今日已更新 80 条资讯 | 累计 20052 条内容
关于我们

标签:#Agents

找到 408 篇相关文章

AI 资讯

4-Phase Orchestration: 5 Universal Agent Skills with YAML-Driven Rules, Composable Components, and Graceful Degradation

4-Phase Orchestration: How 5 Universal Agent Skills Achieve YAML-Driven Rules + Composable Components + Graceful Degradation When you're hard-coding your 3rd scoring if-else, maybe it's time to ask: can I move the rules into YAML and let the business change config instead of code? The Problem: Why Do Agent Skills Keep Reinventing the Wheel? Every Agent developer faces the same dilemma — every business scenario rewrites a similar pipeline : Scoring: Extract features → Match rules → Calculate score → Generate report Complaints: Extract ticket → Cross-validate → Pinpoint root cause → Archive Querying: Understand intent → Build SQL → Execute query → Render chart The skeleton is identical. What changes is only the "content" at each step. Yet every team builds pipelines from scratch. teleagent-skills offers an answer: freeze the skeleton into 5 universal Skills with 4-Phase orchestration, and let business changes live in YAML config only . Architecture Overview: 4-Phase Pipeline + 5 Universal Skills 2.1 4-Phase Orchestration Diagram ┌─────────────────────────────────────────────────────────────┐ │ Upper Business Skill │ │ (Scoring Engine / Evidence Chain / Data Aggregator / ...) │ └──────────┬──────────┬──────────┬──────────┬────────────────┘ │ │ │ │ ▼ ▼ ▼ ▼ ┌──────────┐┌──────────┐┌──────────┐┌──────────┐ │ Phase 1 ││ Phase 2 ││ Phase 3 ││ Phase 4 │ │ Extract ││ Analyze ││ Generate ││ Archive │ │ ││ ││ ││ │ │Info- ││Data- ││Report- ││Archive- │ │Extractor ││Analyst ││Generator ││Manager │ └────┬─────┘└────┬─────┘└────┬─────┘└────┬─────┘ │ │ │ │ ▼ ▼ ▼ ▼ ┌─────────────────────────────────────────────────┐ │ JSON Contract (Structured Data Contract) │ │ phase1_output.json → phase2_input.json → ... │ └─────────────────────────────────────────────────┘ Core idea: each Phase is an independent component, and Phases pass data only through JSON contracts . Any Phase can be replaced (want a more powerful Analyzer? Swap it out) Any Phase can be skipped (degradation mode) Any Phase c

