Good writeup. The engagement-scoped cache pattern you landed on is the right fix, and it mirrors something that shows up across agent systems more broadly: every piece of cached state needs an explicit scope boundary that matches its validity domain. The same trap appears in idempotency keys on tool results. If a tool call returns a transient error and the result gets cached without a request-scoped idempotency key, the next call against a different target inherits the stale negative result. We started threading request IDs through the entire execution chain for the same reason you added engagement_id. The silent-failure property you mention is the dangerous part. A cache that quietly accumulates false negatives is harder to detect than a crash.