今日已更新 412 条资讯 | 累计 19972 条内容
关于我们

标签:#agents

找到 407 篇相关文章

AI 资讯

As SpaceX deal looms, Cursor partners with Chainguard to secure open-source dependencies in AI-built code

Cursor has spent the past week in headlines after confirming a partnership with SpaceX that could eventually lead to a $60 billion acquisition . The deal, for now, centres on training more capable coding models using SpaceX’s compute infrastructure. Alongside that push on model performance, however, Cursor is now addressing a separate issue: the reliability of the code those models produce. Cursor has partnered with Chainguard , which provides verified open-source packages, to route dependencies through its curated repositories, aiming to reduce the risk of compromised components entering AI-built applications. The announcement lands as AI coding tools push more software into production with less human review, raising questions about how much of that code can be trusted. Supply chain risks in the agentic era The partnership addresses a problem developers know all too well. Modern applications depend heavily on open-source libraries and container images, most of which are pulled from public registries such as npm, PyPI, and Docker Hub. Those registries operate on openness, with limited checks in place. Developers — and now AI agents — often install dependencies without knowing who built them or whether they have been tampered with. Recent incidents have underlined the risk . In March, projects such as Trivy, LiteLLM, Telnyx, and Axios were compromised, with attackers using poisoned packages to steal credentials and spread malware. For teams using AI-generated code, the exposure increases. Agents can select and install dependencies automatically, making trust decisions at a pace that outstrips manual review. As Chainguard co-founder and CEO Dan Lorenc put it, generating code is becoming routine — checking its integrity is where the pressure now sits. “AI agents are making dependency decisions at a scale and speed no security team can manually review,” he wrote in a blog post . “As organizations adopt agentic development, the biggest blocker is no longer how fast code

2026-07-06 原文 →
AI 资讯

FROST 的治理哲学:为什么每个 Agent 系统都需要一部宪法

FROST 的治理哲学:为什么每个 Agent 系统都需要一部宪法 "细胞会死,但谱系会存续。Agent 会消亡,但宪法会传承。资产会永存。" 在 AI Agent 框架百花齐放的 2026 年,我们见证了一个有趣的现象:框架越来越多,治理却越来越缺失。LangChain 给了你工具链,CrewAI 给了你角色扮演,AutoGen 给了你对话——但没有人回答一个关键问题: 当你的 Agent 家族有十代、百代,谁来保证它们的行为不越界? 这就是 FROST 要解决的问题。 一、一个被忽视的问题:Agent 治理真空 想象这样一个场景:你构建了一个 Agent 系统,它帮你处理客户咨询、自动写报告、管理财务。一开始只有 3 个 Agent,你都能监控。三个月后,Agent 数量变成了 30 个——有些是你创建的,有些是 Agent 自己创建的。 问题来了: 某个 Agent 开始访问不该访问的数据 某个 Agent 创建的子 Agent 继承了一份不该继承的权限 某个 SOP 工作流在运行中被人悄悄修改了 这不是科幻场景,这是今天 Agent 系统正在发生的事。 根本原因 :现有框架的"治理"要么是提示词级别的软约束("请你不要访问这些数据"),要么是事后的日志审计。没有一个是代码级别、架构级别的硬约束。 FROST 的设计哲学是: 治理必须是架构的一部分,而不是补丁。 二、FROST 的宪法模型:四层治理 FROST 把治理拆解为四个层次,每一层都有对应的代码实现: 第一层:只读继承——权限的代码级强制 在大多数框架中,Agent 之间的数据共享靠的是"约定"。FROST 用的是 HierarchicalStore ——一种层级化记忆容器: class HierarchicalStore : """ 层级化记忆存储。 祖先 Store 对后代只读——后代可以继承,但不能篡改。 """ def __init__ ( self , data = None , parent = None , readonly = False ): self . _data = data or {} self . _parent = parent self . _readonly = readonly # 关键:只读标记 def save ( self , key , value ): if self . _readonly : raise PermissionError ( " 只读 Store 禁止写入 " ) self . _data [ key ] = value def load ( self , key , default = None ): if key in self . _data : return self . _data [ key ] if self . _parent : return self . _parent . load ( key , default ) return default 注意 readonly 参数。当一个 Agent 创建子 Agent 时,子 Agent 对父 Agent 的 Store 是 只读的 。这不是提示词告诉 Agent "请你不要修改",而是代码直接抛出异常。 这意味着 :即使 LLM 产生了幻觉,试图越权写入,代码层面也会拒绝执行。 第二层:SOP 宪法校验——工作流的可审计性 在 FROST 中,SOP 不是随便定义的步骤列表,而是经过祖辈审核的"宪法文本": def validate_sop ( ancestor_sop , descendant_sop ): """ 祖辈验证后代的 SOP 是否合规。 检查点: 1. 后代 SOP 的步骤不能超出祖辈定义的边界 2. 后代 SOP 不能调用未授权的 Skill 3. 后代 SOP 的数据访问不能超出权限范围 """ # 检查 1:步骤边界 for step in descendant_sop . steps : if step not in ancestor_sop . allowed_steps : raise SOPValidationError ( f " 步骤 { step } 超出祖辈定义的边界 " ) # 检查 2:Skill 授权 for skill in descendant_sop . required_skills : if skill not in ancestor_sop . authorized_skills : raise SOPValidationError ( f " Skill { skill } 未获授权 " ) return True 这意味着 :任何后代 Agent 想要执行的工作流,都必

