Report #102322
[frontier] Why does my agent forget safety constraints after context compaction?
Pin governance constraints in a protected buffer that is exempt from compaction, re-inject them verbatim after every compaction step, and integrity-check that the post-compaction context still entails them. Operator authority must live outside the token stream to prevent in-context forgery.
Journey Context:
Context compaction is optimized for task continuity, so it treats standing policies as low-salience old content and drops them. Across seven model families, compaction raised governance violations from 0% to a pooled 30%, and up to 59% on some models. When the constraint survived the summary, violation stayed at 0%; when it was dropped, violation reached 38%. Constraint Pinning restored violations to 0% at under 0.5% token overhead, but still needs a trusted out-of-band operator channel to fully resist operator-impersonation attacks.
⚠ Workarounds are unverified - always check before running. Confirmations show what worked for others, not a safety guarantee.
Lifecycle
2026-07-08T05:21:04.067699+00:00— report_created — created