AI安全研究开发配置
AI Skill Hub 推荐使用:AI安全研究开发配置 是一款优质的Agent工作流。AI 综合评分 6.5 分,在同类工具中表现稳健。如果你正在寻找可靠的Agent工作流解决方案,这是一个值得深入了解的选择。
📚 深度解析
AI安全研究开发配置 工作流的设计遵循"最小配置,最大复用"原则:核心逻辑已经封装好,用户只需配置自己的 API Key 和业务参数即可快速上手。工作流内置错误处理和重试机制,在网络波动或 API 限速等情况下仍能稳定运行,适合作为生产环境的自动化基础设施。
在实际部署时,建议先在测试环境中运行 3-5 次,验证各个环节的输出结果符合预期,再部署到生产环境。AI Skill Hub 评分 6.5 分,是同类 Agent 工作流中的精选推荐。
📋 工具概览
专为AI安全研究设计的开源工作流配置项目。集成Claude Code等编码Agent,提供高度定制化的开发环境设置。适合AI安全研究者、机器学习工程师快速建立标准化工作流。
AI安全研究开发配置 是一套完整的 AI Agent 自动化工作流方案。通过可视化的节点编排,将复杂的多步骤任务拆解为清晰的自动化流程,实现全程无人值守的智能处理。支持与数百种外部服务和 API 无缝集成,适合构建数据处理管线、业务自动化和 AI 辅助决策系统。
📖 中文文档
专为AI安全研究设计的开源工作流配置项目。集成Claude Code等编码Agent,提供高度定制化的开发环境设置。适合AI安全研究者、机器学习工程师快速建立标准化工作流。
AI安全研究开发配置 是一套完整的 AI Agent 自动化工作流方案。通过可视化的节点编排,将复杂的多步骤任务拆解为清晰的自动化流程,实现全程无人值守的智能处理。支持与数百种外部服务和 API 无缝集成,适合构建数据处理管线、业务自动化和 AI 辅助决策系统。
- 可视化 Agent 工作流编排,无需编写复杂代码
- 支持多步骤自动化任务链,实现全流程无人值守
- 与外部 API、数据库和第三方服务无缝集成
- 内置错误处理与自动重试机制,保障稳定运行
- 提供可复用的自动化模板,快速在同类场景部署
- 自动化日常重复性工作,将精力集中于创造性任务
- 构建数据采集 → 处理 → 输出的完整自动化管线
- 实现跨平台、跨系统的数据流转和业务协同
# 克隆仓库 git clone https://github.com/yulonglin/dotfiles cd dotfiles # 查看安装说明 cat README.md # 按 README 完成环境依赖安装后即可使用
- 访问 GitHub 仓库获取工作流文件
- 在对应平台(Dify / Flowise / Make 等)中找到「导入工作流」功能
- 上传工作流文件
- 按照提示配置必要的环境变量和 API Key
- 运行测试确认流程正常后投入使用
# 查看帮助 dotfiles --help # 基本运行 dotfiles [options] <input> # 详细使用说明请查阅文档 # https://github.com/yulonglin/dotfiles
# dotfiles 配置说明 # 查看配置选项 dotfiles --config-example > config.yml # 常见配置项 # output_dir: ./output # log_level: info # workers: 4 # 环境变量(覆盖配置文件) export DOTFILES_CONFIG="/path/to/config.yml"
dotfiles
Highly opinionated development environment for AI safety research. ZSH, Tmux, Vim, SSH, and AI coding assistants across macOS, Linux, and cloud containers.
This setup reflects workflows optimized for ML research: reproducibility, experiment tracking, async API patterns, and rigorous methodology. The AI assistant configurations enforce research discipline—interview before planning, plan before implementing, skepticism of surprisingly good results.
