This work proposes a governance-centric hybrid multi-agent architecture to address the limitations of current safety mechanisms in autonomous decision-making systems—such as large language models—where safety is often tightly coupled with training, leading to opaque behavior, poor auditability, and high update costs. The framework decouples decision generation from safety governance: a Proposer agent generates candidate actions, while a Safety Oracle provides safety signals, and a governance-oriented multi-agent system (MAS) enables auditing, verification, and version-controlled updates. Crucially, the approach introduces the principle of “patch locality,” allowing most safety issues to be resolved by updating managed Oracle artifacts rather than retraining the underlying model. This design supports highly capable yet fallible autonomous systems through explicit, auditable, and version-managed safety oversight that facilitates continuous evolution.

Multi-agent systems provide mature methodologies for role decomposition, coordination, and normative governance, capabilities that remain essential as increasingly powerful autonomous decision components are embedded within agent-based systems. While learned and generative models substantially expand system capability, their safety behavior is often entangled with training, making it opaque, difficult to audit, and costly to update after deployment. This paper formalizes the Alignment Flywheel as a governance-centric hybrid MAS architecture that decouples decision generation from safety governance. A Proposer, representing any autonomous decision component, generates candidate trajectories, while a Safety Oracle returns raw safety signals through a stable interface. An enforcement layer applies explicit risk policy at runtime, and a governance MAS supervises the Oracle through auditing, uncertainty-driven verification, and versioned refinement. The central engineering principle is patch locality: many newly observed safety failures can be mitigated by updating the governed oracle artifact and its release pipeline rather than retracting or retraining the underlying decision component. The architecture is implementation-agnostic with respect to both the Proposer and the Safety Oracle, and specifies the roles, artifacts, protocols, and release semantics needed for runtime gating, audit intake, signed patching, and staged rollout across distributed deployments. The result is a hybrid MAS engineering framework for integrating highly capable but fallible autonomous systems under explicit, version-controlled, and auditable oversight.