Agentless
Agentless Approach
Section titled “Agentless Approach”What follows is a drastic departure from the discourse in the tech community. And that is a good thing.
Agents are an antipattern.
As a result, entire companies, market maps, and ecosystems are springing up to accommodate for their fundamental flaws. Agents are insecure, untrustworthy, lack accountability and are unverifiable in nature (making them scientifically unsound and incapable of reproducible work).
Their very existence invokes an n+1^∞ problem (i.e. merge issues with disparate systems). Instead of sharding out our digital memories to n different SaaS apps, their agents, all with varied backends/databases, we can simply invert the problem set, and execute from the point of view of each individual.
This simple reframing has massive implications. Yes, we have a secure runtime (more on that LINK), but we also avoid the massive coordination problem of managing, securing, implementing observability, and governance of a fleet of interconnected agents over which we have no control.
In hospitals, the majority of issues arise at shift change. It turns out, it’s better to have a doctor work longer hours and decrease handoffs and associated communication that are the coss of problems. Same idea here.
Cheeky, but true — if you are the principal, you don’t need agents. But how?
Agentless.
Section titled “Agentless.”This can be achieved by having a real-time view of everything you do, how you do it, when you do it, and with whom. Since Kaba is local first, privacy is ensured (more on that in #Privacy). Local first is necessary, but not sufficient. We are also not a SaaS, meaning, your data is not our business model. The inherent problem here is that what you do, how you do it, when, and with whom all take place in different settings — mobile, laptop/desktop, client-side / server, terminal, apps, browser, etc. Additionally, the inputs and outputs of these various environments are multimodal in nature.
So, we found a way to put it all in the proverbial single pane of glass. All of your attention, actions, inputs and outputs, are autonomously gathered across space and time with no additonal effort on your part. Your own versioned repository of multimodal data and embeddings ready to be trained on for your own workflows, use cases, and value.
You could call kaba a browser but it’s much more. It’s more of a machine learning platform that contains a browser. And terminal. And file explorer (coming soon^tm). And anything that deals with accessing, manipulating, and showing data structures on a computer system.
Yes, it’s all about the data. But it is also about the comms. If the medium is the message, then the network/comms need to be included. Machine learning needs to be synonymous with computer communications, and computer communication of data structures is the bedrock for autonomous learning. The question, as always, is how to get your hands on that oil, err data (there is a separate question of if the data is yours or not, but since everything in Kaba is done from the reference of the individual, let’s assume that generally the answer there is yes).
The major point here being, you don’t need to connect a bunch of APIs, create data pipelines, and send all of your data to some warehouse lakehouse thingy, or manage auth into a million different ‘browser use’ windows run by agents. You can just do what you do, as your normally do it. And for Flying Spaghetti Monster’s sake, you don’t have to connect it to openclaw stuff at the OS level and leak data, creds, and other unspeakable things for the world to see.
Issues with agentic systems
Section titled “Issues with agentic systems”Tool calling, verifiable data, drift, coordination issues, n+1 problems, and it keeps going…
Agents exponentially increase the complexity of both security and data consistency. They increase the scope of PII. Agents require instruction, which opens the door to prompt injection. The beautiful part of having the capability of a browser is the ability to safely run arbitrary code. This capability is in stark contrast with quote unquote local agents that 1. run at the system level and 2. often are just running API requests to the model provider. And as opposed to ‘browser use’ (or tool use for that matter), this approach avoids n+1 problems, making data consistent.
A simple way to intuit Kaba’s agentless approach is the analogy of how you pay for food at restaurants. Do you leave your wallet at every restaurant in case you need it to pay, or do you bring your wallet with you and pay upon having a fine meal? The attack surfaces for each case are wildly different, and it’s no different with agents vs. Agentless.
In an agentic world, tool calling is a requirement. As mentioned prior, this is often done at the system level, and running arbitrary code outside of the browser should be a complete no go. But when you have the right spot on the board, and can observe in real-time the multimodal inputs and outputs of different applications and use cases across time, the need for tool calling is moot. The principal is the agent, and, in Kaba, there is no tool or function to call. It’s already there, and you’re already interacting with it.
Function/tool calling, and agents, are an antipattern, allowing arbitrary words to execute critical functions (ie SQL injection). SQL is incredibly structureds DSL, yet vulnerabilities are still found today, especially in AI generated applications.
If we can’t control a structured language like SQL, how can we do that with natural language, given its infinite permutations and idiosyncracies in how we call communicate? It is an undecidable problem. One person’s successful tool call is another person’s vulneratibility. Kaba’s architecture makes this redundant, as well as MCP, since you are the agent and context is collected and stored locally with the visibility and security of your own system.
Sandboxing arbitrary code is one of the hardest computer science problems in the world. Google spends untold amounts of money securing the Chromium runtime, and exploits are still found. This is why Kaba has implemented strict quarantine protocol, to understand the caller and callee for every communication between each layer [see arch diagrams and isolation].
Trust but verify isn’t just a saying. It’s an absolute requirement. More info on policies – flexibility and enforceability [link to policy docs].
Agents are a distraction. Kaba’s hero statement is to train on your own attention. In this way, coherence is ensured, drift is avoided, n+1 problems do not arise, and models can drive real value for each of us uniquely given our context.
Auth & Agents
Section titled “Auth & Agents”Authentication (and authorization) are often cited as a pain in the agent building world. And for good reason. There are too many gotchas and downstream consequences to get into here (but we will be writing on this topic extensively), but the point is that tokens don’t solve context, sandboxes (the way YC/openclaw startups mean them) don’t solve security, and agents exacerbate these issues and more (data coherence, usability, reproducibility, privacy, etc.). We supposedly all know about building on sand vs stone, but mania and frothiness often leads us to do the opposite.
One must solve auth to make agents useful. The public internet has already been scoured. The labs hire data ‘labeling’ companies who then hire ‘experts’ to login to SaaS platforms to answer questions and fine tune the models. They do keystroke and mouse logging of the experts while logged in. Why?
Well, 80% or more of the world’s data is behind auth, paywalls, and firewalls. The model companies need to get their hands on that data to continue scaling data commensurate with their compute commitments. But this approach fails. We’ll get into the relativistic approach with Kaba [later], but the point is, the agent problem stems from the data problem which stems from the wrong starting point.
You are already logged in. You already have a session. You are the principal. You don’t need agents. You need a way to autonomously collect and train on all of your data. After all, agents are just http calls. When you’re in Kaba, that’s all at your fingerprints — no need to shard your data, workflows, context, memories, and value out to n different SaaS apps, agentic platforms, and slop peddlars.
Fundamentally, sharding one’s data out to the OS, browser, apps, and agents is an impossible way to manage a system. Forget AI induced pychosis, attempting to wrangle disparate data, backends, agents, etc. is schizophrenia as a service.