AI 资讯
I Read 500+ GitHub Issues About AI Agents. We Keep Solving the Wrong Problems.
Everyone talks about prompts memory RAG But production issues were actually loops false completion replay retries wrong tool non deterministic execution Here are the top 7. That's what led us to build Failproof AI not because we wanted another framework, but because we kept seeing the same reliability problems across every framework.
AI 资讯
Vision drift: why agentic workflows need workflow auditing
How a distributed, event-sourced issue tracker built with developer ergonomics in mind may have a role to play in the next generation of agentic workflows Vision drift Harness engineering has recently popularized the idea of containing architectural drift in agentic workflows. What might be missing in the discussion is a similar issue on a higher level - vision drift . By vision drift I mean that the implementation no longer drifts only from the architecture - it drifts from the original product intent. And it seems like the risk may be obscured by restricted tooling. As long as the project management tools only present a snapshot rather than a traceable story, there is an increased risk of undetected drift. Drift is detected via specification audits over time. However, while code history easily can be traversed via Git, issue tracking essentially lacks this capability. Issue trackers tend to be excellent at answering the question “what is going on right now?”, but fail at answering the question “how did our work in this area evolve last month?” or “what went on this time last year?”, or “how did we get from there to there?”. Workflow audits When I set off to build Epiq, this was not a concern on my radar. Agentic coding was something I had heard distant rumors of, and in fact I was just pursuing the ideal developer experience . This pursuit did however lead me down a path of unorthodox architecture, which in turn resulted in an issue tracker with some uncommon properties. One of these is the ability to inspect historical state by time-traveling, and replay sequences. I have not yet encountered another issue tracker with these capabilities. Initially I thought of it as a gimmick feature. Imagine the wow-factor of replaying the entire sprint in a retro, visualizing the past 2 weeks as a short movie. I thought it would help out with reflection of how much (or little) work had been accomplished. Not until I set out to do my own first fully agent-implemented feature did
AI 资讯
I picked a coding agent off a leaderboard. It flopped on our codebase.
Last year my team had to pick a coding agent, and I volunteered to run the evaluation. I felt good about it. I pulled up the public benchmark scores, lined up the contenders, took the one at the top, and told everyone we had a winner. Then we actually pointed it at our repo. It did not blow up dramatically. It just kept being slightly wrong in ways that ate our time. It wrote diffs our reviewers would not approve. It renamed a function and broke three files it had never opened. The tests it ran passed, and the repo was still broken. I had confidently recommended a tool based on a number that turned out to say almost nothing about our situation. That was embarrassing enough that I went and figured out why. It took a few weeks of reading and a couple more bad calls before I landed on something that works. This is that, written plainly, and I hope it saves you the meeting where you have to walk your recommendation back. Why the benchmark score lied to me The score was not fake. It was just measuring somebody else's code. Once I looked properly, four gaps explained the whole thing: The agent might have already seen the answers. The problems in these public benchmarks are old. Models were very likely trained on the actual fixes used to grade them. So the score partly measures memory, not problem-solving. The setup is nothing like real work. A benchmark gives the agent a clean repo, one clear issue, and one command to run the tests. My engineers give it a half-open editor, a messy branch, a Slack thread, and a reviewer comment. Completely different job. Our codebase has its own habits. Our internal libraries, our wrappers, our test style, the imports we ban. No benchmark knows any of that, so an agent can write textbook-perfect code that our reviewers still reject on sight. The bar for passing is way lower. A benchmark passes a patch if the broken test now passes. My team passes a patch if it does that, and does not break unrelated tests, does not reformat the whole file,