2026-07-01 原文 →
AI 资讯

我讓三個 AI 各司其職寫程式:Codex 出測試、Grok 寫實作、Claude 驗收

我讓三個 AI 各司其職寫程式:Codex 出測試、Grok 寫實作、Claude 驗收 這週我沒有讓單一 coding agent 從頭包到尾。我把流程拆成一條固定的契約: Codex 先寫測試,Grok 再寫實作去讓那些測試通過(只能改實作、不准動測試),Claude 獨立驗收才提交。 測試在實作之前就寫死,成為 Grok 必須滿足、且不能修改的規格。我先在一個 Zig 專案跑了兩個功能,後來又在一個 Rust + Turso 專案獨立重跑三個功能(見文末)——判斷一致:這條 pipeline 在 有嚴格測試當契約 的前提下可用;它省下的不是人力,而是把「錯誤發現點」往前、往獨立處移。這只是 workflow 可用性判定,不含可商用判定——後者要另算 token/seat 成本、隱私、rate limit 與審計,本文不碰。 實驗條件(可自行驗證) 工具: codex-cli 0.142.4 、 grok 0.2.77 (44e77bec3a) 、Claude Code(CLI,版本未記錄,屬已知量測缺口)。 專案:一個 Zig 0.16.0 codebase(私有 repo,commit hash 僅供我本地對照),加一個「回合後反思」功能。另在一個 Rust + Turso 專案上以同一條 pipeline 再跑一輪,見文末「換一個 stack 再驗一次」。 樣本:Zig n=2 個功能 (config surface、reflection module),共 15 個測試(4 + 11);Rust + Turso n=3 個功能 (見文末)。兩者各自樣本都小。 出題命令: codex exec --sandbox read-only (單次、不寫檔)。 施工命令:Grok headless、可寫檔模式(write→test→fix)。 觸發 400 的命令:對 grok-composer-2.5-fast 傳 --effort (等同 reasoningEffort 參數)。 驗收命令: zig test <libs> --dep build_options --dep compat -Mroot=src/root.zig --test-filter "<功能前綴>" ;leak-detecting allocator 回報 0 leak。 樣本小,數字不外推;以下每個論斷都設計成能被另一個工程師在幾分鐘內驗證或反駁。 核心迴圈:測試先寫死,實作去追它 每個功能走五步,順序不可換: Codex 出測試 + 最小 stub 。stub 讓測試「能編譯、但在斷言上失敗」——這是真正的 RED,不是因為符號缺失而編不過。測試此刻就固定下來,之後不再改。 Claude 對照原始碼核對 測試。Codex 會猜 API(vtable 欄位、函式簽章、建構模式),必須逐一驗證符號存在才落地。 Claude 放進隔離的 git worktree ,跑到確定 RED:pass/fail 混合,每個失敗各有其原因。 Grok 寫實作 到 GREEN。任務只有一句: 讓這些已寫死的測試通過,只改實作、不准動測試。 測試是 Grok 不能碰的契約,不是它可以順手改綠的東西。 Claude 獨立驗收 (不採信 Grok 的自述):跑測試、確認 0 leak、核對 diff 的正確性與改動範圍,才提交。 重點不是「三個比一個強」,而是 出測試的人跟寫實作的人不是同一個 agent ——測試因此成為獨立的規格,實作成為獨立的檢查。一個模型不能同時定義正確、又判定自己是否正確。 對照三個真實替代方案 單 agent 跑 TDD(自己出測試、自己實作) :最快,但自我驗證風險最高。 人寫測試 + agent 實作 :最可靠,測試由人把關;代價是人工成本最高。 本文的三 agent 分工 :增加 orchestration 來回(見下),換到的是「假綠」風險下降——任何一環的自欺會在下一環被抓到。 選哪個,取決於你的錯誤成本 vs. 來回成本。 每家 CLI 的落地差異(用法決定,不是廠商能力差異) 三家我都只用了各自的一種模式,差異來自我怎麼接,不是模型智力: Codex :我用 codex exec --sandbox read-only 的 單次 模式,讓它只「輸出」測試碼、不改檔。它其實支援 --sandbox workspace-write 與 exec resume (可多輪、可寫檔),但我刻意把它限縮成「出題者」,讓出題與施工不同源。誤把單次 read-only 模式當施工者用,會得到看似對、實際編不過的檔案。 Grok :我用 headless、可寫檔模式跑 write→test→fix。踩到一個 參數相容性 的坑:在 grok 0.2

2026-07-01 原文 →
AI 资讯

从思想到工程:FROST 与 FROST-SOP 的双生之旅

从思想到工程:FROST 与 FROST-SOP 的双生之旅 你知道吗?每一个伟大的工程背后,都有一个简单而深刻的起点。 引言:从 500 行到 5000 行的演进 在开源世界里,我们见过太多"大而全"的框架——它们功能丰富,却让人望而生畏。今天我想分享一个反其道而行之的项目: FROST 。 FROST (Fractal Runtime of Orchestrated Skills & Tasks)最初只是一个 500 行的教学框架,用最朴素的代码讲述 Agent 的本质。它的核心哲学只有一句话: 细胞会死,但谱系会存续。Agent 会消亡,但宪法会传承。资产会永存。 而今天我要介绍的,是 FROST 思想"开花结果"后的工程实践—— FROST-SOP ,一个拥有 5000+ 行代码的完整 Agent 工程平台。 FROST:理解 Agent 的钥匙 FROST 不是什么复杂的框架。它的设计哲学是 最小原子集 + 分形宪法 : 四个原子,理解一切 原子 职责 生物学类比 Store 记忆容器,只做 save/load/delete 细胞核 Skill 纯能力单元,无状态无副作用 蛋白质 Agent 膜包裹的细胞,拥有 Store + Skills 神经细胞 SOP 有序步骤列表,可教学、校验、优化 宪法文本 from core import Store , Agent , skill_set , skill_get store = Store () agent = Agent ( " cell " , store , skills = { " set_context " : skill_set , " get_context " : skill_get }) result = agent . run ( sop_steps = [ " set_context " , " get_context " ], initial_context = { " key " : " message " , " value " : " FROST is alive " } ) # result["_result"] == "FROST is alive" 5 行代码,你就能理解整个 Agent 系统的运作原理。这就是 FROST 的魔力—— 用最少的代码,讲述最深的道理 。 五维元模型(V4.0/V5.0) FROST V4.0 引入的五维元模型,将框架从扁平升级为多维度 Agent 编排系统: 武器注册表 :能力的元数据管理与发现 任务注册表 :DAG 任务编排与图谱 SOP 事件编目 :态势感知与双模式事件分析 平台注册表 :外部能力的发现、调用与健康检查 规则注册表 :可版本化的治理约束与合规检查 197 个测试用例保障质量,最新 Release: FROST v5.0.0 FROST-SOP:思想的工程化 FROST 教会我们理解,FROST-SOP 教会我们构建。 事件驱动的 Agent 家族 FROST-SOP 实现了完整的 祖辈 → 父辈 → 子辈 三层递归架构: import asyncio from core.event_bus import get_async_event_bus , Event , EventType from agents.ancestor import create_ancestor from agents.parent import create_parent async def main (): bus = get_async_event_bus () # 创建事件驱动的 Agent 家族 ancestor = create_ancestor ( constitution , asset , event_driven = True ) parent = create_parent ( " parent-1 " , store , event_driven = True , asset_store = asset , sop_id = " DEV-001 " ) # 发布任务,Agent 家族自动响应 await bus . publish ( Event ( event_type = EventType . TASK_CREATED , source = " user " , data = { " task_id " : " task-001 " , " task_description " : " 开发一个用户登录功能 " } )) await asyncio . sleep ( 10 ) asyncio . run ( main ()) 完整的工程特性 特性 说明 19 个内置 Skill