2026-07-06 原文 →
AI 资讯

Why AI App Backends Are Becoming Accounting Systems

Most SaaS backends were built around a simple assumption: The user pays a subscription, then uses the product. That assumption breaks down for AI apps. An AI app does not just serve screens. It spends money while it works. A user searches the web. A model summarizes a report. An image model generates a draft. An agent calls an MCP tool. A workflow buys data from an API. A future x402 endpoint charges for a capability call. Every one of those actions can have a marginal cost. That means the backend for an AI app is no longer just a place to store users, projects, and settings. Increasingly, it is a system of record for economic activity. In other words: AI app backends are becoming accounting systems. The old SaaS model was simpler Traditional SaaS could survive with coarse billing. You had: monthly subscriptions seats tiers maybe a usage limit somewhere That worked because the marginal cost of most product actions was close enough to zero. If a user clicked a button, edited a document, opened a dashboard, or created a project, the backend cost was usually small compared with the subscription price. The business could average it out. AI apps are different. The product may call paid APIs on almost every useful action. Search once. Summarize once. Generate once. Transcribe once. Call an agent tool once. The unit economics are inside the interaction loop. If the product cannot see who spent what, when, and why, the business is flying blind. Usage billing is not an add-on For AI apps, usage billing is often treated like a pricing feature. I think that is too narrow. Usage billing is really a cost ledger. It answers: which user triggered the cost? which project or app did it belong to? which capability was called? what did it quote before execution? what did it actually cost? was it retried? was it idempotent? did the end user pay for it? is there a payment or checkout record attached? If you cannot answer those questions, you do not have a reliable production backend for

2026-07-06 原文 →
AI 资讯

I Built an AI Agent That Remembers Why Customers Leave (And I'm Building My Way Into AI Development)

With over 5 years in customer support and retention, I've lost count of how many times I've seen the same pattern: a customer explains an issue, gets it "resolved," and then has to explain the same problem again weeks later, as if the first conversation never happened. Support systems forget. Customers don't. That frustration, seen over years on the support side, is what led me to this hackathon project. Most support systems and most AI chatbots treat every interaction as isolated. They don't remember. So patterns that should be obvious (repeated complaints, dropping usage, unresolved issues) never get connected until a customer just leaves. That became the seed for my project: the Retention Risk Agent. The Problem With "Forgetful" AI Most AI tools answer questions in the moment, then forget everything. Ask a chatbot about a customer's history, and it only knows what's in that single message, not what happened last week, last month, or across five different support tickets. For churn prediction, that's a fatal flaw. Churn isn't a single event. It's a pattern, a series of small signals that only make sense when viewed together over time. This is something I understand deeply from years of watching it happen firsthand. Cognee is an open-source memory layer for AI agents. Instead of treating each interaction as isolated, it builds a knowledge graph, connecting facts, relationships, and context across everything you feed it. That's exactly what churn detection needed. What I Built I created a Python script that: Ingests customer records (support tickets, usage patterns, plan changes) Uses Cognee to build a memory graph connecting these signals Asks a simple question: "Which customers show signs of churn risk, and why?" The result wasn't a keyword match; it was reasoning. The agent correctly flagged a customer whose usage dropped 80% and who'd ignored two check-in emails. It flagged another who'd complained twice about slow support and mentioned a competitor. And critica

2026-07-06 原文 →
AI 资讯

What AGENTS.md Gives Coding Agents That README Files Do Not

Here's the failure mode I keep running into. A team gives a coding agent a repo, a task, and maybe a README. The agent can find files and write code, but it still has to guess the operating rules. It guesses the package manager. It guesses which checks matter. It guesses whether generated files are safe to edit. It guesses what "done" means. A README is usually for humans: what the project is, how to run it, and where the important docs live. A coding agent needs different context. Setup rules. Test commands. Boundaries. Completion criteria. That's the gap AGENTS.md fills. The official AGENTS.md guidance describes it as a predictable place for coding-agent instructions: setup commands, test commands, code style, security considerations, and nested instructions for large monorepos. I find the split useful in a more boring way. The README answers, "What is this project?" AGENTS.md answers, "What should an agent know before touching it?" That second question is where the work usually gets fragile. Where Goose Fits Goose makes this less theoretical because it isn't just a chat box. It's an open source local AI agent with a desktop app, CLI, API, MCP extensions, and skills. Without AGENTS.md , I find myself writing prompts like this: Update the docs, but don't touch generated files, use pnpm, run the lint and test commands, keep the PR small, and tell me what you couldn't verify. With AGENTS.md , the prompt can get shorter: Update the quickstart docs for the new config flag. Goose can run the task in the repo. The repo can carry the standing instructions. I noticed this on a small docs/config update where generated files sat near source files. Without repo instructions, the prompt had to carry the package manager, generated-file boundary, checks, and the "tell me what you could not verify" rule. Once those rules lived in AGENTS.md , the prompt became just the task. Not magic. Just fewer chances to forget the boring parts. Where Skills Fit I would add one more layer once

2026-07-06 原文 →
AI 资讯

🤖 I Built 100 Claude Code Subagents. These Are The 12 That Actually Earn Their Context.