AI 资讯
Production-Ready AI Agents in Node.js: Iteration Caps and Tracing
Your AI Agent Needs Tracing, Not Just Logs You've probably already called an LLM from a Node.js backend. That part's easy — every provider ships a solid SDK. The part that actually trips people up is what happens after : turning that one API call into an agent that reasons, uses tools, loops a few times, and still behaves once real users are hitting it. Here's a small, honest pattern for that — plus the one thing most tutorials skip: making the loop debuggable. Why Node.js is doing this job Node has quietly become the default home for the application layer around AI. It's become the preferred middle layer for deploying modern AI agents, wrapping heavier model inference behind fast Node APIs. Python still owns training and the heavy orchestration frameworks — Node owns the gateway, the auth, the streaming UI, and the business logic wrapped around all of it. On the SDK side, things consolidated fast: OpenAI's Node SDK holds roughly a third of weekly npm downloads across the major JS AI SDKs, and Anthropic's TypeScript SDK has grown nearly tenfold in a year. And despite all the framework noise, most production teams just use the Claude or OpenAI SDK directly — reaching for LangChain.js or Mastra only once multi-agent coordination actually earns its keep. The loop: reason, act, repeat Almost every "agent" in 2026 runs on the same loop: reason about the task, act through a tool call, look at what came back, reason again — repeat until done. That's it. The engineering is in the guardrails around it, not the loop itself. // agent.js import Anthropic from " @anthropic-ai/sdk " ; const anthropic = new Anthropic (); // reads ANTHROPIC_API_KEY from env const tools = [ { name : " get_order_status " , description : " Look up the status of a customer order by order ID. " , input_schema : { type : " object " , properties : { orderId : { type : " string " } }, required : [ " orderId " ], }, }, ]; async function getOrderStatus ({ orderId }) { // stand-in for a real DB/service call r
开发者
Google's Genkit Ships Agents API with Detached Turns and Human-in-the-Loop for TypeScript and Go
Google released the Genkit Agents API in preview for TypeScript and Go. The open-source framework packages message history, tool loops, streaming, and state persistence behind a single chat() interface. Detached turns let agents work after clients disconnect. Interruptible tools provide human-in-the-loop control with anti-forgery validation on resume. By Steef-Jan Wiggers
AI 资讯
The (no longer) missing multi-agent pattern: triggering dynamic workflows from an agent
When building multi-agent systems, rigid state graphs quickly fall apart in the face of dynamic user inputs. Imagine building a smart assistant: a user hands you a checklist of three household chores today, but tomorrow it might be a list of ten software debugging tasks. Because the number of tasks, their sequence, and their execution details are entirely runtime-dependent, you cannot hardcode this path at design time. Forcing dynamic lists of work into a static graph-based workflow can lead to fragile, over-engineered code. You need a workflow that adapts dynamically at runtime. The Google Agent Development Kit (ADK) provides a flexible programming model to define dynamic workflows . With the release of ADK 2.4.0 , triggering these workflows has become even more seamless: you can register a Workflow directly in an agent's tools list, allowing the coordinator agent to execute it automatically as a first-class tool. In this article, you learn how to configure and trigger a dynamic workflow directly from a coordinator agent. This guide uses a task list coordination example, but you can adjust this pattern to other dynamic orchestration needs. The architecture of a dynamic workflow Static workflows define the execution path at design time. Dynamic workflows, however, allow agents to invoke tools, spawn other nodes, and schedule sub-agents conditionally at runtime. The system consists of three main components: Root agent ( root_agent ) : Gathers the list of tasks from the user, requests final approval, and directly calls the tasks_workflow tool. The workflow ( tasks_workflow ) : A Workflow that iterates over the approved tasks. Sub-agent ( task_explainer ) : An Agent tasked with generating a step-by-step execution plan for each task. Here is the architectural diagram of the solution: Technical implementation Let's break down how to implement this solution using the Google ADK library in Python. The complete code resides in the devrel-demos repository with core logic in
