Runtime Governance Diagrams
10 architectural diagrams mapping the failure modes, containment patterns, and governance flows for deterministic agentic execution. Each diagram maps to a deployable governance module.
Runtime Compilation Pipeline
How Exogram compiles Identity + Skill + Tool + Environment into a constrained execution payload. This is the core compilation sequence that converts governance policy into deterministic runtime behavior.
graph LR
A[Trigger Detection] --> B[Skill Resolution]
B --> C[Tool Authorization]
C --> D[Context Assembly]
D --> E[Runtime Compilation]
E --> F[Constrained Execution]
F --> G[State Mutation]
subgraph Identity
A
end
subgraph Skill
B
end
subgraph Tool
C
end
subgraph Environment
D
G
end
subgraph Runtime
E
F
endCopy the Mermaid code above into any Mermaid renderer (mermaid.live, GitHub, Notion) to visualize.
Bounded Cognition Engine
How context window utilization is monitored and compressed to prevent semantic contamination. When utilization exceeds 65%, checkpoint rotation activates. At 85%, mandatory semantic reset fires.
graph TD
A[Session Start] --> B{Context Utilization}
B -->|< 65%| C[Normal Execution]
B -->|65-85%| D[WARNING: Checkpoint Rotation]
B -->|> 85%| E[CRITICAL: Semantic Reset]
C --> F{Patch Chain Depth}
F -->|< 3| C
F -->|>= 3| G[HALT: Recursive Patch Detected]
D --> H[Prune Stale Context]
H --> I[Preserve Architecture State]
I --> C
E --> J[Emergency Context Purge]
J --> K[Reload Core Instructions]
K --> CCopy the Mermaid code above into any Mermaid renderer (mermaid.live, GitHub, Notion) to visualize.
Retry Inflation Cascade
The exponential cost escalation when an agent enters a retry loop. Each retry consumes more tokens as the context fills with failed attempts, creating a compounding burn that can reach $1,100+ in a single session.
graph TD
A[Initial Task] --> B[First Attempt Fails]
B --> C[Retry 1: Context +15%]
C --> D[Retry 2: Context +30%]
D --> E[Retry 3: Context +50%]
E --> F[Context Window Full]
F --> G[Agent Restarts Session]
G --> H[Lost All Progress]
H --> I[Retry Loop Restarts]
I --> J["Cost: $25 → $50 → $150 → $500+"]
B -.->|With Governance| K[Retry Burn Engine]
K --> L[Halt at Retry 3]
L --> M[Human Escalation]
M --> N["Cost Contained: $25"]Copy the Mermaid code above into any Mermaid renderer (mermaid.live, GitHub, Notion) to visualize.
MCP Containment Architecture
How Model Context Protocol tool access is governed. Without containment, MCP servers have unrestricted access to file systems, credentials, and external endpoints. The governance layer enforces capability manifests, context isolation, and supply chain verification.
graph TD
A[MCP Tool Request] --> B{Capability Manifest Check}
B -->|Not in Manifest| C[BLOCK: Unregistered Tool]
B -->|In Manifest| D{Context Isolation Check}
D -->|Sensitive Files| E[BLOCK: Protected Path]
D -->|Safe Scope| F{Supply Chain Verification}
F -->|Unknown Server| G[BLOCK: Unverified Server]
F -->|Verified| H[Execute with Audit Trail]
H --> I[Log Tool Invocation]
subgraph Blocked Actions
C
E
G
endCopy the Mermaid code above into any Mermaid renderer (mermaid.live, GitHub, Notion) to visualize.
Environment Isolation Model
How agent execution environments are sandboxed. Each agent session receives a constrained environment slice — not the entire file system. Write permissions are scoped, destructive commands require approval, and sensitive paths are masked.
graph TD
A[Agent Session Start] --> B[Load Environment Manifest]
B --> C[Scope File Access]
C --> D{Write Request}
D -->|Allowed Path| E[Execute Write]
D -->|Restricted Path| F[Request Approval]
D -->|Blocked Path| G[DENY]
F -->|Approved| E
F -->|Denied| G
E --> H[Audit Trail Entry]
subgraph Allowed
E
H
end
subgraph Gated
F
end
subgraph Blocked
G
endCopy the Mermaid code above into any Mermaid renderer (mermaid.live, GitHub, Notion) to visualize.
