didericis/bot-bottle
1
0
Fork 0
Code Issues 5 Pull Requests 3 Actions Packages Projects Releases Wiki Activity

docs: add end-to-end demo with recorded GIF
test / unit (push) Successful in 12s
Details
test / integration (push) Successful in 19s
Details

Browse Source 
scripts/demo.sh + scripts/demo_harness.py drive a real bottle through
four probes (pipelock allow, host-allowlist block, DLP body-scan
block, git-gate gitleaks rejection). docs/demo.tape is the VHS source
that renders docs/demo.gif, embedded at the top of the README as a
working proof of the security model the prose describes.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
didericis
2026-05-13 00:55:58 -04:00
parent 3d9103d5b5
commit 4ef1cc58df
5 changed files with 351 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+9
View File
@@ -8,6 +8,15 @@
Run multiple Claude Code agents on your own machine, each scoped to its own secrets, skills, and egress allowlist.
![pipelock and git-gate blocking exfil attempts against a live bottle](docs/demo.gif)
Four probes against a real bottle, end-to-end:
pipelock forwards a clean HTTPS GET to an allowlisted host,
blocks a GET to a non-allowlisted host,
blocks a POST whose body carries a credential pattern;
git-gate rejects a push containing a leaked key.
Run it yourself with `bash scripts/demo.sh`.
## Why "claude-bottle"?
Each container is a bottle; Claude is the genie inside. The genie's