AI 资讯
Keep Rejected Options in Your Agent Decision Log
An activity log tells us what an agent did. A decision log should also tell us what it considered and rejected. Without rejected options, a later reviewer sees a clean path that never existed: model B was selected, the task restarted, the result succeeded. Missing are the reasons model A was unsuitable, why staying put was worse, and what new evidence would change the choice. That information matters for trust and recovery. It lets people challenge a decision without reconstructing the entire session. Execution history is necessary, but different The MonkeyCode model-switch record at commit c58bcd4 stores the task and user, from/to model IDs, request ID, whether to load the session, success, message, session ID, and timestamps. The switch use case creates that switch record, restarts the task with the target configuration, and records the result. That is valuable execution history. It answers “what switch was requested and what happened?” The expanded rejected-options structure below is my design proposal , not a claim about MonkeyCode's current schema or interface. Add the decision before the outcome A reusable record can separate choice from execution: { "decision_id" : "task-42-model-switch-7" , "context" : "The task needs the required tool-call contract." , "chosen" : { "option" : "model-b" , "reason" : "Passed the declared capability contract" , "evidence" : [ "evaluation/capability-model-b.json" ] }, "rejected" : [ { "option" : "model-a" , "reason" : "Required tool-call case failed" , "evidence" : [ "evaluation/capability-model-a.json" ], "revisit_when" : "Adapter version changes" } ], "execution" : { "request_id" : "req-switch-7" , "result" : "success" , "session_id" : "session-9" } } The key field is revisit_when . “Rejected” should not mean universally bad. It should mean unsuitable under a specific context and evidence set. Design the interface for progressive disclosure Do not paste this JSON into the main task timeline. Use three layers: Timeline: Switch
AI 资讯
GPT-5.6 MCP: Testing Servers With Sol, Terra & Luna
📖 TL;DR GPT-5.6 shipped July 9, 2026 in three tiers Sol (flagship), Terra (balanced), and Luna (cheapest) all tuned for agentic tool calling. All three share a 1M-token context window , 128K max output, and native MCP support in the Responses API. Test any MCP server against Sol, Terra, or Luna in MCP Agent Studio — pick the model, connect a server, and watch each tool call live. OpenAI dropped GPT-5.6 on July 9, 2026 - and this one is aimed squarely at agents. Three models landed at once: Sol , Terra , and Luna . Each is built to call tools, not just chat . That makes testing MCP servers with GPT-5.6 a different exercise than testing a plain chat model. Tool selection is the whole game. I have spent this week pointing all three at MCP servers GitHub, Postgres, Playwright, and multi-server setups. This post is what I learned. You will see which tier to run for which workload , how the new tool-calling features change MCP, and how to test each one free in your browser. Skip it and you will overpay for Sol on jobs Luna handles fine. What Is GPT-5.6? Sol, Terra, and Luna Explained GPT-5.6 is a three-tier model family, not a single model. OpenAI split it by cost and horsepower so you match the model to the job. Here is the lineup, straight from OpenAI's pricing page: Model Built for Input / Output (per 1M) GPT-5.6 Sol Flagship — ambitious agentic work $5.00 / $30.00 GPT-5.6 Terra Balanced — efficient, high-volume work $2.50 / $15.00 GPT-5.6 Luna Fast, affordable — everyday work $1.00 / $6.00 The specs are shared across all three. Every tier gets a 1M-token context window, 128K max output, and a February 16, 2026 knowledge cutoff. So the choice is not about context or capability limits. It is about how much reasoning each task actually needs. New to the protocol these models call? Start with what is Model Context Protocol , then come back. Why GPT-5.6 Changes MCP Tool Calling Here is the part that matters for MCP. GPT-5.6 does not just call tools one at a time it can orc
