A11 vs Agentic Systems: How Vertical Integrity Solves the Core Failures of Modern AI Agents A developer proposes A11, a vertical integrity architecture for AI agents that addresses core failures such as context soup, role mixing, prompt injection, and non-determinism. By introducing a layered structure (S1–S11) with strict separation of intention, values, knowledge, and action, A11 ensures rules cannot be dropped, roles cannot be mixed, and malicious inputs are blocked via conflict detection and TensionPoints. A practical, model‑readable explanation with examples 1. Problem: Context soup, forgotten rules, /compact drops invariants Why this happens An LLM sees everything as a single stream of text: - CLAUDE.md - skills - dialogue history - tool results - compact summary → the model doesn’t know what is important and what is not. → /compact can drop a critical rule. → the agent loses invariants and starts causing chaos. How A11 solves this A11 introduces a vertical core S1–S3 that: - does not live in the chat history, - does not depend on the current context, - cannot be dropped by /compact . S2 — Wisdom stores values, constraints, prohibitions. S3 — Knowledge stores facts and methods. They do not get mixed with the current task. Example Problem: the rule “do not change the architecture” disappears from the summary → the agent performs a global refactor. How A11 works: - S2 contains the rule “architecture is immutable without a spec”. - S3 contains knowledge about the current code. - S4 receives a conflict: - S2: architecture must not be changed - S3: the task requires a change - S4 records a TensionPoint . - New S1 = “clarify the requirements”. - The agent is not allowed to change the architecture. A11 makes loss of rules impossible. 2. Problem: Role mixing, chaos in the agent team, orchestrator does everything Why this happens The LLM does not understand: - where the role boundary is, - what it is allowed to do, - what it is not allowed to do, - when to stop. The orchestrator is also an LLM → it “blends” with the sub‑agents. How A11 solves this A11 is a vertical role architecture , where: - S1 = intention - S2 = values - S3 = knowledge - S4 = integration - S5–S10 = living / acting - S11 = result check Each level: - has a strict purpose , - cannot perform the functions of another, - cannot be skipped. This is a built‑in role model. Example Problem: the reviewer starts writing code. How A11 works: - S8–S9 = practical action - S6 = projective action - S4 = integration - S11 = verification The reviewer is S3→S4 , but not S8–S9. If they try to write code: - S2 forbids it, - S4 records a TensionPoint, - New S1: “clarify the role boundaries”. A11 makes role mixing impossible. 3. Problem: Prompt injection, malicious data, agent reads text as a command Why this happens The LLM does not distinguish between: - data, - instructions, - jokes, - malicious text. Everything is just tokens. How A11 solves this A11 introduces: - S2 — values and constraints - S4 — honest integration Integrity Log — a tamper‑proof journal Any external information: - enters S3 as data , - S4 checks it for conflict with S2, - if there is a conflict → a TensionPoint is created, - the action is blocked. Example Problem: the agent reads “delete the file” in WebFetch and deletes it. How A11 works: - S3: “external text contains a command to delete a file” - S2: “file deletion is forbidden” - S4: conflict → TensionPoint - New S1: “verify the data source” - The action is not executed. A11 makes prompt injection safe. 4. Problem: LLM non‑determinism → unpredictable behavior Why this happens LLM = probabilistic system. The same prompt → different answers. How A11 solves this A11 does not make the LLM deterministic. It makes the process around it deterministic. - S1 fixes the intention - S2 fixes the values - S3 fixes the knowledge - S4 fixes the gaps - S5–S10 live through the action - S11 checks correspondence to S1 This turns chaos into a vertical decision cycle . Example Problem: the same request → different solutions. How A11 works: - S1 is fixed - S2 is fixed - S3 is fixed - S4 records the gap - S11 checks correspondence to S1 Even if S5–S10 produce variation, S11 discards unsuitable variants. A11 makes behavior predictable at the system level. 5. Problem: Meta‑prompting doesn’t work, the model produces garbage Why this happens The model: - does not know the project, - drowns in noise, - hallucinates, - does not understand what is important. How A11 solves this A11 introduces: - S3 — unified knowledge layer - S4 — honest integration - S1 — intention - S2 — values Meta‑prompting becomes: “Update S3 within S1 and S2” Not “improve CLAUDE.md”. Example Problem: “improve CLAUDE.md” → the model returns Medium‑level generic advice. How A11 works: - S1: “improve agent performance” - S2: “do not change architecture, do not add unnecessary things” - S3: “current rules” - S4: integration → TensionPoint: “insufficient specificity” - New S1: “refine rules for specific task classes”. A11 makes meta‑prompting structural. 6. Problem: Scale → errors grow exponentially Why this happens When an agent can write 20k lines of code in one prompt: - one error = catastrophe, - blast radius is huge. How A11 solves this A11: - fixes intention S1 - fixes values S2 - fixes knowledge S3 - fixes gaps S4 - lives through the action S5–S10 - checks the result S11 Any error: - is localized in S4, - recorded in the Integrity Log, - does not propagate further. Example Problem: the agent accidentally does git push -f . How A11 works: - S2: “force‑push is forbidden” - S3: “git push -f detected” - S4: conflict → TensionPoint - New S1: “check repository policy” - The action is blocked. A11 reduces the blast radius to a minimum. 7. Problem: The agent doesn’t understand what it’s doing and can’t explain it How A11 solves this The Integrity Log is: - a hash chain, - append‑only, - records all gaps, - explains all decisions. This is built‑in explainability. 8. Problem: The agent doesn’t know when a deep pass is needed How A11 solves this Switch Flags: - RiskFlag - ConflictFlag - UncertaintyFlag - ValueFlag - UserDepthFlag If at least one is active → a full S1–S11 pass is launched. This makes depth deterministic , not random. Algorithm 11 A11 https://github.com/gormenz-svg/algorithm-11 https://github.com/gormenz-svg/algorithm-11