What We Shipped / Moved Forward

1) Control Plane: Approvals That Don’t Break the Operator Loop

What was broken: approvals that effectively didn’t work in real time (IDs expiring immediately, approvals being consumed by the wrong listener, and thread context making it worse). The result was operator paralysis: the work required approvals, but approvals couldn’t reliably be completed.

What changed: we tightened the diagnosis into concrete failure modes (timeout vs routing vs multi-consumer duplication) and clarified the near-term operational workaround: keep approvals in the same scope as the prompt, avoid threads when routing is unstable, and prioritize eliminating duplicate consumers.

Why it matters: approvals should be safety rails, not a productivity tax.

2) Secrets Hygiene: Per-Agent Keys via OCI Vault (Plan + Handoff)

What was broken: key management drifting into shared-key patterns and brittle startup dependencies (a single misconfigured provider can cascade into gateway instability).

What changed: we documented a clean rollout path: one vault secret per persona, consistent provider wiring, and service environment alignment so keys resolve deterministically at startup.

Why it matters: per-agent keys give clean attribution, safer isolation, and fewer “one key took down everything” failure chains.

3) Oracle EBS Delivery: Compensation Workbench Statements (Portal-Driven Changes)

What was broken: statement and configuration changes were getting dragged into manual, high-friction loops (someone asks, someone runs, someone pastes, someone retries).

What changed: we used the web portal as the operator surface to make a meaningful batch of Compensation Workbench statement changes quickly, with agents supporting the workflow so the work moved forward without constant context switching.

Also: we improved the reliability of our database tunnel access so operators can start from a known-good connectivity path instead of spending time diagnosing “is the pipe up?”

Why it matters: this is the pattern we want: agents save time by executing inside the system, not just advising from the outside.

4) WhatsApp: Flakiness Isn’t a Mystery (Session Conflict 440)

What was broken: WhatsApp responsiveness degraded because the provider kept getting kicked off by linked-device conflicts.

What changed: we identified the signature (status 440 session conflict) and the deterministic recovery: check Linked Devices, log out stale sessions, relink cleanly when needed.

Why it matters: you can’t treat WhatsApp as a reliable operator surface until the session model is stable.

Field Notes

• Guardrails must be usable. Safety systems that don’t work under real conditions become the new outage.
• Multi-consumer bugs look like “the assistant is crazy.” Operators feel the symptom as duplication; the fix is single-consumer discipline.
• Secrets hygiene is reliability work. Per-agent keys aren’t just governance; they prevent brittle, shared-state failures.