2026-07-01 原文 →
AI 资讯

"How to Stop AI Agent Skills, Hooks, and Cron Jobs from Silently Conflicting Over Where They Run and What Data They Trust"

Originally published on hexisteme notes . Make every skill, hook, and scheduled job declare four invariants before it ships — Locality (where it can run), Source-of-truth (which facts it owns or borrows), Cross-ref (what depends on it and what it depends on), and Trigger-measurability (whether its trigger is observable at runtime or hidden in external state) — and refuse to hand off any component that leaves one undeclared, because an undeclared assumption is exactly the seam where two components silently disagree. Two separate runtime leaks surfaced in a single audit session, and both traced back to the same root cause: a component that never declared its assumptions. One read configuration from a file that had stopped being the source of truth (so it always returned a stale default); the other was a scheduled job pointed at a remote sandbox while its prompt referenced local-only paths — caught minutes before registration, where any later and it would have billed compute and produced nothing. Neither was a coding bug. Both were missing declarations. The failure mode: components that work alone but leak when combined When you build an AI agent system out of small parts — skills the model loads on demand, hooks that fire on lifecycle events, cron jobs and scheduled routines that run unattended, helper scripts, config profiles — each part usually gets tested in isolation. It works. You move on. The trouble is that "it works" only proves single-shot correctness; it says nothing about whether the part's assumptions agree with the rest of the system. Every component carries hidden assumptions: where it runs (local machine vs. a remote sandbox), which facts it treats as authoritative, what other components it silently depends on, and what its trigger actually measures. When those assumptions go undeclared, conflicts stay invisible until they surface to the user as a flaky, hard-to-trace symptom — the kind that feels like a vicious cycle because every fix in one place re-o

2026-07-01 原文 →
AI 资讯

AGENTS.md Is Not Enough for Safe AI Agent Execution

Overview AGENTS.md is useful. It gives AI coding agents a place to find repo-specific guidance: how to behave what conventions matter what areas need extra caution what kinds of changes should trigger review That is a meaningful improvement over sending an agent into a repo with no instructions at all. But AGENTS.md is not enough. It can tell an agent to be careful. It cannot, by itself, make execution safe, verification trustworthy, or review inspectable. For that, a repository needs more than instructions. It needs: declared safe commands a canonical verification path receipts that show what actually ran That is the difference between agent guidance and execution governance. Instructions Help. They Do Not Govern Execution. An instruction file is still prose. That means it can express intent, but it does not automatically create operational truth. For example, AGENTS.md can say: run the right checks before handoff avoid destructive commands do not edit generated files ask before touching infrastructure Those are good rules. But notice what they leave unresolved: which checks are the right ones which commands are actually safe which paths are protected structurally versus only suggested what should count as evidence that verification happened how to tell whether a failure came from code, setup, or drift That is where many agent workflows still break down. The agent may follow the spirit of the instructions and still take the wrong execution path. Safe Commands Need To Be Explicit One of the biggest gaps in agent-oriented repos is that they often declare guidance without declaring a safe command surface. The repo may tell the agent: Run tests before you finish. But that still leaves a dangerous amount of interpretation. Which task is safe? Is it: npm test pnpm test make check docker compose run test a narrower unit-test path the CI workflow itself And if several exist, which one is canonical for a routine code change? The repo should not force the agent to infer that

