Every AI coding tool can write Python — Cursor, Claude Code, Windsurf. None of them can run it safely in production.
That gap between "AI wrote the code" and "the code ran safely" is exactly what I'm building jhansi.io to close.
This series documents the journey. One layer of the problem at a time.
When AI generates code, four things still stand between you and prod:
eval()
your way through an audit.jhansi.io is the missing run()
for AI-generated code. Open core, cloud sandbox, built to close each part of the gap — layer by layer. Part 1 — Persistent sandboxes
Why "ephemeral" breaks debugging, state, and compliance. The case for giving every AI a home directory.
→ Read Part 1 Part 2 — Dependency management (coming soon)
Detecting, installing, and locking deps across Python, Node, Go, and Java. With SBOMs and policy built in.
Part 3 — Isolation (coming soon) What "hard isolation" actually means. Containers, Firecracker, zero trust networking, and the metadata service attacks you haven't thought of yet.
Part 4 — Secrets (coming soon) Kernel-level proxies. AI can call Stripe without the key ever entering the sandbox.
Part 5 — Audit (coming soon) Who ran what, when, with which prompt. Hash-chained logs that satisfy auditors, not just engineers.
Building this in public. Follow the series on Dev.to, Linkedin, and X.
Code is Apache 2.0 at github.com/jhansi-io.