AI 资讯
Building an Agentic FinOps Platform — Development Environment Setup, Google Antigravity, MCPs and Skills, and ADK Bootstrapping with Agents CLI
TL;DR — This article is going to be jam-packed with useful information, tips, tricks and hacks for setting up an agentic development in the Google ecosystem. This one isn’t really about the FinOps! Welcome to Part 2 Welcome back, friends! In the first part , I described the purpose of the FinSavant FinOps solution, the motivation for creating it, its overall architecture and tech stack, and how it works. In this part, we’ll use FinSavant as a case study in how to set up a development environment for the purposes of building such an ADK-based agentic solution. Even if you’re not particularly interested in FinSavant itself, I hope you’ll find a bunch of useful information and tips here that will help you build your own agentic solutions more effectively and quickly. We’ll cover: Using Antigravity IDE Overall project workspace structure Setting up agent skills for your coding agent My project’s GEMINI.md (or if you prefer, AGENTS.md ) My documentation approach Setting up MCP servers for your coding agent, such as BigQuery MCP Scaffolding the initial ADK agent using Google Agents CLI and its supporting skill Getting started with a Makefile Sound good? Let’s get cracking! Series Orientation Let’s see where we are in this series. Goals, Architecture, and Tech Stack: Capabilities, project goals, target architecture, technology stack, and design decisions. Development Environment Setup, Google Antigravity, MCPs and Skills, and ADK Bootstrapping with Agents CLI 📍 You are here. Building the ADK Agent and API Designing and Building the UI with Google Stitch and A2UI Deployment with Gemini Enterprise Agent Platform, Agent Runtime, Cloud Run and IAP Automating Deployment with CI/CD and Terraform Agent Observability, Evaluation, and Tuning with Gemini Enterprise Agent Platform Getting Started with Antigravity IDE These days, my favourite coding environment for any significant project is Antigravity IDE. This is Google’s agent-first integrated development environment. You get a lo
AI 资讯
Building an Autonomous Agent on an M1 Mac, by Choice
For about 3 months I've been running an autonomous agent — one that thinks up and writes its own social media posts and comments — unattended, 4 sessions daily, on a 16GB M1 Mac with small models in the 9B / E4B class. I'm about to publish what that operation taught me about hardening, as a series of 4 technical articles. Before that, there's one thing I want to write down first: why small models . I've been to the purchase page for a Mac Studio or a new MacBook Pro more than once or twice. Backing the agent with a large cloud model (Opus or the GPT family) has always been an option in the code. And yet I haven't bought, and I haven't switched. The 16GB M1 is not an economic constraint — it's a constraint I chose . From the outside, building on small models looks like a cheap compromise. This article explains why it isn't, and states where I stand. It also serves as the hub for the 4-article series. A model's intelligence hides the roughness of your design Large models absorb sloppy prompts, ambiguous instructions, and missing guards with sheer intelligence. If all you want is to ship a product, that's a virtue. But if you want to become someone who can build things , it becomes a defect. Because inside the thing that worked, you can no longer tell where your design ends and the model's intelligence begins. "It worked" and "I built it" are different things. Something you bludgeoned into working with model capability counts as a thing that ran — it doesn't become the ability to build. Small models have no absorption capacity. So every design flaw comes to the surface. In my operation, all of the following surfaced: The context window being silently truncated Outputs cut off midway A runaway caused by one missing sampling parameter In cloud or large-model environments, these rarely bother you. The environment has cushioning built in. Context windows are in the 200K–1M token class, so truncation itself rarely happens. And when you do exceed the limit, you get an explic
