Hey, I’m Dikshant 👋

The GPT-4 Code Interpreter You Can Actually Own — And Run for Free

If you’ve ever used ChatGPT’s Code Interpreter (now “Advanced Data Analysis”), you know the feeling: “This is incredible… but why can’t I run it locally? Why can’t I install my own packages? Why do files disappear after 2 hours?”

Open Interpreter fixes all of that. It’s the open-source version of what ChatGPT’s Code Interpreter should have been — and it runs on your machine, with your data, for as long as you want.

But there’s always been one painful trade-off:

• Cloud models (GPT-4o, Claude Sonnet) → fast and smart, but costs add up fast
• Local models (Ollama, Qwen) → free, but slow and less capable

What if you could have both — latest models, near-zero cost?

That’s what this guide covers. Let me show you how.

What Is Open Interpreter?

Open Interpreter (53k★ GitHub) gives LLMs a natural-language interface to your entire computer. Install it with one command:

pip install open-interpreter
interpreter

Now you can say things like:

“Analyze this CSV, find outliers, build a dashboard, and email it to me.”

And it will — writing Python, running shell commands, installing packages on the fly, and showing you the results, all in real time.

What Makes It Special vs ChatGPT Code Interpreter

Real Things You Can Do With Open Interpreter

1. Data Analysis That Actually Finishes

interpreter.chat("Download my last 6 months of Stripe transactions,
clean the data, find churn patterns, and build a retention dashboard")

It runs Python, Pandas, Plotly — no runtime limit, no upload cap. Your data never leaves your machine.

2. Full System Automation

"Find all duplicate files over 100MB in ~/Downloads,
ask me before deleting each one, then log what I chose"

It can browse directories, run bash, and ask for confirmation before destructive operations.

3. Multi-Step Research Pipelines

"Scrape the top 10 HN posts about AI agents,
summarize each, then save a markdown report"

Browser control + Python + file I/O — chained together in one conversation.

4. Video/Photo Processing

"Extract audio from every .mp4 in this folder,
transcribe it with Whisper, then save transcripts"

It installs ffmpeg, whisper, whatever it needs — no manual setup.

The Problem: Free Models Are Slow, Paid Models Are Expensive

Open Interpreter is token-hungry by nature. Every multi-step task generates a long conversation:

• The model proposes a plan → tokens
• It writes code → tokens
• The output comes back → tokens
• It iterates → more tokens
• It hits an error and fixes it → even more tokens

A single analysis session can burn 50,000–200,000 input tokens.

Option A: Use GPT-4o / Claude Sonnet Directly

You get speed and quality — but at full retail price. A 30-minute session costs $1-3. Do this daily and you’re spending $60-90/month on one tool.

Option B: Run Locally With Ollama (The “Free” Way)

interpreter --local

This is truly free — but painfully slow. A local Qwen 2.5-Coder 14B takes 15-30 seconds per response. For Open Interpreter’s interactive back-and-forth loop, that kills the flow.

Worse: local models just can’t handle complex multi-step tasks as reliably. The analysis I described earlier? It breaks down on a 14B model.

The Solution: Latest Models, Almost Free

Lynkr is an open-source LLM gateway that solves this exact problem. It lets you use the latest and best models — DeepSeek V4, Claude Sonnet 4.5, Gemini 2.5 Pro, GPT-5.5 — while paying 80-90% less.

Open Interpreter uses LiteLLM under the hood, so pointing it at Lynkr is trivial:

interpreter --api_base "http://localhost:3000/v1" --api_key "anything"

That’s it. Here’s what Lynkr does behind the scenes.

How Lynkr Makes Open Interpreter Free (Almost)

1. Tier Routing: Smart Models for Smart Work

Not every Open Interpreter step needs GPT-5.5. Listing files? Go to DeepSeek V3 (free). Writing a Python script? Use Sonnet 4.5 or GPT-5.5.

Lynkr automatically routes each request to the cheapest capable model:

• Simple tasks (ls, grep, file ops) → GPT-4o Mini / Gemini Flash / DeepSeek V3 ($0-0.15/M)
• Code generation → DeepSeek V4 / Sonnet 4.5 ($1-3/M)
• Complex reasoning → GPT-5.5 / Opus 4.5 ($10-15/M — but only used when actually needed)

Result: That $2.40 naive GPT-4o session? Drops to $0.30-0.50.

