Container wrapper for running AI coding agents in isolated, secure containers

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for bbrowning from gravatar.com bbrowning

Unverified details

These details have not been verified by PyPI
Meta
Classifiers
Report project as malware

Project description

Paude

Run AI coding agents in secure containers. They make commits, you pull them back.

Supported Agents

Agent Flag Status
Claude Code --agent claude (default) Supported
Cursor CLI --agent cursor Supported
Gemini CLI --agent gemini Supported

Note: Your chosen agent must be installed and working on your local machine first.

Why Paude?

  • Isolated execution: Your agent runs in a container, not on your host machine
  • Safe autonomous mode: Enable --yolo without fear — the agent can't send your code anywhere
  • Git-based workflow: The agent commits inside the container, you git pull the changes
  • Run anywhere: Locally with Podman or Docker, remotely via SSH, or on OpenShift

Demo

asciicast

The demo shows Claude Code, but the workflow is identical with other agents.

Quick Start

Prerequisites

Your agent: Claude Code, Cursor CLI, or Gemini CLI installed and working locally.

Podman or Docker: Install Podman or Docker (for local backend).

Google Cloud SDK: gcloud auth application-default login

Environment variables (find your project ID in Google Cloud Console):

Claude Code:

export CLAUDE_CODE_USE_VERTEX=1
export ANTHROPIC_VERTEX_PROJECT_ID=your-project-id
export GOOGLE_CLOUD_PROJECT=your-project-id

Cursor CLI:

agent login  # or set CURSOR_API_KEY=your-api-key

macOS note: On Mac hosts, CURSOR_API_KEY is the simplest authentication method. Without it, each paude session requires a separate browser-based OAuth login via agent login inside the container.

Gemini CLI:

export GOOGLE_CLOUD_PROJECT=your-project-id

Install

uv tool install paude

First run: Paude pulls container images on first use. This takes a few minutes; subsequent runs start immediately.

Your First Session

# Claude Code (default)
cd your-project
paude create --yolo --git my-project

# Cursor CLI
paude create --agent cursor --yolo --git my-project

# Gemini CLI
paude create --agent gemini --yolo --git my-project

# Connect to the running session
paude connect my-project

# Pull the agent's commits (use your branch name):
git pull paude-my-project main

You'll know it's working when: paude connect shows the agent interface, and git pull brings back commits the agent made.

Passing a Task

paude create --yolo my-project -a '-p "refactor the auth module"'

Or just start the session and type your request in the agent interface.

Something Not Working?

  • Run paude --help for all options and examples
  • Run paude list to check session status
  • Use paude create --dry-run to verify configuration
  • Use paude start -v for verbose output (shows sync progress)
  • Check that your gcloud credentials are valid: gcloud auth application-default print-access-token

Learn more:

How It Works

Your Machine                    Container
    |                              |
    |-- git push ----------------▶ |  Agent works here
    |                              |  (network-filtered)
    ◀-- git pull -----------------|
    |                              |
  • Git is the sync mechanism — your local files stay untouched until you pull
  • --yolo is safe because network filtering blocks the agent from sending data to arbitrary URLs
  • The agent can only reach its API (e.g., Vertex AI) and package registries (e.g., PyPI) by default

Install from Source

git clone https://github.com/bbrowning/paude
cd paude
uv venv --python 3.12 --seed
source .venv/bin/activate
pip install -e .

Requirements

  • Python 3.11+ (for the Python package)
  • Your chosen agent CLI installed locally (Claude Code, Cursor CLI, or Gemini CLI)
  • Podman or Docker (for local backend)
  • OpenShift CLI oc (for OpenShift backend)
  • Google Cloud SDK configured (gcloud auth application-default login)

Development

See CONTRIBUTING.md for development setup, testing, and release instructions.

License

MIT

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for bbrowning from gravatar.com bbrowning

Unverified details

These details have not been verified by PyPI
Meta
Classifiers

Release history Release notifications | RSS feed

0.20.0a2 pre-release

0.20.0a1 pre-release

0.15.0

0.15.0rc6 pre-release

0.15.0rc5 pre-release

0.15.0rc4 pre-release

0.15.0rc3 pre-release

0.15.0rc2 pre-release

0.15.0rc1 pre-release

0.14.2

This version

0.14.1

0.14.0

0.13.0

0.12.2

0.12.1

0.12.0

0.11.1

0.11.0

0.10.1

0.10.0

0.9.1

0.9.1rc4 pre-release

0.9.1rc3 pre-release

0.9.0

0.8.2

0.8.1

0.8.0

0.7.3

0.7.2

0.7.1

0.7.0

0.6.0

0.5.0

0.4.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

paude-0.14.1.tar.gz (282.6 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

paude-0.14.1-py3-none-any.whl (144.5 kB view details)

Uploaded Python 3

File details

Details for the file paude-0.14.1.tar.gz.

File metadata

  • Download URL: paude-0.14.1.tar.gz
  • Upload date:
  • Size: 282.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for paude-0.14.1.tar.gz
Algorithm Hash digest
SHA256 1e196043063d5bfb71cc89afa37f0007b8dad72ff376c8358c62c7329a59582d
MD5 90ba4ba697d694e25823b89de0ee479b
BLAKE2b-256 89dbda0e9d06a3d718c4e57f61901a19b3aba4d71961a9cb7e36a3616a88f269

See more details on using hashes here.

Provenance

The following attestation bundles were made for paude-0.14.1.tar.gz:

Publisher: release.yml on bbrowning/paude

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file paude-0.14.1-py3-none-any.whl.

File metadata

  • Download URL: paude-0.14.1-py3-none-any.whl
  • Upload date:
  • Size: 144.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for paude-0.14.1-py3-none-any.whl
Algorithm Hash digest
SHA256 e222d9a964da98a6047bb3b7aa2eba2ca1e561a6c8b0eec938ba4295b3cd98a2
MD5 e3b77afedd6c440d31f76afb81e154f3
BLAKE2b-256 520c100af9f1e224b49ceb2918bfc7f2fc6f52026f4b865f7f98bb6ac3b0452e

See more details on using hashes here.

Provenance

The following attestation bundles were made for paude-0.14.1-py3-none-any.whl:

Publisher: release.yml on bbrowning/paude

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page