For three years the pitch for AI in professional services was some version of “ask it a question, get an answer faster.” A lawyer typed a prompt, a chatbot returned a paragraph, and the human did everything else — the cross-checking, the drafting, the routing, the sign-off. That model is now being replaced in front of us. On June 24, 2026, Perplexity shipped Computer for Counsel, and according to MarkTechPost's reporting, it is not another legal chatbot. It is an agentic workspace — a system designed to run a multi-step knowledge-work job end to end: research a question, draft the document, cite every claim, cross-check the citations, and route the result to a human for sign-off, all inside one governed surface.
It launched for legal. But the pattern is coming for every document-heavy profession — accounting, financial services, insurance, real-estate transactions. And it raises the stakes on governance, because these workspaces reach the most confidential data a firm holds: privileged client files, financials, protected health information. This post is deliberately not a product review. It is a buyer's frame for owners and operations leaders in regulated professions: what you should demand before you let an agentic workspace touch real client work — and how the answer maps onto the supervised AI Employee model we build at Cloud Radix.
Key Takeaways
- The shift is from chatbot-that-answers to agentic workspace that operates — a system that runs a whole multi-tool workflow, not just a single reply.
- Perplexity's Computer for Counsel routes across 20+ frontier models and connects to 400+ tools via the Model Context Protocol; the architecture matters more than any single feature.
- Independent benchmarking found leading legal AI research tools producing incorrect information 17%–34% of the time — provenance on every output is a requirement, not a nicety.
- Before trusting any agentic workspace, demand four things: source-linked provenance, a human checkpoint on anything that leaves the building, scoped/isolated data access, and a complete audit trail.
- A Secure AI Gateway is what enforces “the workspace only sees the matter it's working on” — the difference between a governed AI Employee and shadow AI.
- For a Northeast Indiana firm, the realistic on-ramp is one low-risk matter type, run behind a gateway with a human owning sign-off, then expand.
What Actually Changed When Perplexity Shipped “Computer for Counsel”?
The headline isn't that a vendor built a legal AI tool — there are dozens. The headline is what kind of tool it is. MarkTechPost describes Computer for Counsel not as a replacement for Westlaw, LexisNexis, or Bloomberg Law, but as “a research, drafting, and workflow layer” that decomposes a legal task into subtasks and runs each one. The reported use cases are revealing because they are workflows, not questions. A third-party NDA intake: the system reviews the document for red flags, fills in entity and signatory information, prepares a clean copy, and routes it for Docusign approval. Regulatory monitoring: it builds a shareable dashboard of US state privacy and adtech laws with cited references. Case research: it researches non-compete enforceability, summarizes the key cases, flags unsettled questions, and exports a PDF with citations.
Notice that none of those are “answer a question.” Each is a job — the kind of multi-step, multi-tool task a junior associate or a paralegal would own for an afternoon. That is the category shift. We've written before about the end of the chatbot era as a macro trend across business software; Computer for Counsel is that trend arriving inside one of the most conservative, highest-stakes professions there is. When the legal industry — which has spent two years burned by fabricated citations — starts shipping agentic workspaces, the direction of travel is no longer debatable.
The pull toward this model is economic, not novelty. Thomson Reuters' Future of Professionals research reports that professionals expect AI to save them roughly five hours a week — about 240 hours a year, or an estimated $19,000 in annual value per person — and that around 30% are already using AI regularly to start or edit their work. When the expected payoff is that large, vendors stop building tools that answer questions and start building tools that finish jobs.
The reason this matters for an accounting firm or a financial-services shop that has never heard of Perplexity is simple: the architecture generalizes. A document-heavy profession is a document-heavy profession. The same pattern — decompose the job, route each step to the right tool, cite everything, hand a finished draft to a human — works for a tax memo, an audit workpaper, a loan file, or a title review. Legal is just first through the door.
Why Does “Agentic Workspace” Mean Something Different From a Chatbot?
A chatbot has one job: turn your prompt into a reply. An agentic workspace has a different job: turn your goal into a finished work product, choosing its own intermediate steps. Three architectural details from the Computer for Counsel launch make the distinction concrete, and each one is a thing you should understand before you buy anything in this category.
