Sign in Subscribe

How Nova OS Routes Requests Across 23 Specialized AI Agents

Ellie Nguyen

7 min read
How Nova OS Routes Requests Across 23 Specialized AI Agents

An AI system with 23 specialized agents is only as useful as its ability to put the right request in front of the right agent. Send a contract review question to the financial modeling agent and you get a wrong answer. Send a compliance audit to the customer support responder and you get a confused one. The routing layer is what makes a multi-agent system behave like a coherent platform rather than a collection of disconnected capabilities.

Nova OS's routing pipeline is a multi-stage system that classifies every incoming request, selects the appropriate agent, validates safety constraints, and — for complex requests — decomposes them into a dependency graph that multiple agents can execute in parallel. This article walks through each stage.

The 23 Specialized Agents

Nova OS ships with agents organized into six domain packs, plus a layer of tool-capability agents below them.

Legal Pack (6 agents)

  • Director — orchestrates legal workflows and delegates to specialists
  • Clause Extractor — identifies and isolates specific contract provisions
  • Compliance Checker — evaluates content against applicable regulations
  • QA Agent — quality assurance review of legal documents
  • Redline Generator — produces tracked-change markup for contract negotiation
  • Risk Scorer — assigns quantitative risk ratings to contract terms

Business Intelligence Pack (4 agents)

  • Director — coordinates BI analysis workflows
  • Financial Modeler — builds and interprets financial models and projections
  • Market Analyst — researches markets, competitors, and trends
  • Report Builder — assembles structured reports from analyzed data

Finance Pack (4 agents)

  • Director — routes finance requests to the right specialist
  • Financial Analyst — analyzes financial data, statements, and metrics
  • Tax Advisor — addresses tax implications and compliance requirements
  • Compliance Reviewer — audits against financial regulations

Customer Support Pack (4 agents)

  • Director — triages and coordinates support workflows
  • Triage Agent — classifies incoming requests by urgency and type
  • Researcher — investigates issues requiring deeper knowledge lookup
  • Responder — generates customer-facing responses

HR Pack (4 agents)

  • Director — manages HR workflow routing
  • Policy Advisor — answers questions grounded in company policy
  • Onboarding Guide — handles employee onboarding processes
  • Recruiter Screener — processes and evaluates candidate information

Marketing & Sales Pack (4 agents)

  • Director — coordinates marketing and sales workflows
  • Content Strategist — plans and structures content initiatives
  • Copywriter — produces marketing and sales copy
  • Sales Researcher — researches prospects, accounts, and competitive positioning

Each domain pack has a Director agent at the top. When routing selects a domain, the Director coordinates the remaining specialists within that pack — it knows which sub-agent handles which type of request and manages delegation internally.

Beneath the domain layer are skill-based tool agents: PDF, Excel, DOCX, web research, filesystem, database, code execution, CSV analysis, and image generation. These are capability agents — they handle specific tool operations that domain agents delegate to when they need document processing, data extraction, or external access.

Stage 1: Input Analysis

Before any routing decision, every incoming request passes through the InputContextAnalyzer — a three-part classification pipeline that produces the signals the router uses.

Intent classification — zero-shot LLM classification with regex fallback. Identifies what the request is asking for: document analysis, question answering, data extraction, report generation, etc.

Entity extraction — regex patterns with optional NER. Identifies what the request is about: specific documents, organizations, dollar amounts, dates, contract clauses.

Complexity scoring — a formula that estimates how hard the request is:

(tokens/100) × 0.3 + (entities/5) × 0.2 + (tools/3) × 0.3 + (depth/3) × 0.2

Requests scoring below 1.0 are classified as simple. Requests at or above 1.0 are complex. This score determines which routing path the request takes.

Stage 2: Three-Tier Cascade Routing

The cascade router runs three routing methods in sequence, from fastest to most accurate. It exits early when any tier reaches sufficient confidence — the default threshold is 0.8.

Tier 1 — Condition Router (~5–20ms)

Rule-based routing using predicate matching with an LRU cache. Routing rules are simple conditionals: if the request contains specific keywords, or matches entity patterns, or comes from a specific channel — route to this agent. The condition router handles the requests that are unambiguous: "redline this contract" goes to the legal pack's Redline Generator without needing semantic analysis.

Cache hit on a recently matched rule pattern reduces this to microseconds.

Tier 2 — Semantic Matcher (~20–50ms)

When the condition router doesn't produce a confident match, the semantic matcher runs. It compares the request against all registered agent profiles using multi-criteria ranking:

Criterion Weight
Description match (semantic similarity) 0.40
Capability match 0.30
Tag match 0.15
Trust score 0.15

The trust score for each agent is a composite of its historical performance: success rate (40%), latency (20%), error rate (25%), and data freshness (15%). An agent that has handled similar requests successfully and quickly earns a higher trust score and ranks higher in semantic matching.

The ranking formula for final agent selection: semantic similarity (0.60), credibility (0.20), availability (0.10), cost (0.10).

Tier 3 — LLM Router (~500–2000ms)

If neither the condition router nor the semantic matcher reaches 0.8 confidence, the LLM router classifies the intent using a language model call, returns a structured JSON response with an agent selection and confidence score, and the cascade uses that result. This tier handles ambiguous, multi-domain, or novel request types that rule-based and embedding approaches can't reliably classify.

The cascade stops at whichever tier first produces confidence ≥ 0.8. Most requests in a configured deployment exit at Tier 1 or Tier 2, with Tier 3 reserved for genuinely ambiguous cases.

