we predicted the breach. now we're building what comes next.
In September 2024 we published warnings about Salesforce credential security. Eleven months later, ShinyHunters proved us right — across 700+ companies. Muselab is the lab behind Busbar (trust infrastructure for AI agents) and Kantext (the composable type system that folds complexity). Born from a decade shipping automation to 200,000+ Salesforce orgs.
From the Lab
Busbar
The declarative systems platform built on Kantext. Every interaction is an immutable, universally-addressable frame. Agents declare intent, the system proves what happened, credentials never leave the host.
Kantext
A composable type system where every layer folds complexity instead of multiplying it. Tree-shaped composition with universal hash addressing. 145x faster than Neo4j. 667x faster than Helm.
Composable Delivery
The methodology that bridges the gap between building features and delivering systems. Start with projects, graduate to platforms.
Recent Thinking
In September 2024, we published a series on Salesforce credential security. Eleven months later, the ShinyHunters breach validated every concern — across 700+ companies.
What the Gainsight Breach Teaches Us About AppExchange Security
The November 2025 Gainsight breach exposed 200+ Salesforce instances—not through a platform vulnerability, but through the cascading effects of a supply chain attack. Here's what actually happened and what it means for ISVs and customers.
Securing Salesforce DevOps: Multi-Job Workflows in GitHub Actions
Getting it working is not the same thing as getting it working securely! Here's how to split GitHub Actions workflows without compromising your org credentials.
Introducing The Composable Delivery Model
19 Sep 2024...
The Builder
Jason Lantz
Built CumulusCI, the automation platform behind 200,000+ Salesforce deployments. One of two founding product team members at Salesforce.org. Sr. Director of Release Engineering at Salesforce Industries.
Left to build what comes next.
The full story →Let's talk about what you're building.
Whether you're an ISV navigating the platform shift, an enterprise securing your agent infrastructure, or an investor who sees the convergence — the architecture is ready.