Instruction: Explain what validation an orchestration layer should perform before the model sees tool results.
Context: Checks whether the candidate can explain the core concept clearly and connect it to real production decisions. Explain what validation an orchestration layer should perform before the model sees tool results.
The way I'd think about it is this: Tool outputs are safe enough to feed back when they are structured, scoped, and treated as untrusted data rather than as new instructions. I want clear schemas, predictable fields, and sanitization for content that may contain user-generated or external text.
I also think about source trust. Outputs from internal deterministic systems are different from outputs scraped from the web or produced by another model. The more untrusted the source, the more carefully I want it isolated and labeled.
The key idea is that tool output should enrich context, not hijack control. If the model cannot tell the difference, the design is too loose.
What matters in an interview is not only knowing the definition, but being able to connect it back to how it changes modeling, evaluation, or deployment decisions in practice.
A weak answer is saying tool outputs are safe as long as they come from your own system. Safety depends on structure, trust level, and how the output is used.
easy
easy
easy
easy
easy
easy