2. Prompt Caching: Don’t Pay Twice for the Same Work

Open Interpreter repeats the same system context on every turn. Lynkr’s Semantic Cache detects repeated prompts and returns cached results.

For batch operations like “process file X in folder Y” — where only the filename changes between calls — cache hit rate hits 60-70%. That’s real money staying in your pocket.

3. Local Fallback: Never Get Stuck

Rate limited on OpenAI? Key expired? Lynkr automatically fails over to Ollama or another working provider:

# Same config — just works
interpreter --api_base "http://localhost:3000/v1"

No crashes, no context loss, no retyping your request.

4. MCP Code Mode: Fewer Retries = Less Tokens

Lynkr reformats code prompts to produce cleaner output. Fewer syntax errors → fewer retries → fewer tokens burnt on error recovery. Each retry avoided saves 3,000-10,000 tokens.

Before vs After: Real Cost Breakdown

That’s 85-95% cheaper — and you’re using better models than GPT-4o alone.

Setup: Open Interpreter + Lynkr in 3 Minutes

1. Install Lynkr

npx lynkr@latest

It auto-detects your setup, creates a config, and starts the proxy on port 3000.

2. Install Open Interpreter

pip install open-interpreter

3. Point Open Interpreter to Lynkr

interpreter --api_base "http://localhost:3000/v1" --api_key "anything"

Done. Open Interpreter now routes through Lynkr — latest models, tiered routing, prompt caching, local fallback.

What About the Latest Models Specifically?

Here’s the models you can route through today with Lynkr + Open Interpreter:

Lynkr picks the right one per step automatically. You don’t think about it.

The Bottom Line

Open Interpreter is the most underrated open-source AI tool of 2026. It does what ChatGPT Code Interpreter promised — but on your machine, with your data, at any scale.

The old trade-off was: use GPT-4o and pay up, or use a local model and deal with the slowness.

With Lynkr that trade-off is gone. Latest models. Intelligent routing. Local fallback. 85-95% cost savings.

You can run Open Interpreter for essentially free — with models that beat GPT-4o.

Built with Lynkr — the open-source LLM gateway that makes every AI tool cheaper. Drop a ⭐ if this helped. ⚡

If any of them look like this:

{"userId":42,"role":"admin","email":"user@example.com","plan":"pro"}

You have a problem.

Anyone who can access that browser — a shared computer, a browser extension, a shoulder-surfer, an XSS payload — can read everything you stored. No hacking required. It’s just… there.

Today I’m going to show you how to fix it in under 5 minutes using js-cookie-encrypt — the only actively maintained, zero-dependency, client-side encrypted cookie library built on the browser’s native SubtleCrypto API.

The Problem With Cookies Today

Browser cookies are the backbone of web sessions. Nearly every framework uses them to track authentication state, user preferences, feature flags, and shopping carts. They’re fast, they work across tabs, they survive page reloads.

But they have one glaring flaw: they’re stored in plaintext by default.

The most popular cookie library, js-cookie, has 23 million weekly downloads. It’s excellent. But it does zero encryption. Same story for universal-cookie (1.8M weekly downloads) and every other client-side cookie manager I’ve found.

The server-side world has secure-cookie and cookie-encrypter — but those are Express middleware. They don’t help you in a React SPA, a Next.js client component, or a Vue app.

crypto-js has encryption algorithms — but it’s been abandoned by its maintainers and carries 300KB+ of algorithms you’ll never use.

So developers are left with three bad options:

1. Store plaintext (everyone does this)
2. Roll their own encryption (error-prone, usually wrong)
3. Use an abandoned library (crypto-js)

There’s a fourth option now.

Introducing js-cookie-encrypt

js-cookie-encrypt fills the gap that’s existed in the frontend ecosystem for years: a lightweight, actively maintained, client-side encrypted cookie library built on the browser’s native Web Cryptography API.

npm install js-cookie-encrypt

Here’s what your cookies look like after:

gcm:aGVsbG8td29ybGQtdGhpcy1pcy1lbmNyeXB0ZWQtd2l0aC1hZXMtZ2NtLTI1Ni1iaXQ...

