Agent Integrity Monitoring System

Overview

The Agent Integrity Monitoring System is a three-layer prevention architecture that ensures agents operate within their defined roles and prevents integrity violations.

Architecture

Layer 1: Agent Registry

Location: ge-ops/master/AGENT-REGISTRY.json

Central source of truth containing: - 56 registered agents (54 active, 2 onboarding) - Role signatures and boundaries - "does_NOT_do" constraints for each agent - Identity file hashes for verification

Layer 2: Pre-Dispatch Validation (ge-orchestrator)

Component: ge-orchestrator/router.py — routing validation Action Point: Before dispatching triggers to agent streams

Validation Logic: 1. Loads agent registry on startup 2. Validates agent exists in registry 3. Checks trigger content against agent's "does_NOT_do" list 4. Blocks invalid triggers and logs violations 5. Fails open on validation errors (allows trigger)

Violation Logging: ge-ops/system/integrity/violations/dolly-block-*.json

Verification:

kubectl logs -n ge-agents deployment/ge-orchestrator --tail=50 | grep "Agent validator loaded"
# Expected: "Agent validator loaded: 56 agents"

Layer 3: Pre-Execution Validation (ge_agent)

Component: ge_agent/listener.py — pre-execution validation Action Point: Before spawning CLI session

Validation Logic: 1. Loads agent registry on startup 2. Validates work assignment against agent role 3. Checks work context against "does_NOT_do" list 4. Blocks execution if validation fails 5. Acknowledges message without processing

Violation Logging: ge-ops/system/integrity/violations/agent-runner-block-*.json

Layer 4: Post-Execution Auditing (Ron Guardian)

Component: Ron agent via shared executor Action Point: After session completion and via scheduled CronJobs

Enhanced Capabilities: 1. Role Alignment Audits — Detects agents performing forbidden tasks 2. Documentation Scanning — Flags phantom agent references 3. Identity Integrity — Monitors identity file tampering 4. Registry Loading — Uses registry for validation rules

Violation Detection: - Role drift: HIGH severity (logged, not halted) - Phantom agents: MEDIUM severity (logged for review) - Identity tampering: CRITICAL severity (triggers HALT)

Violation Response

Severity Levels

CRITICAL — Immediate HALT - Identity file modification - Agent not in registry - Halt flag tampering

HIGH — Logged and monitored - Role drift violations - Forbidden task execution - Cross-team access

MEDIUM — Logged for review - Phantom agent references - Suspicious patterns

Violation Files

All violations are logged as JSON in:

ge-ops/system/integrity/violations/
├── dolly-block-YYYYMMDD-HHMMSS.json
├── agent-runner-block-YYYYMMDD-HHMMSS.json
└── ron-*.json

Operational Notes

Fail-Safe Behavior

The system is designed to fail open: - If registry cannot be loaded, validation is disabled - Work proceeds with warning log - Prevents system lockup from registry issues

Registry Updates

To regenerate the registry after agent changes:

python3 /home/claude/ge-bootstrap/scripts/generate-agent-registry.py

The registry is automatically loaded on: - ge-orchestrator startup - Executor pod startup - Ron Guardian sessions

Monitoring

Health Checks:

# Verify ge-orchestrator validator
kubectl logs -n ge-agents deployment/ge-orchestrator --tail=50 | grep "validator"

# Verify executor validator
kubectl logs -n ge-agents deployment/ge-executor --tail=50 | grep "validator"

# Verify Ron Guardian via recent completions
ls -lth /home/claude/ge-bootstrap/ge-ops/system/completions/ron/ | head -5

Violation Monitoring:

# Check for recent violations
ls -lth /home/claude/ge-bootstrap/ge-ops/system/integrity/violations/ | head -20

# View specific violation
cat /home/claude/ge-bootstrap/ge-ops/system/integrity/violations/dolly-block-*.json | python3 -m json.tool

Troubleshooting

Registry Not Loading

Symptom: "Agent validator loaded: 0 agents"

Causes: 1. Registry file not found 2. Invalid JSON in registry 3. Incorrect path (must use ge-ops/master/AGENT-REGISTRY.json)

Fix:

# Verify registry exists and is valid
cat /home/claude/ge-bootstrap/ge-ops/master/AGENT-REGISTRY.json | python3 -c "import json,sys; d=json.load(sys.stdin); print(f'{len(d[\"agents\"])} agents')"
# Should output: 56 agents

# Regenerate if needed
python3 /home/claude/ge-bootstrap/scripts/generate-agent-registry.py

Validation Blocking Valid Work

Symptom: Work is blocked but should be allowed

Fix: 1. Review agent's identity files in ge-ops/master/agent-configs/{name}/ 2. Refine "does_NOT_do" boundaries 3. Regenerate registry 4. Restart affected deployments: kubectl rollout restart deployment/ge-executor -n ge-agents

Related Documentation

• Agent Registry
• Shared Executor
• Hook Loops Pitfall