The Stoa Labs thesis
Last reviewed · July 2026
Bounded autonomy
Autonomy should be allocated capability by capability and earned through evidence. Engineering that allocation is the discipline agentic AI needs.
Not every problem needs an agent.
Some work is stable, enumerable, and better expressed as deterministic software. Adding a model to it introduces uncertainty without creating enough value. Other work depends on interpretation, synthesis, planning, or recovery across cases that resist enumeration. That is where model judgment can earn its place.
The first design decision is therefore not how autonomous an agent should be. It is whether each capability should use model judgment at all.
The second decision is how much authority that capability should receive. A system may be trusted to read a record, classify it, and draft a response while remaining unable to send the response, change authoritative data, or spend money. Treating the whole agent as either trusted or untrusted hides the decisions that matter.
Our thesis is bounded autonomy: useful agentic behavior exists inside explicit limits on information, authority, time, tools, and side effects. Those limits are enforced where possible, verified continuously, and paired with a credible recovery path. Better models can move a boundary, but they do not remove the need to decide where it belongs.
The principle at the center is simple:
Autonomy is earned per capability, not granted per agent.
Stoa Labs calls the discipline of making that principle operational Boundary Engineering. It asks five questions:
- Suitability: Should this capability use model judgment at all?
- Authority: What may it observe, propose, approve, and execute?
- Execution: Which limits must the runtime enforce deterministically?
- Verification: What evidence establishes that it performed acceptably?
- Recovery: What happens when it is uncertain, wrong, unavailable, compromised, or outside its authority?
The answers have a concrete shape. Model judgment is reserved for the work that benefits from it. Typed contracts, permission checks, state rules, and policy gates protect the consequential edges. Outcome-level evaluations determine whether the work succeeded. Escalation, rollback, and containment limit what happens when it does not.
These decisions are recorded per capability. Authority expands only when explicit evidence supports it, and it contracts when a regression, boundary violation, security event, invalidated evaluator, or changed operating context makes the earlier evidence insufficient. A model upgrade alone never silently grants more authority.
This is not a maturity ladder whose destination is maximum autonomy. Some capabilities should remain deterministic. Some should always require approval. Some should never be automated. The goal is not to remove people or controls from a system. The goal is to place judgment where it creates value and make the authority around it legible, enforceable, and recoverable.
The frontier will keep moving. Models, harnesses, tools, policies, threats, and business processes all change where a boundary belongs. That is precisely why boundaries must be measured rather than assumed and revisited rather than declared once.
The Stoic connection is not that ancient philosophy anticipated software agents. It is a shared discipline of attention: distinguish what can be governed from what cannot, then act deliberately within that distinction. The Stoa Poikile was a public meeting place and the classroom associated with Zeno and his followers. Stoa Labs takes the stoa as a model for technical inquiry conducted openly and close to working life, with claims revised when the evidence changes.
So that is the bet. The teams that create lasting value with agentic AI will not be the ones that maximize autonomy. They will be the ones that can explain, enforce, verify, and revise the authority of every consequential capability.
Stoa Labs is being built to develop that discipline.