Getting Started with TealTiger Playground
Welcome to the TealTiger Interactive Web Playground — an enterprise-grade platform for developing, testing, and governing AI security policies. This guide walks you through signing in, creating your first workspace, writing policies, and collaborating with your team.
All features run on free-tier infrastructure (Supabase, Vercel, GitHub Actions). No credit card required.
Prerequisites
- A GitHub account (personal or organization)
- A modern browser (Chrome, Firefox, Safari, Edge)
- That’s it — no local installation needed for the hosted version
For Self-Hosting (Optional)
If you’re running the playground locally or deploying your own instance:
- Node.js 18+ and npm
- A Supabase project on the free tier (supabase.com)
- A GitHub OAuth App configured in Supabase
Create a .env.local file in the playground/ directory:
VITE_SUPABASE_URL=https://your-project.supabase.co
VITE_SUPABASE_ANON_KEY=your-anon-key-here
cd playground
npm install
npm run dev
http://localhost:5173.
1. Sign In with GitHub
The playground uses GitHub OAuth via Supabase Auth. No separate account creation is needed.
How to Sign In
- Click the “Sign in with GitHub” button in the top navigation bar
- GitHub’s authorization page opens — review the requested permissions:
read:user — reads your profile (username, avatar)user:email — reads your email addressread:org — reads your organization memberships (for team features)
- Click “Authorize” on GitHub
- You’re redirected back to the playground, now signed in
Your profile (avatar, username) appears in the top-right corner. Click it to see your email or sign out.
Anonymous Mode
You can use the playground without signing in. The core policy editor and evaluation engine work in anonymous mode. Team features (workspaces, collaboration, governance) require authentication.
Signing Out
Click your avatar in the top-right corner, then click “Sign out”. Your session is cleared and you return to anonymous mode.
Permissions and Privacy
- The app requests read-only access — it cannot modify your GitHub repos or settings
- Organization membership data is used only to auto-create team workspaces
- You can revoke access anytime from GitHub → Settings → Applications → Authorized OAuth Apps
2. Create a Workspace
Workspaces are shared environments where your team collaborates on policies. Each workspace has its own policies, audit trail, and settings.
Creating Your First Workspace
- After signing in, open the Workspace Selector dropdown in the navigation bar
- Click “Create New Workspace”
- Enter a workspace name (e.g.,
my-team-policies)
- Click Create
You’re now the Owner of this workspace with full control over settings and members.
Workspace Roles
| Role | Permissions |
|---|
| Owner | Full control: manage members, settings, create/edit/delete policies, approve policies |
| Editor | Create, edit, and delete policies; run evaluations |
| Viewer | View policies and run evaluations (read-only) |
Inviting Team Members
- Open Workspace Settings from the workspace dropdown
- Click “Invite Member”
- Enter a GitHub username or email address
- Select a role: Owner, Editor, or Viewer
- Click Invite
The invited user will see the workspace in their Workspace Selector after signing in.
Switching Workspaces
Use the Workspace Selector dropdown to switch between your personal workspace and any team workspaces you belong to. The active workspace is highlighted with a checkmark.
3. Create and Edit Policies
Policies are the core of TealTiger — they define security rules, cost controls, and guardrails for AI agent interactions.
Creating a New Policy
- Navigate to the Policy Registry in your workspace
- Click “Create Policy”
- Fill in the policy details:
- Name: A unique name within the workspace (e.g.,
pii-detection-v1)
- Description: What the policy does
- Category: Select a category (security, cost, compliance, etc.)
- Tags: Add searchable tags
- Write your policy code in the Monaco Editor (full syntax highlighting, autocomplete)
- Click Save to create the policy in Draft state
Example: Basic Cost Control Policy
// Cost control policy - limits spending per request
export default function costControlPolicy(context) {
const maxCostPerRequest = 0.05; // $0.05 per request
const estimatedCost = context.estimatedCost || 0;
if (estimatedCost > maxCostPerRequest) {
return {
decision: 'DENY',
reason: `Estimated cost ${estimatedCost} exceeds limit of ${maxCostPerRequest}`,
};
}
return {
decision: 'ALLOW',
metadata: { estimatedCost },
};
}
Policy Versioning
Every save creates a new immutable version with semantic versioning:
- Patch (1.0.0 → 1.0.1): Bug fixes, minor tweaks
- Minor (1.0.0 → 1.1.0): New features, non-breaking changes
- Major (1.0.0 → 2.0.0): Breaking changes
You can view the full version history in the Version Timeline and revert to any previous version.
Comparing Versions (Diff View)
- Open a policy’s Version History
- Select two versions to compare
- Choose a view mode:
- Side-by-side: Two columns showing old and new code
- Unified: Single column with
+/- indicators
- Changes are color-coded: green (added), red (removed), yellow (modified)
4. Use Policy Templates
The playground includes 15+ enterprise-ready templates to help you get started quickly.
Browsing Templates
- Open the Template Library from the sidebar
- Browse by category or search by name
- Each template card shows a description, supported providers, and use case
Available Template Categories
| Category | Templates |
|---|
| Security | PII Detection, Prompt Injection Detection, Content Moderation, RBAC Enforcement |
| Cost Control | Budget Enforcement, Rate Limiting, Token Optimization |
| Reliability | Circuit Breaker, Retry Strategy, Model Fallback, Load Balancing |
| Compliance | Audit Logging, Data Residency |
| Routing | Multi-Provider Routing, Semantic Cache |
Customizing a Template
- Click on a template card to open the Template Customizer
- Adjust parameters (thresholds, provider lists, limits) using the form inputs
- Preview the generated code with syntax highlighting
- Click “Save to Workspace” to create a new policy from the template
5. Collaborate with Your Team
The playground provides real-time collaboration features for team policy development.
Add comments directly on specific lines of policy code:
- Hover over a line number in the Monaco Editor
- Click the comment icon that appears
- Write your comment (Markdown supported)
- Use @username to mention and notify team members
- Click Post
Comments support threaded replies. Resolve a comment thread when the feedback has been addressed. The unresolved comment count badge shows how many open threads remain.
Real-Time Updates
When multiple team members are working on the same policy:
- Active users are shown with their avatars
- Comments and policy changes appear in real-time via WebSocket subscriptions
- An offline indicator appears if your connection drops, and changes sync automatically when reconnected
Policy Governance Workflow
Policies follow a structured lifecycle:
Draft → Review → Approved → Production
- Draft: Author writes and iterates on the policy
- Review: Author submits for approval; designated approvers are notified
- Approved: Required approvers have signed off; policy is locked from edits
- Production: Policy is deployed and active
Each state is shown as a colored badge on the policy card. To modify an approved or production policy, create a new version — the original remains immutable.
6. Next Steps
Now that you’re set up, explore these features:
Useful Keyboard Shortcuts
| Shortcut | Action |
|---|
Ctrl/Cmd + S | Save policy version |
Ctrl/Cmd + / | Toggle line comment |
Ctrl/Cmd + F | Search in editor |
Escape | Close modals and dropdowns |
Free Tier Limits
The playground runs entirely on free-tier infrastructure:
| Service | Limit |
|---|
| Supabase | 500 MB database, 50K monthly active users, 2 GB bandwidth |
| Vercel | 100 GB bandwidth, unlimited static deploys |
| GitHub Actions | 2,000 minutes/month |
