Safe Bilevel Delegation (SBD) is a formal framework for runtime delegation safety in hierarchical multi-agent systems. It formulates task delegation as a bilevel optimization problem: an outer meta-weight network learns context-dependent safety–efficiency weights λ_φ(s) ∈ [0,1], while an inner loop optimizes the delegation policy π subject to a probabilistic safety constraint P(safe) ≥ 1−δ. The continuous delegation degree α ∈ [0,1] controls how much decision authority is transferred to each sub-agent, interpolating smoothly between full human override and fully autonomous execution. This structure enables dynamic adjustment of the safety–efficiency trade-off as task context changes during execution, analogous to how OSPF metric weighting redistributes traffic away from congested links in network routing.

The paper establishes three theoretical results: Safety Monotonicity (higher outer safety weight produces a weakly safer inner policy), Inner Policy Convergence (projected gradient descent on the inner problem converges linearly under standard smoothness assumptions), and an Accountability Propagation bound that distributes responsibility across multi-hop delegation chains with a provable per-agent ceiling. The SBD algorithm implements bilevel gradient descent with hypergradient-based outer updates and projected gradient inner updates. The framework is instantiated in three high-stakes domains—medical AI (MIMIC-III), financial risk control (S&P 500), and educational agent supervision (ASSISTments)—with a pre-registered evaluation protocol specifying datasets, safety constraint sets, baselines, and metrics. Empirical validation following these protocols is planned for future work.