Everyone's building armies of AI "specialists" inside Claude Code. Most of them never trigger, collide with each other, and quietly bloat the very context window they were supposed to protect. I built and stress-tested 100 subagents — official built-ins, the big community collections, and a pile of my own — to find the handful that genuinely earn their keep. Here are the 12 I actually delegate to, the ones I deleted, and the uncomfortable truth about what a subagent is really for. Why I Went Down This Rabbit Hole This is the third time I've done this to myself. First it was 100 Claude Skills . Then 100 MCP servers . Now: subagents. Together they're the three pillars of the Claude Code stack — Skills give an agent competence , MCP servers give it capability , and subagents give it delegation . I'd covered two. The trilogy demanded the third. And subagents are where the hype is loudest right now. Open GitHub and you'll find collections with hundreds of them: VoltAgent's awesome-claude-code-subagents ships 154+ agents across 10 categories with 22.9k stars ; wshobson's marketplace packs 194 agents, 158 skills, and 16 orchestrators into 37.5k stars . The pitch is intoxicating: assemble a team of AI specialists — a security-auditor , a react-specialist , a kubernetes-specialist , a quant-analyst — and let Claude Code dispatch the right expert for every task. So I did the obvious thing. I installed, wired up, and actually used 100 subagents across real work: code review, debugging, test runs, security audits, database analysis, incident triage. I watched which ones Claude actually delegated to, which ones sat inert, and which ones quietly made my main conversation worse . Most got deleted. Not because they were badly written — many were excellent — but because I'd fundamentally misunderstood what a subagent is for . That misunderstanding is the whole point of this article, and I'll get to it before the list. This is the shortlist that survived. Twelve subagents. Out of a h

2026-07-05 原文 →
AI 资讯

AI-DLC: Giving Structure to AI-Assisted Development

AI coding assistants are great at writing code and terrible at knowing when to write it. Ask one to build a feature and it will happily jump straight to implementation, skipping the questions a good engineer asks first: what exactly are we building, why, what are the risks, and how should it be broken down? The result is fast output that often solves the wrong problem. AWS's AI-DLC (AI-Driven Development Life Cycle) is an attempt to fix that gap. It's an open-source set of workflow rules — released by awslabs — that steer AI coding agents through a disciplined software development process instead of letting them freewheel. Importantly, it isn't a tool you install or a service you pay for. It's a methodology delivered as a bundle of markdown rules that your existing coding agent reads and follows. The core idea: methodology over tooling One of AI-DLC's stated tenets is "methodology first." The whole thing ships as plain markdown rule files that you drop into whatever your agent already uses for project instructions — CLAUDE.md for Claude Code, .cursor/rules/ for Cursor, .github/copilot-instructions.md for GitHub Copilot, .amazonq/rules/ for Amazon Q, steering files for Kiro, and so on. There's nothing to run. The agent loads the rules and its behavior changes. This makes AI-DLC deliberately agnostic . It doesn't tie you to a specific IDE, model, or vendor — any coding agent that supports project-level rules can use it. The philosophy is that a good development methodology should outlive any particular tool. A three-phase adaptive workflow At its heart, AI-DLC organizes work into three phases that mirror how thoughtful software actually gets built. The Inception phase answers what to build and why . This is where the agent does requirements analysis, creates user stories when they're warranted, sketches the application design, breaks work into units that can be built in parallel, and assesses risk and complexity before a line of code is written. The Construction phase

2026-07-05 原文 →
AI 资讯

Building Evaluation, Cost Governance, and Observability for a Multi-Agent System in Microsoft Foundry

This closes out the series' capstone: the multi-agent customer support system built across Parts 6-9, now hardened with evaluation, cost governance, and observability so it can actually run in production with an on-call rotation behind it, not just in a demo environment. Continuous evaluation pipeline Evaluation: measuring quality continuously, not just at launch A one-time eval before launch tells you nothing about drift once real traffic — and real edge cases — start hitting the system. Set up a continuous evaluation pipeline using a G-Eval-style approach, where a separate model scores production outputs against explicit criteria: eval_criteria = { " correctness " : " Does the response accurately reflect the order/refund status retrieved from the tools? " , " escalation_appropriateness " : " If the case was ambiguous or high-risk, did the agent escalate to a human rather than resolving it alone? " , " tone " : " Is the response professional and appropriately empathetic given the customer ' s stated frustration level? " , } def geval_score ( response , context , criterion_name , criterion_description , eval_model_client ): prompt = f """ Evaluate the following response against this criterion: { criterion_description } Context: { context } Response: { response } Score from 1-5 and give one sentence of reasoning. Return JSON: {{ " score " : int, " reasoning " : str}} """ result = eval_model_client . complete ( prompt ) return json . loads ( result ) def run_continuous_eval ( sample_of_production_traffic ): scores = { crit : [] for crit in eval_criteria } for interaction in sample_of_production_traffic : for crit_name , crit_desc in eval_criteria . items (): result = geval_score ( interaction . response , interaction . context , crit_name , crit_desc , eval_model_client ) scores [ crit_name ]. append ( result [ " score " ]) return { crit : sum ( vals ) / len ( vals ) for crit , vals in scores . items ()} Sample a percentage of real production traffic daily (not just s

