今日已更新 166 条资讯 | 累计 20138 条内容
关于我们

标签:#Agents

找到 408 篇相关文章

AI 资讯

Open Source Project of the Day (#104): AgentScope 2.0 — Alibaba's Production-Ready Agent Framework Built Around Model Reasoning

Introduction "Build and run agents you can see, understand, and trust." This is article #104 in the Open Source Project of the Day series. Today's project is AgentScope 2.0 — Alibaba DAMO Academy's open-source production-ready agent framework. The agent framework space is crowded. LangChain centers on chain-based orchestration. AutoGen centers on multi-agent conversation. CrewAI centers on role-based collaboration. AgentScope's differentiation is in its design philosophy: when LLM reasoning is strong enough, the framework should step back rather than constraining the model's decision space with rigid pipelines. AgentScope 2.0 adds the production infrastructure that philosophy requires: event system, permission controls, multi-tenant isolation, sandbox execution, middleware hooks. The goal is not a demo that runs — it's a system that ships. What You'll Learn AgentScope 2.0's design philosophy: why "model-led" over "fixed pipeline" The five core systems: Event / Permission / Multi-tenancy / Workspace / Middleware Agent Team pattern: how the Leader-Worker architecture handles complex tasks Permission system fine-grained control: tool call approval and boundary configuration Positioning differences vs. LangChain and AutoGen The full ecosystem: AgentScope Runtime, ReMe, OpenJudge, Trinity-RFT Prerequisites Familiarity with LLM agent concepts (tool use, reasoning loop) Basic Python async programming Experience with LangChain or AutoGen helps with positioning comparison Project Background What Is AgentScope? AgentScope 2.0 is a production-ready agent framework — "an agent development platform with essential abstractions, designed to work with rising model capability, with built-in production support." The core problem it addresses: traditional agent frameworks constrain LLMs with rigid pipelines and opinionated prompt templates. As LLM reasoning capability has improved rapidly, that constraint has become a bottleneck. AgentScope shifts to "letting the model's native reason

2026-06-24 原文 →
AI 资讯

Stop returning the same "blocked" error from your agent guardrail

If you run deny-by-default tool guards on AI agents, your refusal is a security decision — not a logging afterthought. I watched one source mutate a malformed tool call ~1,400 times against a production agent in a weekend. Every identical BLOCKED response was feedback for the attacker's automated search: same input shape → same refusal → "colder," changed shape → changed response → "warmer." A Keysight paper (arXiv:2606.20470) quantifies it: deterministic detect-and-block lets attack success rate approach 1 as the query budget grows, because predictable refusals feed model-guided search. Their detect-and-misdirect approach cuts the ASR upper bound by up to ~2 orders of magnitude. The cheap version of the fix, in pseudocode: ​ # BEFORE: a stable refusal = a label for the attacker's search def on_blocked ( call ): return { " error " : " TOOL_CALL_BLOCKED " , " code " : 4031 } # identical every time # AFTER: vary a non-operational response so the deny path isn't a compass def on_blocked ( call ): # return a controlled, plausible-but-non-operational response; # randomize shape/latency so block != stable signal return misdirect ( call , vary = [ " shape " , " delay " , " message " ]) Caveats from doing this in prod: It makes YOUR debugging harder (your own false positives now look noisy too) — log the real reason internally, only vary the external response. Varying text isn't enough if latency still leaks. Treat timing + error-shape as part of the response surface. Open question I don't have a clean answer to: does misdirection just move the oracle one layer up into side channels? I maintain an open-source deny-by-default firewall for agent tool calls (agent-airlock), which is how I had the logs to catch this. The lesson generalizes to any guardrail: a denied call's response is attack surface.

2026-06-23 原文 →
AI 资讯

Common Pitfalls of Skills Development (And How to Fix Them)

