LLongsheng Huang
All projects
ActiveStarter Kit

AI Safe Dev Workspace

A secure AI coding workflow for solo developers using Cursor, Codex, Claude Code, and DevContainers — built to make AI-assisted development controlled, repeatable, and safer.

GitHub
Case study snapshot

Problem

AI coding tools are powerful, but default project setups often leak too much context, blur credential boundaries, and make it hard to switch between Cursor, Codex, and Claude Code without losing process discipline.

What I did

Designed the cross-tool harness, wrote the project rules and templates, tested DevContainer credential isolation, and documented the workflow as a reusable setup.

Stack

Next.jsTypeScriptMDXDevContainerCursorCodexClaude Code

Challenges

  • Keeping AI tools useful while reducing access to secrets and irrelevant context.
  • Making one set of project rules work across multiple AI coding tools.
  • Turning a personal workflow into reusable files without over-generalizing it.

Tradeoffs

  • Uses explicit markdown contracts instead of a heavier workflow platform.
  • Keeps credentials outside repo files, which adds setup steps but reduces accidental exposure.

Most solo developers using AI coding tools have a common problem: the tools are powerful, but the default setup leaks secrets, lacks structure, and makes it hard to hand context from one tool to another.

AI Safe Dev Workspace is my attempt to solve this systematically.

What it is

A composable set of configuration files, harness documents, and workflow patterns that work across Cursor, Codex, and Claude Code. The goal is a development environment where:

  • AI tools can read what they need and nothing more
  • Every project starts with PRD.md and DESIGN.md as the source of truth
  • Credentials stay isolated via DevContainer volume mounts
  • The same workflow pattern applies regardless of which AI tool is active

Three layers

Layer 1 — Ignore rules. .cursorignore, .cursorindexingignore, and equivalent patterns for other tools. Keeps secrets out of AI context.

Layer 2 — AI harness documents. AGENTS.md as the single source of truth for project rules. Tool-specific adapters (CLAUDE.md, .cursor/rules/*.mdc, .codex/config.toml) import from it rather than duplicate rules.

Layer 3 — Workflow. PRD → DESIGN → PLAN → implementation. Each AI tool reads the same documents, so context doesn't have to be re-explained when switching tools.

DevContainer strategy

The most underrated part of the setup is how credentials are handled in DevContainers.

Instead of environment variables in .env files (which tools can read), I use named Docker volumes to mount credentials at paths that are explicitly in the ignore lists. The container gets the secrets it needs; the AI tools cannot see them.

Current status

Active development. The core harness pattern is stable and in use on this project. The DevContainer credential isolation strategy is being refined.

What's next

  • Packaged starter kit with setup.sh for one-command project initialization
  • Pattern documentation for AWS, GCP, and Supabase credential isolation
  • Codex-specific workflow refinements