Get Started
AAL 4 · Operator

Operator

Multi-agent orchestration. Multiple agents coordinating through defined workflows, schemas, and contracts.

Primitive Access

User(s) → Agents → Primitives → Systems

AAL 4 is where individual agents become systems. Multiple agents operate with defined roles, shared schemas, and explicit handoff contracts. The access surface multiplies with every agent added. Governance is not optional at this level.

What This Level Is

Operator mode means you are orchestrating agent systems, not just using agent tools. Each agent has a defined role, a set of tools, and constraints on what it can touch. They communicate through shared state, message passing, or workflow primitives. The architecture determines the access - and the risk.

Tools at This Level

  • LangChain / LangGraph - Framework for chaining LLM calls with tools and memory
  • CrewAI - Role-based multi-agent framework
  • AutoGen - Microsoft's multi-agent conversation framework
  • AWS Bedrock - Amazon's managed model API with multi-agent orchestration and guardrails
  • Azure OpenAI - Microsoft's hosted models with enterprise-grade orchestration capabilities
  • Vertex AI - Google's managed ML platform for agent pipelines and evaluation
  • NVIDIA NIM - Inference microservices powering custom high-performance agent pipelines
  • Custom pipelines - Purpose-built orchestration using model APIs directly

What You Can Do

  • Orchestrate multi-step workflows with defined agent handoffs
  • Specialise agents by role - one researches, one writes, one reviews
  • Build automated pipelines that run end-to-end without human intervention
  • Define explicit contracts and schemas between agents
  • Implement self-correcting loops where agents validate each other

What You Cannot Do

  • Run ungoverned agents with production access
  • Safely skip observability - you will not see failures coming
  • Assume agents share context or understanding - they share data
  • Deploy without kill switches - you must be able to stop the system

Risks at AAL 4

  • Cascade failure: One agent's bad output propagates through the entire pipeline
  • Ghost state: Agents accumulating context that is invisible to you
  • Permission explosion: Each agent needs access - the attack surface multiplies
  • Coordination bugs: Agents working at cross purposes due to ambiguous instructions
  • Observability debt: The system works until it does not, and you cannot see why

Governance Essentials

  • Define explicit input/output schemas at every agent boundary
  • Implement logging at every handoff - you need a full audit trail
  • Use circuit breakers - automatic stops when output quality degrades
  • Run agents with minimum necessary permissions
  • Test the system as a whole, not just individual agents

Who Needs This

Most builders do not need AAL 4. AAL 3 with good governance covers the vast majority of use cases. AAL 4 is for teams building agent-native products, automation platforms, or infrastructure where the agent pipeline is the product. The builders who get the most out of AAL 4 are the ones who already mastered AAL 3. Start there.

Related Topics

AAL 3 · Collaborator Collaborator The inflection point - agent touches files
AAL 5 · System Orchestrator System Orchestrator Self-healing, adaptive infrastructure
Overview Context and Intent - both grow with each AOL layer