Setting up your AI workspace

You will spend the rest of this course calling models from code. This lesson sets up a workspace you can reuse for every project so that secrets stay safe, dependencies stay clean, and your first call works on the first try.

Overview

A good AI workspace has three parts: an isolated environment so project dependencies do not collide, a place for secrets that is never committed to git, and a verified connection to at least one model provider. We will use Python here, but the same ideas apply to Node and any other stack.

Key ideas

Isolate the project

Create a folder, a virtual environment, and install only what you need. This keeps versions predictable and avoids the "works on my machine" trap.

mkdir ai-workspace && cd ai-workspace
python3 -m venv .venv
source .venv/bin/activate
pip install anthropic python-dotenv

Keep secrets out of code

An API key is a password. If it lands in a public git repo, it will be scraped and abused within minutes. Put keys in a .env file and add that file to .gitignore before you ever commit.

# .env  (never commit this)
ANTHROPIC_API_KEY=sk-ant-your-key-here

# .gitignore
.env
.venv/

Make your first call

Load the key from the environment and send one message. If this prints a reply, your workspace is ready.

import os
from dotenv import load_dotenv
from anthropic import Anthropic
 
load_dotenv()
client = Anthropic(api_key=os.environ["ANTHROPIC_API_KEY"])
 
message = client.messages.create(
    model="claude-sonnet-4-6",
    max_tokens=200,
    messages=[{"role": "user", "content": "Reply with just: workspace ready"}],
)
 
print(message.content[0].text)

Know your limits and costs

New accounts have rate limits (requests and tokens per minute) and spend caps. Set a billing alert early so a runaway loop during development does not surprise you. Read the error body when a call fails — providers return a clear reason, such as rate_limit_error or authentication_error, which tells you exactly what to fix.

Quick recap

Use an isolated environment per project to keep dependencies clean.
API keys are passwords: store them in .env, gitignore it, never commit.
Verify the setup with one small call before building anything.
If a key leaks, rotate it immediately rather than hiding it.
Set billing alerts and read error bodies — they name the exact problem.

Overview

Key ideas

Isolate the project

Create a folder, a virtual environment, and install only what you need. This keeps versions predictable and avoids the "works on my machine" trap.

mkdir ai-workspace && cd ai-workspace
python3 -m venv .venv
source .venv/bin/activate
pip install anthropic python-dotenv

Keep secrets out of code

An API key is a password. If it lands in a public git repo, it will be scraped and abused within minutes. Put keys in a .env file and add that file to .gitignore before you ever commit.

# .env  (never commit this)
ANTHROPIC_API_KEY=sk-ant-your-key-here

# .gitignore
.env
.venv/

Make your first call

Load the key from the environment and send one message. If this prints a reply, your workspace is ready.

import os
from dotenv import load_dotenv
from anthropic import Anthropic
 
load_dotenv()
client = Anthropic(api_key=os.environ["ANTHROPIC_API_KEY"])
 
message = client.messages.create(
    model="claude-sonnet-4-6",
    max_tokens=200,
    messages=[{"role": "user", "content": "Reply with just: workspace ready"}],
)
 
print(message.content[0].text)

Know your limits and costs

Quick recap

Use an isolated environment per project to keep dependencies clean.
API keys are passwords: store them in .env, gitignore it, never commit.
Verify the setup with one small call before building anything.
If a key leaks, rotate it immediately rather than hiding it.
Set billing alerts and read error bodies — they name the exact problem.