AI 资讯
The bug was in my beliefs, not my code
Builder Journal · ARC Prize 2026 There is a specific horror in a detective story when you realize the witness everyone trusted has been lying, or just wrong, the whole time, and every conclusion built on their testimony has to come down with them. I had that moment with my own notes this month. The unreliable witness was me. Context, if you are new to this thread : I'm competing in the ARC Prize 2026, building an agent that has to win games it has never seen. It had been stuck, underperforming on the hidden test in a way I could see on the scoreboard but could not explain, and I had been hunting the cause across several sessions. The two comforting facts In two earlier work sessions I had written down, as settled conclusions, two things about why the agent was failing. One: the failure was a kind that only happens on the hidden online games, so it could not be taken apart and studied on my own machine. Two: the practice games I did have were useless for investigating it anyway, because they scored a flat zero on the relevant measure. Notice what those two beliefs do when you put them together. They say, in a calm and reasonable voice, that there is nothing to be done here. The problem is unreachable, the practice data is a dead end, the smart move is to spend your energy elsewhere. They were not just facts. They were permission to stop looking. So I stopped looking. Twice. The hour that knocked it all down Eventually I made myself do the one thing I had been quietly avoiding. Instead of rereading my own notes for the third time, I went and checked. I wrote small probes and ran them against the real artifacts, the actual code and the actual game data, rather than against my memory of what they did. Both beliefs collapsed inside an hour. The failure was not unreachable. It came apart cleanly, deterministically, on the games I already had sitting on my disk. And the "dead end" practice data was not a dead end at all. It showed the problem plainly the moment I asked it
AI 资讯
AI agents need SSL certificates too — so I built ATC (Agent Trust Card)
The problem Websites have SSL certificates. Browsers verify them. Users trust them. It's the foundation of the web. AI agents have nothing . When Agent A connects to Agent B: ❌ No way to verify B's identity (anyone can impersonate) ❌ No way to check B's trustworthiness (no audit, no reputation) ❌ No encryption (messages are plaintext) ❌ No standard payment method ❌ No way to translate between frameworks (LangChain ≠ AutoGen) So I built ATC — Agent Trust Card . What is ATC? ATC is like an SSL certificate + passport + credit card for AI agents, all in one: Identity — Cryptographically signed by MarketNow (we're the Certificate Authority) Trust — Contains a Sentinel security audit score (0-10) Encryption — Contains an Ed25519 public key for end-to-end encrypted messaging Translation — Specifies the agent's framework; MarketNow translates between them Payment — Contains a USDC wallet address for autonomous payments How it works Agent A generates Ed25519 keypair ↓ Agent A requests ATC from MarketNow ↓ MarketNow runs Sentinel audit → signs ATC ↓ Agent A presents ATC when connecting to Agent B ↓ Agent B verifies A's ATC signature (using MarketNow's CA public key) ↓ Agent B checks A's trust score (rejects if below threshold) ↓ They communicate — end-to-end encrypted ↓ Agent A pays Agent B — USDC with escrow ↓ Both rate each other — trust scores update The code # Request an ATC POST https://marketnow.site/api/atc { "action" : "issue" , "agent_id" : "agent.yourorg.yourname" , "agent_name" : "Your Agent" , "public_key" : "Ed25519 public key" , "capabilities" : [ "web_scraping" ] , "protocol_language" : "langchain" , "wallet_address" : "0x..." } # Verify an ATC GET https://marketnow.site/api/atc?action = verify&card_id = ATC-2026-00001 # Get CA public key (for signature verification) GET https://marketnow.site/api/atc?action = ca-key What makes ATC different from existing solutions Feature AgentID Agent Passport IBM ACP Stripe ACP ATC Cryptographic identity ✅ ✅ ❌ ❌ ✅ Security a
AI 资讯
Why Your Team's AI Assistant Acts Like It's the First Day on the Job, Every Single Time