It routes across many models, not one. MarkTechPost reports the system routes across 20+ frontier AI models, automatically selecting the best model for each subtask. This is the same logic behind why a single general-purpose model rarely matches purpose-built tooling — the right model for summarizing a contract is not necessarily the right model for checking a citation. Multi-model routing also reduces single-vendor lock-in, which matters when you're committing a regulated workflow to a platform.
It connects to your tools, not just the open web. The launch lists premium connectors — Midpage for US case law, Docusign for agreements, NetDocuments and Box for secure file systems, and others — and reports 400+ total integrations via the Model Context Protocol (MCP), the open standard MarkTechPost notes the platform uses to reach external tools and data. MCP describes itself as “a USB-C port for AI applications” — a standardized way to connect an AI system to your databases, documents, and software. The significance for a firm: an agentic workspace is only as trustworthy as what it's allowed to plug into, and “400+ connectors” is also “400+ doors into your data” if nobody is governing access.
It cites its sources by design. The platform's stated principle is that “every output links back to its source” for one-click verification before use. Hold onto that phrase — provenance on every output is the single most important property in this entire category, and we'll come back to why the benchmarking data makes it non-negotiable.
Put those three together and you have the working definition of an agentic workspace: many models, governed connections to your real data, and a citation on everything it produces. A tool that's missing any of the three is a chatbot with better marketing.
What Should a Firm Demand Before an Agentic Workspace Touches Client Work?
Here is the buyer's checklist. It is vendor-neutral — it applies to Computer for Counsel, to any competitor, and to anything we'd deploy for you. If a workspace can't satisfy all four, it isn't ready for privileged client data.
| What to demand | What it means in practice | The failure mode if you skip it |
|---|---|---|
| Provenance on every output | Each claim, citation, and figure links back to a verifiable source you can open before you rely on it. | The workspace produces a confident, authoritative-looking answer that cites a case or statute that doesn't say what it claims. |
| A human checkpoint on anything that leaves the building | No filing, no client email, no signed document goes out without a named human reviewing and approving it. | An automated step routes a draft straight to a client or a court with an error nobody caught. |
| Scoped, isolated data access | The workspace sees only the matter it's working on — not the entire document management system. | One over-broad connector exposes every client's files to a single query or a single breach. |
| A complete audit trail | Every action, source, and model decision is logged and reviewable after the fact. | When a client, a regulator, or opposing counsel asks how the AI reached this, you have no answer. |
The first two map directly onto how you'd evaluate a human hire — which is exactly the frame we use when we tell owners to interview an AI Employee before they hire it. You wouldn't let a new paralegal file a motion unsupervised on day one; you'd check their work, watch how they sourced it, and keep sign-off authority. An agentic workspace earns trust the same way — on a real task, with provenance you can inspect, and a human who owns the outcome.
The third and fourth — scoped access and audit trail — are architecture problems, not policy problems. You cannot fix over-broad data access with a staff memo. That is where the Secure AI Gateway does the work, and it's worth its own section.
How Big Is the Verification Problem, Really?
Big enough that provenance has to be a hard requirement rather than a feature you're glad to have. When Stanford's RegLab and HAI benchmarked legal AI research tools, they found that Lexis+ AI and Ask Practical Law AI “produced incorrect information more than 17% of the time,” and that Westlaw's AI-Assisted Research “hallucinated more than 34% of the time.” General-purpose models did worse — earlier research cited in the same study found them hallucinating between 58% and 82% of the time on legal queries. These were purpose-built, retrieval-grounded legal tools, and roughly one in six to one in three answers still contained a factual error or a “misgrounded” citation — a source that appears authoritative but doesn't support the claim.
That second category is the dangerous one. A confident wrong answer with a real-looking citation is exactly what gets a lawyer sanctioned, which is why we've documented the AI hallucination liability playbook for firms that need to understand where the exposure actually lands. The Stanford researchers' blunt conclusion: “legal hallucinations have not been solved,” and lawyers may need to “verify each and every proposition and citation provided by these tools.”
