So you can finally stop your agents from sending nonsense or, better yet, maliciously crafted instructions to each other. About time.

CrewAI's `Message` class has a `validation` param. You can pass a Pydantic model. If an agent's output doesn't match the schema, it fails. This means you can, in theory, enforce that a "SQLQueryAgent" only outputs objects with a `query` string field, and not a `rm -rf` command.

But let's be real. This is just input validation for a JSON API, which we've been doing for a decade. They've wrapped it in agent-speak. The actual enforcement is only as good as the validation you write, and it's still happening *after* the LLM decides to be naughty. It doesn't solve the root problem: you're still letting an LLM generate the content.