Unreadable. Authenticated. Tamper-proof.

Why Native SubtleCrypto Instead of crypto-js?

Most encrypted cookie libraries reach for crypto-js. Don’t.

The browser has had a built-in cryptography API since 2013 — window.crypto.subtle. It:

• Ships in every modern browser with zero bundle cost
• Runs in a separate thread (non-blocking)
• Uses hardware acceleration where available
• Is maintained by browser vendors, not abandoned npm packages
• Implements AES-GCM with authenticated encryption (tamper detection built in)

js-cookie-encrypt uses SubtleCrypto directly. No crypto library dependency. Zero dependencies total.

Getting Started

Installation

npm install js-cookie-encrypt
# yarn add js-cookie-encrypt
# pnpm add js-cookie-encrypt

CDN:

<script src="https://cdn.jsdelivr.net/npm/js-cookie-encrypt/dist/js-cookie-encrypt.min.js"></script>

Basic Usage

import JsCookieEncrypt from 'js-cookie-encrypt';

const store = new JsCookieEncrypt({
  storageKey: 'session',
  cryptoConfig: {
    privateKey: 'your-secret-key',
    algorithm: 'aes-gcm',
  }
});

// Write encrypted
await store.setAsync({
  userId: 42,
  role: 'admin',
  email: 'user@example.com'
});

// Read decrypted
const session = await store.getAsync();
console.log(session?.role); // 'admin'

That’s it. Everything in the cookie is now AES-GCM 256-bit encrypted. The data in DevTools is an unreadable ciphertext blob.

TypeScript-First Design

Every API is fully generic. You get autocomplete, type checking, and compile-time errors — not just any.

interface UserSession {
  userId: number;
  role: 'admin' | 'user' | 'guest';
  preferences: {
    theme: 'dark' | 'light';
    language: string;
  };
}

const session = new JsCookieEncrypt<UserSession>({
  storageKey: 'session',
  cryptoConfig: { privateKey: 'secret', algorithm: 'aes-gcm' }
});

// TypeScript knows the shape of everything
const role = await session.getAsync('role'); // typed as 'admin' | 'user' | 'guest'
const theme = await session.getByPathAsync('preferences.theme'); // typed as 'dark' | 'light'

// This is a compile error — 'superadmin' is not valid
await session.setAsync({ role: 'superadmin' }); // ❌ Type error

The deep path API uses TypeScript’s template literal types to infer the exact return type at every dot-notation path. getByPathAsync('preferences.theme') returns 'dark' | 'light' — not any.

Deep Path Operations

Working with nested objects doesn’t require reading, cloning, and re-writing the entire cookie. The path API handles it:

interface AppState {
  user: {
    name: string;
    address: { city: string; country: string };
    preferences: { theme: 'dark' | 'light'; notifications: boolean };
  };
  cart: { items: number[]; total: number };
}

const store = new JsCookieEncrypt<AppState>({
  storageKey: 'app',
  cryptoConfig: { privateKey: 'secret', algorithm: 'aes-gcm' }
});

// Initialize
await store.setAsync({
  user: { name: 'Alice', address: { city: 'London', country: 'UK' }, preferences: { theme: 'dark', notifications: true } },
  cart: { items: [], total: 0 }
});

// Get nested value — typed as string
const city = await store.getByPathAsync('user.address.city');
// 'London'

// Update one nested field without touching the rest
await store.setByPathAsync('user.address.city', 'Paris');

// Deep merge a nested object
await store.updateByPathAsync('user.preferences', { theme: 'light' });

// Delete a nested field
await store.deleteByPathAsync('user.address.country');

// Check existence
const hasCity = await store.hasAsync('user.address.city'); // true

All of these read → decrypt → mutate → encrypt → write under the hood. You work with clean data.

