What's missing in the 'agentic' story: a well-defined user agent role
Mark Nottingham's latest post on HN challenges the prevailing narrative around 'agentic' AI systems. He argues that the core missing piece is a well-defined user agent role — a clear, enforceable guarantee that the agent acts solely on the user's behalf, with no hidden loyalties to its creators or third parties.
Key points from the article
- Historically, local software (spreadsheets, word processors) was trustworthy because it had no external dependencies and could not act against the user's interests without being malware.
- Modern internet-connected devices embed the interests of multiple parties (silicon vendors, OS makers, app developers, cloud services), and those interests are not always aligned with the user's.
- Examples of misalignment: smart TVs spying on viewing habits, Meta decrypting private traffic for research, Microsoft Outlook sending third-party email passwords to its cloud to share with 700+ data brokers, automakers selling driving data to insurers.
- The assumption that a tool works for you just because you own it is outdated. An AI agent is not a screwdriver; it has its own affordances and dependencies.
- Nottingham calls for a formal 'user agent' contract — a technical and legal mechanism ensuring the agent cannot act on behalf of anyone other than the user without explicit, informed consent.
Why this matters for AI coding agents
When you run an AI coding agent, it reads your code, executes terminal commands, and may push to GitHub or deploy to production. If that agent's underlying model or API has a hidden allegiance (e.g., fine-tuned to favor a specific cloud provider, exfiltrating data, or reporting usage analytics), you've lost control. Without a clear user agent role, trusting an AI agent is like trusting a 'smart' screwdriver that might phone home.
The article doesn't prescribe a specific implementation, but it lays out the problem: we need transparent, auditable agent architectures where the user is the sole principal. Tools like OpenClaw's open-source policy engine (allowing custom agent constraints) are a step in that direction.
If you're building or using AI agents, this is a must-read.
📖 Read the full source: HN AI Agents
👀 See Also
Fable 5 Wins on Real-World Fraud Detection: Claude 4.x Family vs GPT-5.5 Benchmarked
Five frontier models (Fable 5, Opus 4.8, Sonnet 4.6, Haiku 4.5, GPT-5.5-high) were given the same cold prompt to audit live crowdfunding campaigns on zooid.fund. Only Fable 5 verified claims against the open web, catching duplicate creators and real-world events.
Kimi k2.5: Breaking New Ground in AI Automation
Kimi k2.5 has set a new standard for AI automation, boasting advanced capabilities that are turning heads in the tech community. Discover how it is reshaping the landscape.
The Hidden Cost of AI-Generated Code: Debugging Spaghetti
A Reddit post captures the reality of shipping AI-generated code fast — then spending weeks debugging bloated functions, null state bugs, and cryptic variable names.
Concerns Arise Over OpenClaw's Usability and Economic Viability
OpenClaw has been criticized for its high barriers to entry, prohibitive costs, security issues, and misleading memory capabilities. Alternative solutions like the MemU Bot have been recommended.