SDOF: Taming the Alignment Tax in Multi-Agent Orchestration with State-Constrained Dispatch

Zhantao Wang

arXiv:2605.15204 · 2026-05-18 공개 · arXiv · PDF

task-completion rlhf multi-agent-orchestration gspo beisen-italent adversarial-routing skillregistry state-constrained-dispatch

Abstract

Multi-agent orchestration frameworks such as LangChain, LangGraph, and CrewAI route tasks through graph-based pipelines but do not enforce the stage constraints that govern real business processes. We present SDOF, a framework that treats multi-agent execution as a constrained state machine. SDOF operates through two primary defensive layers, implemented by three components: (1) an Online-RLHF Specialized Intent Router trained via Generative Reward Modeling (GRPO) and (2) a StateAwareDispatcher with GoalStage finite-automaton checks and precondition/postcondition SkillRegistry validation for auditable execution control. On a recruitment system backed by the Beisen iTalent platform (6000+ enterprises), 185 expert-curated scenarios trigger 1671 live API calls. Our GSPO-aligned 7B Intent Router achieves higher joint accuracy than zero-shot GPT-4o on this FSM-constrained adversarial routing benchmark (80.9% versus 48.9%). In end-to-end execution, SDOF reaches 86.5% task completion (95% confidence interval 80.8 to 90.7) and blocks all 22 operations in the injection, illegal HR subset. Under a broader message-level blocking audit, SDOF attains precision 100% and recall 88%, expert agreement kappa=0.94. A separate evaluation on 960 SGD-derived dialogues spanning 8 service domains surfaces 201 stage-order conflicts under our FSM mapping, 41 of which arise in the normal split. This arXiv version reports the current validated scope; extended multi-seed training comparisons and deeper workflow evaluations will be released in a subsequent update.

한국어 요약

📋 한 줄 요약

**[멀티에이전트 / 정책 안전]** 다중 에이전트 실행을 제약된 상태 기계로 다루어 단계 제약·정책 위반을 차단하는 SDOF 프레임워크 제안.

🎯 핵심 기여도

💡 핵심 아이디어

실제 비즈니스 프로세스의 정확성은 "잘 라우팅된 그래프"가 아니라 "현재 상태에서 합법적인 전이만 허용하는 FSM"에서 비롯되며, 라우터의 의도 분류 + FSM 검증을 결합하면 alignment tax를 크게 낮출 수 있다.

🔬 기술적 접근법

📊 주요 결과

💭 의의 및 한계

**의의**: 멀티에이전트 시스템에 결정적 안전 레이어(FSM + skill validation)를 도입해 정책 준수와 감사 가능성을 확보. **한계**: FSM·SkillRegistry 정의가 도메인 전문가 입력에 강하게 의존, 본 버전은 검증된 범위만 보고하며 확장 학습 비교·심층 워크플로 평가는 후속 버전 예정.

🚀 실용적 활용