Buildkite vs Dust
Side-by-side trajectory, velocity, and editorial themes.
AI-agent skills and OAuth Token Exchange land — Buildkite is courting both Claude/Cursor users and security teams.
Buildkite is shipping in two strong directions at once. On platform/security: OAuth 2.0 Token Exchange (RFC 8693) replaces long-lived API tokens with IdP-minted short-lived ones, and per-user API rate limits stop one runaway script from starving an org's quota. On surface area: official Buildkite skills for Claude Code, Cursor and similar AI coding agents teach agents how to use the platform, plus broader GitHub event triggers for incremental Actions migration. Smaller UX work (new build page list view, queue search, cluster sort) rounds out a heavy ship cadence.
Two arcs are converging: lowering the on-ramp for teams migrating off GitHub Actions (more triggers, agent-friendly skills, cleaner UI) and meeting the security posture larger customers ask for in procurement (short-lived tokens, scoped per-user limits). The agent-skills release in particular signals Buildkite expects pipeline configuration to increasingly be authored or modified by AI agents, and is moving to teach them in Buildkite's own voice.
Expect more skills coverage across specific Buildkite features (dynamic pipelines, OIDC federation patterns) and follow-on auth work — OIDC-based agent authentication, finer scopes on exchanged tokens. The GitHub Actions migration push will likely add equivalents for less common triggers (deployments, workflow_dispatch) to remove remaining excuses to stay.
Dust is widening the agent-platform surface: multimodal tools, enterprise audit, model breadth.
Dust is shipping at a fast clip on three fronts that together define a serious agent platform: model breadth (Gemini 3.5 Flash, Grok 4.3, refreshed Anthropic lineup), agent capability (MCP tools can now return images the agent can actually see, plus context compaction for long runs), and enterprise readiness (workspace audit logs streamable to Datadog, Splunk, or any HTTPS sink). Integrations are getting versioned upgrades on the side (Asana MCP v2, Gmail labels and archive). The product is moving from 'chat with an agent' toward 'run agents in production with observability and multimodal I/O.'
Two clear directions: deeper enterprise GTM via SIEM-grade audit, and a more capable agent runtime that can see, remember, and act inside third-party SaaS. The MCP-image release in particular treats Model Context Protocol as a real I/O surface rather than a text-only RPC, which is where the broader MCP ecosystem is heading. Frequent model rotations suggest Dust is positioning as model-agnostic infrastructure rather than locking into one provider.
Next moves likely lean into the same arc: more MCP integrations with action verbs (write/delete/transition states), expanded multimodal returns (audio, structured documents), and finer-grained admin controls layered on top of the audit foundation - tool-usage policies, per-agent egress rules, or approval workflows.
See more alternatives to Buildkite →
See more alternatives to Dust →