Key highlights:
- 🤖 AI Coding Assistants - Extensively configured Claude Code, plus Codex CLI and Gemini CLI support
- 👻 Ghostty - Fast, GPU-accelerated terminal with sensible defaults
- 📊 htop - Dynamic CPU meter configuration that adapts to your core count
- 🦀 Rust-powered CLI tools - Modern, blazing-fast replacements for standard Unix utilities
- 🧹 Automatic cleanup - Scheduled cleanup of Downloads/Screenshots (macOS, moves to trash)
Originally forked from jplhughes/dotfiles - thanks John for the solid foundation!
AI agents working here: start with CLAUDE.md — it has a Quick Reference, deploy-component table, and operational gotchas. This README is human-oriented onboarding; CLAUDE.md is the operational doc.
1. Install dependencies (zsh, tmux, CLI tools, AI assistants)
./install.sh
Step 1: Install dependencies
Install dependencies (e.g. oh-my-zsh and related plugins). The installer auto-detects your OS and applies sensible defaults.
```bash
2. Deploy configurations (symlinks, shell config, secrets, automation)
./deploy.sh
Installation
Install with defaults (recommended)
./install.sh
Install only specific components
./install.sh --minimal --tmux --zsh # --minimal disables all defaults ```
Defaults by platform:
| Platform | Defaults |
|---|---|
| **macOS** | zsh, tmux, AI tools, cleanup + Rust CLI tools via Homebrew |
| **Linux** | zsh, tmux, AI tools, create-user + Rust CLI tools via [mise](https://mise.jdx.dev/) |
Installation on macOS requires Homebrew - install from brew.sh first if needed.
Step 2: Deploy configurations
Deploy configurations (sources aliases for .zshrc, applies oh-my-zsh settings, etc.). All settings live in config.sh — edit once, deploy everywhere.
```bash
Deploy with defaults (recommended)
./deploy.sh
Deploy only specific components
./deploy.sh --only vim claude # Only vim and claude, nothing else
Automatically enabled when you deploy ZSH config
./deploy.sh # (default: includes ZSH)
**How it works:**
- Checks for `~/.ssh/id_ed25519` (customizable via `SSH_KEY_PATH` env var)
- **Prompts to generate** if key doesn't exist (never overwrites existing keys)
- Adds to macOS Keychain (`--apple-use-keychain`) or Linux ssh-agent
- Only runs in interactive shells
- Skips if key already loaded in agent
**First-time setup flow:**
1. Shell starts → detects no key → prompts "Generate a new ed25519 SSH key now? [y/N]"
2. If yes → generates key → shows command to copy public key
3. Automatically adds to agent on this and future shell sessions
**Custom key path:**
Configuration: config/ssh_setup.sh
Uninstall
./scripts/cleanup/setup_claude_cleanup.sh --uninstall ```
Uninstall automation
./scripts/cleanup/setup_gist_sync.sh --uninstall ```
Note: Secret gists are unlisted, not encrypted. Only non-secret config (SSH config, authorized_keys, git identity) should be synced via gist.
Installing packages works normally — quarantine is transparent
npm install express # Works (express is >7 days old) bun add zod # Works uv add httpx # Works
Override for a specific install (after checking it's safe)
npm install --min-release-age=0 some-brand-new-pkg # npm bun add --minimumReleaseAge=0 some-brand-new-pkg # bun UV_EXCLUDE_NEWER= uv pip install some-brand-new-pkg # uv
**Credential isolation:**
API keys stay in `$DOTFILES_SECRETS_DIR/secrets.env.enc` and are NOT globally exported. Each project gets only the keys it needs:
Cloud Setup (RunPod, Hetzner, etc.)
One-command setup for cloud VMs and containers:
```bash
Quickstart
This project offers two quickstart paths: Local and Cloud.
