Every lesson so far has focused on a single agent doing a job: one workflow, one prompt, one output. But some tasks are too big for one agent's context window, or too important to trust without independent review. That's where multi-agent coordination comes in.
The good news: if you've been using /comply to spawn an independent reviewer subagent, you're already doing multi-agent coordination. This lesson formalizes those patterns and shows you how to scale them.
A single agent hits its limits when:
The key principle: coordination cost must be less than the value of specialization. Don't split a 5-minute task across 3 agents just because you can.
The Safe Agentic Workflow (SAW) framework defines 11 agent roles, each with explicit boundaries, exit states, and handoff patterns. You don't need all 11 — most solo developers use 3-4 — but knowing the full set helps you pick the right ones.
| Role | Responsibility | Exit State |
|---|---|---|
| Planner | Breaks work into tasks, defines acceptance criteria | Plan document with task list |
| Researcher | Gathers context, reads docs, explores codebase | Context summary for downstream agents |
| Implementer | Writes code, creates files, makes changes | Working code with passing tests |
| Reviewer | Independent quality review of implementation | Approve or reject with specific feedback |
| QAS (Quality Assurance & Security) | Validates security, compliance, and quality gates | Pass/fail with evidence |
| Shipper | Deploys, merges, or publishes approved work | Artifact in production/main |
| Triage | Categorizes incoming work, assigns priority | Labeled and assigned issue |
| Monitor | Watches for regressions, drift, or anomalies | Alert or noop |
| Documenter | Updates docs, changelogs, and knowledge bases | Updated documentation |
| Orchestrator | Dispatches and coordinates other agents | All subtasks complete |
| Responder | Handles external queries (issues, discussions) | Response posted |
The most critical multi-agent pattern is the QAS gate: an independent quality and security review that sits between implementation and shipping. It must be a separate agent (or subagent) because:
When /comply spawns a reviewer subagent, that's a QAS gate. The subagent has fresh context, reviews independently, and produces a pass/fail verdict. The pattern is the same whether it's checking code style or security posture.
GitHub Agentic Workflows implements multi-agent coordination through OrchestratorOps — a workflow that doesn't do work itself, but dispatches specialized worker workflows and coordinates their results.
The pattern is simple: one orchestrator workflow receives a trigger, decides what needs to happen, and fires dispatch-workflow calls to specialized workers. Each worker runs in its own context with its own permissions and budget.
---
description: "Orchestrator — routes incoming issues to the right workflow"
on:
issues:
types: [opened, labeled]
permissions:
contents: read
issues: write
engine:
id: copilot
model: gpt-4.1
safe-outputs:
dispatch-workflow:
allowed:
- research-and-plan.md
- implement-feature.md
- security-review.md
---
# Route this issue
Based on the issue labels and content, dispatch to the appropriate
worker workflow:
- `bug` label → implement-feature.md (with fix instructions)
- `feature` label → research-and-plan.md (needs planning first)
- `security` label → security-review.md (needs audit)
Pass the issue number and relevant context to the dispatched workflow.
The most common orchestration pattern chains three phases: research the problem, plan the solution, then assign the implementation. Each phase can be a separate agent with appropriate context and permissions.
This is what SAW calls ResearchPlanAssignOps — a reusable orchestration pattern. The orchestrator doesn't need to understand the domain; it just routes context between specialists.
You already have multi-agent coordination via /comply. Here's how to extend it:
Instead of one reviewer subagent, spawn two in parallel — one for code quality and one for security:
# In your /comply workflow, dispatch two reviewers:
safe-outputs:
dispatch-workflow:
allowed:
- code-review.md # Style, DRY, correctness
- security-review.md # Auth, injection, secrets
# Both run independently. Both must pass before shipping.
This gives you the same pattern as a team with separate code review and security review — without needing two humans.
Use dispatch-workflow to chain a full pipeline:
# orchestrator.md dispatches sequentially:
# 1. triage-issue.md → labels, prioritizes, writes acceptance criteria
# 2. implement.md → coding agent picks up the issue
# 3. review.md → independent QAS gate on the PR
# Each workflow's output triggers the next via issue/PR events
The orchestrator can assign issues directly to the Copilot coding agent:
# After research + planning, assign the issue:
safe-outputs:
assign-issue:
assignees: ["copilot"] # GitHub's coding agent picks it up
labels: ["agent-ready", "auto-implement"]
The coding agent sees the issue with full context (from the research phase) and acceptance criteria (from the planning phase), then opens a PR.
Eleven roles is a lot for a solo developer. The SAW framework explicitly supports role collapsing — combining multiple roles into fewer agents when independence isn't critical.
The rule is simple: any role that exists to provide independent verification cannot be collapsed with the role it verifies. Everything else is fair game for solo work.
In practice, most solo developers use three active agents:
Dark Factories are an emerging concept — persistent autonomous agent teams running on remote servers. This is the bleeding edge of multi-agent coordination. Understand the concept, but don't build one until the tooling matures.
A "Dark Factory" is a tmux-based setup where multiple agent sessions run persistently on a remote server, each in its own pane:
They communicate through the repository itself (issues, PRs, comments) — the same mechanism humans use. This means every interaction is auditable and the system degrades gracefully (a human can step in at any point).
The key insight: the coordination protocol is the same whether agents are ephemeral (workflow-triggered) or persistent (tmux-based). Issues and PRs are the message bus. Labels and assignments are the routing mechanism.
Here's where you are on the multi-agent spectrum:
| Level | Pattern | You? |
|---|---|---|
| 1. Single agent | One prompt, one output | ✅ Most of your work |
| 2. Agent + subagent | Implementer spawns independent reviewer | ✅ Your /comply pattern |
| 3. Orchestrated chain | Workflow dispatches multiple specialists | ⬜ Next step |
| 4. Persistent team | Dark Factory — always-on agent ensemble | ⬜ Future (experimental) |
Your next step is Level 3: add a second specialized reviewer (security) alongside your existing code reviewer, or set up a dispatch-workflow that chains triage → implement → review automatically when issues are labeled.
Don't jump to full orchestration. Add one more specialized subagent to your existing /comply pattern — a security reviewer that checks for secrets, injection vectors, and auth issues. That alone gives you 80% of the value of multi-agent coordination.
dispatch-workflow. Think of it as a dispatcher routing calls to the right department.Safe Agentic Workflow — vNext Workflow Contract — the full specification of agent roles, exit states, handoff patterns, and role collapsing rules.