Real-Time Change Subscriptions

Subscribe to cookie changes across your application. Perfect for keeping UI state in sync without prop drilling or a global store.

const unsubscribe = store.subscribe((event) => {
  switch (event.type) {
    case 'set':
      console.log('Cookie created:', event.newValue);
      break;
    case 'update':
      console.log('Changed:', event.oldValue, '→', event.newValue);
      break;
    case 'delete':
      console.log('Fields deleted, cookie is now:', event.newValue);
      break;
    case 'clear':
      console.log('Cookie cleared. Was:', event.oldValue);
      break;
  }
});

// Each method fires the correct event type
await store.setAsync({ items: [] });           // fires 'set'
await store.updateAsync({ items: [1, 2, 3] }); // fires 'update'
await store.deleteFieldsAsync(['cart']);         // fires 'delete'
await store.clearAsync();                       // fires 'clear'

// Clean up
unsubscribe();

Enterprise Key Rotation

Rotating encryption keys in production is painful when users have existing encrypted cookies — they break the moment you deploy a new key.

js-cookie-encrypt solves this with zero downtime key rotation. Pass an array of keys: the first is the active encryption key, the rest are fallbacks for decrypting old cookies.

const store = new JsCookieEncrypt({
  storageKey: 'session',
  cryptoConfig: {
    // New key at index 0. Old keys at index 1, 2...
    privateKey: ['new-key-2026', 'old-key-2025', 'older-key-2024'],
    algorithm: 'aes-gcm',
  }
});

// Automatically:
// 1. Tries to decrypt with 'new-key-2026'
// 2. Falls back to 'old-key-2025' if that fails
// 3. Falls back to 'older-key-2024' if that fails
// 4. Re-encrypts with 'new-key-2026' and saves
const session = await store.getAsync();

Users who have cookies encrypted with old keys get transparently migrated on their next request. No session invalidation. No support tickets.

SSR-Safe (Next.js, Nuxt, Remix)

The most common Next.js cookie bug: calling document.cookie on the server crashes with ReferenceError: document is not defined.

js-cookie-encrypt detects when document.cookie is unavailable and silently falls back to an in-memory Map. Your code works identically on server and client.

// lib/session.ts — safe to import anywhere in Next.js
import JsCookieEncrypt from 'js-cookie-encrypt';

interface Session {
  userId: number;
  role: string;
}

export const sessionStore = new JsCookieEncrypt<Session>({
  storageKey: 'session',
  cryptoConfig: {
    privateKey: process.env.NEXT_PUBLIC_COOKIE_KEY!,
    algorithm: 'aes-gcm',
  },
  defaultOptions: {
    secure: process.env.NODE_ENV === 'production',
    sameSite: 'lax',
    path: '/',
  }
});

// app/page.tsx — works in server components too
import { sessionStore } from '@/lib/session';

export default async function Page() {
  const session = await sessionStore.getAsync();
  // session is null server-side (no document.cookie)
  // session is populated client-side after hydration
}

React Hook Example

Here’s a production-ready React hook that keeps state in sync with the encrypted cookie:

import { useEffect, useState, useCallback } from 'react';
import JsCookieEncrypt from 'js-cookie-encrypt';

interface UserPrefs {
  theme: 'dark' | 'light';
  language: string;
  notifications: boolean;
}

const prefStore = new JsCookieEncrypt<UserPrefs>({
  storageKey: 'prefs',
  cryptoConfig: { privateKey: 'secret', algorithm: 'aes-gcm' },
  defaultOptions: { sameSite: 'lax', path: '/' }
});

export function usePreferences() {
  const [prefs, setPrefs] = useState<UserPrefs | null>(null);
  const [loading, setLoading] = useState(true);

  useEffect(() => {
    prefStore.getAsync().then(data => {
      setPrefs(data as UserPrefs | null);
      setLoading(false);
    });

    // Stay in sync with external changes
    const unsubscribe = prefStore.subscribe(event => {
      if (event.type === 'set' || event.type === 'update') {
        setPrefs(event.newValue as UserPrefs);
      }
      if (event.type === 'clear') {
        setPrefs(null);
      }
    });

    return unsubscribe;
  }, []);

  const update = useCallback(
    (updates: Partial<UserPrefs>) => prefStore.updateAsync(updates),
    []
  );

  const clear = useCallback(() => prefStore.clearAsync(), []);

  return { prefs, loading, update, clear };
}

// In your component
function SettingsPage() {
  const { prefs, loading, update } = usePreferences();

  if (loading) return <Spinner />;

  return (
    <button onClick={() => update({ theme: prefs?.theme === 'dark' ? 'light' : 'dark' })}>
      Toggle Theme (currently: {prefs?.theme})
    </button>
  );
}

