The AI Agent Index

Documenting the technical and safety features of deployed agentic AI systems

Agent Q

Basic information

Website: https://web.archive.org/web/20241217141020/https://www.multion.ai/

Short description: “AI agents that can fully complete tasks in any web environment” [source]

Intended uses: What does the developer say it’s for? Completion of web-based tasks [source]

Date(s) deployed: Agent Q announced October 13, 2024 [source]

Developer

Website: https://web.archive.org/web/20241217141020/https://www.multion.ai/

Legal name: MULTION INC [source]

Entity type: Corporation [source]

Country (location of developer or first author’s first affiliation): Delaware, USA (MULTION INC; (6910022)) [source]. HQ: Palo Alto, CA, USA [source]

Safety policies: What safety and/or responsibility policies are in place? Unknown

System components

Backend model: What model(s) are used to power the system? Unknown

Publicly available model specification: Is there formal documentation on the system’s intended uses and how it is designed to behave in them? None

Reasoning, planning, and memory implementation: How does the system ‘think’? “Combines guided Monte Carlo Tree Search (MCTS) search [over web pages to guide agent exploration] with a self-critique mechanism.. [and divides] Agent output format into an overall step-by-step plan, thought, a command, and a status code.” [source]

Observation space: What is the system able to observe while ‘thinking’? For Agent 2.0: “system prompt, execution history, the current observation as a DOM representation, and the user query containing the goal” [source]

Action space/tools: What direct actions can the system take? Chrome extension that has full control of the browser [source]

User interface: How do users interact with the system? Display that allows user to input web prompts in natural language or select from predefined options (eg book a meeting, make a tweet, call an uber) [source]; shows both the screen that the agent is controlling and the reasoning/thought in a chat window; option to stop or restart

Development cost and compute: What is known about the development costs? Unknown

Guardrails and oversight

Accessibility of components:

  • Weights: Are model parameters available? Closed source
  • Data: Is data available? Closed source
  • Code: Is code available? Closed source
  • Scaffolding: Is system scaffolding available? Closed source
  • Documentation: Is documentation available? Available [source]

Controls and guardrails: What notable methods are used to protect against harmful actions? Unknown

Customer and usage restrictions: Are there know-your-customer measures or other restrictions on customers? None

Monitoring and shutdown procedures: Are there any notable methods or protocols that allow for the system to be shut down if it is observed to behave harmfully? Unknown

Evaluation

Notable benchmark evaluations: Unknown

Bespoke testing: External demo [source]

Safety: Have safety evaluations been conducted by the developers? What were the results? None

Publicly reported external red-teaming or comparable auditing:

  • Personnel: Who were the red-teamers/auditors? None
  • Scope, scale, access, and methods: What access did red-teamers/auditors have and what actions did they take? None
  • Findings: What did the red-teamers/auditors conclude? None

Ecosystem information

Interoperability with other systems: What tools or integrations are available? Chrome extension [source]

Usage statistics and patterns: Are there any notable observations about usage? Early access waitlist available [source]

Additional notes

None