2026-07-05 原文 →
AI 资讯

Moving Beyond Chat: Why AI Agents and MCP Are the Next Big Shift for Developers

For the past two years, most of us integrated AI into our workflow using a "ping-pong" model: we write a prompt, get some code, copy-paste it, hit a bug, and paste the error back. But in 2026, the tech stack is shifting from simple chat interfaces to Autonomous AI Agents . We aren't just talking about smarter chatbots. We are talking about production-ready systems that can plan, use specialized tools, debug themselves, and interact with our local development environments. The Core Blueprint of an AI Agent Unlike a standard LLM call that finishes after a single response, an AI Agent operates in an Evaluate-Act-Learn loop. To actually build or interact with one, you need to understand its three core pillars: State & Memory: Maintaining context across complex, multi-step tasks (both short-term session state and long-term vector-based memory). Planning & Reflection: The ability to break down a high-level goal (e.g., "Scrape this e-commerce site and update our DB schema" ) into a sequence of executable tasks, and pivot if a step fails. Tools (The Game Changer): Giving the model execution capabilities via APIs, sandboxed code execution environments, and file system access. Enter MCP: The Architecture Connecting It All The biggest catalyst for this shift right now is the adoption of the Model Context Protocol (MCP) . Think of MCP as an open standard that acts like a universal adapter. Instead of writing custom, brittle glue-code for every single tool you want an AI to use, MCP provides a secure, structured way for LLMs to safely read and write to local repositories, query databases, or trigger deployment pipelines. [ AI Agent ] ──( MCP Protocol )──► [ MCP Server ] ──► [ Local Files / DB / API ] When an agent is plugged into your workspace via MCP, it doesn't just guess what your code looks like. It can scan an entire TypeScript repository, map out your Tailwind components, identify type mismatches, and apply a refactor across multiple files simultaneously. From Dev to Arch

2026-07-05 原文 →
AI 资讯

Silent Drift in Agent Decision Quality: Catching It Before Your Users Do

Book: Observability for LLM Applications — Tracing, Evals, and Shipping AI You Can Trust Also by me: Agents in Production — the companion book in The AI Engineer's Library (2-book series) My project: Hermes IDE | GitHub — an IDE for developers who ship with Claude Code and other AI coding tools Me: xgabriel.com | GitHub Your triage agent has been in production for three months. The traces look clean. Every span is green, every run terminates, the p95 latency is flat, the token bill is boring. Then support forwards you a screenshot: the agent routed a billing refund to the security queue. You pull the trajectory. Nothing is broken. The agent called a reasonable tool with reasonable arguments, got a reasonable result, and picked the wrong queue with total confidence. That is silent drift. The trace shows you what the agent did. It does not tell you whether what it did was any good. Between a model provider's minor version bump, a prompt tweak someone shipped on Tuesday, and the slow shift in your incoming traffic, the quality of your agent's decisions moves. It rarely announces itself with an error. It shows up as a support ticket, then a second one, then a churned account. You catch it the same way you catch a memory leak: with a baseline and an alarm, not by staring at dashboards. Decision quality is a distribution, not a number The failing traces in Chapter 12 of Agents in Production are the easy case. Twenty retries of the same empty search is visibly wrong. You see the loop count in the invoke_agent parent and you know. Most quality regressions are not visible in a single trace. They show up only when you look at the distribution of decisions across thousands of runs. So the first thing to instrument is the decision itself. If you followed the tracing chapter you already emit a small fixed vocabulary per chat span: span . set_attribute ( " gen_ai.agent.step " , 3 ) span . set_attribute ( " gen_ai.agent.decision " , " call_tool " ) span . set_attribute ( " gen_ai.

2026-07-04 原文 →
AI 资讯

Multi-Agent Coordination: Message-Bus Patterns That Keep Agents Sane

Book: Agents in Production — Building, Tracing, and Shipping Multi-Step AI You Can Trust Also by me: Observability for LLM Applications — the companion book in The AI Engineer's Library (2-book series) My project: Hermes IDE | GitHub — an IDE for developers who ship with Claude Code and other AI coding tools Me: xgabriel.com | GitHub In June 2025 two engineering teams posted opposite advice in the same week. Anthropic shipped How we built our multi-agent research system : an orchestrator dispatching subtasks to worker agents, beating a single agent by 90.2% on breadth-first research. A few days later Cognition, the team behind Devin, published Don't Build Multi-Agents , arguing that parallel subagents without shared context produce fragile systems. Both were right. They were describing different workloads. Anthropic's research agent is embarrassingly parallel: four workers go read four things and come back with four small summaries. Cognition's target is writing code, where every edit depends on every other edit and context cannot be sliced. Most people get the plumbing wrong, not the decision. Once you have two agents that need to coordinate, you have to choose how they talk. That choice decides your failure modes long before the models do. Handoffs vs a shared bus There are two ways to wire agents together, and they fail differently. A handoff transfers control. Agent A finishes, hands the whole conversation to Agent B, and steps out. This reads well in a demo. In production it means the transcript grows on every hop, and by the fourth agent you are paying to re-read a conversation nobody trimmed. Handoffs also lose the parent: once A hands off to B, nobody is holding the original task to check the final answer against it. A shared bus keeps a supervisor in charge. Workers never talk to each other. They receive a small typed task, do the work, and return a small typed artifact to the supervisor, which composes the result. This is the shape of Anthropic's research