I recently gave a version of this talk at AI Engineer Europe in London. What follows is the fuller story — what we found when we looked at thousands of skills, what goes wrong, and how to fix it. You know that scene in The Matrix? Neo gets a spike in the back of his head, they upload kung fu directly into his brain, and he just... knows it. That's what a skill is for an AI coding agent. You write a markdown file — a SKILL.md — and the agent loads it when the task matches. Suddenly it knows your team's deployment process, or how your API handles pagination, or that you never use semicolons. It's not code. It's context. Procedural knowledge, injected at the right moment. The thing is — Neo's upload worked perfectly. Ours? Not always. Skills are everywhere now We spent some time analysing essentially all of public GitHub. In November last year, 12 repos had SKILL.md files. By March — five thousand four hundred and sixty. That's 450x growth in fourteen weeks. Skills went from zero to 27% of all agent config activity in three months. Faster adoption than CLAUDE.md , AGENTS.md , or any of the dotfile formats before them. And 1 in 12 merged PRs on GitHub now touches an agent config file — 8.4%, up from basically zero eighteen months ago. This is not a niche thing anymore. This is how people are working. Watch on YouTube But are they electrifying? Ninety percent of agent config files are never updated after creation. Write once, forget forever. Your codebase evolves every day. Your dependencies change. Your API contracts shift. But the instructions you gave your agent? Frozen in time. For Gemini files it's even worse — 97% are write-once. And the purpose-built "skill-as-product" repos? Over half are under 50 kilobytes. Wrapper repos. Many are AI-generated. High churn, low staying power. We have this explosion of skills, and most of them are going stale the moment they're committed. What we did about it The DevRel team at Tessl spent a couple of months doing something pretty

2026-06-23 原文 →
AI 资讯

Your context window is not your agent's memory

There's a quiet assumption baked into a lot of agent code: that a bigger context window means a better memory. Vendors ship 200K, then 1M, then 2M token windows, and the implied promise is "just put everything in and the model will remember." After building agents that run for weeks, I've come to think this conflates two things that are not the same — and treating them as the same is exactly why long-running agents get dumber over time. The context window is working memory. Real memory is what survives when the window is gone. Mixing them up is like confusing your desk with your filing cabinet. Two different clocks Working memory (the context window) lives for one session, maybe one turn. It's fast, expensive, and volatile. It's where reasoning happens right now . Durable memory lives across sessions. It's slow, cheap, and persistent. It's what the agent knows when it wakes up tomorrow with an empty window. These have different lifespans, different costs, and different access patterns. The moment you try to make one do the other's job, things break: Use the window as memory → everything you "remember" has to be re-loaded every turn, you pay for it every turn, and the instant the session ends it's gone. Use durable storage as working memory → you're reading and writing files mid-reasoning for things that only matter for the next 30 seconds. A good agent keeps them separate on purpose. Why "just use a bigger window" fails Say you have a 1M token window and you stuff the entire history in. Three problems show up, none of which a bigger number fixes: Cost scales with every turn, not every session. That 1M tokens isn't paid once — it's re-sent on each step of a multi-turn task. A 20-step task can mean 20× the bill, mostly re-reading the same stale history. Attention dilutes. "Lost in the middle" is real: models attend most reliably to the start and end of a long context. Bury the one fact that matters under 900K tokens of transcript and recall quality drops, even though

2026-06-23 原文 →
AI 资讯

Most AI agent memory never pays for itself

Built a small tool for Claude Code that tracks whether “agent memory” rules actually pay for themselves in token usage. The idea is simple: every persistent instruction should justify itself by reducing future token cost. If it doesn’t, it gets flagged for removal. Over time, a surprising amount of memory ends up being neutral or negative ROI once measured. Check it out, would mean a lot :) Repo: https://github.com/vukkt/token-warden

2026-06-23 原文 →
AI 资讯

'"An LLM and a harness": Nvidia''s simple thesis on what agents actually are'

Nvidia's Nader Khalil — Director of Developer Technologies and co-founder of Brev.dev, acquired by Nvidia two years ago — sat down with The New Stack to talk agents, OpenClaw, and where enterprise AI is heading. His opening line is worth keeping: "An agent is an LLM and a harness. And if you think about that, it involves two things. It involves the loop and the LLM… Each loop should take us closer to our goal." That's not a complicated definition. It's also exactly right — and the fact that Nvidia's internal framing lands here matters more than the quote itself. What actually happened Nvidia has full-time OpenClaw contributors. Khalil: "We have a couple of developers at the company that contribute to OpenClaw full time." That's a real commitment, not a press-release mention. NemoClaw is their enterprise blueprint — a reference architecture for running OpenClaw (and Hermes) in production, with GPU routing, security policies, and a runtime called OpenShell. Khalil traces the harness evolution directly: from ChatGPT's system prompts → memory → file context → Cursor → Claude Code. All of it is harness, not model. The model is constant; the harness is where the product lives. On OpenClaw's PR backlog: "It got more stars than Linux in months… so I think you're gonna see a mountain of PRs." Their response — roll up their sleeves and start merging. Why this framing matters Nvidia makes money when AI compute scales. For that to happen, agents need to work reliably in enterprise environments — and the harness is the reliability layer. Their NemoClaw blueprints aren't a product play; they're an enablement play. Enterprise teams get a reference architecture that works on Nvidia silicon. Nvidia gets demand for the GPUs underneath. It's the CUDA X model applied to agentic AI. The microwave analogy Khalil uses is useful: "when it's your microwave at home, you just go 'Boop, boop. Done.'" Every enterprise will build specialized agents tuned to their domain — CrowdStrike, Cadence, P

