fulling: a foundation for persistent AI workspaces with secure Kubernetes credential boundaries
fulling: a foundation for persistent AI workspaces with secure Kubernetes credential boundaries
What it solves
Fulling provides a foundation for creating dedicated AI workspaces. These are persistent environments that integrate skills, files, memory, scripts, and runtime, ensuring that AI agents have a secure and stable place to operate.
How it works
The system establishes a secure identity and credential boundary using Kubernetes. It manages user accounts via GitHub sign-in and PostgreSQL, allowing users to have a user-scoped Kubernetes client boundary. It validates kubeconfigs to prevent security risks like SSRF or the use of executable plugins, ensuring that the runtime environment is controlled and authenticated.
Who it’s for
Developers and AI engineers who need a persistent, secure runtime environment for AI agents and tools.
Highlights
- Kubernetes Integration: Uses Kubernetes
SelfSubjectReviewfor authenticated kubeconfig validation. - Secure Credential Boundary: Implements strict validation to reject executable plugins and non-HTTPS API servers to prevent security leaks.
- Identity Management: Integrated GitHub-only sign-in via Better Auth and PostgreSQL-backed session management.
- Persistent Environments: Designed to support a model where AI skills and memory are tied to a persistent workspace.
Sources
- undefinedFullAgent/fulling