software

I Built an Open-Source Cowork in 24 Hours with ZERO Rust Experience — and the Agent Builts Itself

Published: (January 20, 2026 at 03:43 AM EST)
2 min read
Source: Dev.to

Source: Dev.to

I walked into this with exactly zero Rust experience and a stubborn belief: building an agent shouldn’t require a megachurch of frameworks. Twenty‑four hours later, I shipped a Rust‑native AI Agent desktop for non‑devs that compiled to a 16 MB binary, a simple while loop with Skills, MCPs supported, BYOK (Bring Your Own Key) and even local models!

The Stack

  • Rust – from zero to shipping in one day
  • Long‑term memory – file system as persistent, queryable context
  • Loop – a single while loop coordinating I/O and tool calls
  • Tools – built‑in file tools (read, write, bash) + MCP‑compliant providers (extensible)
  • Sandboxing – a simple Docker container isolates most risks

Secret Sauce

  • Keep state in plain files and directories.
  • Keep orchestration in a simple loop, not a framework.
  • Teach the AI to read and write its own operating context, in files.

What I Learned

1. You don’t need an agent framework

Frameworks often add unnecessary abstraction and complexity. A simple loop suffices:

  • Observe – read inputs, logs, and task files
  • Decide – ask the model for the next atomic action
  • Act – call a tool (MCP) or write to disk
  • Reflect – append outcomes to a local journal

2. The file system is all you need

Vector stores and RAG farms are great, but they can become speculative overhead.

  • Everything as files: tasks, plans, diffs, decisions, and logs live as plain text or JSON.
  • Modern RL‑trained models work well with Linux file systems.
  • Using the FS as “long‑term memory” makes persistence trivial and recoverability obvious.

3. The surreal mirror: AI coding reproduces itself

I used an AI agent (Claude Code) to help build the project. The Open Cowork is essentially a GUI with a Copilot‑like agent behind it, showing how an AI can reproduce itself in Rust.

4. Security as a first‑class citizen

Agents are powerful, but without boundaries they become liabilities. For non‑devs, security isn’t just a feature—it’s the foundation.

  • Hard sandboxing (e.g., Docker) and strict whitelisting of system commands or network calls keep the agent helpful, not a system threat.

Code Overview

The entire codebase can be summarized in the loop below:

Agent loop diagram

The project is open source:

Feel free to explore, try it out, and share any feedback!

Back to Blog

Related posts

Read more »

Top 5 CLI Coding Agents in 2026

Introduction The command line has always been home turf for developers who value speed, clarity, and control. By 2026, AI has settled comfortably into that spa...