Agent Operations Design Notes (9/9) — Multi-Subagent RAG Is a Role System

Korean original: https://maju-not.blogspot.com/2026/06/rag.html

It is easy to assume that wiring together many small RAG units will automatically produce a smarter system. What actually changes is much deeper. The problem is no longer that retrieval happens multiple times. The problem is that you now have to decide who is allowed to retrieve what, which evidence may cross boundaries, and which results deserve promotion into longer-lived memory.

Single-pipeline RAG is easy to explain. A question comes in, the system retrieves a few relevant documents, and the model answers with that context attached. That structure still works well for document Q&A, internal wiki search, and FAQ-style tasks. But the moment work becomes longer-running, the document space splits into domains, and judgment has to happen in several stages, the simple pipeline starts to break down. Retrieval no longer ends in one pass, and even within the same request different kinds of expertise are needed.

Imagine one agent that reads product policy documents, another that reads logs, another that reads code history, and a fourth that synthesizes the outputs into a user-facing explanation. Superficially, you could say, "fine, that is just four RAGs." Operationally, it is something else. Each agent has a different document boundary, different retrieval rules, different trust assumptions about upstream results, and a separate decision about what should be promoted into memory. At that point the problem is no longer simple search. It becomes a role-based retrieval system.

Why Single-Pipeline RAG Hits Limits So Quickly

The strength of single RAG is linearity. You can describe it in one line: query -> retrieve -> generate. The cost of that simplicity is that it bundles together three different decisions.

First, it collapses question interpretation and search-space selection into one step. When the user asks, "Why did this policy change?" the relevant evidence might be the policy text itself, the revision history, or a meeting note explaining the decision. In a single pipeline, that routing decision often gets pushed down into retriever scores, even though it is really a choice about domain access.

Second, it hides conflicts in expertise. A retriever tuned for code search is not tuned the same way as a retriever tuned for operational logs or legal documents. Single-pipeline designs often reduce this to "maybe adjust top-k," when in practice the schemas, failure modes, and ranking signals are fundamentally different.

Third, verification arrives too late. If one retrieval result is fed directly into generation, you may get an answer quickly, but when the answer is wrong it becomes hard to tell where the failure happened. Was retrieval bad? Was synthesis wrong? Did memory contaminate the response? The architecture does not help you separate those failures.

That is why teams naturally move toward a new idea: if one general-purpose RAG is too coarse, maybe several narrower specialist RAGs will do better.

Why Many Small RAG Agents Look Attractive

The appeal is real.

First, each unit can be optimized narrowly. A legal retriever needs to understand clauses, versioning, and effective dates. A code retriever needs to understand function names, file paths, and commit context. It is difficult for one universal index to do both equally well.

Second, the blast radius of failure becomes smaller. If the policy specialist makes a bad call, that does not automatically drag down the log specialist too. Problems are easier to localize.

Third, evidence can stay separated until the end. Different sources can be retrieved independently and only combined at the synthesis layer, which at least makes it possible to trace which layer produced which claim.

Fourth, the design maps well to how organizations already work. Product, operations, legal, data, and engineering do not read the same documents in the same way. Multi-subagent RAG is partly a technical architecture, but it is also a way of reflecting that organizational reality in the system itself.

The problem starts there. Adding more small RAG units does not automatically give you a better system. The real change is not quantity. It is structure.

What Actually Changes: Not Search Count, but the Role System

In multi-subagent RAG, five layers matter most.

1. Router

The first question is not "what should we search?" but "who should search?" That is not a minor distinction. A router is not only classifying intent; it is deciding which domain boundaries are allowed to open. In that sense, routing is less a convenience feature than a lightweight authority model.

2. Specialist Retrievers

Each subagent should primarily see the context it owns. The crucial issue here is not just retrieval quality. It is retrieval boundary. If the code agent starts digging through meeting notes, duplicate retrieval and bad cross-domain associations will grow quickly. If the boundary is too narrow, needed evidence is missed. Good design defines not only how well an agent searches, but where it is supposed to stop.

3. Synthesis Layer

The synthesis step is not a fancy summarizer. Its job is to surface contradictions, mark missing links, and preserve uncertainty across evidence fragments that were gathered under different assumptions. One of the most dangerous failure modes in multi-agent systems is that each specialist produces a plausible partial answer and the final model stitches them into a smooth story that hides the cracks.