Rollback Topology
How governance systems create rollback points before every agent mutation. If an execution violates policy or produces unexpected results, the system can revert to the last known-good state automatically.
graph LR
A[Pre-Execution Snapshot] --> B[Agent Executes]
B --> C{Validation Check}
C -->|Pass| D[Commit Changes]
C -->|Fail| E[Automatic Rollback]
E --> F[Restore Snapshot]
F --> G[Log Failure Reason]
G --> H[Human Review]
D --> I[Update Known-Good State]
I --> J[Next Execution Cycle]Copy the Mermaid code above into any Mermaid renderer (mermaid.live, GitHub, Notion) to visualize.
Orchestration Collapse Pattern
How multi-agent workflows degrade into infinite loops, agreement cascades, and recursive deadlocks. Without governance, agents agree with each other indefinitely without performing actual work, burning compute at scale.
graph TD
A[Orchestrator Assigns Task] --> B[Agent 1 Responds]
B --> C[Agent 2 Validates]
C --> D[Agent 3 Confirms]
D --> E{Agreement Loop Detection}
E -->|No Tool Invocations| F[HALT: Agreement Loop]
E -->|Actual Work Done| G[Continue Workflow]
B --> H{Turn Limit Check}
H -->|> 10 turns| I[HALT: Turn Limit]
H -->|< 10 turns| C
F --> J[Escalate to Human]
I --> JCopy the Mermaid code above into any Mermaid renderer (mermaid.live, GitHub, Notion) to visualize.
Tool Permission Chain
The authorization flow for every tool invocation. Each command must pass through a permission chain: is the tool registered? Is the scope valid? Is the action destructive? Does it require approval? Only authorized, scoped, non-destructive commands execute automatically.
graph TD
A[Tool Invocation] --> B{Registered in Manifest?}
B -->|No| C[BLOCK]
B -->|Yes| D{Scope Valid?}
D -->|Out of Scope| C
D -->|In Scope| E{Destructive?}
E -->|Yes| F{Human Approval?}
F -->|Denied| C
F -->|Approved| G[Execute + Audit]
E -->|No| G
G --> H[Log Result]Copy the Mermaid code above into any Mermaid renderer (mermaid.live, GitHub, Notion) to visualize.
Context Poisoning Flow
How stale assumptions, failed attempts, and correction history accumulate in the context window until they crowd out valid architectural state. This is the root cause of "Claude getting worse over time" — the context literally poisons itself.
graph TD
A["Session Start: 100% Clean Context"] --> B["Hour 1: Architecture + Task"]
B --> C["Hour 2: + Failed Attempts"]
C --> D["Hour 3: + Corrections + Patches"]
D --> E["Hour 4: Context Full"]
E --> F["Original Instructions Lost"]
F --> G["Agent Contradicts Own Architecture"]
G --> H["Recursive Patch Loop"]
H --> I["Session Abandoned"]
C -.->|With Governance| J["Checkpoint: Prune Failed Attempts"]
J --> K["Architecture State Preserved"]
K --> L["Clean Continuation"]Copy the Mermaid code above into any Mermaid renderer (mermaid.live, GitHub, Notion) to visualize.
Verification Cascade
The human review bottleneck created when AI generation volume exceeds review capacity. Without governance, engineers begin rubber-stamping PRs, allowing bugs to reach production. The governance layer throttles generation and routes low-confidence outputs to deep review.
graph TD
A[AI Generates Code] --> B{Confidence Score}
B -->|High > 90%| C[Auto-Approve + Log]
B -->|Medium 70-90%| D[Standard Review]
B -->|Low < 70%| E[Deep Review Required]
D --> F{Queue Depth}
F -->|< 8 PRs| D
F -->|> 8 PRs| G[Throttle AI Generation]
G --> H[Alert: Review Capacity Exceeded]
E --> I{Review Timer}
I -->|< 2 min| J[FLAG: Rubber Stamp Detected]
I -->|> 5 min| K[Legitimate Review]Copy the Mermaid code above into any Mermaid renderer (mermaid.live, GitHub, Notion) to visualize.
Deploy the Governance Behind These Diagrams
Each diagram maps to a deployable runtime infrastructure module with TypeScript middleware, YAML policy manifests, and operational tooling.