---
Local Quickstart
For setting up on your personal machine (macOS, Linux, desktop/laptop):
```bash git clone https://github.com/yulonglin/dotfiles.git && cd dotfiles
Cloud Quickstart
For cloud environments (RunPod, Hetzner, Lambda Labs, etc):
1. SSH into your new remote machine as root. 2. Run the one-liner:
# RunPod (fresh pod)
curl -fsSL https://raw.githubusercontent.com/yulonglin/dotfiles/main/scripts/cloud/setup.sh | bash
# Hetzner / standard VPS (persistent /home)
curl -fsSL https://raw.githubusercontent.com/yulonglin/dotfiles/main/scripts/cloud/setup.sh | USER_HOME=/home bash
install.sh + deploy.sh automatically. It will prompt for GitHub auth and an optional age key (for encrypted secrets). 3. Reconnect as your user: ssh yulong@<ip>
/etc/passwd): curl -fsSL https://raw.githubusercontent.com/yulonglin/dotfiles/main/scripts/cloud/restart.sh | bash
config.sh to disable resource-intensive options (AI assistants, cleanup automation, etc.) before running install/deploy.
Tip: The setup auto-detects cloud providers and adjusts accordingly (persistent storage paths, SSH config, no macOS-only features). See scripts/cloud/README.md for details.
→ Creates .envrc with eval-based exports, direnv auto-loads on cd
Map a namespaced secret into the env var your app expects
setup-envrc ANTHROPIC_API_KEY TELEGRAM_BOT_TOKEN=NUDGE_TELEGRAM_BOT_TOKEN
and generate .claude/channels/telegram/.env only at launch time
setup-envrc --telegram-secret AMBASSADOR_TELEGRAM_BOT_TOKEN
Check what's configured
setup-envrc --list # Show keys in current .envrc setup-envrc --clean # Remove .envrc
One-off command with selected keys (no .envrc needed)
with-secrets ANTHROPIC_API_KEY OPENAI_API_KEY -- python my_script.py
**Manual audit:**
Rust CLI Tools
These modern alternatives are installed by default and significantly faster than their traditional counterparts:
| Tool | Replaces | Why it's better |
|---|---|---|
[bat](https://github.com/sharkdp/bat) | cat | Syntax highlighting, line numbers, git integration |
[eza](https://github.com/eza-community/eza) | ls | Colors, icons, git status, tree view built-in |
[fd](https://github.com/sharkdp/fd) | find | Intuitive syntax, respects .gitignore, 5x faster |
[ripgrep](https://github.com/BurntSushi/ripgrep) (rg) | grep | Recursive by default, respects .gitignore, 10x+ faster |
[delta](https://github.com/dandavison/delta) | diff | Side-by-side, syntax highlighting, line numbers |
[zoxide](https://github.com/ajeetdsouza/zoxide) | cd | Learns your habits, jump with z dirname |
[dust](https://github.com/bootandy/dust) | du | Intuitive visualization of disk usage |
[jless](https://github.com/PaulJuliusMartinez/jless) | less (JSON) | Interactive JSON viewer with vim keybindings |
Extras (--extras flag):
hyperfine— statistical benchmarking with warmup and multiple runsgitui— TUI for gitcode2prompt— generate LLM prompts from codebases
Codex CLI (OpenAI)
Codex CLI configuration that reuses Claude Code's skills:
./deploy.sh --codex # Symlinks codex/ → ~/.codexWhat's included:
AGENTS.md— Global instructions (references CLAUDE.md as source of truth)config.toml— Model settings, status line config, and per-project trust levelsrules/— Behavioral rule files synced from Claude Code'srules/skills/→ symlink toclaude/skills/so both CLIs share the same skill set
The configuration follows the same research discipline as Claude Code but adapted for Codex's execution model.
Gemini CLI (Google)
Gemini CLI can sync with Claude Code configurations:
./scripts/sync_claude_to_gemini.sh # Syncs skills/agents/permissionsWhat it does:
- Symlinks Claude Code skills to
~/.gemini/skills/ - Converts Claude agents to Gemini skill format
- Syncs permissions from
.claude/settings.jsonto Gemini policies - Creates
GEMINI.mdpointer to CLAUDE.md
Note: Gemini CLI uses a different skills format. The sync script adapts Claude's configuration but some features may not translate directly.
