TUNC.AI · Operator Console

Tunc Hub.
For Operators

What it is

The governed workspace for AI coding agents.

Run agents, approve risky actions, and keep every tool call, task, preview, and memory trail visible in one operator-controlled workspace.

Download for Mac →

See governance ↓

For approved operators · macOS · Apple Silicon

Have access already? Sign in →

ok, so we are on a n…

// CHAT · Tunchub Landing

// ok, so we are on a new project…

running 75% · 65k/392k

openai_codex/gpt-5.5 · effort high · tunc:0.5.1

✓ Worked for 179ms, did 3 tools, 3 successful

I have the design copy and confirmed the target is CLM-only, so I'll scaffold the app.

✓ Worked for 31.1s, did 1 tool, 1 successful

Scaffold complete. Moving to port the primitives next.

ToDo 1/6 tasks

#41 Inspect source design and parent primitives

#42 Scaffolding Next.js project files

#43 Port primitives, theme, and assets

#44 Build landing and downloaded routes

// ACTIVITY

0s ▸ #45 Install dependencies and verify pending

0s ▸ #44 Build landing and downloaded routes pending

0s ▸ #41 Inspect source design and parent primitives done

0s ▸ #42 Scaffold Next.js project files active

task #42

status Active

priority Normal

Scaffold Next.js project files

Governed autonomy

Agents can move fast because operators stay in control.

When Trejo wants to edit code, run tests, or publish a deploy, Hub shows the repo, tool call, permission mode, diff, and approval point before anything risky happens.

Visible work

Every task, command, preview, and file edit stays attached to the workspace timeline.

Approval gates

Permission modes make risky actions explicit instead of burying them in a chat transcript.

Recoverable history

Memory, logs, and audit trails make agent work inspectable after the tab, model, or session changes.

Why teams pick it

Autonomy without the blank check.

Tunc Hub lets agents keep working while operators keep the decisions, approvals, and audit trail.

01 · Momentum

Agents keep work moving.

Parallel tasks, checks, and previews continue while your team reviews the moments that matter.

02 · Control

Risky actions wait for approval.

Tool access, permission modes, and deploy gates are visible before an agent can change something important.

03 · Ownership

Your code and history stay yours.

Keys, memory, policies, and audit trails stay under your rules instead of disappearing into a prompt window.

What it does

Work, verify, govern — in one window.

Chat, agents, tools, previews, memory, and permissions are grouped around one job: keep AI work visible, reviewable, and recoverable.

01 / CHAT

Chat with your codebase

Pick the model: Claude, OpenAI, DeepSeek, your call. Ask questions, get answers grounded in the real repo, not a guess from training data.

claude-opus-4 gpt-5

deepseek-v4 + workspace ctx

02 / TOOLS

Real work, not just chat

AI reads files, runs commands, uses git, opens PRs, and checks its work in a browser. All inside isolated workspaces (local or cloud), so your laptop stays untouched.

▾acme/checkout

▾stripe/

+ webhook.ts

·idempotency.ts

·tests/

03 / AGENTS

Send AI to work in the background

Spawn agents to plan, refactor, review, or implement while you keep moving. Nudge them, stop them, or take over whenever you want.

refactor-tests12m · 18 tools

review-pr-482asks

scope-fixdone

04 / PREVIEW

See what AI is building

Preview the app, the diff, the docs, or the browser session right next to the chat. No app-switching, no guesswork about what changed.

localhost:3000/checkout

05 / MEMORY

Nothing gets forgotten

Every chat, plan, task, and tool call is saved against the workspace. Restart the app, switch devices, come back next week. The context is still there.

10:02

10:14

10:31

now

06 / GOVERN

Stay in control

Decide which models, tools, and credentials each workspace can use. Set policy once. Apply it everywhere your team works.

Default

Plan

Auto

Bypass

policy on Core vault

07 / PERSONAS

Know who's speaking

Give each AI a name, a role, and a co-author signature, so reviewers, PRs, and commits always show exactly who (or what) did the work.

Backend Engineer

co-author · acme-bot

Reviewer

read-only voice

08 / TOOL ACCESS

Just the keys it needs

Allow some tools, deny others, ask before risky ones. AI doesn't even see the tools you've hidden. No blank checks.

shell.execallow

file.writeask

external.pushdeny

09 / AUDIT

Show me what AI did

Every tool call, every approval, every diff is logged against the workspace. Useful for debugging, cost, security, or just answering "wait, why?"

shell.exec · git status

file.write · webhook.ts

external.push · prod

How it works

Sign in. Pick a workspace.
Start a turn.

It's a desktop app. You open it, sign in, and you're working. The technical bits happen quietly in the background.