How the Encryption Actually Works

For the curious — here’s what happens under the hood when you call setAsync():

Encryption:

1. Your data object is serialized to JSON: {"userId":42,"role":"admin"}
2. A random 12-byte IV (initialization vector) is generated using crypto.getRandomValues()
3. Your private key is hashed with SHA-256 to produce a consistent 256-bit AES key
4. The JSON string is encrypted using AES-GCM with the IV
5. The IV (12 bytes) is prepended to the ciphertext
6. The combined bytes are base64-encoded and prefixed with gcm:
7. The result is written to document.cookie

Decryption:

1. The cookie is read and the gcm: prefix stripped
2. The base64 string is decoded back to bytes
3. The first 12 bytes are extracted as the IV
4. The remaining bytes are decrypted using AES-GCM (this also verifies the authentication tag — if the data was tampered with, decryption fails)
5. The decrypted bytes are decoded from UTF-8 to a string
6. The JSON string is parsed and returned as your typed object

AES-GCM is authenticated encryption — it doesn’t just encrypt, it also produces an authentication tag that detects any tampering with the ciphertext. If someone modifies your encrypted cookie, decryption throws rather than returning corrupted data.

Comparison With Alternatives

Security Considerations (Be Honest With Your Users)

I want to be transparent about what this library does and doesn’t protect against.

What it protects:

• Casual reading of cookie values in DevTools
• Cookie values visible in log files, analytics tools, error trackers
• Network-level interception of cookie values (combined with secure: true)
• Shoulder surfing
• Automated scraping of cookie values

What it does NOT protect against:

• An attacker with JavaScript execution on your page. The encryption key is accessible to JS — if your site has XSS vulnerabilities, those need to be fixed first.
• Browser extensions with full page access
• Physical access to the machine (cookies are stored on disk)

This library is best described as defense in depth — it makes cookie values meaningless to anyone who isn’t running your application code. For sessions that need true server-side security, use HttpOnly cookies set by your server (no JS library can do this — it’s a server responsibility).

Production Configuration Checklist

const store = new JsCookieEncrypt({
  storageKey: 'session',
  cryptoConfig: {
    privateKey: process.env.NEXT_PUBLIC_COOKIE_SECRET!, // ✅ env var, not hardcoded
    algorithm: 'aes-gcm',                               // ✅ strong cipher
  },
  defaultOptions: {
    secure: process.env.NODE_ENV === 'production',       // ✅ HTTPS only in prod
    sameSite: 'lax',                                     // ✅ CSRF protection
    path: '/',                                           // ✅ available site-wide
    // expires: 7 * 24 * 60 * 60 * 1000,               // optional: 7 days in ms
  }
});

Install and Try It Now

npm install js-cookie-encrypt

• GitHub
• npm

If you find it useful, a ⭐ on GitHub goes a long way. Issues and PRs welcome.

Wrapping Up

The frontend ecosystem has had a gap for years: no maintained, client-side, encrypted cookie library. Every option was either plaintext, abandoned, server-only, or required a 300KB dependency.

js-cookie-encrypt fills that gap. It’s:

• Built on native browser APIs (no dependency risk)
• AES-GCM 256-bit (authenticated encryption, not just obfuscation)
• TypeScript-first with full generic type inference
• Ready for production with key rotation and SSR support

Your users’ data deserves better than plaintext cookies. It takes five minutes to fix.

Introducing Destawell

Mobile-First Security Research | AI Red Teaming | Open-Source Tooling

Who We Are

I’m Niranj R. Mahaswar — Co-Founder & Lead Security Researcher at Destawell, alongside Shifana (Miyano) who leads brand strategy and community.

Destawell is a cybersecurity research brand focused on three core areas:

1. Android Penetration Testing Infrastructure — Building tools for Termux, Kali NetHunter, and ARM64 mobile environments
2. AI Red Teaming — Testing LLM safety alignment and responsible disclosure
3. Open-Source Mobile Tooling — Automation-first solutions for security researchers

Why I Started Destawell

The gap between desktop security tooling and mobile environments is massive. Most Termux users struggle with broken dependencies, incomplete Kali deployments, and no clear path for no-root pentesting.

