AI Sandbox Plan

How We Enable the Team Without Losing Control

One tool gates entry. Two tiers let people build safely. Nothing touches production until it's been reviewed by a dev.

Step 1

Gatekeeper

Web app every coach fills out before building anything. Two checks: is the data clean, and is this tool worth building?

Gate 1: Data anonymisation checklist (your green/amber/red system built in)
Gate 2: Product integrity questions — forces a real business case before anyone writes a line of code
Step 2

Coaches Sandbox

Approved ideas get built here. Coaches push to GitHub, it auto-deploys to a live URL. Password-protected so members and clients can't stumble onto it. Completely isolated — no real data, no production access.

Stack: GitHub (team org) + Vercel Pro (~$20/mo per seat)
Example: supplier-terms.vercel.app — push to deploy, password-protected
Step 3

Dev Review

Rossco, Josh, Travis, or Jake review before anything goes across. Curriculum sign-off, security check, quality pass. Only approved tools graduate. Completely isolated from EE's existing infrastructure.

Stack: Separate GitHub org, staging deploy, Vercel env vars for keys
Isolation: Does not touch EE's GitHub or servers
Handover
EE App

Production

Ben, Reverie, or Rossco pull approved tools across into EE's main GitHub and infrastructure.

Separate infrastructure. The sandbox never touches this side directly.

Gatekeeper → Coaches Sandbox → Dev Review  |  EE App — one-way, wall between sandbox and production

01
Hardware & Software

What to Buy

A personal sandbox for Jake, a shared team box for data crunching, and a cloud alternative. All prices AUD.

Jake's Sandbox

$3,200 one-off
Mac Mini M4 Pro
48GB / 1TB SSD

Personal isolated machine. Learn the technical side, test tools, run local models — no risk to business systems. Your sandbox to break things safely.

Ollama Claude Code Tailscale

Team Box

$7,000 one-off
Mac Studio M4 Max
128GB / 1TB SSD

Shared machine for serious work. Handles the full data load — 3,500 member Meta accounts, Shopify exports, ad performance crunching. Runs 70B+ local models. Coaches book time slots and remote in.

Ollama Cal.com RustDesk Tailscale

Cloud Alternative

$550 /month
Hetzner Cloud
48 vCPU / 192GB RAM

Same capability as the Team Box but no capital outlay. Faster for burst workloads. Same booking model — team books slots, remotes in. Can run alongside or instead of the Mac Studio.

Ollama Cal.com RustDesk Tailscale

Meeting Room Model: Team books 2-hour slots via Cal.com. Remote access via Tailscale + RustDesk (both free/open source). Local AI runs on the box via Ollama — no platform credits burned.

End of Year: Apple M5 chip (mid-year) and NVIDIA/Dell local AI hardware (late 2026) will change the game. Worth revisiting Q4 before committing to long-term compute spend.

02
Execution

What Happens When

Two weeks. Sandbox live, coaches building, hardware ordered. Aligned with AI April.

Week 1

Stand It Up

  • Jake signs off on this approach
  • Gatekeeper web app built and deployed
  • GitHub org + Vercel set up for coaches
  • Vercel env vars configured for API key management
  • Order hardware (Mac Mini + Mac Studio or VPS)
  • Coaches submit AI April ideas through the Gatekeeper
Sandbox infrastructure live, ideas flowing in
Week 2

Coaches Building

  • Approved ideas enter the sandbox
  • First coaching session with Rossco (fortnightly from here)
  • Booking system configured for team box
  • Jake's Mac Mini set up for personal sandbox
  • Best tools reviewed for production graduation
Team enabled, governed, building

The deal: The team gets to build and experiment. Jake gets visibility and control. Nothing touches production without a dev review. Everyone stops flying blind.

03