readable evidence: agentic-readiness.json
The document separates identity, tool/action scope, human approval, audit events, OSS fallback direction, and local validation path.