Vibelets are minimal HTML/JS widgets embedded in Federated Wiki pages using the `frame` plugin. Since they execute code within the user's browser, security is a primary concern — especially in a federated, remixable, and agent-assisted environment.
This page outlines how Vibelets are secured through browser sandboxing, human-in-the-loop review, and emerging models for peer trust and digital signatures. Together, these strategies make Vibelets a safe and extensible foundation for community-based experimental coding.
# Browser Sandboxing Vibelets run in **sandboxed iframes** via the `frame` plugin, which provides reasonable baseline protections: - **No access to parent DOM**: Vibelets cannot manipulate or inspect the wiki UI itself - **No cross-origin scripting**: Vibelets cannot reach outside domains unless explicitly allowed - **Limited capabilities**: Features like JavaScript alerts, popups, clipboard access, or network requests can be disabled - **Read-only environment**: By design, Vibelets only "pull in" data from the wiki or local assets; they do not directly write to storage.
This default behavior aligns with standard web security best practices, using the browser’s own sandboxing model as a first line of defense.
# Ghost Page Workflow & Human Review
# Trust Models & Digital Signing In a federated and decentralized network, we cannot rely on a single authority to determine what code is “safe.” Instead, we use **community-mediated trust mechanisms**:
# Peer Review and Community Mediation Security is not just technical — it's social. In Hitchhiker's Vibelet ecosystem: - All contributions are **public and inspectable** - Anyone can **fork**, annotate, or improve a Vibelet or agent-generated plan - Peer reviewers can apply tags like `verified`, `needs-review`, `educational-only`, or `unsafe` - Communities can form around thematic collections (e.g. math sims, editors, data tools)
This community moderation reinforces both safety and mutual ownership. It aligns with the federated wiki’s design: **collaboration without centralization**.
# Toward a Secure Agentic Playground This security architecture enables: - Experimental agent-driven coding in a safe, reviewable space - Forkable tools and widgets that can be remixed without fear of breaking things - Progressive layering of trust, reputation, and auditability - A mutually owned space where every contributor has visibility and voice.
As the Hitchhiker’s Project evolves, these systems will form the backbone of a **robust, decentralized, and secure vibe-coding network**—where people and agents collaborate safely, joyfully, and transparently.