Skip to main content

Agent System Design Constraints

Which leg of the four-leg frame is weakest in the agent system you are currently building?

Four constraints govern every AI agent system design decision. They are not independent considerations — they are four legs of one frame. Remove any one and the system drifts in a predictable, diagnosable direction.

The four constraints are:

  • Ontology — what the system treats as real
  • Epistemology — how the system updates what it believes to be true
  • Taxonomy — how the system sorts and places things
  • Axiology — what the system treats as an improvement worth pursuing

Every design choice in an agent system either strengthens or weakens one of these legs. Naming which leg a choice affects is the fastest way to diagnose why a system is drifting.

Why These Four?

These four come from philosophy of knowledge, but they earn their place in engineering through the failure modes they predict. Each leg, when weak, produces a distinct category of system failure — not a random error, a structural one.

A structural failure repeats under different inputs because it is built into how the system perceives, verifies, sorts, or prioritizes — not into any single response. That repeatability is why design-level diagnosis is worth the effort.

The four-leg frame turns a diffuse complaint ("the system behaves strangely") into a located gap ("the system's epistemology is weak — it cannot verify claims it can confidently name").

The Four Legs

Ontology

Ontology is the typed state space: the entities, states, relationships, and boundaries the system treats as "real enough" to perceive, name, route, and reason about.

If something is not in the ontology, the system cannot:

  • name it (no term means no handle)
  • route it (no handle means no placement rule fires)
  • act on it (no placement means no downstream logic applies)

Strong ontology makes the system's perceptual coverage explicit. Gaps in ontology are invisible to the system — it cannot report what it cannot perceive.

Design question: What entities does this system need to track, and have we named them? What is visibly missing from our named state space?

Epistemology

Epistemology is the update function: the data sources, validation rules, and inference patterns that determine what counts as evidence and how beliefs change when evidence arrives.

This is the load-bearing leg, and the key insight:

Anyone can define objects. Few define how truth flows and compounds. Epistemology is the competitive advantage.

A weak epistemology produces the most costly failure mode: the system can name things confidently while being wrong about their current state. The ontology gives the system a vocabulary; epistemology is what keeps that vocabulary accurate over time.

Design question: For each entity in the ontology, how does the system verify that its current state description is still true? What is the update trigger? What counts as authoritative evidence? How stale can a belief get before the system flags it?

Taxonomy

Taxonomy is the controlled vocabulary, hierarchy, and placement rules that let agents navigate the state space reliably.

A well-formed taxonomy has:

  • unambiguous placement rules (each entity has exactly one correct position)
  • a stable hierarchy (depth is bounded; categories do not collide)
  • a controlled vocabulary (terms are defined before use; synonyms are resolved)

Without taxonomy, agents working on overlapping territory cannot coordinate — two agents may maintain separate, contradictory descriptions of the same entity without realizing it.

Placement test: Does each entity class have one clear placement rule? Can two agents working independently place the same item in the same location? Is the vocabulary controlled or improvised?

Axiology

Axiology is the optimization target: the explicit statement of which changes count as improvements and which are merely possible.

Without axiology, the system optimizes by default — for completion, for verbosity, for the most recent instruction. Those defaults rarely match what the system is actually for. Axiology closes the gap between "the system did something" and "the system did what mattered."

Strong axiology makes priorities legible before work begins, so agents can distinguish:

  • the improvement that matters (worth pursuing)
  • work that is possible but irrelevant (route elsewhere or skip)
  • the action that looks like improvement but degrades the system (stop and flag)

Design question: What is the explicit optimization target? When two improvements are both possible, which one wins and why? What is the signal that the system has made progress on what actually matters?

Failure Modes

Each weak leg produces a different failure signature.

Blind Spots

The system verifies claims and sorts entities reliably within the space it can perceive — but entire categories of entity are invisible. Problems in those categories go unnoticed until a human flags them. The system appears healthy inside its perceptual boundary and broken outside it.

Hallucination

The system names things confidently using a rich ontology — but cannot verify whether those names reflect current reality. Stale descriptions compound over time. The system sounds authoritative while drifting further from truth with each cycle.

This is the most common and most expensive failure in production AI systems.

Collision and Drift

Multiple agents maintaining overlapping territory cannot coordinate. Duplicate descriptions, conflicting states, and unresolved synonyms accumulate. Navigation degrades. The longer the system runs, the harder it is to find a single authoritative source for any given entity.

Optimization Theater

The system is active and productive — but the work is not connected to what matters. Effort flows to the most available task, the most recent request, or the most easily completed action. Progress reports look full. Actual improvement is thin.

Audit Checklist

Before deploying an agent system, run four checks.

Ontology Check

  • Have we named the entities, states, and relationships this system must perceive and act on?
  • Are there known entity classes with no term — things we talk about but cannot route?
  • Is the ontology versioned or maintained, or is it improvised per conversation?

Epistemology Check

  • For each entity, what is the authoritative source that determines its current state?
  • How does the system distinguish a verified claim from a generated one?
  • How old can a belief get before it must be re-verified?
  • When a claim cannot be verified, does the system surface that uncertainty or suppress it?

Taxonomy Check

  • Can two agents place the same entity at the same location using only the taxonomy rules?
  • Are any entity classes homeless — they exist in the ontology but have no clear placement rule?
  • Does the taxonomy depth stay bounded, or does nesting grow without limit?

Axiology Check

  • Has the team written down the explicit optimization target for this system?
  • When two improvements are both available, is there a rule for which one to pursue?
  • Can an agent working in this system distinguish "progress on what matters" from "activity that feels like progress"?

A system that passes all four checks has named its perceptual coverage, defined how truth flows, made navigation reliable, and stated what improvement means. That is a buildable, maintainable system.

A system that fails one check is driftable in the direction of that failure.

Practice

Audit one agent system or automated workflow you currently maintain.

For each of the four legs, write one sentence:

  1. "The entities this system can perceive and name are ___. The entity class with no term yet is ___."
  2. "The system verifies a claim is current by ___. A claim older than ___ triggers re-verification."
  3. "Two agents can place the same entity in the same location because ___. The entity class with no clear placement is ___."
  4. "This system optimizes for ___. When two improvements compete, it chooses the one that ___."

If you cannot complete a sentence, that is the weak leg.

Context

  • AI Architecture — the broader decisions about how agent systems are structured and deployed.
  • AI Principles — the purpose and principles that ground every agent design decision.
  • Trust Architecture — how to build systems that verify claims structurally rather than relying on intent.
  • Context Graphs — how agents hold and update their working model of a situation.
  • AI Observability — measuring whether a live system is behaving as designed.
  • Reality — the commissioning and measurement surface that exposes whether system outputs reflect current state.

Questions

What would your system produce if its weakest leg failed silently for thirty days?

  • When your system last produced a confident wrong answer, which leg failed — ontology (unnamed entity), epistemology (stale claim), taxonomy (misplaced entity), or axiology (wrong priority)?
  • Where did you write down your system's optimization target, and when did you last verify it still matches what the system actually optimizes for?
  • Which entity in your state space has no clear authoritative source — and how long has that been acceptable?