2026-06-22 原文 →
AI 资讯

KIMI + Agnes: A Real-World Test of Cross-Provider Agent Chain Correctover

A few days ago I had an idea: what if one LLM could orchestrate other LLMs as agents — not just calling them, but verifying that each agent's output was actually correct before passing it to the next? I work on NeuralBridge (an open-source self-healing SDK for LLM pipelines), so I decided to build it and test it with two real providers: KIMI (Moonshot) and Agnes AI . The Core Problem: Failover ≠ Correctover Most API gateways and LLM routers stop at "HTTP 200" — they retry or switch providers, but they never check if the output is actually correct . # What everyone else does: try : result = call_llm ( prompt ) return result # HTTP 200 = success? 🚩 except Exception : result = call_llm_fallback ( prompt ) return result # Still not verified! This is dangerous. A failover from gpt-4o to gpt-4o-mini might silently drop 3 critical fields. A KIMI response that returns "200 OK" might still be missing key entities. Correctover is the idea that switching providers isn't enough — you must verify semantic equivalence after every switch. The Architecture We built a simple DAG-based chain executor with three key capabilities: DAG orchestration — define multi-step workflows where nodes depend on each other Per-node semantic validation — every LLM output is checked against a Contract before passing to the next node Cross-provider Correctover — if validation fails, automatically retry with a different provider from neuralbridge import SelfHealingEngine , ProviderConfig , Contract from neuralbridge.chain import ChainBuilder engine = SelfHealingEngine ( providers = []) engine . add_provider ( ProviderConfig ( name = " moonshot " , base_url = " https://api.moonshot.cn/v1 " , api_key = " ... " , models = [ " moonshot-v1-8k " , " moonshot-v1-32k " ], )) engine . add_provider ( ProviderConfig ( name = " agnes " , base_url = " https://apihub.agnes-ai.com/v1 " , api_key = " ... " , models = [ " agnes-2.0-flash " ], )) chain = ( ChainBuilder ( engine ) . node ( name = " planner " , system = "

