How it works — visual gallery

The same diagrams shipped in the repo, served live. They trace one idea — the tool call as a syscall through a kernel the model doesn't control — from the architecture, through the security gate, to where the performance win comes from. The interactive playground and live chat exercise exactly this kernel.

The one idea

tool call flow through the kernel — A tool call enters as a syscall; the kernel adjudicates, then dispatches an allowed call.

master architecture — Master architecture — gate, adjudicator, context-MMU, and the owned KV cache.

agent tool firewall one-pager — fak as the agent's tool firewall, in one card.

The security gate

two-gate permission path — Two gates: a call-side capability floor and a result-side containment layer.

preflight offline adjudication — Preflight — policy + tool + args → verdict, offline, with no model in the loop.

claims vs reality proof map — Honesty map — which claims are SHIPPED vs SIMULATED vs STUB.

Where the speed comes from

adjudication latency cliff — In-process adjudication stays ~µs; a spawned external hook is milliseconds — the latency cliff.

shared prefix reuse — One shared prefix prefilled once, cloned into N agents — reuse scales with agents × turns.

performance spectrum — The performance spectrum: raw parity → measured reuse wins → agent-scale leverage.

SOTA comparison — Naive baseline vs a tuned baseline vs the kernel — measured, not naive-vs-us.

master frontier curve — The headline curve — turns saved as the fleet grows.

hero benchmark comparison — Hero benchmark comparison.