This is also the heart of the professional-responsibility question. The American Bar Association's Formal Opinion 512, its first ethics guidance on generative AI, makes clear that the duties of competence and confidentiality don't change because a machine did some of the work — a lawyer remains responsible for verifying outputs and protecting client information. An agentic workspace doesn't dissolve that duty; at best it makes it faster to discharge. Provenance is what makes verification possible at speed: if every output links to its source, a human can check the citation in seconds instead of reconstructing the research from scratch. Without provenance, the verification burden Stanford describes eats the entire efficiency gain — and you're back to a confident chatbot you can't trust.
It's worth being honest about the limits even of the better tools. MarkTechPost notes Computer for Counsel is “not a standalone citator,” its good-law checks depend on the coverage of its data sources, several connectors are still “coming soon,” and web grounding may miss paywalled or unpublished opinions. Those aren't disqualifying — they're the normal trade-offs of a maturing category. But they're the reason the human checkpoint is item two on the checklist, not an afterthought.
Where Does the Secure AI Gateway Fit?
Two of the four demands — scoped data access and a complete audit trail — can't be satisfied by the workspace's own settings alone. They need an enforcement layer that sits between the AI and your data and decides, per request, what the workspace is allowed to see and do. That's the job of a Secure AI Gateway.
The problem it solves is the one every firm already has, whether or not they've named it. Today the most common AI risk in a professional-services office isn't a sophisticated attack — it's staff pasting client files into personal ChatGPT because the official tools are slow. An agentic workspace with 400+ connectors makes that instinct far more dangerous, because now the convenient tool also has standing access to your document management system. Convenience plus broad access plus no logging is precisely the shadow-AI failure mode.
A gateway inverts that. Instead of the workspace holding broad credentials to everything, it requests access through a layer that grants the narrowest scope for the matter at hand, masks or withholds what isn't needed, and logs every request. The workspace working an NDA intake sees that matter — not the partner's email, not unrelated client files, not the firm's financials. This is the same governance spine we apply in healthcare settings, where HIPAA makes scoped data access non-optional. The regulated profession changes; the architecture doesn't.
This is also where the frameworks line up. NIST's AI Risk Management Framework organizes responsible AI around four functions — Govern, Map, Measure, and Manage — and the gateway is, concretely, how a small firm operationalizes “Govern” and “Manage” without standing up a data-security department. The supervised AI Employee model we build puts the workspace inside that gateway, gives it a defined job, keeps a human owning sign-off, and logs the whole thing. The difference between that and shadow AI isn't the model — it's the governance around it.
What Does This Mean for a Northeast Indiana Firm Right Now?
If you run a law practice, a CPA firm, or a community-bank compliance team in Auburn, Fort Wayne, or anywhere in DeKalb or Allen County, the honest answer is: you don't need to adopt an agentic workspace this quarter, but you should stop pretending the category isn't coming. Your staff are already using AI — the only question is whether it's governed.
The realistic on-ramp is narrow and boring on purpose. Pick one low-risk, high-volume matter type — third-party NDA review, a recurring compliance check, first-pass document intake — where an error gets caught long before it reaches a client or a regulator. Run the workspace behind a Secure AI Gateway with scoped access to only that matter's data. Keep a named human owning sign-off on every output. Log everything. Measure whether it actually saves time against the verification cost. Then, and only then, expand to the next matter type. That's the same disciplined path we lay out in our AI compliance automation playbook for local law firms and CPAs — start where the downside is contained, prove it, and grow.
A Fort Wayne firm has one real advantage over a national one here: you're small enough to govern this deliberately. You can decide, this month, that no client data touches an ungoverned tool, pick a single workflow to pilot, and keep a human in the loop on all of it. That's not a constraint — in a category where one-in-six answers can be wrong, deliberate beats fast.