2026-06-22 原文 →
AI 资讯

Pydantic AI 的 5 个隐藏用法:类型安全的 Agent 框架

你知道吗?最近一个 AI Agent 直接删除了生产数据库,然后在 Twitter 上轻松"自首"——这条消息在 Hacker News 上获得了 860 分和超过 1000 条评论。随着 AI Agent 从演示走向生产环境,"在我的机器上能跑"和"它能安全地运行我的业务"之间的鸿沟从未如此巨大。 Pydantic AI 正是为弥合这一鸿沟而来。这个拥有 17,895 Stars 的 Python Agent 框架,由 Pydantic Validation 的同一团队打造——而 Pydantic Validation 正是 OpenAI SDK、Anthropic SDK、Google ADK、LangChain、LlamaIndex、CrewAI 等数十个 GenAI 工具的数据验证层。如果你用过 FastAPI,你已经知道 Pydantic 的感觉:类型安全、优雅、生产就绪。Pydantic AI 将这种哲学完整地带入了 Agent 开发领域。 在 2026 年的今天,大多数 Agent 框架把 LLM 当成返回字符串的黑盒子。Pydantic AI 则将其视为类型化、可验证、可组合的系统——这改变了一切。 隐藏用法 #1:人工审批工具调用(阻止 Agent 乱来) 大多数人的做法: 给 Agent 完全自由去调用任何工具——数据库查询、API 调用、文件删除——然后祈祷一切顺利。当出了问题时,你从用户口中才知道。 隐藏技巧: Pydantic AI 的延迟工具(deferred tools)让你可以标记某些工具调用在执行前需要人工审批。Agent 会规划好动作,但在执行前暂停并等待人类批准或拒绝——完美适用于数据库写入、金融交易或生产部署等破坏性操作。 from pydantic_ai import Agent , RunContext , DeferredToolRequests from pydantic import BaseModel agent = Agent ( ' openai:gpt-4.1 ' , output_type = str , # 通过 deferred=True 标记需要审批的工具 ) @agent.tool ( deferred = True ) async def delete_user_account ( ctx : RunContext , user_id : str ) -> str : """ 永久删除用户账户。需要人工审批。 """ # 这段代码只在人工审批通过后才会执行 await db . users . delete ( user_id ) return f " 用户 { user_id } 已删除 " # 运行 Agent——如果它尝试调用 delete_user_account, # 执行会暂停并返回 DeferredToolRequests 对象 result = await agent . run ( " 清理不活跃账户 " ) if isinstance ( result . output , DeferredToolRequests ): # 将待执行的工具调用展示给人类审批 for tool_call in result . output . calls : print ( f " Agent 想要执行: { tool_call . tool_name } ( { tool_call . args } ) " ) approved = input ( " 是否批准?(y/n): " ) if approved . lower () == ' y ' : # 带审批结果恢复执行 result = await agent . run ( " 已批准 " , message_history = result . all_messages (), deferred_tool_requests = result . output , ) 效果: Agent 可以自主处理安全操作(读取数据、生成报告),而在危险操作上自动暂停等待人工判断。不再有删库跑路的意外。 数据来源: Pydantic AI GitHub 17,895 Stars(通过 GitHub API 验证,最后推送 2026-06-21)。HN Algolia 搜索"pydantic-ai agent framework"获得 12 分讨论帖。"AI agent deleted production database"故事在 HN 上获得 860 分/1032 条评论(数据来源:HN Algolia API)。 隐藏用法 #2:基于图的多 Agent 工作流 + 类型安全状态 大多数人的做法: 构建线性

2026-06-22 原文 →
AI 资讯

여러 에이전트가 협업하는 업무 자동화 시스템 설계 방법

업무 자동화 시스템을 만들 때 가장 먼저 드는 질문이 있다. "에이전트 하나면 안 되나?" 단일 에이전트로 시작하면 구조가 단순하고 디버깅도 쉽다. 그런데 실제 업무 맥락에서는 단일 에이전트가 빠르게 벽에 부딪힌다. 이 글은 왜 여러 에이전트가 협업하는 구조가 필요한지, 그리고 그 구조를 실제로 어떻게 설계하는지를 기술적으로 짚는다. 단일 에이전트로 충분하지 않은 이유 단일 에이전트가 실패하는 지점은 복잡한 기능 탓이 아니라 컨텍스트 길이와 직렬 실행의 구조적 한계 때문이다. LLM 기반 에이전트에 하나의 긴 작업을 맡기면 세 가지 문제가 동시에 발생한다. 첫째, 컨텍스트 창이 소진된다. 데이터 수집, 변환, 검증, 발행을 하나의 루프에서 처리하면 중간 상태가 프롬프트에 누적되고, 모델은 앞부분 지시를 잊는다. 둘째, 직렬 실행은 병목을 만든다. API 호출이 5개 있고 각각 2초라면, 단일 에이전트는 10초를 기다린다. 셋째, 에러 격리가 불가능하다. 한 단계가 실패하면 전체 루프를 재시작해야 한다. 반면 여러 에이전트가 협업하는 구조에서는 각 에이전트가 명확한 책임 경계를 갖는다. 한 에이전트가 데이터를 수집하고, 다른 에이전트가 변환하고, 또 다른 에이전트가 검증한다. 에러는 해당 에이전트 범위 안에서 처리되고, 독립된 작업은 병렬로 돌린다. 에이전트 협업 구조를 어떻게 설계할까? 나무숲이 실제 자동화 프로젝트에서 가져가는 구조는 오케스트레이터-워커(Orchestrator-Worker) 패턴이다. 이 패턴은 Anthropic이 공개한 에이전트 설계 가이드라인 에서도 다루는 구조로, 책임 분리가 명확하다는 점이 핵심이다. 역할 책임 범위 주요 판단 오케스트레이터 전체 작업 계획, 워커 배정 어떤 워커를 호출할지, 순서와 병렬 여부 워커 에이전트 단일 도메인 작업 실행 도구 호출, 결과 반환 검증 에이전트 출력 품질 검사 재시도 요청 또는 다음 단계 진행 상태 관리 에이전트 간 공유 컨텍스트 보존 어떤 정보가 다음 에이전트에 전달되는지 예를 들어 콘텐츠 자동 발행 파이프라인이라면, 오케스트레이터가 "오늘 발행할 항목 목록"을 받아 수집 워커, 요약 워커, 포맷 워커를 순서대로 호출한다. 검증 에이전트는 포맷 워커 출력을 보고 발행 가능 여부를 판단한다. 에이전트 간 데이터 흐름과 오케스트레이션 설계 오케스트레이터는 각 워커를 직접 호출하고, 그 결과를 다음 워커의 입력으로 넘긴다. 이때 중요한 설계 결정이 두 가지다. 메시지 구조를 명시적으로 정의한다. 에이전트 간 데이터는 자유형 텍스트가 아니라 스키마가 있는 구조로 전달해야 한다. JSON 스키마나 Pydantic 모델을 쓰면 에이전트 출력이 다음 에이전트의 입력 형식을 충족하는지 런타임 전에 검사할 수 있다. 오케스트레이터는 작업의 의미를 이해하지 않는다. 좋은 오케스트레이터는 라우터에 가깝다. "이 입력은 A 워커에게, 그 결과는 B 워커에게"를 결정할 뿐, 각 작업의 도메인 로직에 관여하지 않는다. 이 원칙을 지키면 워커를 교체하거나 추가할 때 오케스트레이터 코드를 손댈 필요가 없다. 간단한 파이썬 예시로 구조를 보면 이렇다: from anthropic import Anthropic from pydantic import BaseModel client = Anthropic () class WorkerOutput ( BaseModel ): status : str # "success" | "retry" | "failed" payload : dict error_message : str | None = None def call_worker ( system_prompt : str , user_input : str ) -> WorkerOutput : response = client . messages . create ( model = " claude-opus-4-5 " , max_tokens = 1024 , system = system_prompt , messages = [{ " role " : " user " , " content " : user_input }],