Package Auto-Update (both platforms)
Weekly package upgrade + cleanup on Sundays at 05:00:
./deploy.sh --brew-update # Part of defaultsSupports Homebrew (macOS), apt, dnf, and pacman (Linux). Includes cleanup of stale caches.
New packages published <7 days ago are blocked (intentional)
npm install some-brand-new-pkg
Error: min-release-age — package was published 2 days ago
Claude Telegram plugin: keep the token canonical in dotfiles-secrets,
面向AI安全领域的垂直工作流方案,提供Agent集成基础。但生态成熟度有限,社区反馈较少,实用性需验证。
- 需要让 Claude / Cursor 操作本地工具的 AI 工程师
- 构建多智能体协作系统的 Agent 开发者
- 跨境业务、多语言内容运营团队
- 配置 MCP 服务器时建议使用 stdio 传输 + JSON-RPC,避免暴露公网
- Agent 任务先做 dry-run 验证工具调用链,再开启自主执行
- API key 直接提交到 git 仓库(请用 .env 并加入 .gitignore)
- MCP 配置路径拼错或权限不足,重启 Claude Desktop 才生效
- CLI:直接 npm install -g / pip install,命令行调用
- 云端托管:可放在 Vercel / Railway / Fly.io 等 PaaS 平台
⚡ 核心功能
- 可视化 Agent 工作流编排,无需编写复杂代码
- 支持多步骤自动化任务链,实现全流程无人值守
- 与外部 API、数据库和第三方服务无缝集成
- 内置错误处理与自动重试机制,保障稳定运行
- 提供可复用的自动化模板,快速在同类场景部署
- 需要让 Claude / Cursor 操作本地工具的 AI 工程师
- 构建多智能体协作系统的 Agent 开发者
- 跨境业务、多语言内容运营团队
- 配置 MCP 服务器时建议使用 stdio 传输 + JSON-RPC,避免暴露公网
- Agent 任务先做 dry-run 验证工具调用链,再开启自主执行
- API key 直接提交到 git 仓库(请用 .env 并加入 .gitignore)
- MCP 配置路径拼错或权限不足,重启 Claude Desktop 才生效
👥 适合人群
🎯 使用场景
- 自动化日常重复性工作,将精力集中于创造性任务
- 构建数据采集 → 处理 → 输出的完整自动化管线
- 实现跨平台、跨系统的数据流转和业务协同
⚖️ 优点与不足
- +大幅减少重复性人工操作
- +可视化流程,清晰直观
- +可扩展性强,支持复杂场景
- −未明确开源协议,商用场景需谨慎评估
- −初始配置和调试需投入一定时间
- −强依赖外部服务的稳定性
- −复杂场景需具备一定技术基础
该工具未明确声明开源协议,商业使用前请联系原作者确认授权范围,避免侵权风险。
AI Skill Hub 为第三方内容聚合平台,本页面信息基于公开数据整理,不对工具功能和质量作任何法律背书。
建议在沙箱或测试环境中充分验证后,再部署至生产环境,并做好必要的安全评估。
🔗 相关工具推荐
❓ 常见问题 FAQ
总体来看,AI安全研究开发配置 是一款质量良好的Agent工作流,在同类工具中具备一定竞争力。AI Skill Hub 将持续追踪其更新动态,建议收藏备用,结合自身场景选择合适时机引入使用。
| 原始名称 | dotfiles |
| 原始描述 | 开源AI工作流:Highly-opinionated setup for AI safety research with coding agents (Claude Code,。⭐10 · Shell |
| Topics | AI安全开发环境编码Agent工作流Shell配置 |
| GitHub | https://github.com/yulonglin/dotfiles |
| 语言 | Shell |
收录时间:2026-05-24 · 更新时间:2026-05-30 · License:未公布 · AI Skill Hub 不对第三方内容的准确性作法律背书。