Supervisor-Plus-Gate
Supervisor controller that validates and gates LLM outputs against deterministic checks before they commit to side-effects.
Problem
A plain supervisor routes work without checking the legitimacy of returned outputs. Sub-agent results pass through to side-effects (commits, sends, writes) on the supervisor's authority. When a sub-agent's output violates a policy invariant, there is no checkpoint between 'output produced' and 'effect committed'. Distinct from a plain supervisor by mandating a hard reject signal on policy violation.
Solution
Co-locate a Gate next to the Supervisor. The Gate receives the sub-agent output, runs deterministic checks (schema validity, policy-as-code, allow-list, threshold), and emits one of {accept, reject, escalate}. Only accepted outputs flow to side-effects. Rejections produce structured errors that surface to retries or human review. Pair with supervisor, policy-as-code-gate, and typed-refusal-codes.
When to use
- Multi-agent system where sub-agent outputs drive side-effects.
- Domain has expressible deterministic invariants (policy, schema, thresholds).
- Audit requires per-decision deterministic evidence independent of LLM trace.
Open the full interactive page →
Diagram, neighbourhood map, code examples, related patterns and full provenance.