2026-06-22 原文 →
AI 资讯

Defender flujos de agentes contra el OWASP LLM Top 10

Corro varios agentes respaldados por Bedrock en producción: análisis de documentos, emparejamiento de contenido, búsqueda en registros, búsqueda semántica. Esta es una pasada honesta sobre el OWASP Top 10 para aplicaciones LLM desde el lado de la implementación : el código de verdad que defiende cada riesgo y, igual de importante, las categorías donde mi respuesta es "parcial" o "todavía no". Primero el modelo de amenazas Un flujo de agentes es un pipeline: entrada no confiable → prompt → modelo → parseo → actuar. Cada flecha es una superficie de ataque. Antes de cualquier control, la pregunta más útil que me hice fue esta: ¿qué puede HACER de verdad un agente si el modelo está completamente manipulado? Mi respuesta dio forma a todo lo de abajo. Los agentes son mayormente-de-lectura : llaman a un modelo, leen filas acotadas de la base de datos, y escriben resultados de análisis con llave del usuario que pide. Sin shell, sin SQL arbitrario, sin llamada a herramientas. El radio de impacto es chico por construcción, que es el control más barato que existe. TL;DR, estatus honesto OWASP LLM Mi estatus El control LLM10 Consumo sin límite Fuerte Límite de tasa + cortacircuitos de costo mensual + topes de tokens por modelo LLM06 Agencia excesiva Fuerte (por diseño) Sin llamada a herramientas; mayormente-de-lectura; escrituras acotadas a quien llama LLM01 Inyección de prompt Parcial Contenido del usuario enmarcado como DATOS (delimitadores + preámbulo anti-inyección) LLM02 Divulgación de info sensible Parcial Limpieza de PII por regex antes del modelo; exclusiones auditadas LLM05 Manejo inadecuado de salida Parcial Validación de esquema + chequeos de fundamentación + sanear-antes-de-renderizar LLM07 Fuga del system prompt Parcial Registro versionado de prompts + regla anti-eco LLM08 Vector/Embedding N/A (todavía no construido) (nada) AuthN/Z + interruptor de apagado Fuerte Llave interna, gateo por cuota/gama, deshabilitado por agente LLM10 Consumo sin límite: empieza aquí, e

2026-06-22 原文 →
AI 资讯

Why Your Agent's Search Results Look Right and Are Wrong: The Index Distribution Problem