Stage 3: Agent Discovery

After the cascade router produces a primary agent selection, the discovery layer traverses the agent mesh graph to find the best execution path — which may involve multiple agents.

The mesh is a directed weighted graph where agents are nodes and connections are edges with types: direct, delegation, fallback, pipeline, or broadcast. Each agent has a status: IDLE, BUSY, OFFLINE, DEGRADED, or ERROR. Discovery respects status — OFFLINE and ERROR agents are excluded.

Three traversal strategies:

BFS (Breadth-First Search) — comprehensive breadth coverage. Best for requests where multiple agent types might be relevant and the router wants to evaluate a wide set before committing. Used when the branching factor of the mesh is high.

DFS (Depth-First Search) — follows specialization chains. Best for requests that require a deep sequence of specific capabilities. When the request clearly belongs to a particular domain and needs that domain's specialist agents in sequence, DFS follows the chain efficiently.

Hybrid — the adaptive strategy. The StrategySelector evaluates the request characteristics: if the branching factor exceeds the threshold, it uses BFS; if specialization depth is above 0.7, it uses DFS. Most production requests use hybrid selection.

Stage 4: Safety Validation

Every routed request — regardless of which agent it's bound for — passes through the safety layer before execution. The risk scorer produces a composite score:

threat × 0.4 + entropy × 0.3 + complexity × 0.2 + privilege × 0.1

Requests scoring below 0.7 proceed directly to execution. Requests at or above 0.7 trigger a confirmation step — Nova OS returns the risk assessment and requires explicit approval before proceeding.

The AI Firewall also runs here: 21 threat patterns (prompt injection, jailbreak attempts, PII leakage, command injection, path traversal, SQL injection), PII detection, and risk scoring. The firewall operates at 23ms average latency and achieves 84.6% F1 on the PIGuard evaluation set.

Every request that passes the firewall generates an audit log entry. Every request that fails generates a flagged incident record. These logs are the compliance artifact that regulated industries require.

Stage 5: Task Planning and Execution

For simple requests, the selected agent runs directly. For complex requests, the NovaBrain pre-planner runs first.

NovaBrain makes a structured planning call that produces a BrainPlan — a task graph with explicit dependencies. Each task in the plan has:

  • A description of what needs to be done
  • A required capability (which agent type handles it)
  • A source (new request or already addressed in conversation history)
  • An action (execute, skip, or already done)
  • A list of task IDs it depends on

Three execution paths follow from this plan:

Brain + DAG (parallel execution) — when the plan has dependencies, the DAGExecutor runs tasks using Kahn's algorithm (topological sort). Tasks with no pending dependencies run in parallel within each level. A contract review that requires both clause extraction and compliance checking can run those two steps simultaneously, then pass both results to the risk scorer.

Brain + Sequential — when the plan has no dependencies, tasks run in order without the DAG overhead.

Keyword Fallback — when NovaBrain is not enabled, the keyword-based task extractor handles extraction and sequential execution.

The brain is the reason Nova OS's multi-agent orchestration scores 96% — 2.7× the industry best. The planning step eliminates false triggers from keyword matching, correctly handles requests that reference already-completed tasks, and creates parallel execution paths that single-threaded sequential routing cannot.

Resilience: When Agents Fail

The routing pipeline doesn't assume agents will always succeed. Three resilience mechanisms handle failures:

Circuit Breaker — each agent has a circuit breaker with three states: CLOSED (normal), OPEN (agent is failing, bypass it), HALF_OPEN (testing recovery). When an agent's error rate exceeds the threshold, its circuit opens and the router stops sending requests to it. The fallback chain handles rerouting.

Plan Repair — when a task in a DAG execution fails, PlanRepair re-plans the remaining subtasks. Rather than aborting the entire workflow, it finds an alternative path through the remaining agent graph.

Dead Letter Queue — requests that exhaust all retries and fallbacks are stored in the dead letter queue for operator review. Nothing is silently dropped.

Retry policy uses exponential backoff with jitter (base 100–500ms) on transient failures (rate limits, timeouts, connection errors). Non-transient errors (authentication failures) fail immediately without retry.

What 96% Routing Accuracy Looks Like in Practice

The cascade routing system achieves 96% single-agent routing accuracy and 96% multi-agent orchestration accuracy on the published evaluation sets. Both numbers reflect real routing decisions against realistic enterprise request distributions, not curated test cases.

What makes those numbers achievable in production:

The cascade structure means the expensive tier (LLM Router) only runs when cheaper tiers fail. Most trained deployments route 80%+ of requests through the condition and semantic tiers.

The NovaBrain planning step prevents the false positive problem that degrades keyword-based routing in production — where "I don't need the PDF right now" still triggers the PDF agent because the keyword matches.

The trust score feedback loop improves routing over time. Agents that perform well on their routed requests earn higher trust scores, which biases future routing toward them.

The circuit breaker and plan repair mechanisms keep the system routing successfully even when individual agents degrade.

Together these components form a routing architecture designed for the reliability requirements of regulated enterprise environments — not a demo system optimized for controlled evaluation conditions.

Learn more about Nova OS →

Stay Connected

💻 Website: meganova.ai

📖 Docs: docs.meganova.ai

✍️ Blog: Read our Blog

🐦 Twitter: @meganovaai

🎮 Discord: Join our Discord

Sign up for more like this.

Enter your email
Subscribe