参考来源¶
下面收录的是本书当前版本依赖的主要一手来源。访问日期:2026 年 4 月 22 日。
如何阅读这份列表
最好不仅按主题来读这些来源,也按它们提供的支撑强度来区分:
规范性框架:NIST、OWASP、CISA 等文档,它们定义了相对稳定的治理轮廓;平台实践:OpenAI、Anthropic、LangGraph、Google Cloud、Microsoft 等资料,它们展示这些轮廓在生产环境里是如何被组装出来的;HCI、HITL 与人工监督:这些来源说明自动化会在哪里出错,以及怎样把人稳稳留在回路里;研究前沿:关于记忆、可观测性、验证器设计与多智能体可靠性的较新论文。
如果你要给第一、第五和第八部分建立最稳的基础,先从规范性框架和 HCI/HITL 层开始。如果你要看当前工程实践,就读平台文档和近期研究,但始终要留意发布日期。
规范性框架与治理轮廓¶
- OWASP, LLM Prompt Injection Prevention Cheat Sheet
- NIST, AI RMF 1.0
- NIST, AI RMF: Generative AI Profile
- NIST, SP 800-53 Rev. 5: Security and Privacy Controls for Information Systems and Organizations
- NIST, SP 800-218A: Secure Software Development Practices for Generative AI and Dual-Use Foundation Models
- NIST, Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations
- CISA, Artificial Intelligence
智能体架构与平台模式¶
- Dmitry Vikulin, Architecture of Reliable AI Agents
- Anthropic, Building Effective AI Agents
- Anthropic, Harness design for long-running application development
- OpenAI, A practical guide to building agents (PDF)
- OpenAI, Agents SDK
- OpenAI Agents SDK, Sandbox Agents、Sandbox Concepts、Sandbox clients 与 Agent memory
- OpenAI, Agent Builder
- LangGraph, Overview
- LangGraph, Durable execution
- LangGraph, Persistence
- LangGraph, Memory overview
- LangChain, Multi-agent
- Google Cloud, Achieve agentic productivity with Vertex AI Agent Builder
- Google Cloud, More ways to build, scale, and govern AI agents with Vertex AI Agent Builder
- Google Cloud, Vertex AI Agent Builder overview
- Google Cloud Architecture Center, Multi-agent AI system in Google Cloud
- Microsoft Azure Architecture Center, AI Agent Orchestration Patterns
- Cloudflare, Build Agents on Cloudflare
- Cloudflare Agents SDK, Store and sync state 与 Schedule tasks
- Cloudflare Agents SDK, Human in the Loop 与 WebSockets
- Cloudflare, Build and deploy Remote Model Context Protocol (MCP) servers to Cloudflare
可观测性、评测与验证器设计¶
- OpenAI, Agent evals
- OpenAI, Trace grading
- OpenAI, Background mode
- OpenAI, Using tools
- OpenAI, Structured model outputs
- Microsoft Learn, Observability for Generative AI and agentic AI systems
- Google Cloud, Observability and monitoring
- AWS, Introducing stateful MCP client capabilities on Amazon Bedrock AgentCore Runtime
- arXiv, The Art of Building Verifiers for Computer Use Agents
- GitHub, microsoft/fara
HCI、HITL 与人工监督¶
- Microsoft Research, Guidelines for Human-AI Interaction
- LangChain Deep Agents, Human-in-the-loop
- LangGraph, Interrupts
- OpenReview, The Illusion of Consensus in Human-Centered Interactive AI
- Microsoft Learn, Agentic AI adoption maturity model
治理、安全与运行保障¶
- Google Cloud, How Google secures AI Agents
- Google Cloud, Recommended AI Controls framework
- Google Cloud, Introducing Agent Sandbox
- Google Research, Security Assurance in the Age of Generative AI
- Google Research, Securing the AI Software Supply Chain
- Google Research, An Introduction to Google’s Approach for Secure AI Agents
- Google Research, Identifying and Mitigating the Security Risks of Generative AI
- Anthropic, Claude Code Security
- Anthropic, Agentic Misalignment
- Anthropic, Strengthening Red Teams
- Anthropic, Introducing Bloom
- Anthropic, Findings from a Pilot Anthropic-OpenAI Alignment Evaluation Exercise
- MLCommons, AILuminate v1.0 Release
- Microsoft Learn, Secure autonomous agentic AI systems
- Microsoft Learn, Reduce autonomous agentic AI risk
- Microsoft Learn, Complete production infrastructure inventory
- Microsoft Learn, Agent Registry convergence with Microsoft Agent 365
事故与案例¶
- American Bar Association, BC Tribunal Confirms Companies Remain Liable for Information Provided by AI Chatbot
研究前沿:记忆、可观测性与多智能体可靠性¶
- OpenReview, EVOLVE-MEM: A Self-Adaptive Hierarchical Memory Architecture for Next-Generation Agentic AI Systems
- OpenReview, MemGen: Weaving Generative Latent Memory for Self-Evolving Agents
- OpenReview, AgentTrace: A Structured Logging Framework for Agent System Observability
- OpenReview, AgentTrace: Causal Graph Tracing for Root Cause Analysis in Deployed Multi-Agent Systems
- OpenReview, Evaluation of Multi-Turn Consistency in LLM Agents: Survival Analysis and Failure-Rationale Taxonomy
- OpenReview, AMA-Bench: Evaluating Long-Horizon Memory for Agentic Applications
- OpenReview, Aegis: Automated Error Generation and Attribution for Multi-Agent Systems
- OpenReview, PALADIN: Self-Correcting Language Model Agents to Cure Tool-Failure Cases
- OpenReview, Why Do Multiagent Systems Fail?
发布、构建与本书的平台层¶
- MkDocs, Official documentation
- Material for MkDocs, Official documentation
- uv, Working on projects
- ty, Official documentation
- Starlight, Official documentation
Rust 与智能体运行时的基础设施层¶
- AWS, AWS SDK for Rust is generally available
- AWS Docs, Code examples for Amazon Bedrock Runtime using AWS SDK for Rust
- docs.rs, aws-sdk-bedrockagentruntime
- Microsoft Learn, Azure SDK for Rust
- Rig, Official documentation
- docs.rs, rig-core
- GitHub, 0xPlaygrounds/rig
如何使用这份列表¶
如果你要继续扩展这本书,比较顺手的顺序是:
- 风险与控制框架:NIST、OWASP、CISA。
- 架构模式与运行时纪律:Anthropic、OpenAI、LangGraph、Google Cloud、Microsoft。
- 可观测性、评测与验证器层:OpenAI、Microsoft、arXiv、GitHub。
- HCI、HITL 与案例:Microsoft Research、OpenReview、ABA。
- 研究前沿:记忆、一致性、可观测性与多智能体失败模式。
如果你是配合本书阅读,再记住一个区分就够了:
稳定内核:规范性框架、架构、策略、执行与可观测性;快速变化层:评测工具、验证器设计、清单治理、前沿研究和较新的案例。