4. Verifier

A separate verification layer becomes necessary. The verifier is not asking whether the answer sounds good. It is asking whether each claim is sourced, whether conflicting evidence was suppressed, and whether the router opened the wrong domain in the first place. In single RAG, verification often looks optional. In multi-subagent RAG, it is close to mandatory.

5. Memory Layer

The biggest shift is memory. Once several subagents work repeatedly across related tasks, a pure retrieve-every-time design becomes expensive and slow. The system starts asking a new question: can any of this result be reused later? That is where memory promotion enters. What belongs only in session memory? What should be promoted into a shared team memory? What should be forgotten entirely? These decisions start to matter as much as retrieval itself.

So multi-subagent RAG is not parallelized search in disguise. It is a structure of role-based retrieval, orchestration, verification, and memory promotion.

Where It Breaks

The architecture is powerful, but it usually fails faster than people expect. Five breakpoints show up repeatedly.

Redundant Retrieval

Several agents start rediscovering the same documents independently. Cost goes up, information gain barely moves, and sometimes the same document gets chunked differently and supports conflicting conclusions. The system mistakes duplication for diversity, when it has really just accumulated redundant noise.

Evidence Conflict

Specialist A may say, "the policy change is approved," while specialist B says, "it is still in draft." Both may be correct within their own context windows. The failure happens when the orchestrator does not preserve the conflict and instead lets one result overwrite the other in a polished final answer. Fluency becomes the enemy of consistency.

Token and Cost Explosion

At first, many small units look efficient. In practice, routing prompts, per-agent contexts, intermediate summaries, and verification calls stack up quickly. Token usage climbs fast. "We decomposed it, so it must be cheaper" is one of the most common architectural illusions in agent systems.

Stale Memory

When a useful result gets promoted into memory, future runs become faster. But older memory can gradually become a stronger prior than fresh retrieval. The system stops being retrieval-augmented and starts becoming memory-biased. This gets worse when different role memories are updated unevenly and one agent remembers the current policy while another still carries an obsolete one.

Weak Orchestrator

The most common failure is that the central orchestrator is little more than a collector that glues outputs together. In a multi-subagent architecture, that is not enough. If the coordinator is weak, the system can be worse than a single RAG pipeline because errors become distributed across layers and debugging gets harder, not easier.

So What Are the Design Principles?

To make this stable, design ownership before capability.

1. Split by Context Ownership First

It is usually better to define agents by the context they are responsible for than by abstract ability labels. "Summary agent" is a weak operational role. "Policy-document owner" or "log owner" is much stronger because the boundary is concrete and enforceable.

2. Make Retrieval Boundaries Explicit

Every agent should have a clear statement of where it may look and where it may not. Strong systems rely more on constrained exploration than unconstrained exploration. Those limits are what prevent duplicate search and collapsing accountability.

3. Separate Synthesis from Verification

The synthesizer builds the story. The verifier applies the brakes. If both responsibilities are collapsed into one call, the system will often reward the answer that sounds best rather than the answer that survives scrutiny. This separation matters even more in multi-agent architectures than in single-agent ones.

4. Define Memory Promotion Rules

If every useful intermediate result gets promoted, memory turns into a junkyard. Promotion should clear at least four tests. Is this fact reusable? Is its source stable? Does it have an expiration condition? Is there an overwrite rule? In many real systems, discard policy matters more than promotion policy.

5. Do Not Minimize the Orchestrator's Responsibility

The orchestrator is not just a dispatcher. It owns the reason for routing, call ordering, deduplication, conflict surfacing, follow-up questioning, and candidate selection for memory promotion. If that layer is weak, highly capable specialists still collapse into a messy whole.

What Is the Real Upside of This Structure?

The real advantage of well-designed multi-subagent RAG is not only higher answer accuracy. It is operational clarity.

You can trace which context owner produced which claim. You can separate retrieval failures from synthesis failures during debugging. You can selectively reduce repeated retrieval cost through memory promotion. And because the architecture reflects actual organizational role structure, it often becomes more maintainable over time than one giant prompt that tries to do everything.

But none of those benefits appear automatically. Without role boundaries, verification layers, and promotion rules, a multi-agent system is often just a single confused system with more moving parts.