2026-07-04 原文 →
AI 资讯

Deploying Agents: Containers, Orchestration, and Scaling the Loop

Book: Agents in Production — Building, Tracing, and Shipping Multi-Step AI You Can Trust Also by me: Observability for LLM Applications — the companion book in The AI Engineer's Library (2-book series) My project: Hermes IDE | GitHub — an IDE for developers who ship with Claude Code and other AI coding tools Me: xgabriel.com | GitHub The agent works on your laptop. It passes evals. Your manager asks when it ships and you say Monday, because the modeling is done. Then you try to put it behind a load balancer and it falls apart, because you deployed it like a web service. An agent is not a web service. A web service answers in milliseconds and forgets. An agent thinks for minutes, burns tokens across two or three providers, streams partial output to a browser, and sometimes decides to call delete_invoice on the eighth turn. Every deployment decision you make flows from one question: what does this thing do to your infrastructure while it is running? Here is how to package it, where to hold state, and how to scale a workload whose bottleneck is a model call you do not control. The shape is decided by the longest step The single rule that saves you the most pain: an agent's deployment shape is decided by its longest step, not its average step. A support chatbot answers in two seconds. A code-review agent thinks for six minutes. A research agent runs for forty. You cannot put all three behind the same HTTP endpoint and expect any of them to survive. Pick the pattern that matches the longest step, then cap the rest with timeouts. Under 30s → stateless HTTP endpoint (Cloud Run, Fly.io). 30s to 5m with a user watching → streaming over WebSocket or SSE. 5m to an hour, async → queue plus worker (Temporal, Inngest, or Redis). Longer than an hour → still queue plus worker, whether you like it or not. Do not hold an HTTP request open for forty minutes. Something you did not know existed will kill it at the worst moment: a proxy, a CDN, a load-balancer idle timeout. Package it: p

2026-07-04 原文 →
AI 资讯

Picking an Agent Framework in 2026: An Honest Verdict on Six of Them

Book: Agents in Production — Building, Tracing, and Shipping Multi-Step AI You Can Trust Also by me: Observability for LLM Applications — the companion book in The AI Engineer's Library (2-book series) My project: Hermes IDE | GitHub — an IDE for developers who ship with Claude Code and other AI coding tools Me: xgabriel.com | GitHub On April 2, 2026, Microsoft shipped agent-framework 1.0 and, in the same blog post, moved AutoGen into maintenance mode. Semantic Kernel went with it. Three overlapping projects folded into one package with stable APIs and long-term support. Microsoft framed the move as a consolidation. If you had an AutoGen project that morning, you woke up with a migration. That is the shape of this whole category. The framework landscape you pick from today is not the one you picked from a year ago, and it will not be the one you pick from next year. So the useful question is not "which framework is best." It is "which framework has which wedge, and which trade-off comes with it." Here is an honest read on six frameworks worth installing in 2026, and when to reach for each. The churn is the feature, not the bug Before the tour, one thing that changed the math: the wire formats underneath these SDKs converged. Every framework here speaks MCP for tools. Most support A2A for cross-framework handoffs. Model Context Protocol started as an Anthropic proposal at the start of 2025 and is now the default way agents pick up external tools. That convergence means the framework you pick locks you in less than it used to. You are still locked at the abstraction layer, though. Migrating a production system from CrewAI to Pydantic AI is a rewrite of every Agent definition and every tool decorator. The pick is sticky. Choose it with that in mind. LangGraph : durability as the wedge Reach for LangGraph when your agent has to survive a crash. It models the agent as a graph with checkpointers backed by Postgres or SQLite, so a workflow that dies at step seven resumes a

2026-07-04 原文 →
AI 资讯

Pydantic AI: Typed, Testable Agents for Engineers Who Like Guarantees

Book: Agents in Production — Building, Tracing, and Shipping Multi-Step AI You Can Trust Also by me: Observability for LLM Applications — the companion book in The AI Engineer's Library (2-book series) My project: Hermes IDE | GitHub — an IDE for developers who ship with Claude Code and other AI coding tools Me: xgabriel.com | GitHub You ship an agent that resolves billing disputes. It works in the demo. Two weeks later a support ticket lands: the agent tried to refund $4,000 on a $19 charge. You read the trace. The model returned a JSON blob, your code did json.loads , pulled amount , and passed it straight to the payments API. No cap. No type. No check. The model hallucinated a number and your code trusted it. The model is stochastic. Your code does not have to be. The gap between those two facts is where most production agent bugs live, and it is exactly the gap Pydantic AI is built to close. The wedge is types Most agent frameworks hand you an Agent object and a bag of strings. Pydantic AI hands you Agent[Deps, Output] — a generic parameterized by its dependency type and its output type. The IDE and your type checker read those parameters. So does the runtime. Install pulls in the framework plus an optional tracing extra: pip install "pydantic-ai[logfire]" The smallest program that earns its keep: from dataclasses import dataclass from pydantic import BaseModel from pydantic_ai import Agent , RunContext @dataclass class Deps : customer_name : str class SupportReply ( BaseModel ): reply : str escalate : bool agent = Agent ( " anthropic:claude-opus-4-8 " , deps_type = Deps , output_type = SupportReply , system_prompt = " You are a support agent. " , ) A tool is a plain function whose type hints become the schema the model sees, and the run returns the validated SupportReply : @agent.tool def customer_name ( ctx : RunContext [ Deps ]) -> str : return ctx . deps . customer_name result = agent . run_sync ( " What is my name? " , deps = Deps ( customer_name = " Ana "

