Skip to main content
The live demo runs the whole platform in one disposable container per visitor: a notebook to define an agent, plus the dashboard Playground to chat with it and watch policy decisions stream. Everything runs on a fresh database that vanishes when the session ends — no shared state, no cleanup.
Bring your own key (BYOK). The visitor pastes their own OpenAI key into the notebook. It’s their key, in their own throwaway container (one visitor per container, destroyed after idle) — so no provider key is ever exposed, and there’s no LLM gateway to operate.

What a visitor does

1

Open the notebook

The landing page is a marimo notebook. Paste your OpenAI API key (stays in the container, never logged).
2

Edit the agent, Apply & reload

Define your tools (@tool) and the agent (create_agent(...)) as real Python in the cells, then click Apply & reload. The notebook runs the serve loop in-kernel bound to that live agent object; the change flows into the Playground automatically.
3

Open the Playground and chat

Click Open the live playground — it opens the dashboard in a new tab, already signed in. Send a message and watch reasoning, tool calls, and policy decisions (allow / deny / approval) stream live. Edit the policy in the Policies tab and the next message picks it up — no restart.

How it fits together

The demo rides hexgate’s normal relay design — the serve loop dials out to the platform, so a hosted container just replaces “the developer’s laptop”: 
ONE CONTAINER (per visitor — destroyed after idle)
  fresh SQLite
   ├─ Platform API  — serves the dashboard same-origin + auto-login
   └─ marimo notebook — the landing UI; runs the serve loop in-kernel
        ├─ paste your OpenAI key (BYOK)
        ├─ define tools + agent in cells + Apply → (re)starts in-kernel serve
        │     serve loop (bound to your live agent) → dials the platform's /v1/serve
        │     └─ LLM calls use your key → OpenAI
        └─ Open playground → signed-in dashboard /playground
Nothing here is demo-only plumbing inside the platform: it’s the same control plane, dashboard, and hexgate serve logic you’d run locally — just bundled into one container with auto-seeding and auto-login.

Run it in your browser (GitHub Codespaces)

The repo ships a devcontainer, so anyone can launch the full demo — notebook + dashboard, their own isolated container — in one click: Open in GitHub Codespaces It builds once (~a couple of minutes; instant with Prebuilds), then the notebook opens on port 2718 automatically. Paste your OpenAI key, Apply & start, and open the dashboard playground. Each visitor gets their own container on their own free Codespaces quota — no cost to us, full per-visitor isolation, and marimo’s live editing works (ports are forwarded directly).

Run it locally

make demo-notebook-build   # one-time: deps + marimo + dashboard build
make demo-notebook         # launch the whole world (one process)
Open http://localhost:2718, paste your key, Apply & start, then open the Playground.
make demo-notebook sets HEXGATE_COOKIE_SECURE=0 for local HTTP — the browser drops a Secure cookie over plain HTTP (it’s 1 over HTTPS, e.g. Codespaces).