Agent demos always end at deployment. The audience claps. The security review gets skipped.

I'm one of the maintainers of an open-source multi-agent system that codifies trade-offs instead of theorising about them. Git-Ape (github.com/Azure/git-ape) is a platform engineering framework where specialised agents plan, validate, and deploy Azure infrastructure, and where every change passes through explicit guardrails enforced by the system itself.

Here's how it actually works. A requirements gatherer agent interviews the human. A template generator produces infrastructure-as-code. Then, before anyone confirms anything, a security analyser runs a blocking gate. Deployment is structurally impossible until issues are resolved. A cost estimator prices the deployment so humans confirm with real numbers, not vibes. A Principal Architect agent runs a Well-Architected Framework review across all five pillars. Only after all of that does a human see the full picture and explicitly approve. After deployment, a drift detector closes the evidence loop: did what we deployed stay the way we deployed it?

The key insight is that we made trade-offs consumable by agents. Security policy is policy-as-code that agents evaluate natively. Cost thresholds are hard constraints. Compliance is a gate you pass through now, instead of the audit you run later.

I'll walk through the architecture, the failures that shaped it, and the design principles that transfer to any multi-agent system where the stakes are real. If your agents can deploy but have no mechanism to stop, you have a demo. You have guardrails when the system can tell itself no.

Key takeaways:
1. Trade-offs only function as guardrails when they're structural — blocking gates in the agent workflow, not advisory warnings that can be skipped.
2. Security, cost, and compliance need to be encoded as policy-as-code that agents consume natively, not as human-readable documents agents approximate.
3. The evidence loop matters as much as the execution gate — drift detection and post-deployment validation are what turn a one-time check into continuous governance.