2026-07-04 原文 →
AI 资讯

AGENTS.md, Hands-On: Build One Step by Step (and Watch an Agent Use It)

In the field guide I covered what an AGENTS.md is and what belongs in it. This is the hands-on follow-up: we'll build a complete AGENTS.md for a real project, one section at a time, then point an AI coding agent at it and watch the difference it makes. By the end you'll have a working file — and you'll have seen it pay off. New to AGENTS.md? It's a single Markdown file at the root of your repo that tells AI coding agents how to work in it — build steps, tests, conventions, guardrails. The "why" behind each section is in the field guide . The project we'll use We'll write the AGENTS.md for a small but real service: a URL shortener API in Python — FastAPI, SQLite, pytest. A couple of endpoints, a thin data layer, a test suite. Follow along with this, or swap in your own repo — the steps are identical. Its shape: linkshort/ app/ main.py # FastAPI routes db.py # SQLite access models.py # Pydantic models migrations/ # generated SQL — not hand-edited tests/ requirements.txt Step 0 — Start with an empty file At the repo root: touch AGENTS.md That's the whole step. We'll fill it in one section at a time, building toward a file an agent can read in thirty seconds. Step 1 — Orientation: one line Tell the agent what it's looking at. Add: # AGENTS.md A URL shortener API in Python — FastAPI, SQLite, pytest. One sentence sets the agent's priors: it knows the language, framework, and storage before it reads a single line of code. Step 2 — Setup and run The agent can't help if it can't start the project. Add the real, copy-pasteable commands: ## Setup python -m venv .venv && source .venv/bin/activate pip install -r requirements.txt ## Run uvicorn app.main:app --reload # http://localhost:8000 Use the commands that actually work in your repo — no placeholders. Step 3 — Tests: the agent's feedback loop This is the most important section, because tests are how the agent checks its own work. Add: ## Test — all must pass before a change is done pytest ruff check . mypy app Now the agent

2026-07-04 原文 →
AI 资讯

OpenAI Agents SDK 0.13 to 0.17: Three Breaking Changes You Will Hit

OpenAI Agents SDK 0.13 → 0.17: Three Breaking Changes You Will Hit The OpenAI Agents SDK moved from 0.13 to 0.17 in five weeks (April 9 – May 19, 2026). That's 19 releases, including three breaking changes. Two of them are silent — they change runtime behavior without raising an error at upgrade time. If you're running agents on 0.13.x, this is the migration guide you need before you upgrade. The Three Breaks Break #1: ModelRefusalError (v0.15.0) — Silent to Loud The change: Model refusals used to return empty-string output. Now they raise an exception. What this means: If your code treated refusals as output == "" or checked for empty responses, you were silent-failing gracefully. That behavior changed. A model refusal now raises ModelRefusalError and will crash your agent run unless you handle it. What you need to do: Register a "model_refusal" error handler before upgrading past 0.15.0: from openai.agents import Agent , RunConfig def handle_refusal ( error ): print ( f " Model refused: { error . reason } " ) return " Model refused to respond. Try rephrasing. " agent = Agent ( model = " gpt-4 " , tools = [...], ) config = RunConfig ( on_error = { " model_refusal " : handle_refusal , } ) response = agent . run ( " ... " , config = config ) Without the handler, you'll see: ModelRefusalError: model declined to process this request This is an intentional change — OpenAI wants refusals to be explicit, not silent. But it means your error handling has to change. Impact: Any agent that doesn't add a refusal handler will crash on a refusal. High-risk if your agents field user input directly. Break #2: Default Model Changed (v0.16.0) — Silent Model Switch The change: The default model switched from gpt-4.1 to gpt-5.4-mini . What this means: If you created an agent without explicitly setting model= , you were running on gpt-4.1. On upgrade to 0.16.0+, that same code silently switches to gpt-5.4-mini. This isn't just a version bump — gpt-5.4-mini ships with different defaults

