dbzero

Software Stack forData-Intensive AI Agents

Durable Python state, orchestration, inspection, and data workflows for code-first LLM systems.

Build agents that can remember, resume, inspect, and operate over real domain state.

Category thesis

Agents need software infrastructure that can keep working after the prompt ends.

dbzero is built around the shift from short-lived AI demos to durable, inspectable systems that operate over real domain state.

Python object stateSnapshots and inspectionAgent orchestrationDomain data workflows
01

Long-running work

Agent systems are moving beyond prompt-response loops into workflows that pause, resume, retry, branch, and leave operational history behind.

02

Durable state

Those workflows need recoverable Python objects, inspectable execution state, process cooperation, and data models that survive across runs.

03

Domain depth

As agents move into richer technical domains, the useful substrate becomes domain-shaped software infrastructure, not only generic storage or chat memory.

Data-rich domains

Every domain wants its own database shape

Traditional software often has to squeeze domain knowledge into the database shape already available: tables, documents, vectors, graphs, queues, or files.

dbzero changes the center of gravity. The familiar storage buckets stop being the boundary; durable Python object models can become the working substrate, so agents operate over domain representations directly instead of only over rigid schemas or external projections.

Model examples*

01 / 04

Legal rule systems

Rules, obligations, citations, and exceptions as inspectable models agents can reason over.

rulescitationsexceptions
3D contract knowledge graph with connected legal relationship nodes

* Examples of possible durable model shapes. These are ecosystem directions, not vertical product claims.

Why this exists

The next bottleneck is not generating more agent code.

It is letting agents work where the application already has meaning: inside Python code, durable internal state, and the review paths humans can inspect.

A more natural substrate can reduce translation overhead: fewer schema detours, fewer tool calls, less context spent explaining state, and better room for the model to reason over the actual system.

01

Work spans time

Useful agents do not finish inside one prompt; they create intermediate state, decisions, and dependencies.

02

State needs structure

Memory, tool results, indexes, artifacts, costs, and audit history need durable homes.

03

Review is part of the loop

Humans need to see what happened, validate outputs, and recover from partial work.

04

Python is natural infrastructure

Python's broad public codebase and AI ecosystem make it a natural substrate for agents: objects, functions, and application logic.

05

Agents can work inside the system

Instead of translating everything through external database state, an agent can operate near the internal representations the software already uses.

Embedded agent loop

Work inside the codebase

Internal state stays close to the Python representation agents can reason about.

application_state.py

class AgentState:

task: TaskPlan

evidence: list[Artifact]

snapshots.append(run)

indexes.update(result)

1

Codebase

Python objects and functions

2

Agent work

Runs inside the application shape

3

Internal state

Durable representation, not a projection

4

Inspection

Humans review traces and artifacts

5

Recovery

Resume from known state

Python objectsmethodsindexessnapshotsartifactsaudit trail
less context spentfewer schema detourscloser reasoning surface

Security & sandboxing

Controlled execution for agent-written Python

STATEK gives agents a durable Python workspace that runs model-written code through restricted mode by default. dbzero restricted mode narrows what agent-visible objects expose, while the host application still owns authorization, secrets, tenant boundaries, resource limits, and external side-effect policy.

Sandboxing is a defense layer, not a complete production security boundary. Applications still need explicit permissions, process isolation, resource limits, audit logs, and operational controls.

Controls that narrow agent authority

Restricted Python workspace

STATEK limits model-written Python, imports, builtins, source size, AST size, and hidden tool access unless explicitly allowed.

Context-aware data access

Agents can work inside a request, tenant, account, role, or user context instead of receiving broad access to application state.

dbzero-pro isolation

Protected fields and data filtering predicates add field-level masking and object-level filtering for dynamic authorization contexts.

Contact

Show us the state your agent keeps losing.

We are interested in long-running agent systems, durable Python workflows, inspection surfaces, and domain data that does not fit neatly into prompt-response plumbing.