AI - Tool/Agent isolation

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for nicoretti from gravatar.com nicoretti

Unverified details

These details have not been verified by PyPI
Meta
  • Requires: Python >=3.13
Report project as malware

Project description

AI-Container

Podman based container for isolating AI tooling for a individual project.

Context

In the past, I have repeatedly observed and experienced coding agents accessing or using files and content which they either weren't supposed to, or even technically "did not have access to."

On one occasion, for example, file access was explicitly restricted (e.g., the path was blocked). However, the agent exploited its ability to run bash commands, using them to traverse and scan the restricted paths instead of relying on standard read/write methods.

For this reason, I believe it is essential to implement clear restrictions or a contextual sandbox that is shared with the AI, and which it cannot as easily circumvent by simply invoking a different command.

Prerequisites

  • Podman (>= 4.0) - Container runtime. Install
  • Python (>= 3.13) - Required for the CLI. Install

Installation

Install the ai-container package:

uv tool install ai-container

Or from source:

git clone https://github.com/yourusername/ai-container.git
cd ai-container
uv tool install .

The ai command will then be available.

Usage

Basic Commands

ai pi /path/to/project              # Run PI coding agent
ai opc /path/to/project             # Run OpenCode coding agent
ai aic /path/to/project             # Run aichat
ai llm /path/to/project             # Run llm
ai shell /path/to/project           # Interactive shell in container

Pass additional arguments directly to the tool:

ai pi /path/to/project --verbose --model claude-3-sonnet

Provided Tools

  • PI - Coding agent for generation, analysis, and refactoring
  • OpenCode - AI-powered coding assistant
  • aichat - Interactive AI chat interface
  • llm - Command-line tool for LLM interaction

Configuration & Persistence

First run: The container image is built (one-time, takes a few minutes).

Tools use their standard configuration methods (within the container):

  • aichat: ~/.config/aichat/config.toml
  • llm: ~/.config/llm/ + environment variables
  • PI: ~/.pi/
  • OpenCode: ~/.config/opencode/

Configuration persists automatically across all runs and containers through named Podman volumes (config, state, share, pi-config). Configure once, use everywhere:

# First run: setup credentials
ai shell /path/to/project
# Inside container: aichat, llm keys set openai <key>, etc.

# Subsequent runs: credentials available automatically
ai pi /path/to/project

Other/Previous Work

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for nicoretti from gravatar.com nicoretti

Unverified details

These details have not been verified by PyPI
Meta
  • Requires: Python >=3.13

Release history Release notifications | RSS feed

0.6.0

0.5.0

This version

0.4.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ai_container-0.4.0.tar.gz (9.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

ai_container-0.4.0-py3-none-any.whl (5.8 kB view details)

Uploaded Python 3

File details

Details for the file ai_container-0.4.0.tar.gz.

File metadata

  • Download URL: ai_container-0.4.0.tar.gz
  • Upload date:
  • Size: 9.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.9.21 {"installer":{"name":"uv","version":"0.9.21","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"macOS","version":null,"id":null,"libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}

File hashes

Hashes for ai_container-0.4.0.tar.gz
Algorithm Hash digest
SHA256 b52b8c6f8df06f478970c35a07d4bbb3a10f2403f8acb9cc9547eab0ff0e4d08
MD5 5fdbccc945b3637463328b717b24301d
BLAKE2b-256 d1af1fe9fb21b2b26f5028e2e609fa029b13d6ed4f2b02cf3e7208e5ad9c76ca

See more details on using hashes here.

File details

Details for the file ai_container-0.4.0-py3-none-any.whl.

File metadata

  • Download URL: ai_container-0.4.0-py3-none-any.whl
  • Upload date:
  • Size: 5.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.9.21 {"installer":{"name":"uv","version":"0.9.21","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"macOS","version":null,"id":null,"libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}

File hashes

Hashes for ai_container-0.4.0-py3-none-any.whl
Algorithm Hash digest
SHA256 19f6e67a0247b90a0307b79672b01b1dab3aa4dc6874428ee85ade5078803e04
MD5 dd3aab8eab0ab12b2c2cb3be0d56a318
BLAKE2b-256 ff020b00be5740763b081f10c7e557e41dc3d49b048c1a06c72fea43e3e0fbc7

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page