Conclusion

The moment you start combining many small specialist subagent RAG units, the useful question is no longer "how many RAGs do we have?"

The real questions are these.

Who owns which context?
Who is allowed to retrieve from which domain?
Who surfaces conflicts between competing evidence?
What gets promoted into memory, and what gets forgotten?

If those four questions are not designed explicitly, multi-subagent RAG may look advanced while functionally remaining an expensive multi-search pipeline. If they are designed well, the system becomes something else entirely: a role-based retrieval system.

The next generation of agent systems will probably not be explained by retrieval quality alone. The more important axis is the operating design around roles, orchestration, verification, and memory. Multi-subagent RAG is one of the earliest places where that shift becomes impossible to ignore.

References

  • This article is written as an architecture note grounded in the surrounding blog series on memory, routing, verification, and ownership

Series overview: Series index

๋Œ“๊ธ€

๋Œ“๊ธ€ ์“ฐ๊ธฐ

์ด ๋ธ”๋กœ๊ทธ์˜ ์ธ๊ธฐ ๊ฒŒ์‹œ๋ฌผ

Agent Memory Engine (2/10) — Building an AI Agent Memory System with SQLite Alone

← 1/10 SQLite Memory Engine f… ๐Ÿ“š Series Index 3/10 memcore Completed → A memory engine that runs without daemons, without dependencies, anywhere ํ•ต์‹ฌ ์š”์•ฝ This post covers how to design an AI agent memory engine (memcore) on a single-file SQLite backend. - Structure: 25 modules, ~6,464 lines, 22 DB tables - Principles: no daemon, single-file portability, no required external dependencies, host-agnostic - Core techniques: 4-layer hybrid search (topic · vector · FTS5 · LIKE), U-tag dialectic-based confidence evolution, ingestion-layer bias rejection rules What This Post Covers One approach to building AI agent memory without a server or cloud vector DB. Specifically: (1) the limitations of text-file-based memory, (2) vector DB alternatives compared and selection criteria, (3) how to layer search tiers, (4) how to evolve confidence scores over time, and (5) how to block biased memory accumulation at the ingestion stage. Design Principles: Why Single-File SQLite Text-file-based ...
Read more »

"ML Foundations (9/9) — PyTorch vs TensorFlow, and the Road to Local LLMs"

์ด๋ฏธ์ง€
← 8/9 Deep Learning Architec… ๐Ÿ“š Series Index (series end) The final part. So far we've focused on models. Now we focus on the tools that actually run them . We'll lay out the philosophical difference between PyTorch and TensorFlow, and trace how Hugging Face transformers , llama.cpp , MLX , and Ollama built the bridge to running large language models on your own machine. By the end you should have the full mental model of "download a pretrained LLM and serve it locally." 0. Learning Objectives Explain the eager-vs-graph difference between PyTorch and TensorFlow. Explain, in graph terms, how autograd automates the backward pass. Use Hugging Face transformers ' AutoModel , AutoTokenizer , and pipeline abstractions. Describe llama.cpp's GGUF quantization, INT4 inference, and CPU-first flow. Describe Apple MLX's use of unified memory and how it differs from PyTorch. Run a local LLM with Ollama and call it through an OpenAI-compatible API. ...
Read more »

"RAG Core Study (14/26) — Evaluation Sets with RAGAS & DeepEval"

์ด๋ฏธ์ง€
Series overview: Series index ๐Ÿ“š Series Index Without an evaluation set, every RAG improvement is a story, not evidence. RAG systems fail in more than one place: retrieval, context selection, answer generation, and grounding. That means "looks better" is not a metric. Part 14 explains how to build a golden dataset , how RAGAS and DeepEval fit into the workflow, and why teams must separate retrieval quality from answer quality if they want tuning decisions to hold up. 0. Prerequisites Part 13 reranking — system quality now depends on multi-stage ranking. Part 1 grounding — a correct-looking answer is not enough. Part 12 Hybrid — multiple retrieval settings need comparison on fixed data. 1. Learning Objectives Build a small but useful golden dataset for RAG. Distinguish retrieval metrics from answer metrics . Use RAGAS and DeepEval in the right roles. Avoid the common traps in judge-model-based evaluation. 2. ํ•ต์‹ฌ ์š”์•ฝ An evaluation set for RAG is ...
Read more »

