Rebel is a desktop AI workspace for agentic work. It connects your memory, meetings, files, actions, automations, and tools so AI agents can help with real work — while keeping sensitive actions behind approval checks. Built Fair Source, with portable workflows and model choice.








The planner/worker/background-safety-classifier split is a genuinely interesting routing decision. When the safety classifier and planner disagree on risk - does planner intent override a conservative flag, or does the classifier always win?
Mindstone Rebel
@taylor_time Hi Kevin, Rebel is designed to never overwrite the safety controls. If the planner wants to do something that your safety settings prohibit, it has to stop and ask you. If you decide not to approve the action, then the planner will work with you on what to do instead.
@liam_collins2 That's nice and clean. Does the planner surface why it flagged something, or is it a silent hard gate?
Mindstone Rebel
@taylor_time Yes absolutely. The user sees an approval notification explaining what the agent was trying to do and why it felt it needed to ask for approval.
Mailwarm
What kinds of actions can Rebel actually execute today, like email and calendar, or internal app automations?
Mindstone Rebel
@thamibenjelloun Hi Thami. It can do lots! Read, draft, send emails and create calendar events for sure. But so much more too. Rebel has 137 (and counting) Connectors to tools like Salesforce, Notion, Zoom, Slack meaning Rebel can be empowered to do tonnes of real work for users.
Mindstone Rebel
@thamibenjelloun There are a number of things that Rebel can do that we don't think anything else can:
- Manage multiple connectors of the same kind (e.g. multiple email addresses, calendars, Slack workspaces, etc
- Figure out what's most relevant in a given conversation, and just do the right thing
- Privacy-first - we do not touch any of your proprietary data by default
- Keep track of the things you need to do in its own internal "Actions" list (or sync with an external todo app via MCP)
- Automations
- Mobile app (in beta) that works with your computer off (via hosted or self-hosted cloud)
- Work across multiple providers and multiple models
- And lots of other things (e.g. safety approval) covered elsewhere in this thread
Mindstone
A bit of personal context on why I care about this so much.
I don't use Rebel as a demo environment. I run a large part of my work through it.
Most days, that means speaking rather than typing: meeting prep before important calls, catching the follow-ups I would otherwise delay, pulling together context from email, calendar, Slack, docs and old conversations, drafting things in my voice, and challenging assumptions before something goes to a customer, investor or the team.
The shift for me has not just been "the same work faster", but more that I can now do work at the level I always wanted, but often did not have the time or attention for. Better prep. Better follow-through. More context. Less living out of my head.
This is also why fair source matters to me.
If an agent is going to sit this close to my actual work (memory, tools, approvals, the messy context of their day) trust cannot just be a brand promise. People should be able to inspect it, run it themselves, and understand the boundaries.
Rebel started as my own operating system for work, and I wouldn't be able to do my job without it today. Opening it up feels like the right next step.
Tried out Rebel across our internal ops and the approval gating is the part that actually changed how we work — most agent setups force you to choose between "full autonomy and pray" or "so locked down it's useless," and the ask-first middle ground is what finally let us point agents at real workflows instead of toy demos. The fact that it's aware of the original query when deciding what's risky (sending an email is fine if I asked for it, sketchy if I asked for research) is a small detail that removes a ton of approval fatigue in practice. Pairing that with model choice + local-first means we're not re-architecting every time a provider changes pricing or limits. Genuinely useful! thanks
Mindstone
@robin_de_lacroix very happy it's useful! please let us know what you'd want us to focus on next :)
Congrats to the whole Mindstone team, this is a serious piece of work! Really like the approval layer being impact-aware, writing to a shared space treated as riskier than a private one is the kind of detail most agent tools never bother with. We've been building an agent that takes real actions and know the gate is the hardest thing to get right, too loose and its dangerous, too tight and nobody uses it. Rebel learns rules from approvals instead of re-asking forever and you clearly ran this on a lot of real work - very impressive. Another great thing is tool-level permissions like an email MCP that can draft but not send - IMO exactly the granularity people actually need. Nicely done!
Mindstone
@artstavenka1 thanks! please let us know what you'd like to see next! :)
The ask-first default is strong. The piece I’d want durable is the rule change after an approval: original action, future scope, who accepted it, and when it should expire or be reviewed. Otherwise learned permissions can quietly become permanent permissions. Are those rule updates inspectable later?
Mindstone Rebel
My favourite thing about Rebel is the way the memory works - learns as you go, and shares its memories with other Rebels (e.g. throughout your company).
The interesting part is how it works to judge which memories should be shared and with whom, and which should be kept private. And it asks if it's unsure.
@greg_detre The shared-memory model is the most interesting part to me ! But how does it make that call in practice: is shareability classified by content, set by the user, or learned over time? And what's the recovery path if something goes wrong?
Mindstone Rebel
@clement_avq Those are great questions:
- Yes, it's based on the content, but also based on your profile instructions (we call it the `Chief-of-staff` README).
- You can easily see which memory files have been shared where.
- We run a bunch of evals to try and tune this.
- You can define Spaces (e.g. company-wide, personal, voluntary work, specific teams), with different levels of sensitivity. It's obviously much more careful with shared than private spaces.
- And it works with our safety-approval UI, so you can start to give it rules to help it adapt over time.
This is an actively evolving area, as we try and strike the right balance between automation, transparency, and confirmation.
@greg_detre thanks for the quick feedback, really interesting !