Agent OS

What is an Agent OS?

An Agent OS (Agent Operating System) is a software platform that applies traditional operating system principles — process isolation, permission management, inter-process communication, and resource scheduling — to AI agents. Just as desktop and mobile operating systems provide a trusted layer between applications and hardware, an Agent OS provides a trusted layer between AI agents and user data.

The concept gained prominence through Dreamer, founded by former Stripe CTO David Singleton, where a personal “sidekick” agent acts as the kernel. Third-party agents operate like user-space applications, requesting resources and permissions through the sidekick rather than accessing data directly. This mirrors the ring-based security model of traditional operating systems.

Key Characteristics

• Trust mediation: A central agent (the “kernel”) validates all inter-agent interactions and enforces user-defined permissions
• Agent isolation: Individual agents cannot directly access each other’s data or capabilities without going through the mediation layer
• Tool abstraction: Common capabilities (web search, email, calendar) are exposed as platform-level tools that any agent can request access to
• Composability: Agents can delegate tasks to other agents through the kernel, enabling complex workflows from simple building blocks
• Developer ecosystem: Tool builders and agent creators publish to a shared marketplace, similar to an app store

Why Agent OS Matters

As AI agents move from single-purpose copilots to autonomous systems that manage email, schedules, finances, and workflows simultaneously, the same coordination problems that operating systems solved for applications arise again. Without a trust layer, agents accessing user data “willy-nilly” create privacy and security risks that block mainstream adoption.

The Agent OS paradigm also unlocks network effects: agents built by different developers can compose into workflows that no single developer could build alone, but only if there’s a shared platform providing identity, permissions, and communication primitives.

Historical Context

The term draws on decades of OS design thinking. David Singleton explicitly invokes the ring-based security model (kernel mode vs. user mode) and the app store ecosystem he helped build on Android at Google. The key insight is that the same patterns that made mobile apps trustworthy and composable at scale apply directly to AI agents.

Related Reading

• David Singleton - Architect of Dreamer’s Agent OS
• Agent Platforms - The broader trend toward agent marketplaces