2026-07-01 原文 →
AI 资讯

The Evolution & Role of Context Engineering in AI Today

I was taking a break from the AIE Workshops on Monday and stepped out by the food stands to check out the crepes. That's when I saw a line literally wrapping the entire length of the Moscone West windows looking out onto Fourth Street. I couldn't imagine what a several-hundred-person line was for, and when I went to ask, they told me it was for the Context Engineering Workshop. That sent me down a rabbit hole exploring and understanding and learning. So now, for you, I will share what I got. For the past couple of years, the AI world was obsessed with prompt engineering, aka the art of speaking to a machine. But as developers move from simple chatbots to complex autonomous agents, a new discipline has taken center stage: context engineering. Mike Swift ( @theycallmeswift ), CEO of Major League Hacking ( @mlhacks ) , gave me some critical background. He pointed me to Dex Horthy of HumanLayer (who is actually speaking later this week), who basically coined the term at the first AI Engineer World's Fair. Dex's core thesis, said Swift, is that "agents get bad after about 100,000 tokens," which represents roughly 10% of their total available context window. So context engineering is essentially managing an AI's working memory. Context engineering, Swift noted, is "managing how many times the loop goes around to how much you have to remember every time you do it." It is a counterintuitive concept for humans; the more we talk about a subject, the deeper our shared understanding becomes. But models work the opposite way. They lose focus as their context window fills up. For many developers, meticulously curating this working memory is a practical necessity. I sat down with Ben Halpern ( @ben ), founder in residence at MLH and co-founder of DEV, who told me that context engineering is the "latest frontier of the optimization point" where developers can leverage their expertise. Beyond just keeping models coherent, Ben pointed out that developers who are doing product work ma

2026-06-30 原文 →
AI 资讯

How LLMs Now Monitor and Cut Their Own Token Spend

You have seen this loop before. An agent starts a “simple” task, say scrape listings, refactor a repo, research a market, or whatever. It fails, it retries, it re-reads context, it apologizes and tries all over again. Twenty minutes in and the dashboard shows six figures of tokens and zero useful outputs or deliverables. The model did not misbehave on purpose. The orchestrator never had a hard budget gate with an ROI in mind. Skillware v0.4.0 ships a new skill for exactly that gap: monitoring/token_limiter . It lets you monitor and limit any agent’s token budget in real time — Gemini, Claude, OpenAI, DeepSeek, Ollama, custom Python loops, you name it. Same skill, same JSON, any runtime. What Skillware is in a nutshell Skillware is an open registry of installable agent capabilities . Each skill is a bundle: skill.py — deterministic Python ( execute() returns JSON) instructions.md — when the model should call the tool manifest.yaml — schema, constitution, issuer Tests and docs — shipped in the wheel You load by ID, adapt for your provider, call execute() on tool use. The model decides when , the skill decides how , predictably, every time. That split matters for budget control. You do not want the LLM guessing whether it is “allowed” to spend more tokens. You want a small, auditable function that answers: continue, warn, or stop. Meet the Token Limiter This skill is a budget gate , not a kill switch wired into OpenAI or Anthropic. After each model turn, your host loop passes cumulative usage. The skill returns one of three actions: Action Meaning CONTINUE Under the soft threshold — keep going WARN Approaching the limit (default 80%) — tighten scope FORCE_TERMINATE Hard ceiling hit — stop the loop Important nuance: the skill does not cancel API sessions or kill processes. It returns a structured decision. Your orchestrator must act on it. That is by design — Skillware skills stay portable and provider-neutral. No skill-specific API keys. No network calls. Pure Python m

2026-06-30 原文 →
AI 资讯

Setting up the Agent Toolkit for AWS in Kiro (and Codex, Claude Code, and Cursor)