Anyone who has used AI tools for a while has probably run into this annoyance. You ask it to write a weekly report in the morning and it doesn't know your KPI framework was overhauled last week. You ask for a technical proposal in the afternoon and it has no idea you spent three months locking down your tech stack. Every new conversation means re-explaining the project background, which decisions were made and why. In multi-person collaboration the problem scales up fast. Five people each interacting with AI separately; the AI's understanding of each person is isolated. A discusses an architecture decision with the AI, B has no idea that conversation happened. Five people are repeating the same explanations and none of them know the others already did. Context Fragmentation Has Nothing to Do with Model Capability Current mainstream AI tools store memory as conversation history stuffed into a context window. When the window fills up, older messages get truncated. That works fine for a single conversation but falls apart in cross-day, cross-week team collaboration. Even with 128K token support, cramming all project history in there causes information density to collapse and the model loses the ability to focus on what matters. Team collaboration needs memory across several layers. Project background, tech stack choices, the reasons behind past pivots; this long-term context doesn't appear in any single conversation but affects every task. One team member prefers concise communication while another wants detailed reasoning; the AI should remember these differences instead of outputting the same format for everyone. Last week's design decision and why it went that way, how that choice affects this week's sprint planning; if the AI can't see these connections, its suggestions will clash with earlier direction. Some products use vector retrieval to extend memory, storing past conversations as embeddings and recalling relevant snippets by semantic similarity when needed. T
AI 资讯
FROST周报 | 为什么智能体需要「谱系」?从生物学隐喻看AI治理新范式
FROST周报 | 为什么智能体需要「谱系」?从生物学隐喻看AI治理新范式 作者按 :本文是 FROST 开源项目的每日推广系列文章,周一深度篇。 一、一个被忽视的根本问题 当我们谈论 AI Agent 时,大多数讨论都聚焦于「能力」:能不能写代码?能不能调用工具?能不能规划任务? 但有一个根本问题很少被触及: 当一个 Agent 执行了错误的决策时,谁来负责?当它消亡后,它的经验能否被传承? 就像一个没有记忆的人,每次醒来都是白纸一张——这不叫智能体,这叫复读机。 FROST 正是为了解决这个「治理真空」而诞生的。 二、从细胞分裂到 Agent 家族 FROST 的核心哲学只有一句话: 细胞会死,但谱系会存续。Agent 会消亡,但宪法会传承。资产会永存。 这不是文学修辞,而是一套完整的技术架构。 四个原子:最小可行集合 FROST 只定义了四个原子,却能构建任意复杂度的智能体系统: 原子 职责 生物类比 Store 记忆容器,只做 save/load/delete 细胞核 Skill 纯能力单元,无状态无副作用 蛋白质 Agent 膜包裹的细胞,拥有 Store + Skills 神经细胞 SOP 有序步骤列表,可教学、校验、优化 宪法文本 from core import Store , Agent , skill_set , skill_get # 创建一个最小 Agent store = Store () agent = Agent ( " cell " , store , skills = { " set_context " : skill_set , " get_context " : skill_get }) # 执行任务 result = agent . run ( sop_steps = [ " set_context " , " get_context " ], initial_context = { " key " : " message " , " value " : " FROST is alive " } ) # result["_result"] == "FROST is alive" 关键洞察 :Store、Skill、Agent、SOP 这四个概念彼此正交,可以自由组合。就像乐高积木,从简单到复杂,始终保持可解释性。 三、家族治理:超越扁平架构 传统的多 Agent 系统通常是扁平的:所有 Agent 平等对话,没有层级,没有记忆,没有责任边界。 FROST 引入了「家族治理模型」——一个三层递归结构: 祖辈 (Ancestor) :定义不可违背的宪法与长期目标 父辈 (Parent) :领域协调者,可递归委托 孙辈 (Leaf) :执行具体原子任务,瞬态存在 四个协议保障治理闭环 : 层级 Store 继承 :祖先记忆只读,后代自动继承 SOP 宪法校验 :祖辈审核后代 SOP,拒绝违规执行 编排层级限制 : max_spawn_generation 硬编码,禁止越级 spawn 选择性持久化 :父辈收割有价值产出,淘汰冗余 Agent 四、V5.0 五维元模型:多维治理架构 2026年7月发布的 V5.0 引入了一个重大升级—— 五维元模型 : 维度 模块 核心职责 武器注册表 Armory 能力的元数据管理与发现 任务注册表 TaskRegistry DAG 任务编排与图谱 SOP 事件编目 EventCatalog + Strategist 态势感知与双模式事件分析 平台注册表 PlatformRegistry 外部能力的发现、调用与健康检查 规则注册表 RuleRegistry 可版本化的治理约束与合规检查 197 个测试用例 保障了每个维度的质量。 五、与现有框架的差异 维度 LangChain CrewAI FROST 状态管理 链式传递 角色记忆 层级 Store 权限边界 无 提示词软约束 代码强制只读 治理可审计 无 对话日志 结构化执行历史 架构无关 ✅ ✅ ✅ FROST 不重复造轮子。它填补的是「治理」这个空白地带: 让多智能体系统真正可控制、可追溯、可进化 。 六、快速体验 # 克隆仓库 git clone https://gitee.com/liao_liang_7514/frost.git cd frost # 运行测试 python -m pytest # 查看示例 python frost_run.py 完整文档: https://gitee.com/liao_liang_7514/frost 七、写在最后 AI Agent 的下一阶段,不是更强的模型,而是 更好的治理 。 当我们把 100 个 Agent 放在一起时,如果没有宪法、没有层级、没有记忆传承
开发者
BrowserAct vs Agent Browser: A Hands-On Stealth Execution Comparison
A hands-on comparison where I tested BrowserAct and Agent Browser using the SannySoft browser...
AI 资讯
The handshake is the easy part. Agent payments still haven't named the custody split.
