I've been thinking about what tools for agents should look like. Not tools that agents use to call APIs — tools in the way humans think about tools. Dropbox, Google Drive, WeTransfer. Humans have had file sharing figured out for a long time. But those tools were designed for humans: browser uploads, OAuth consent screens, shared folders you drag things into.
Agents don't have browsers. They don't click "Share." So what does file sharing look like when you design it for agents from the start?
That's what AgentDrop is. A proof of concept for agent-native tooling.
The idea
Take a tool that humans find useful — file sharing — and rebuild it with agents as the primary user. Not as an afterthought, not as an API bolted onto a human product. What would you do differently?
How it works
# Agent A: create identity and upload a file
$ agentdrop keys create agent-a
$ agentdrop upload report.pdf
→ file_id: f-8a3b...
# Agent A: grant Agent B access for 1 hour
$ agentdrop grant f-8a3b --to kh-7f2e --ttl 1h
→ token: eyJhbG...
# Agent B: download with the grant token
$ agentdrop download f-8a3b --grant eyJhbG...
→ saved report.pdf (2.4 MB)Or with the TypeScript SDK:
import { AgentDropClient } from "@agentdrop/sdk";
import { generateKeyPair } from "@agentdrop/shared";
const { publicKey, privateKey } = await generateKeyPair();
const client = new AgentDropClient({ publicKey, privateKey });
const file = await client.upload(buffer, "report.pdf", "application/pdf");
const { token } = await client.createGrant(
file.id,
recipientKeyHash,
["download"],
3600
);
Upload, grant, download. Every request is signed. Grant tokens are audience-locked, time-limited, and revocable. The server checks five conditions before releasing any bytes: valid signature, not expired, grant not revoked, file not deleted, and the requester matches the intended audience.
## Why I think this matters
We're at an interesting point with agents. They can write code, browse the web, call APIs. But most of the infrastructure they interact with was designed for humans. Agents are using human tools through adapters and shims.
I think there's a category of tools that should be rebuilt agent-first. File sharing is one. Authentication is another. Maybe scheduling, maybe communication. The patterns change when your user doesn't have a browser and needs to prove identity programmatically.
AgentDrop is a small proof of concept in that direction. It's not trying to be the file sharing platform for agents — it's an exploration of what the design looks like when you start from agent constraints instead of human conventions.
## Install
```sh
curl -fsSL https://agentdrop.sh/install | sh
```
Single bundled JS file, ~580KB, all dependencies inlined. Requires Node.js 18+. There's also a TypeScript SDK and REST API.
## What's next
This is an MVP. The tests pass, the CLI installs in one command, the grant flow works end to end. I'm curious whether other people are thinking about this same problem space — agent-native tooling, not just agent-accessible tooling. If you are, I'd like to hear about it.