If you've let a coding agent loose on AWS, you've watched it guess. It invents API parameters that don't exist, or hands you an S3 bucket a security review will bounce on sight. The Agent Toolkit for AWS is built to stop that. By the end of this post you'll have it running in whatever editor you use, plus a tour of what's in it and three workflows worth pointing it at. I use Kiro day to day, so I'll walk through that setup first. It also works with Codex, Claude Code, Cursor, and any other agent that speaks MCP, the Model Context Protocol, which is the open standard agents use to connect to outside tools and data. I'll cover those too. What is the Agent Toolkit for AWS? The Agent Toolkit for AWS is a free, AWS-supported set of tools that gives AI coding agents secure access to AWS, current documentation they can read mid-task, and tested procedures for the work they tend to fumble. It plugs into the agent you already use rather than asking you to switch. In practice, that shows up in a few ways, all detailed in the AWS user guide . The agent stops guessing about APIs it never saw. The models behind these agents trained on data that's months or years old, so anything AWS shipped recently is missing or wrong in their heads, and the toolkit hands them current docs and references at request time. For multi-step work like least-privilege IAM or a production serverless stack, it follows a vetted skill instead of reconstructing the steps from half-memory. Every call goes through your own IAM credentials, shows up in CloudWatch, and gets logged to CloudTrail, so you can scope an agent to read-only even when your role can write. And the toolkit costs nothing on its own; you pay only for the AWS resources the agent creates. It's the successor to the MCP servers, skills, and plugins AWS shipped under AWS Labs in 2025. Two things make me reach for it over a raw MCP setup: condition keys that let a policy tell an agent apart from a human, and skills that have been evaluated end

2026-06-30 原文 →
AI 资讯

More Watts, Less Light

Token burn and business outcomes are not correlated. More burn means more inefficiency, not more value. The electricity problem Imagine you walk into a dark room. Turning on a light helps you see. Turning on every light in the building does not help you see better. It's still the same room. Now every surface is equally lit, the contrast is gone, and you're paying for power you didn't use. Tokens work the same way. A focused prompt with clear scope is the single overhead light over your desk. A sprawling prompt with unlimited exploration is every light in the building — you're burning power, not producing insight. Tokens are electricity, not output. More throughput doesn't mean more value. I've had weeks where I burned through my allocation and looked back at the end to find nothing concrete. Code that worked but went unused. Exploratory branches that dead-ended. Agents that generated plausible-looking output that didn't survive first review. A lot of motion. Not much progress. The ceiling stops you from doing that indefinitely. It forces a moment of reflection: did this burn produce anything real? If the answer is no, more capacity isn't the fix. More discipline is. Three patterns I now use instead I started paying attention to what actually ships versus what just burns context. I gave the patterns names so I could catch myself faster: RTK — Read The Knowledgebase. A focused 15-minute read of the codebase, identifying the exact files and exact changes, saves 200K+ tokens of exploratory waste. The agent doesn't discover the shape of the task — it executes against a known one. Caveman — compress before you prompt. Strip greetings, filler words ("I think", "basically", "Let me know if that makes sense"), and closing courtesies. Every word in your prompt multiplies across every response token. Less fluff in means less fluff out. Ponytail — spec the minimum viable solution. "Robust", "scalable", "enterprise-grade", "comprehensive" — these words invite scope creep. Specif

2026-06-30 原文 →
AI 资讯

The LLM Should Never Do the Math

A CFO will not act on a number an LLM eyeballed. They will not act on a number the model "estimated" by reasoning over a usage dump. And they should not — because the moment a language model emits a dollar figure it computed itself, that figure is a guess wearing the costume of a fact. This is the design constraint behind databricks-cost-leak-hunter , the pilot skill of the databricks-pack v2 rebuild shipped in the claude-code-plugins marketplace ( PR #906 ). Given a live, authenticated Databricks workspace, it surfaces real cost leaks across four named categories, ranks them by monthly dollar impact, and emits a report a finance reader can act on. The marketplace validator graded it B (88/100, zero errors). The SKILL.md is 329 lines. The single most important thing in it is a rule the model is structurally prevented from breaking: the LLM never does the dollar arithmetic. Why not just let the agent read the bill and summarize it? Because that is exactly how you ship a confidently wrong cost report. Hand a model a few thousand rows of system.billing.usage and ask it for the top cost leaks, and it will give you a fluent answer. It will add DBUs. It will multiply by a price it half-remembers. It will round. Every one of those steps is a place the model can be plausibly, invisibly wrong — and the output reads identically whether the math is right or hallucinated. The failure mode of an LLM doing FinOps is not a crash. It is a clean, well-formatted, wrong number. The fix is architectural, not prompt-engineering. The model is allowed to decide what to look for and how to explain it . It is never allowed to be the calculator. The dollar primitive: confirmed, never estimated Every confirmed figure comes from the customer's own billing tables — system.billing.usage joined to system.billing.list_prices . Not a model estimate. Not a public price list. The number Databricks actually billed. That join is defined once, as a priced CTE, and reused by every category query. Usage i

2026-06-29 原文 →