Why Your Agent's Search Results Look Right and Are Wrong: The Index Distribution Problem You've built an agent. It has a search tool. You query it with something reasonable — a factual question, a comparison, a technical lookup — and it returns results. The results look right. The sources are real. The snippets are plausible. The agent synthesizes them into a confident answer. And the answer is wrong. Not obviously wrong. Not hallucinated-in-a-hallucinatory-way wrong. Structurally wrong — wrong in a way that passes every surface-level check because the error is baked into the retrieval layer before the model ever sees the context. This isn't a prompt engineering problem. It isn't a context window problem. It's a distribution problem , and it has a structural ceiling that no amount of better prompting will fix. The Index Is a Frozen Decision Here's the thing most agent builders don't internalize: a search index is not a neutral representation of knowledge. It's a frozen set of decisions about what matters and what doesn't. Every index — whether it's a BM25 inverted index, a dense vector store, or a commercial web search API — encodes a distribution shaped by past relevance judgments. Someone, at some point, decided which documents were "relevant" to which queries. That could be explicit (human raters labeling search results) or implicit (click logs, dwell time, link graphs). Either way, the index now encodes a probability distribution over what the system considers a good answer to a given query. That distribution is not semantic truth. It's past relevance consensus . Consider what happens when you embed a corpus and build a vector index. Your embedding model was trained on data that reflects certain assumptions about what concepts are close to each other. Your chunking strategy encodes assumptions about what granularity of information is useful. Your ranking model — whether it's cross-encoder reranking or a learned relevance model — was trained on labeled data that

2026-06-22 原文 →
AI 资讯

I opened my first PR to LiveKit's agents repo — here's the bug I found

I've been growing my open source portfolio one contribution at a time, and this week I landed on something genuinely interesting in livekit/agents (11k+ stars, the framework behind a ton of real-time voice AI agents). The bug If you're building a voice agent on a realtime model (OpenAI Realtime, xAI, Gemini Live), the model streams your transcription back in chunks. A single utterance can fire many user_input_transcribed events before it's final — token by token for OpenAI/xAI, or as one big interim blob for Gemini. If you want to react exactly once per utterance (say, show a "user is typing" indicator on your frontend via RPC), you need a stable key to correlate all those interim events together. That key already existed internally — InputTranscriptionCompleted carries an item_id . But when the framework re-emitted it upward as the public UserInputTranscribedEvent , the item_id was silently dropped — leaving consumers with no reliable way to dedupe across providers. The fix Small once you see it: add the field, forward it. class UserInputTranscribedEvent ( BaseModel ): transcript : str is_final : bool item_id : str | None = None # new ... def _on_input_audio_transcription_completed ( self , ev : llm . InputTranscriptionCompleted ) -> None : self . _session . _user_input_transcribed ( UserInputTranscribedEvent ( transcript = ev . transcript , is_final = ev . is_final , item_id = ev . item_id ) ) Two files, about 10 lines of real change. The actual work was tracing the event from the realtime model layer, through AgentActivity , up to AgentSession , to find exactly where the field got swallowed. The takeaway I didn't need to understand all of livekit-agents to land this — just one event's lifecycle, end to end. Small, well-scoped issues are the most achievable way into a big codebase, especially when someone's already mapped the territory in the issue itself. PR is up, CI green, waiting on review: github.com/livekit/agents/pull/6172

2026-06-22 原文 →
AI 资讯

Evaluating Kimi 2.5 vs Kimi 2.6: What happens to agent skills when the model gets smarter?

When a stronger model ships, there are two questions every skill author should want answered, and evals are the only honest way to answer either: Which skills just got absorbed? A model that now knows how to do X natively does not need a skill telling it to do X. Fewer skills to maintain, leaner context, lower cost. Which skills still matter? Behaviour-level guidance (conventions, preferences, project-specific workflows) is not something pretraining will fill in for you. Those skills should keep paying. Moonshot gave us early access to Kimi K2.6. We ran the Tessl agent skill evaluation harness on the same 21 skills and 100 paired scenarios against three solvers: Kimi K2.5, Kimi K2.6, and Claude Sonnet 4.5. A solver is the model whose output the grader scores; a paired scenario is the same task run twice per solver, once without the skill installed and once with it. These are early signals from one pre-release on one skill set. A deeper cross-model analysis with clean baselines across the board is in progress and will be its own piece. What does our setup look like? Scenarios and rubrics are held fixed across the two Moonshot runs. The only variable is the solver. Solver A: Kimi K2.5 Solver B: Kimi K2.6 Scenario generator: Claude Sonnet 4.5, up to 5 scenarios per skill, derived from each skill's SKILL.md Grader: Claude Sonnet 4.5, weighted-checklist rubric derived from the same SKILL.md Per skill × per solver: every scenario solved twice, baseline (no skill installed) and with-skill Per-skill n=5 is noisy; the aggregate over 100 scenarios is where the signal lives. Three findings: Kimi 2.6 is a better model than K2.5: Without skills, K2.6 sits ~2 pp (percentage points) above K2.5 in aggregate, with double-digit moves on specific skills. Kimi 2.6 holds its own against Sonnet 4.5. We picked Sonnet 4.5 as a competitive baseline, and found in this evaluation set that the K2.6 performed better both in the with/without skill scenario by around ~8 p.p . Skills remain a dura

