Back to Home
The-AI-Alliance icon

gofannon

by The-AI-Alliance

View Source

Overview

A web application for subject matter experts to rapidly prototype AI agents and their corresponding web UIs.

Installation

Run Command
cd gofannon/webapp/docker/infra && docker compose up --build

Environment Variables

  • APP_ENV
  • STORAGE_PROVIDER
  • ADMIN_PANEL_ENABLED
  • ADMIN_PANEL_PASSWORD
  • S3_ENDPOINT_URL
  • AWS_ACCESS_KEY_ID
  • AWS_SECRET_ACCESS_KEY
  • AWS_DEFAULT_REGION
  • S3_BUCKET_NAME
  • DATABASE_PROVIDER
  • COUCHDB_URL
  • COUCHDB_USER
  • COUCHDB_PASSWORD
  • CLOUDWATCH_LOG_GROUP_NAME
  • GCP_PROJECT_ID
  • OPENAI_API_KEY
  • GEMINI_API_KEY
  • ANTHROPIC_API_KEY
  • FRONTEND_URL
  • APP_ROUTER_CONFIG
  • LITELLM_LOGGING_MODE
  • VITE_APP_ENV
  • VITE_ADMIN_PANEL_ENABLED

Security Notes

The system allows user-provided Python code to be executed directly via `exec` in a sandboxed environment (`_execute_agent_code`), which is an extremely high-risk operation, as robust sandboxing in Python is notoriously difficult to achieve. Wildcard CORS is enabled in local/development environments, which poses a risk if not strictly managed. The ability to specify arbitrary MCP server URLs (`/mcp/tools` endpoint) could lead to Server-Side Request Forgery (SSRF). Hardcoded default credentials for local MinIO and CouchDB (`minioadmin:minioadmin`, `admin:password`) are present in `docker-compose.yml` and `couchdb-init.sh`, which are critical if these defaults are used in production or exposed. The demo application generation, which uses LLM-generated HTML/CSS/JS in an iframe with `allow-scripts` and `allow-same-origin` attributes, introduces a significant XSS risk if the LLM generates malicious code.

Similar Servers

mcp-use

8458

A full-stack framework for building Model Context Protocol (MCP) servers, MCP clients, and AI agents in both Python and TypeScript, supporting interactive UI widgets and robust debugging.

Coding Agents
6
$High

npcpy

1100

A comprehensive Python library and framework for building, evaluating, and serving LLM-powered agents and multi-agent systems, integrating fine-tuning capabilities, knowledge graphs, and scalable model operations, with a built-in Flask API server for deployment.

Coding Agents
1
$High

arcade-mcp

766

A framework and collection of toolkits for building and deploying AI agent servers that integrate with various external services.

Web & APIs
9
$Medium

volcano-sdk

371

A TypeScript SDK for building multi-provider AI agents that chain LLM reasoning with external tools and orchestrate multi-agent workflows.

8
$Medium

Stats

Interest Score46
Security Score2
Cost ClassHigh
Avg Tokens2000
Stars59
Forks17
Last Update2025-12-02

Tags

AI agentsweb UIprototypingFastAPIReact