Deep Dive: Kontask Action API Architecture

Exploring the full capability spectrum for in-kontask actions

✓ Completed

on 7 Jan 2026, 5:53 pm

Output

🎯 Deep Dive: In-Kontask Action API

Going beyond prompt injection - what if kontask cards were full agents?

💡 The Key Insight

You're right - prompt injection is the current workaround, not the end goal. The "What's Next" buttons just stuff text into the input. But kontask cards could be mini-agents with direct access to the full capability stack.

📊 Capability Spectrum

L0 Prompt Injection ✓ Today

Button click → text in input → user presses send → Claude turn

L1 Auto-Submit Prompts ○ Easy

Button click → auto-submit to Claude → new turn starts immediately

L2 Direct Konui Actions ○ Medium

Button click → konui API directly (approve kontask, update status, navigate)

L3 Konsole Tool Execution ○ Hard

Button click → konsole executes single tool (Read, Bash, Grep) → returns result

L4 Embedded Agent Session ○ Complex

Kontask card runs its own mini-agent with scoped tool access

L5 gvShell Integration ○ Future

Kontask spawns gvShell flow with full agent capabilities

🤔 Design Questions

Q1: What's the interaction model?

🔄 Request-Response 📡 Streaming 🔥 Fire-and-Forget 🔁 Bidirectional

Q2: Where do results appear?

📋 Same kontask (update) 📝 New kontask 💬 Console output 🔔 Toast notification

Q3: What's the security model?

🔒 Scoped to kontask creator 👤 User's session permissions 📜 Declared capabilities 🛡️ Sandbox per kontask

Q4: How does state flow?

📦 Kontask is stateless 💾 Kontask has own state 🔗 Inherits session state 🌐 Shared workspace state

🎬 Concrete Examples by Level

L2: Direct Konui Actions

// FileTree component click handler
window.handleFileSelect = async (node) => {
  // Direct API call - no Claude needed
  await kontask.api.updateContext({
    selectedFile: node.path,
    previewContent: await kontask.api.readFile(node.path, { lines: 50 })
  });
  // Kontask card updates in-place with file preview
};

L3: Konsole Tool Execution

// Run grep from within kontask card
window.handleSearch = async (query) => {
  const results = await kontask.tools.grep({
    pattern: query,
    path: '/konnectvol/konui',
    type: 'ts'
  });
  // Results render in kontask card - no new turn
  kontask.render('searchResults', results);
};

L4: Embedded Agent Session

// Kontask spawns mini-agent for complex task
window.handleImplement = async (feature) => {
  // Spawn scoped agent with limited tools
  const agent = await kontask.spawnAgent({
    prompt: `Implement ${feature.name}`,
    tools: ['Read', 'Edit', 'Grep'],  // No Bash!
    scope: feature.files,
    budget: { maxTurns: 5, maxTokens: 50000 }
  });
  
  // Stream progress into kontask card
  agent.on('progress', (update) => kontask.appendProgress(update));
  agent.on('complete', (result) => kontask.showResult(result));
};

🏗️ Architecture Vision

┌─────────────────────────────────────────────────────────────┐
│                    KONTASK CARD                            │
│  ┌─────────────────────────────────────────────────────┐   │
│  │ Interactive Component (FileTree, Chart, etc.)       │   │
│  │                                                      │   │
│  │   onClick ─────────────────────────────────────┐    │   │
│  └──────────────────────────────────────────────────────┘   │
│                           │                                  │
│  ┌────────────────────────▼─────────────────────────────┐   │
│  │           kontask.api (Action SDK)                   │   │
│  │  ┌─────────┬──────────┬──────────┬──────────────┐   │   │
│  │  │ L1      │ L2       │ L3       │ L4          │   │   │
│  │  │ submit  │ konui    │ tools    │ spawnAgent   │   │   │
│  │  │ Prompt  │ API      │ Execute  │              │   │   │
│  │  └────┬────┴────┬─────┴────┬─────┴──────┬───────┘   │   │
│  └───────│─────────│──────────│────────────│───────────┘   │
└──────────│─────────│──────────│────────────│───────────────┘
           │         │          │            │
           ▼         ▼          ▼            ▼
      ┌─────────┐ ┌──────┐ ┌─────────┐ ┌───────────┐
      │ Console │ │Konui │ │Konsole  │ │ gvShell   │
      │ Input   │ │Router│ │ Tools   │ │ Agent     │
      └─────────┘ └──────┘ └─────────┘ └───────────┘

