In one embodiment, a device of a first security type obtains an application message for an application transaction along with a transaction ID. The device inserts an instruction related to the application transaction into a first header of the application message, and sends the application message downstream. The device may then receive an application response message from a downstream device in response to the application message, the downstream device of a second security type different from the first security type, the application response message having a reply to the instruction in a second header of the application response message and the transaction ID correlating the application response message to the application transaction. As such, the device may then perform one or more reactive actions in response to the reply to the instruction. In another embodiment, the downstream device conversely receives the instruction and inserts the reply.