Bring an Agentic Workspace In Without Betting the Firm
The agentic workspace is the AI Employee model made concrete for professional services — and like any employee touching privileged work, it needs a defined job, scoped access, supervision, and a record of what it did. Cloud Radix builds exactly that: supervised AI Employee solutions deployed behind a Secure AI Gateway, with provenance, human checkpoints, and audit trails built in from day one — for law firms, accounting and financial practices, and other regulated businesses across Fort Wayne and Northeast Indiana. If you want to pilot one low-risk workflow the right way, start a conversation with our team. We'll help you pick the matter, set the guardrails, and keep a human owning every output that leaves the building.
Frequently Asked Questions
Q1.What is an agentic AI workspace, and how is it different from a legal chatbot?
An agentic AI workspace runs a complete multi-step task — research, draft, cite, cross-check, route for approval — rather than just answering a single question. A chatbot turns your prompt into a reply and leaves the rest to you. Perplexity's Computer for Counsel, for example, decomposes a job into subtasks and routes each to the appropriate model and data source, producing a finished work product with citations instead of a one-off answer.
Q2.Is it safe to use an agentic AI workspace with confidential client data?
It can be, but only with the right governance. Before trusting one, a firm should demand source-linked provenance on every output, a human checkpoint on anything that leaves the building, scoped data access so the workspace sees only the matter it's working on, and a complete audit trail. A Secure AI Gateway enforces the scoped-access and logging requirements that the workspace's own settings can't guarantee on their own.
Q3.How often do legal AI tools get things wrong?
Independent benchmarking by Stanford's RegLab and HAI found leading legal research tools producing incorrect information frequently — Lexis+ AI and Ask Practical Law AI more than 17% of the time, and Westlaw's AI-Assisted Research more than 34% of the time. General-purpose models did worse. That's why provenance and human verification are requirements: the researchers concluded that legal hallucinations have not been solved.
Q4.Does using AI change a lawyer's professional responsibilities?
No. The American Bar Association's Formal Opinion 512 makes clear that duties of competence and confidentiality apply regardless of whether a machine assisted the work. The lawyer remains responsible for verifying outputs and protecting client information. An agentic workspace can make verification faster through provenance, but it does not transfer or dissolve the underlying ethical duty.
Q5.Will agentic workspaces come to accounting and financial services too?
Almost certainly. The architecture — decompose a document-heavy job, route each step to the right tool, cite everything, hand a finished draft to a human — generalizes across professions. Legal launched first, but the same pattern fits a tax memo, an audit workpaper, a loan file, or a title review. Firms in those fields should expect the category and prepare their governance now.
Q6.How should a small Fort Wayne firm start with this technology?
Start narrow. Pick one low-risk, high-volume matter type where errors are caught early, run the workspace behind a Secure AI Gateway with scoped data access, keep a named human owning sign-off, and log everything. Measure whether it saves time net of verification before expanding to the next workflow. Deliberate adoption beats fast adoption in a category where a meaningful share of answers can still be wrong.
Sources & Further Reading
- MarkTechPost: marktechpost.com/2026/06/26/perplexity-launches-computer-for-counsel — Perplexity Launches Computer for Counsel: A Multi-Model Agentic Layer for Legal Workflows.
- Stanford HAI / RegLab: hai.stanford.edu/news/ai-trial-legal-models-hallucinate — AI on Trial: Legal Models Hallucinate in 1 out of 6 (or More) Benchmarking Queries.
- Thomson Reuters: thomsonreuters.com/en/c/future-of-professionals — Future of Professionals Report.
- American Bar Association: americanbar.org/news/abanews — Formal Opinion 512 — ABA Issues First Ethics Guidance on a Lawyer's Use of Generative AI Tools.
- Model Context Protocol: modelcontextprotocol.io/introduction — What is the Model Context Protocol (MCP)?
- NIST: nist.gov/itl/ai-risk-management-framework — AI Risk Management Framework (AI RMF).
Pilot One Governed AI Workflow the Right Way
We'll help your Fort Wayne or Northeast Indiana firm pick a low-risk matter type, deploy a supervised AI Employee behind a Secure AI Gateway, and keep a human owning every output that leaves the building.
Start a ConversationNo contracts. No pressure. Just an honest conversation about governed AI for your practice.
