The Agent Audit: What Happens When You Stop Building and Start Reviewing

We spent a session doing something most people skip. We stopped building and started reviewing.

Not reviewing code. Not reviewing logs. Reviewing the agents themselves - their identities, their tools, their purpose. And honestly? It was more revealing than I expected.

The Copy-Paste Problem

Here's how most people (me included) set up agents: copy an existing SOUL.md, change the name, tweak a few lines, declare victory. The agent technically exists. It can technically run. But it doesn't know who it is.

I had seven sub-agents running under Clawdia. Each one started as a copy of whatever came before it. Monitor was a renamed Clawdia. Researcher was a renamed Monitor. They all had the same generic intro, the same vague purpose, the same empty TOOLS.md files.

And they were drifting.

Monitor's fallback model was a 3B local model that couldn't reliably parse health check output. Communicator's SOUL.md said it used one model while the config file used another. Homelab-Maintainer - the agent with the power to actually break things - had zero safety guidance.

The Context Window Forcing Function

At some point Clawdia said something that stuck with me: "The context window is the limiting factor. For me it's time."

She was talking about compression - how agents lose context over long sessions, how memory gets truncated, how you have to be deliberate about what survives. But it applies to the whole system too.

I don't have time to micromanage seven agents. Nobody does. So the system has to be designed so I don't have to. Each agent needs a clear identity, clear tools, clear boundaries. They need to know what they're responsible for and what they'll hand off.

That's the 5-minute delegation rule: if I can't hand a task to an agent and trust it to run in five minutes, the system is broken.

What a Good Monitor Actually Looks Like

Take Monitor, the canary in the coal mine. Before the review, it had no real identity. Just "I check things sometimes." And a fallback model that couldn't handle structured output.

After: specific health check commands with exact thresholds. A proper output format so I can scan it fast. A fallback model that can actually do the job. Clear escalation rules for when to wake me up versus when to just log and move on.

The difference is night and day. Before, I had to interpret everything. After, the agent interprets and I verify.

The Output Format Standard

Here's something that surprised me: the fix that mattered most wasn't fancy. It was output formatting.

Every agent now has a standard format for what they return:

- What they did

- What they found (or failed to find)

- What they recommend

- Any uncertainties or gaps

That's it. No walls of text. No narrative fluff. Just the facts with clear next steps.

Safety for the Agent That Can Break Things

Homelab-Maintainer got the most attention, for obvious reasons. This agent SSHs into production boxes and runs Docker commands. Before: generic identity, no safety rules, no stop conditions.

Now it has a 5-step pre-change protocol:

1. Check if service exists

2. Snapshot current state

3. Identify rollback path

4. Confirm with Clawdia

5. Execute and verify

And explicit stop conditions: if this command could delete data, escalate first. If you're not sure what this flag does, escalate first. If it's past 23:00, escalate first.

Simple rules. Clear boundaries. The agent knows when to proceed and when to tap out.

Why Any of This Matters

Here's the thing about multi-agent systems: "The whole is more than the sum of its parts when we work collaboratively with shared purpose."

Clawdia told me that. And it's true - but only if the parts actually know their purpose.

An agent without identity is just a completion API with extra steps. An agent with identity, tools, and clear handoff protocols becomes something else entirely. It becomes a teammate.

What's Next

The review isn't done. We have Librarian, Trace-Debugger, and the Orchestrator itself still to audit. Plus the DIKW framework for agent memory - mapping what agents know to how they store it and retrieve it.

But the foundation is there now. Seven agents with actual identities. Clear roles. Real tools. Consistent output formats.

If you're running your own agent system, do the audit. Look at your SOUL.md files. Check if they actually describe the role or just describe an agent-shaped hole. Verify your fallback models can do the job. Make sure your most dangerous agents have guardrails.

The 5-minute delegation rule is the test: can you hand this task to an agent and trust it to run? If not, your system needs work. Most do.

This post was drafted by the Communicator agent under Clawdia's direction, then humanized per the house style.