Preflight Console
Supplied-file runs stay local-only; repository runs require a pinned template and allowlisted network hosts. Both paths keep secrets out and emit receipts.
This console keeps Aweb Code execution behind session auth, no-network policy, budget caps, Mission Contract evidence, sandbox receipts, and Agent Action Receipt wrapping.
This shell inherits authenticated page-route posture and is not exposed as a public marketing surface.
Runner registration and connector mutation stay blocked; signed Mission approval issuing, sandbox eval summaries, cost visibility, and operator sandbox interrupts are live.
Published /api/v2/os9 fleets, runners, approvals, and mission contracts use route-level auth and explicit OpenAPI registration; broader OS9 APIs remain closed.
POST /api/aweb-code/preflight stays feature-flagged.
Sign in to load durable runs.
Runs that reached sandbox execution completion.
Failed, blocked, or cleanup-attention sessions.
Ledger rows with stdout/stderr byte evidence.
Supplied-file runs stay local-only; repository runs require a pinned template and allowlisted network hosts. Both paths keep secrets out and emit receipts.
Neon-backed sandbox session and event evidence for the signed-in operator.
Browser-retained stdout, stderr, and receipt JSON from recent preflights.