01 / SIGN IN

We check you're an operator. Your workspaces and credentials load automatically.

02 / SELECT

Pick your project

Pick the repo or client workspace. The right credentials and policies follow.

03 / CHAT OR PLAN

Choose how to work

Pick your AI, your mode, your level of supervision. Then start talking.

04 / RUN

AI does the work

AI uses its tools under whatever rules you set. You watch, approve, or step in.

05 / PREVIEW

See the result

Read the diff, run the app, browse the output. Without leaving the window.

06 / AUDIT

Everything logged

Every decision is saved. For next time, for your team, or for your CFO.

AI doesn't replace your team.
It just stops slowing them down.

The Tunc.AI principle

AI governance

AI you can trust,
because you can see it.

Everything AI does is visible, approvable, and reversible. Not buried in a settings tab. Right on the chat surface, where the work happens.

Personas with names

Give each AI a name and a role. Backend engineer, frontend specialist, code reviewer, QA. The persona shapes how it speaks, what it can do, and whose name shows up on the commit.

Lock a persona to a workspace or company. The right AI runs the right work. No mystery.

AI gets a name and a role you assign
How it talks, and how it signs work
Different persona per workspace if you want
Live attribution on commits and PRs

Active persona

Backend Engineer

co-author · acme-bot <bot@acme.dev>

Available roles

Backend Frontend Reviewer QA Architect

policy.persona = backend@acme

Give AI just the right tools

AI doesn't need every tool every time. Pick what each workspace can use: shell, git, file writes, browser, MCP servers, your own integrations.

Lock down anything risky. Hide what you don't trust. AI doesn't even know the hidden tools exist.

Allow, ask, or deny per tool
Different rules per workspace
Hidden tools are truly hidden
Block or allow specific commands

Workspace policy: acme/checkout

shell.exec · git.*allow

shell.exec · rm -rfdeny

file.writeask

browser.navigateallow

mcp.figma.exportask

external.push · proddeny

Always know what mode AI is in

Four modes. They're visible on the chat surface, so you never wonder what AI is allowed to do right now.

In Auto, the safer stuff runs, the dangerous stuff is blocked, the iffy stuff still asks. Bypass exists, but only when you explicitly choose it.

Default: AI asks before it changes anything
Plan: AI proposes, doesn't touch
Auto: safe runs, risky asks, dangerous blocked
Bypass: only when you explicitly opt in

Current mode

Default

Plan

Auto

Bypass

Auto classification

file.read · webhook.tsauto-allow

file.write · webhook.tsask

shell · remove proddeny

Replay anything, anytime

Every chat, plan, tool call, and approval is logged against the workspace. When you need to know what happened, what AI tried, what got approved, what didn't, it's all there.

Useful for debugging, sharing decisions with the team, or just answering "why did it do that."

Full chat and tool history
Approvals, denials, and asks
Agent runs, plans, and previews
Backed up to Core if you want

Activity: last 4 events

shell.exec · git diff

backend@acme · 0:14

file.write · webhook.ts (operator-approved)

backend@acme · 0:21

external.push · prod (policy)

backend@acme · 0:23

Where your stuff lives

Your stuff stays yours.

Your code, your keys, and your team's identity stay where they belong. Hub is just the app you use. Core is the backend that ties workspaces, credentials, and policies together. Both honor your existing security model.

In Hub, on your machine

AI runs in isolated workspaces, not on your laptop
All your chat history and tool runs, saved locally
Files, diffs, browser, and markdown previews
Reusable skills you can drop in
Project memory that survives restarts

In Tunc Core, behind the app

Google sign-in and team assignment
Workspace-scoped credentials in a vault
Personas, tool rules, and permission policies
Who-said-what attribution in chat
Auto-updates with signed releases

For enterprise

Make it yours.

Want everything private? We white-label Tunc Hub and Tunc Core, then deploy a private Core in your cloud or on your servers. Your domain, your sign-in, your policies. Your data never leaves your perimeter.

Same desktop experience your team already trusts, with your logo on it.

Your brand on Hub and Core
On-premises, AWS, GCP, or Azure
Every chat, persona, and policy stays with you
Your identity provider, your domain
Custom retention and audit windows
Private release channels

Talk to us about enterprise → enterprise@tunc.ai

Your private Tunc Core

https://core.acme.dev

Private

Workspaces

acme/*

Personas

acme.personas

Policies

acme.policy

Vault

private keys

Chats

your storage

Audit

your retention

Deploy On-premises AWS GCP Azure

Get Tunc Hub for Mac.

Tunc Hub ships as a macOS desktop app. Public installers are distributed as signed DMG files; in-app updates use signed Tauri updater artifacts served through Tunc Core release metadata.