"ML Foundations (8/9) — Deep Learning Architectures: CNN, RNN, Attention"

์ด๋ฏธ์ง€
← 7/9 Deep Learning Training ๐Ÿ“š Series Index 9/9 PyTorch vs TensorFlow → What did we keep adding on top of an MLP? Vision went CNN, sequences went RNN/LSTM, and eventually both converged on Attention and the Transformer. Each architecture is easier to remember if you read it as what it gave up to gain something else . This part is the one-line summary of the decisive inflection points: LeNet → AlexNet → ResNet → LSTM → Attention → Transformer. 0. Learning Objectives Explain why CNN's convolution, pooling, and weight sharing match images so well. Trace what got unblocked from LeNet → AlexNet → VGG → ResNet as depth grew. State BPTT for RNNs and the vanishing/exploding gradient problem. Write the LSTM gate equations (forget, input, output) with intuition. Write the attention formula in query/key/value form and the scaled dot-product variant. State the precise reasons Transformers replaced RNNs (parallelism + long-range dependencies). 1. ํ•ต์‹ฌ ์š”์•ฝ CNN : weight sharin...
Read more »

"ML Foundations (7/9) — Deep Learning Training: Optimizers, Regularization, Initialization"

← 6/9 Neural Networks ๐Ÿ“š Series Index 8/9 Deep Learning Architec… → Building an MLP, as we did in Part 6, is not the same as getting it to train well . The right optimizer, regularization, initialization, and learning rate — when these line up, deep networks converge. When they don't, the network refuses to learn at all. This part is the catalog of those crafts, with formulas, paper citations, and code in one place. 0. Learning Objectives Compare and write the update rules for SGD, Momentum, Nesterov, and Adam. Explain how Dropout, BatchNorm, and LayerNorm work and where they belong in a model. Derive the variance formulas for Xavier and He initialization and match them to activations. Implement step, cosine, and warmup learning-rate schedules in PyTorch. Explain why gradient clipping is effectively required for RNNs and Transformers. Diagnose the most common training failures (NaN, plateau, overfitting) and apply first-line fixes. 1. ํ•ต์‹ฌ ์š”์•ฝ SGD : \(w \leftarro...
Read more »

OpenClaw to Hermes Migration (2/13) — What to Preserve, Partially Port, or Discard

← 1/13 Current Structure Inve… ๐Ÿ“š Series Index 3/13 What Moves to Hermes → A code review record classifying operational scripts into three tiers: preserve, partial-preserve, and discard. What This Post Covers An asset classification framework (preserve / partial-preserve / discard) for migrating a legacy agent system to a successor A concrete case applying the Strangler Fig + Subset Migration strategy to a memory pipeline Classification results evaluated across LOC, external dependencies, and replaceability axes A method for slimming down a bloated single file (1,310 LOC) using the migration as a natural entry point Problem Definition: Port Everything or Cut Deep? The OpenClaw inventory comprises multiple agents, multiple scheduler/daemon processes, and multiple operational scripts. When moving to the successor system, Hermes, the choice is not binary. A full port carries accumulated technical debt along with it; a minimal port discards hard-won domain logic. Code-revie...
Read more »

AI Agents I Built (5/7) — Building an Automated Blogger API Publishing System

← 4/7 My Life Organizer Agent ๐Ÿ“š Series Index 6/7 Dual → Designing a Markdown-Based Auto-Publish Pipeline with Blogger API v3 + OAuth 2.0 Key Summary Blogger API v3 + OAuth 2.0 enables a pipeline that converts Markdown files into publishable HTML posts blogger_publish.py handles the full flow — frontmatter parsing → body cleanup → HTML conversion → CSS injection → API post — in a single script For bulk publishing, quota management (delay, retry, TOC suppression) is the critical design concern Platform Selection Criteria API access is mandatory for AI agent-driven content publishing. A comparison of platforms: Platform API Cost AdSense Decision WordPress.com REST API Paid plan required Paid only Cost overhead Ghost REST API Self-hosted or paid Manual setup Ops overhead Blogger v3 API Free Native integration Adopted Blogger is free, exposes a REST API, and integrates natively with AdSense. For personal blog automation, this combination i...
Read more »