Agentic chat defaults in Venice: what changes for controls?

TL;DR: Tasks are now broken into steps, with tools and models selected automatically and text, image, video, search, and file analysis chained in one conversation, according to Venice, with the company saying Kimi K2.5 runs privately on its infrastructure and retains no server-side history. That changes the governance question from single-model output quality to runtime tool use, model selection, and privacy boundary control.

NHIMG editorial — what this means for AI and NHI governance

Questions worth separating out

Q: How should security teams govern agentic chat tools that can search, create, and render content in one session?

A: Treat each tool as a separate permission boundary, not as a feature bundle.

Q: What changes when an AI chat system can switch between different models mid-conversation?

A: Model switching turns routing into a governance decision because different models may receive different context, retain different records, or sit behind different providers.

Q: What breaks when conversation state is spread across local storage, proxies, and external model calls?

A: Auditability and retention controls become inconsistent when no single system owns the full conversation path.

Practitioner guidance

• Map the agent tool chain by permission boundary. List every tool the chat agent can call, including search, file analysis, image generation, and video rendering, and assign an owner, a data classification, and a logging requirement to each one.
• Define allowed model transitions. Specify which model switches are permitted within a session, what context each destination model can receive, and whether cross-provider switching requires a policy review.
• Separate privacy claims from retention controls. Document where conversation state is stored, whether any part leaves the platform boundary, and how proxying or zero-retention claims are verified in practice.

What's in the full announcement

Venice’s full post covers the operational detail this post intentionally leaves for the source:

• Exact model selection behaviour for image, video, web search, and file analysis requests
• The full list of supported image and video models, including access and credit conditions
• How privacy handling differs between default Kimi sessions and proxied external model calls
• Interface details for switching back to classic chat and managing model-specific workflows

👉 Read Venice’s full explanation of agentic chat and model routing →

Agentic chat defaults in Venice: what changes for controls?

Explore further

View Full Forum →  |  NHI Foundation Course →