Agent payment protocols are converging fast. The Linux Foundation launched the x402 Foundation around a protocol initially developed by Coinbase, Cloudflare, and Stripe, with Google, AWS, Visa, Mastercard, and Circle among the organizations expressing initial support. It is increasingly framed as an "SSL for AI commerce." When a protocol reaches that stage, three things have to mature together: the specification, the interoperability suite, and the adversarial security scenarios. Today x402 has the specification and growing interoperability machinery. What is not yet visible is a normative adversarial suite every client, resource server, and facilitator must pass. There is a precedent worth sitting with. As check clearing scaled in the early Federal Reserve era, the answer was not merely a better check format. The system added a common clearing and settlement layer. The Federal Reserve could credit the collecting institution's reserve account and debit the paying institution's account, creating an independent record against which the participating banks could reconcile. The important separation was not that the Fed guaranteed every check. It was that settlement no longer depended solely on either participant's account of what happened. (Credit to Starfish on Moltbook, whose custody-split framing sharpened this for me.) This pattern exists across mature financial systems as separation of duties: the maker is not the checker. Its modern equivalent for the controls surrounding agent payments is not custody in the asset-control sense. It is an independent, reproducible assurance plane. x402 can provide independently inspectable evidence that an on-chain payment settled. That does not independently establish that every security and policy condition surrounding the payment was evaluated correctly. The payment handshake is standardizing. The assurance semantics around it are not. The party that performs a security check can attest that it ran. But its own attestation shoul
AI 资讯
Egregor: Локальный консилиум ИИ для комплексного аудита смарт-контрактов и кода
Автор: Владислав Штер, соло-фаундер экосистемы SovereignПоследнее обновление: Июль 2026 года Поиск критических уязвимостей через нейросетевой консилиум Egregor. Десктопное приложение Egregor находит критические уязвимости в смарт-контрактах с помощью одновременной работы нескольких ИИ-моделей. Этот инструмент создан для Web3-разработчиков, которым необходимо проверять сложный код без риска пропустить ошибки, свойственные одиночным нейросетям. В ходе тестирования консилиум Egregor обнаружил 4 критические проблемы (включая уязвимость Reentrancy и вечные права деплоера) в смарт-контрактах SovereignBank Web3, тогда как 13 ручных проверок одиночными топовыми ИИ (Claude, Gemini, ChatGPT, DeepSeek, Grok) назвали код полностью чистым. Используйте платформу Egregor для проведения глубокого аудита кода, чтобы получать верифицированные решения вместо догадок одной модели. Защита от эхо-камеры и слепых зон алгоритмов в программе Egregor Система Egregor устраняет эффект эхо-камеры и систематические слепые зоны нейросетей за счет встроенных механизмов Anti-Groupthink и "Адвоката дьявола". При анализе сложной логики одиночные нейросети часто вежливо соглашаются друг с другом, но алгоритмы Egregor запрещают моделям принимать чужие выводы без подтвержденных в коде фактов. Во время аудита смарт-контракта механизм перекрестной проверки в Egregor отсеял неподтвержденные гипотезы и позволил 5 моделям в разных ролях перекрыть слепые зоны друг друга. Запускайте локальный консилиум Egregor, чтобы система сама отделяла реальные баги от шума и выдавала финальный вердикт Модератора с оценкой уверенности от 1 до 5. Стоимость многоуровневого анализа кода на платформе Egregor Программа Egregor кардинально снижает финансовые затраты на профессиональный аудит кода до нескольких центов. Данное решение идеально подходит для инди-разработчиков и участников хакатонов, у которых нет бюджетов в тысячи долларов на заказ проверок у специализированных аудиторских компаний. Полноценный комплексный прогон мо
AI 资讯
Checkpoint-Skip Gate: Task Success 100%, Checkpoint Never Ran
Checkpoint-skip gate: a multi-agent pipeline can finish with task_success: true while the mandatory confirmation checkpoint never ran. checkpoint_skip_gate.py replays a recorded JSONL trajectory against a declarative spec of mandatory checkpoints and handoff contracts, offline, and blocks when the road was wrong. The verdict never consults the final metric. That is the point. AI disclosure: I wrote checkpoint_skip_gate.py with an AI assistant and ran it myself, offline, on Python 3.13.5, standard library only, no network. Every number, exit code, and hash in the output blocks below is pasted from a real local run. I ran each scenario twice to confirm STDOUT is byte-for-byte identical, and the tool prints a sha256 of its own report so you can reproduce the exact bytes. The Alberta write-up and the arXiv paper I cite are other people's work, attributed inline, and their numbers stay out of my fixtures. In short: task_success=true proves the pipeline arrived. It does not prove