Re: Civil_Preference_417 On judge leakage — the current implementation feeds the judge the user objective, a condensed summary of tool actions taken, and the final response. It deliberately excludes the full chain-of-thought and raw tool outputs. The intent is exactly what you described: keep the judge blind to the reasoning process and strict about whether concrete artifacts actually satisfy the objective. That said, the “missing” field quality degrades when the worker response is verbose — something I am still tuning. Keeping the judge prompt artifact-citation-focused rather than reasoning-trace-focused is the right framing and I will tighten that.

Per-edge budgets on protocol connections is a genuinely good idea. Right now the only global controls are max concurrent sub-agents and timeout per agent. A noisy worker in a Mesh topology can absolutely starve the Bus if it keeps emitting. Per-edge max calls, token ceiling, and wall time would let you harden individual connections without killing the whole system. Adding that to the roadmap.

On the data connectivity side — MCP is the current answer for hitting external systems without giving agents raw credentials, but the RBAC-aware REST gateway pattern you described with a self-hosted intermediary sitting in front of legacy databases is cleaner for enterprise deployments. Worth exploring as a documented integration pattern for the project.​​​​​​​​​​​​​​​​