2026-06-21 原文 →
AI 资讯

Goal In, DAG Out: How Open-Multi-Agent Turns a Goal into a Task DAG

You wrote the graph by hand. Then the requirements changed. Most TypeScript agent frameworks make you draw the graph yourself. You declare the nodes, wire the edges, decide what runs after what, where it branches, where it joins. It works, right up until the goal shifts and you are back in the graph editor re-wiring a pipeline you already built once. There is another way to model this: describe the goal, and let a coordinator build the graph for you. That is what runTeam() does in open-multi-agent. You hand it a team and a sentence. It hands back a result. In between, a coordinator agent decomposes the goal into a task DAG, assigns the tasks to your agents, runs the independent ones in parallel, and synthesizes the final answer. There are no edges to wire. This post is about what happens in that "in between," because the mechanism is the whole point. The one call import { OpenMultiAgent } from ' @open-multi-agent/core ' const orchestrator = new OpenMultiAgent ({ defaultModel : ' deepseek-v4-flash ' , defaultProvider : ' deepseek ' , }) const team = orchestrator . createTeam ( ' research ' , { name : ' research ' , agents : [ { name : ' researcher ' , model : ' deepseek-v4-flash ' , provider : ' deepseek ' , systemPrompt : ' You research topics and gather concrete facts. ' }, { name : ' writer ' , model : ' deepseek-v4-flash ' , provider : ' deepseek ' , systemPrompt : ' You turn research notes into clear prose. ' }, ], sharedMemory : true , }) const result = await orchestrator . runTeam ( team , ' Research the tradeoffs of TypeScript decorators, covering the stage-3 standard ' + ' versus the legacy experimental implementation, runtime and bundle-size cost, and ' + ' current framework support, then write a clear 500-word explainer for a team ' + ' deciding whether to adopt them. ' , ) console . log ( result . agentResults . get ( ' coordinator ' )?. output ) Three things to notice before we go under the hood: You never declared a task graph. You wrote the goal in pla

2026-06-21 原文 →
AI 资讯

Day 9 of building an AI agent that controls a phone. It works perfectly on my phone. But on a friend's phone, template matching failed. Icons rendered differently. The agent couldn't send a message. Now I'm exploring UI hierarchy inspection

Project Log #9: My AI Agent Works on My Phone. But What About Yours? Okeke Chukwudubem Okeke Chukwudubem Okeke Chukwudubem Follow Jun 20 Project Log #9: My AI Agent Works on My Phone. But What About Yours? # ai # webdev # programming # productivity 1 reaction Add Comment 3 min read

2026-06-21 原文 →
AI 资讯

60–95% fewer tokens in your agent loops, same answers. Meet Headroom.

AI coding agents are expensive — not because models cost too much per token, but because they send too many of them. An SRE debugging session with a raw agent: 65,694 tokens in. With Headroom in the middle: 5,118. Same bug found. Headroom is a new open-source context compression layer that intercepts everything your agent reads — tool outputs, log dumps, RAG chunks, files, conversation history — and compresses it before the LLM ever sees it. It's local, reversible, and available as a drop-in proxy, a library, or an MCP server. The numbers that matter Savings on real agent workloads: Code search (100 results): 17,765 → 1,408 tokens (92% reduction) SRE incident debugging: 65,694 → 5,118 tokens (92%) GitHub issue triage: 54,174 → 14,761 tokens (73%) Codebase exploration: 78,502 → 41,254 tokens (47%) Accuracy on standard benchmarks (GSM8K, TruthfulQA, SQuAD v2, BFCL) is preserved — some scores actually improve slightly, likely because the model sees cleaner signal. What's doing the compression Under the hood, Headroom routes content through a stack of specialised compressors: SmartCrusher — JSON, nested objects, arrays of dicts CodeCompressor — AST-aware for Python, JS, Go, Rust, Java, C++ Kompress-base — a custom HuggingFace model trained on agentic traces, for prose and mixed content CacheAligner — stabilises prompt prefixes so Anthropic/OpenAI KV caches actually hit It also does CCR (reversible compression) — originals are cached locally and the LLM can retrieve them on demand if it needs them. Nothing is destroyed. Why the proxy mode matters The most interesting deployment path: headroom proxy --port 8787 , then point your existing tool at localhost. Zero code changes. Works with any language. Or even simpler: headroom wrap claude wraps Claude Code, routes its traffic through Headroom automatically. One command, savings start immediately. Same for Codex, Cursor, Aider, Copilot CLI. "Library — compress(messages) in Python or TypeScript, inline in any app. Proxy — hea