2026-07-04 原文 →
AI 资讯

The Anatomy of an Agent Harness

A deep dive into what Anthropic, OpenAI, Perplexity and LangChain are actually building. Covering the orchestration loop, tools, memory, context management, and everything else that transforms a stateless LLM into a capable agent. You've built a chatbot. Maybe you've wired up a ReAct loop with a few tools. It works for demos. Then you try to build something production-grade, and the wheels come off: the model forgets what it did three steps ago, tool calls fail silently, and context windows fill up with garbage. The problem isn't your model. It's everything around your model. LangChain proved this when they changed only the infrastructure wrapping their LLM (same model, same weights) and jumped from outside the top 30 to rank 5 on TerminalBench 2.0. A separate research project hit a 76.4% pass rate by having an LLM optimize the infrastructure itself, surpassing hand-designed systems. That infrastructure has a name now: the agent harness. What Is the Agent Harness? The term was formalized in early 2026, but the concept existed long before. The harness is the complete software infrastructure wrapping an LLM: orchestration loop, tools, memory, context management, state persistence, error handling, and guardrails. Anthropic's Claude Code documentation puts it simply: the SDK is "the agent harness that powers Claude Code." OpenAI's Codex team uses the same framing, explicitly equating the terms "agent" and "harness" to refer to the non-model infrastructure that makes the LLM useful. The canonical formula, from LangChain's Vivek Trivedy: "If you're not the model, you're the harness." Here's the distinction that trips people up. The "agent" is the emergent behavior: the goal-directed, tool-using, self-correcting entity the user interacts with. The harness is the machinery producing that behavior. When someone says "I built an agent," they mean they built a harness and pointed it at a model. Beren Millidge made this analogy precise in his 2023 essay, Scaffolded LLMs as Natu

2026-07-03 原文 →
AI 资讯

Enterprise Due Diligence Agent: AI Reports for 60+ Real Companies

企业尽调智能体实战:60+真实企业的AI尽调报告 从5天到10分钟:AI如何重构企业尽调 企业贷前尽调,银行和金融机构最头疼的环节。一位信贷经理曾这样描述他的工作:打开天眼查查工商信息,切到Wind拉行情,再打开百度搜新闻,最后把散落在七八个系统里的数据拼进Word模板。一家企业,至少5天。如果碰上集团客户、关联方众多的,两周起步。 一家支行行长曾无奈地说:"25个客户经理,每个人做的尽调报告格式都不一样。同样的企业,A经理评'低风险',B经理评'中等风险',谁对谁错无从判断。"问题的根源不是人的能力差异,而是工具链的碎片化——数据散落在不同系统里,没有统一入口,也没有标准化的采集流程。 我们调研了12家金融机构的尽调流程,发现三个共性痛点: 信息散落 (数据分布在6-10个系统中)、 耗时漫长 (单家企业5-10个工作日)、 质量参差 (依赖个人经验,无标准化流程)。 本文记录的,是一个用AI Agent解决这个问题的实战项目——企业尽调引擎v5.0。它不是概念验证,不是Demo,而是在60+家真实企业上跑通的生产级系统。 技术架构:多源数据整合的数据流 尽调的核心难题不是"分析",而是"采集"。一家上市公司的完整画像,需要从至少6个异构数据源拉取信息。传统方式是人肉Copy-Paste,我们的方案是用Agent自动编排数据流: 用户输入 "美的集团" │ ▼ ┌─────────────────────────────────┐ │ Step 1: 股票代码查询 │ │ 联网搜索 → 000333.SZ │ └──────────────┬──────────────────┘ │ ┌──────────┴──────────┐ ▼ ▼ ┌─────────┐ ┌──────────┐ │ Step 2a │ │ Step 2b │ │ 实时行情 │ │ 新闻舆情 │ │ ifind │ │ 联网搜索 │ └────┬────┘ └─────┬────┘ │ │ └─────────┬──────────┘ │ ┌──────────┼──────────┐ ▼ ▼ ▼ ┌────────┐ ┌────────┐ ┌────────┐ │Step 3a │ │Step 3b │ │Step 3c │ │工商信息 │ │风险扫描 │ │估值指标 │ │ MCP │ │ MCP │ │ MCP │ └───┬────┘ └───┬────┘ └───┬────┘ │ │ │ └──────────┼──────────┘ │ ▼ ┌─────────────────────────────────┐ │ Step 4: 舆情分析 + 综合评分 │ │ 多源交叉验证 → 生成尽调报告 │ │ 输出: JSON(5KB) + Markdown(4KB) │ └─────────────────────────────────┘ 这个数据流的核心设计原则是 并行采集、串行推理 。Step 2的行情和舆情可以并行获取,Step 3的三个MCP调用也可以并行,但Step 4的综合评分必须等所有数据到齐后才能做交叉验证。这种设计把端到端耗时压到了10分钟以内。 另一个关键设计是 渐进式降级 :如果MCP工具不可用(比如企业是非上市公司),引擎会跳过行情和估值模块,仅返回工商+风险+新闻的"基础版"报告,而不是直接报错退出。这一设计在实际使用中至关重要——我们的60+企业样本中,有11家是非上市企业,如果要求所有数据源齐备才能出报告,这11家就会被拒之门外。 五大能力详解 1. 股票代码查询 输入企业名称,自动搜索匹配股票代码。比如输入"美的集团",引擎通过联网搜索拿到 000333.SZ 。这个步骤看似简单,却是后续所有数据获取的前提——行情、估值、历史走势全部依赖股票代码。对于非上市企业,引擎会标记 stock_code: null 并跳过相关模块。在实际测试中,股票代码查询的成功率超过98%,少数失败案例主要是名称变更(如"格力地产"更名为"珠免集团")尚未被搜索引擎索引。 2. 实时行情数据 通过ifind接口获取实时股价、涨跌幅、成交量、换手率等指标。这些数据直接写入报告的"行情数据"章节,避免分析师手动从交易软件抄录。更重要的是,行情数据与后续的估值指标做交叉验证——如果PE_TTM显示14倍但股价异常波动,报告会标注"数据一致性待确认"。 3. 企业新闻舆情 联网搜索获取企业最新新闻,引擎对新闻做情感分析后输出舆情等级(正面/中性/负面)和舆情得分(0-100)。这不是简单的关键词匹配,而是基于上下文的语义判断。当正面信号和风险信号同时出现时,报告会分别列出,而非简单抵消。一条"美的集团海外营收创新高"和一条"美的集团遭反倾销