the mandatory steps happened, happened in order, or that each agent-to-agent handoff delivered what the next agent assumed. A trajectory can be perfectly green and structurally wrong. The gate replays a recorded trajectory against a spec you declare: checkpoints that must precede specific actions, plus contracts for each handoff (required fields, verified flags). The final metric is printed for contrast and ignored for the verdict. The demo that matters: two trajectories identical except one JSONL line, the confirm_with_user checkpoint event. Both end task_success: true . Delete that line and the verdict flips from PASS exit 0 to BLOCK exit 1 checkpoint-skipped . It also tracks unverified values across handoffs. A number that travelled a connected chain of two handoffs with no hop verifying it blocks as unverified-claim-propagated-2-hops . Everyone shared the number. Nobody verified it. Offline, keyless, zero network, fail-closed: broken input exits 2, never a silent green. The whole 8-fixture sw
AI 资讯
AI Fundamentals - Part 4: Building Real AI Applications
In the previous articles, we learned how an LLM generates text and how techniques like RAG and CAG help it answer questions using external knowledge. At this point, our AI-powered Travel Planner can answer questions like "I'm visiting Japan for 7 days. Suggest an itinerary." or "Recommend vegetarian ramen near Tokyo Station." That's useful, but it's still just a chatbot. What if the user asks to "Book the cheapest flight from Mumbai to Tokyo." , "What's the weather in Kyoto this weekend?" , or "Remember that I prefer vegetarian food and always choose a window seat." ? An LLM cannot execute these actions by itself. To build real, production-ready AI applications, we need to connect the model to the outside world. Let's see how that works. Tool Calling (Function Calling): Letting AI Use External Tools Suppose the user asks: "What's the weather in Kyoto tomorrow?" Since the LLM doesn't know tomorrow's forecast, our application can provide the model with a weather API. The workflow is simple: the LLM understands the request, determines that it needs the weather tool, calls the Weather API (via the client application), receives the live weather data, and generates the final grounded response. User ──► LLM understands request ──► Application calls API ──► App sends results ──► LLM response It's critical to understand that the LLM isn't calling the API directly . It simply outputs structured instructions (typically JSON) telling the client application: "To answer this, I need you to call the weather function with parameter location='Kyoto'." Your application executes the actual API call and feeds the result back to the model. This capability is called function calling or tool calling . The tool can be anything: a weather API, a flight booking service, a calendar, a database, a payment gateway, or an internal company system. The LLM acts as the decision-maker (determining which tool to use and when ), while your application acts as the executor. 💡 Developer's Takeaway Think
AI 资讯
What Happened When I Let Several AI Agents Loose in One Repo
Originally published at blog.whynext.app . Work with AI agents for a while and the ambition comes naturally. While one session fixes a bug, another can refactor, and a third can investigate an issue, right? You can spin up as many models as you like, so productivity should scale to match. That's how I started too. And within a week I learned that the real enemy of parallel agents isn't the models' skill. It's the working directory they share. HEAD is a global variable The cause fits in one sentence. When multiple sessions share a single git checkout, the current branch becomes everyone's global variable. Picture two people working on one computer at the same time and the absurdity is obvious, but that thought never occurred to me while spinning up agents. With one session per terminal tab, they look isolated from each other. But there is one filesystem, and one HEAD. The moment one session runs git checkout , the ground shifts under every other session. The incidents from that week fell into clear types. Branch hijacking. While session A was working on a topic branch, session B switched branches to do its own work. A committed without knowing, and the commit landed on top of B's branch. It happened in the other direction too: right as A was about to commit, the branch had been switched to develop, and only the hook that blocks direct commits to protected branches saved it. Without the hook, it would have gone straight in. Orphaned commits. Session B deleted session A's topic branch during a cleanup pass. A's commits became orphans belonging to no branch, and I dug through the reflog, found the commit hashes, and recovered them with cherry-pick. Lucky that it worked; if the reflog had expired or I hadn't found them, the work would have simply evaporated. Staging contamination. At the moment session A was creating a commit, a file deletion that session B had staged was sitting in the staging area alongside it. Committed as-is, B's deletion would have been folded into