2026-06-20 原文 →
AI 资讯

Give Your Codebase a Constitution

Architecture that lives only in people's heads doesn't survive agents. For most of my career, the real rules of a codebase weren't written down. People knew them. Senior engineers knew which layers could talk to which. They knew which dependencies were forbidden, which schemas were effectively frozen, and which shortcuts would create problems six months later. New engineers learned those rules the traditional way: break one, get caught in review, get the explanation, and eventually remember not to do it again. It wasn't perfect, but it mostly worked. What I didn't fully appreciate until I started working heavily with coding agents is how dependent that model is on tribal knowledge. Humans accumulate context over time. Agents don't. They don't remember the migration that went sideways three years ago. They weren't around when the team spent weeks untangling a dependency cycle. They don't know why a particular boundary exists. They only know what they can see. Which means if a rule isn't written down, from the agent's perspective, the rule doesn't exist. I've seen agents wire inner layers directly to outer layers. I've seen them introduce dependencies we intentionally avoided and extend contracts everyone on the team considered settled. The code often worked, which was the dangerous part. The problem wasn't correctness. The problem was architectural drift. That's when something clicked for me. Architecture can't remain folklore once agents start writing code. It has to become law. Not a convention. Not a suggestion. Not something a reviewer remembers at 6 PM on a Friday. A law. Written down, explicit, and enforceable. That's what I mean by a constitution. A Constitution Is Not Documentation The first mistake I made was treating the constitution like another documentation file. It isn't. Documentation explains how the system works today. A constitution defines what the system is allowed to become. Those sound similar, but they serve very different purposes. Package nam

2026-06-20 原文 →
AI 资讯

Hermes Agent Skills — Self-Evolving, Persona-Aware Skill Collection for Hermes Agent

Body: Hey everyone 👋 I've been building hermes-agent-skills — a production-grade skill collection for Hermes Agent that does three things no other skill pack does: 1. Self-Evolving Skills Skills aren't static YAML. The built-in EvolutionEngine tracks 5 health dimensions (usage frequency, success rate, user corrections, freshness, command validity), assigns a health score, and tells you which skills are rotting. Think of it as npm audit for your AI assistant's capabilities. 2. SOUL.md Persona Awareness Drop a SOUL.md in your Hermes config — naming conventions, comment density, architecture preferences, commit style — and every skill that touches code output adapts to it. hermes-skill soul generate bootstraps one in one command. The persona-aware-coding skill reads it at runtime so your agent writes code that actually looks like you wrote it. 3. CLI Toolchain hermes-skill create my-workflow # scaffold a standards-compliant SKILL.md hermes-skill validate skills/ # validate against the Agent Skills Standard hermes-skill list skills/ -f json # enumerate with health metadata hermes-skill soul generate # bootstrap a persona file What's in the box (v1.1.0): | Skill | Phase | Hermes-only Feature | |---|---|---| | requirement-analyzer | Define | Persistent memory across sessions | | spec-driven-dev | Spec | /skills chain forming workflows | | test-driven-dev | Build | delegate_task parallel test execution | | debugger-coordinator | Verify | browser + terminal + vision tri-tool | | code-quality-guardian | Review | patch auto-fix + /curator tracking | | cicd-orchestrator | Ship | cronjob scheduling + webhook triggers | | skill-curator | Evolve | Direct /curator integration | | persona-aware-coding | Identity | Native SOUL.md persona system | Why this is different: Most agent skill collections are portable but shallow — they can't use any platform's unique superpowers. These skills go deep on Hermes specifically: slash commands, delegate_task, persistent memory, vision+browser+t

2026-06-20 原文 →