📦 The `kontask.api` SDK

Auto-injected into every kontask card. Provides graduated access:

// Always available
kontask.id                    // This kontask's ID
kontask.sessionId             // Parent session ID
kontask.context               // Read-only kontask context

// L1: Prompt submission
kontask.submit(prompt)        // Auto-submit to console
kontask.submitWithContext(prompt, data)  // Include structured data

// L2: Konui direct actions
kontask.navigate(path)        // Navigate dashboard
kontask.approve()             // Approve this kontask
kontask.reject(reason)        // Reject with reason
kontask.updateContext(data)   // Update this kontask's context
kontask.createKontask(spec)   // Create child kontask

// L3: Tool execution (requires capability)
kontask.tools.read(path)      // Read file
kontask.tools.grep(opts)      // Search code
kontask.tools.glob(pattern)   // Find files
kontask.tools.bash(cmd)       // Run command (if allowed)

// L4: Agent spawning (requires capability)
kontask.spawnAgent(spec)      // Launch scoped agent
kontask.joinFlow(flowId)      // Join existing flow

// UI helpers
kontask.render(id, html)      // Update element in card
kontask.appendProgress(msg)   // Add progress line
kontask.toast(msg, type)      // Show notification
kontask.loading(show)         // Toggle loading state

🛡️ Capability Declaration

Kontasks declare what they need upfront. Konui validates and enforces.

// When creating kontask, declare capabilities
await konui_create_task({
  type: "general",
  title: "Code Explorer",
  context: {
    capabilities: {
      level: 3,  // Max level allowed
      tools: ["Read", "Grep", "Glob"],  // Allowed tools
      scope: "/konnectvol/konui",  // Path restriction
      budget: { maxCalls: 10 }  // Rate limiting
    },
    output: "...interactive file browser..."
  }
});

🎯 Summary: What Are We Building?

Not just an action API - a graduated capability system that lets kontask cards range from simple buttons (L0) to embedded agents (L4), with proper security at each level.

This is the bridge between "kontasks as static cards" and "kontasks as mini-agents" that can do real work without spawning full Claude turns.

Quick Actions

Original Request

🎤 Kontask Action API Architecture

Designing the capability spectrum for in-kontask actions

0/4 answered

Q1 ○

Which capability level should we prioritize first?

L0-L1 are done. L2 is direct konui API. L3 is tool execution. L4 is embedded agents.

L2: Direct Konui Actions (navigate, approve, update) L3: Konsole Tool Execution (Read, Grep, Glob) L4: Embedded Agent Sessions (spawn mini-agents) Build L2-L3 together as foundation

Q2 ○

Where should action results appear?

This affects UX and architecture significantly

Update the same kontask card in-place Stream to console output Create new kontask for results Hybrid: small results in-card, big results as new kontask

Q3 ○

How should we handle capability permissions?

Security model affects implementation complexity

Inherit from user session (simple) Declared per-kontask with validation (explicit) Sandbox per kontask (isolated) Start simple, add sandboxing later

Q4 ○

Should this be konui-only or prepare for gvShell?

gvShell is the Go rewrite coming next

Konui-only for now (ship fast) Design API contract for gvShell compatibility Build abstraction layer from day 1

✓ All questions answered - ready to submit!

Click to send all answers to Claude for implementation planning

Details

Type Design Interview

Status Completed

Scope vibetools

Tags kontasksapiarchitectureinterview

Created 7 Jan 2026, 5:53 pm

Timing

⏱️ 122.8s

0 tools

● TTFE 0% ● Thinking 100% ● Tools 0%