2026-07-03 原文 →
AI 资讯

4A Enterprise Architecture + TOGAF: How to Guide Agent Skill Design

4A企业架构+TOGAF如何指导Agent Skill设计 引言:AI Skill设计的"巴别塔"困局 当下的AI Agent生态,正陷入一种似曾相识的混乱。 去年帮一家保险公司梳理Agent技能库,发现100多个Skill横七竖八地堆在一起——有的直接调API,有的内嵌业务逻辑,有的把数据获取和分析揉成一团。问架构师这些Skill怎么分类,回答是"按安装顺序排的"。再问两个Skill之间数据怎么流转,回答是"各写各的"。一个股票监控Skill自己爬数据、自己做分析、自己发消息,三件事耦合在同一个脚本里。换一个场景想复用其中的分析逻辑?做不到,只能重写。 这不是个例。几乎所有率先部署AI Agent的企业都面临同样的困境:Skill越堆越多,越堆越乱。缺乏统一的能力域划分,缺乏标准化的数据接口,缺乏清晰的组合规则,缺乏可复用的构建块沉淀。 听起来很熟悉?没错——这正是企业架构在20年前要解决的问题。当年企业信息化的混乱,和今天AI Skill的混乱,本质上是一回事:没有架构约束的开发,必然走向无序。 4A企业架构(业务架构BA、数据架构DA、应用架构AA、技术架构TA)加上TOGAF的构建块思想,为Agent Skill设计提供了一套经过验证的方法论。本文试图建立这二者之间的映射框架,并用实际案例说明其可行性。 4A映射框架:四个问题驱动Skill设计 企业架构的核心是四个问题:做什么(BA)、数据怎么流(DA)、用什么组合(AA)、底层怎么支撑(TA)。这四个问题同样适用于Skill设计。 ┌───────────────────────────────────────────────────────────────┐ │ 4A → Skill 映射框架 │ ├───────────────────────────────────────────────────────────────┤ │ │ │ BA 业务架构 │ │ ┌─────────────────────────────────────────────────────────┐ │ │ │ Skill的业务能力域划分、价值链映射 │ │ │ │ → 回答"这套Skill体系解决什么业务问题" │ │ │ └────────────────────────────┬────────────────────────────┘ │ │ │ │ │ DA 数据架构 │ │ │ ┌────────────────────────────▼────────────────────────────┐ │ │ │ Skill的数据流、信息交换标准 │ │ │ │ → 回答"Skill之间数据怎么流转、用什么格式" │ │ │ └────────────────────────────┬────────────────────────────┘ │ │ │ │ │ AA 应用架构 │ │ │ ┌────────────────────────────▼────────────────────────────┐ │ │ │ Skill的组合关系、依赖图谱 │ │ │ │ → 回答"哪些Skill可以组装、依赖关系是什么" │ │ │ └────────────────────────────┬────────────────────────────┘ │ │ │ │ │ TA 技术架构 │ │ │ ┌────────────────────────────▼────────────────────────────┐ │ │ │ Skill的运行时、工具链、基础设施 │ │ │ │ → 回答"Skill跑在什么环境上、需要哪些依赖" │ │ │ └─────────────────────────────────────────────────────────┘ │ │ │ └───────────────────────────────────────────────────────────────┘ 用表格更清晰地展示每一层的核心映射关系: 架构层 核心问题 Skill映射 示例 BA 业务架构 Skill解决什么业务问题? 按能力域分组:协同办公、内容生产、数据智能、系统运维等 "数据智能"域包含客户画像、股票监控、财务智能等Skill DA 数据架构 Skill间数据如何流转? 统一数据格式(Markdown/JSON),标准化数据源→转换→消费管道 搜索Skill输出Markdown,报告Skill消费Markdown生成PDF AA 应用架构 Skill如何组合复用? 构建依赖图谱,上层组合下层,同类可替换 日报Skill = 搜索 + 摘要 + PDF转换 + 消息推送

2026-07-03 原文 →
AI 资讯

Mini book: Agentic AI Architecture

In this eMag, we try to establish agentic AI architecture as a new type of software architecture that will likely dominate the industry for years to come. The articles, written by industry experts, cover various elements and aspects of agentic AI architecture. We aim to present the latest trends and developments shaping the new type of architecture as it enters the mainstream. By InfoQ

2026-07-03 原文 →