fulling: a foundation for persistent AI workspaces with secure Kubernetes credential boundaries

fulling: a foundation for persistent AI workspaces with secure Kubernetes credential boundaries

What it solves

Fulling provides a foundation for creating dedicated AI workspaces. These are persistent environments that integrate skills, files, memory, scripts, and runtime, ensuring that AI agents have a secure and stable place to operate.

How it works

The system establishes a secure identity and credential boundary using Kubernetes. It manages user accounts via GitHub sign-in and PostgreSQL, allowing users to have a user-scoped Kubernetes client boundary. It validates kubeconfigs to prevent security risks like SSRF or the use of executable plugins, ensuring that the runtime environment is controlled and authenticated.

Who it’s for

Developers and AI engineers who need a persistent, secure runtime environment for AI agents and tools.

Highlights

  • Kubernetes Integration: Uses Kubernetes SelfSubjectReview for authenticated kubeconfig validation.
  • Secure Credential Boundary: Implements strict validation to reject executable plugins and non-HTTPS API servers to prevent security leaks.
  • Identity Management: Integrated GitHub-only sign-in via Better Auth and PostgreSQL-backed session management.
  • Persistent Environments: Designed to support a model where AI skills and memory are tied to a persistent workspace.

Sources