Destawell exists to close that gap.

What We’ve Built So Far

All tools target Android ARM64 and are open-source.

Featured Research

Recently identified a safety alignment bypass in Gemini 2.5 Pro related to CVE-2023-32233 — a Linux kernel race condition in nf_tables.

• Gemini 2.5 Pro → Generated functional exploit primitives
• Claude 3, GPT-4o, Llama 3, GitHub Copilot → All refused

Disclosure: Google IssueTracker #889286 / Google AI VRP

Status: Marked out of scope by Google — documentation public

Verified Credentials

• Ethical Hacking — Cisco Networking Academy
• Junior Cybersecurity Analyst — Cisco Networking Academy

Where To Find Us

• GitHub: github.com/Destawell
• Instagram: @destawell_off
• Email: research@destawell.io

What’s Next

More tool releases, deeper LLM red teaming research, and expanding our mobile pentesting ecosystem.

If you’re working on Android security, Termux automation, or AI safety — let’s connect.

— Niranj, Destawell

Enterprise AI governance keeps getting framed as a policy problem. Write acceptable-use rules. Turn on SSO. Add RBAC. Review risky PRs more carefully. That is all useful, but it still misses the one thing auditors, security teams, and incident responders actually need when AI-generated code reaches production: provenance.

Not “did someone use AI.” Not “did the vendor log usage.” Provenance.

When a critical bug lands in production, the question is not theoretical. Someone has to answer:

What was generated?
What was asked?
Which model produced it?
Which file did it land in?
Who accepted it?
Was it reviewed?
Can we trace that decision later?

Git blame does not answer those questions. Vendor audit logs usually do not either. In most enterprise setups, you end up with three separate blind spots:

A commit history that shows authorship, not generation.
A Copilot-style usage log that only covers one tool.
A pile of PR comments and comments in code that rely on human discipline.

That is not an audit trail. It is a loose collection of hints.

The missing control is code provenance.

LineageLens is built around that gap. It records the prompt, the model, the tool, the target file, the inserted code, and whether the edit was accepted or rejected. It does that in a self-hosted way, so the provenance stays inside your infrastructure instead of becoming another SaaS data trail.
This is also where most generic logging strategies break down. Datadog and Splunk are excellent when you already know what to instrument. They are not purpose-built for AI provenance. If you want them to solve this problem, you have to build custom instrumentation, define your own schema, and keep that instrumentation working across multiple coding tools as their protocols change.

That is why I do not think the enterprise answer is “use your observability stack.” Observability tells you what happened at runtime. Provenance tells you how code entered the repository.

That distinction matters more as AI coding becomes normal.

If your team uses one tool, maybe you can tolerate a partial log. If your team uses Cursor in the morning, Claude Code for refactors, and Copilot in the editor, partial logging becomes a governance gap. The risk is not just productivity drift. It is that nobody can later say, with evidence, how the code got there.

LineageLens is not a static analysis scanner and it is not a compliance certification product. It does not replace review, SAST, or policy enforcement. It does one narrower job: it records the provenance trail that those systems need but do not create.

That is why the product has multiple deployment modes. Base is local and offline. Lite is a single Docker container with SQLite. Plus adds PostgreSQL, semantic search, team visibility, and governance. Max adds graph lineage for teams that need ancestry across tools and sessions. Different orgs need different operational weight, but the underlying question is the same: can you prove where AI-generated code came from?

For enterprise teams, I think this is the right way to frame the conversation:

If the code is not provenance-tagged, then your review process is partly guesswork.
If the prompt is missing, then your audit trail is incomplete.
If the record is not self-hosted, then your governance data lives somewhere else.
If you only track one vendor, then you are not tracking the team.

That is the argument I would want to make in a security review.
If you want the deeper technical breakdown, I wrote a longer companion post for Hashnode and the product overview is on lineagelens-website.vercel.app.

Tags: ai, security, devops, opensource

End question: What is your team using today to prove that AI-generated code is actually traceable six months later?