I’ve been reading through a ton of threads lately about how people are managing parallel coding agents and preventing scope drift. Right now, it seems like the meta is relying heavily on plan.md, handoff.md, or incredibly strict claude.md system prompts. But I keep hitting the same wall: a markdown file is just a prompt. It’s informed consent, not a mechanical boundary. Probabilistic models are incredible at writing code, but they are structurally terrible at strict authorization. You can tell an agent "don't touch the auth module" or "always run npm test," but under cognitive load, it drifts. Then you end up spending 80% of your time doing forensic PR reviews just to figure out if the agent actually behaved itself. I’m currently prototyping a framework-agnostic control plane to solve this, and I want a sanity check.…