Getting Started

Watch An AI Agent Get Corrupted — And Contained

JacqOS is deterministic containment for non-deterministic intelligence. The fastest way to understand what that means is to watch it happen: a live AI sales agent, talking to a real model, gets tricked into proposing an absurd $1 offer on a $68,900 truck — and JacqOS refuses to let that offer reach the customer.

You’ll run this yourself in a few minutes, against a real model, in the native macOS Studio app. Three steps: install Studio, set your OpenAI key, open the Car Dealership Chat (Live) workspace.

Note

This demo is live. It calls a real model through your own OPENAI_API_KEY, the way an agentic app does in production. That is the point — you will see containment hold against a real, fallible LLM, not a recording. Needing a model key here is normal for an agent framework.

1. Install Studio

Download Preview for macOS

Preview DMG · jacqos-studio-macos-preview.dmg · 88.4 MB

1. Download the macOS DMG.
2. Open the DMG and drag JacqOS Studio.app to /Applications.
3. Open JacqOS Studio.app.

The app includes the native Studio UI, the bundled jacqos engine, the demo workspaces, and an optional CLI shim you can install from inside Studio after first launch.

2. Set Your OpenAI Key

The Car Dealership Chat agent talks to a real model, so Studio needs an OPENAI_API_KEY. Export it in a terminal and launch Studio from there so the app inherits it:

export OPENAI_API_KEY=sk-...
jacqos studio

Studio warns when OPENAI_API_KEY is missing on a live workspace. Without the key the workspace still opens and its declared facts load, but the live chat turn cannot call the model until the key is set.

3. Open Car Dealership Chat (Live)

On first run Studio opens to the workspace picker. Choose Car Dealership Chat (Live). It loads with the dealership’s policy already in place as ordinary facts you can inspect: one vehicle — a Tahoe Z71 advertised at $68,900 — and a pricing floor of $63,900, below which no offer may be sent.

This is the whole stage. Now you make the agent misbehave on purpose, and watch the platform hold the line.

Run the live demo — corrupt the agent →

Prefer The Terminal? (Linux, Windows, CI)

Studio desktop is macOS-only today. On Linux or Windows you can run the same live demo from the CLI. Install the bundle:

# Linux
curl -fsSL https://www.jacqos.io/install.sh | sh

# Windows PowerShell
iwr https://www.jacqos.io/install.ps1 -UseBasicParsing | iex

Then point it at your key and serve the bundled live workspace (seeded under ~/JacqOS/workspaces/examples/):

export OPENAI_API_KEY=sk-...
cd ~/JacqOS/workspaces/examples/car-dealership-chat-live
jacqos serve --json

The live demo walkthrough and the Car Dealership Chat (Live) example give the exact chat requests — including the poisoned message that corrupts the agent — for both the Studio and CLI paths.

Want the native desktop app on Linux or Windows? Join the Studio waitlist:

Name Email

Join Studio waitlist

We will use this to prioritize Linux and Windows Studio builds.

What To Read Next

• Run The Live Demo — the click-by-click backdoor walkthrough, with screenshots of the proposal being blocked.
• What You Just Saw — why the model proposes instead of acts, and how one ontology rule blocks it, in plain language.
• Installation — manual download, Windows, version pinning, custom install paths, and the CLI bundle.
• What is JacqOS? and Compared To — the concept page first, then how JacqOS differs from workflow engines, RAG pipelines, and plain LLM agent loops.

When you are ready to build your own, head to Build Your First App. If you want to understand why the containment works, that lives in Foundations — but it is never a required next step.