June 25, 2026 Research Brief

Agent control gets explicit.

Today’s strongest papers replace prompt-only agent design with governed memory, formal verification, and system-level security evaluation, while more realistic benchmarks expose where long-horizon agents still break.

Why it matters Memory as the new agent attack and failure surface

Persistent memory is no longer just a convenience layer; it is a control plane for future actions. Several papers show that failures arise at write-time authority assignment, retrieval-time surfacing, cross-agent propagation, and experience consolidation.

What changed Verification, diagnosis, and control over long-horizon reasoning

As traces get longer and tasks more consequential, post hoc answer checking is too coarse. The strongest systems now verify steps, localize decisive faults, or maintain explicit beliefs over correctness before acting.

What to watch Security evaluation is becoming pipeline-level and system-level

Security failures increasingly emerge from end-to-end pipelines rather than isolated prompts. Today’s papers show that evaluation must include retrieval, memory, tool execution, multimodal judges, and sandbox boundaries.

Read the brief 中文版本

Recent Briefs

Each issue should tell you why the day is worth reopening, not only when it was published.

Agent control gets explicit. Today’s strongest papers replace prompt-only agent design with governed memory, formal verification, and system-level security evaluation, while more realistic benchmarks expose where long-horizon agents still break.
EN 中文
Agent safety gets operational. Today’s strongest papers replace answer-only evaluation and static guardrails with verifiable agent checks, runtime authorization, and privacy-aware controls built for real enterprise environments.
EN 中文
Evaluation becomes infrastructure. Today’s papers argue that progress claims increasingly hinge on benchmark repair, process-level verification, and deployment-interface audits, while agent gains come more from structured scaffolds than larger models alone.
EN 中文
Evaluation goes process-first. Today’s strongest papers replace outcome-only scoring with verifiable process checks, while agent training and inference methods add finer-grained feedback for safer, more reliable systems.
EN 中文
Evaluation turns lifecycle-aware. Today’s papers push AI assessment into realistic workflows while exposing brittle safety, grounding, and training assumptions that cleaner benchmarks often miss.
EN 中文
Agent safety gets operational. Today’s strongest papers replace static agent scores with deployment-predictive evaluation and runtime control, while exposing safety failures rooted in tool privilege, orchestration, and execution boundaries.
EN 中文
Agent safety moves structural. Today’s strongest papers argue that prompt-only defenses are brittle: safer agents come from typed interfaces, privacy-aware benchmarks, and finer-grained training signals that constrain what models can access or emit.
EN 中文
Agent evaluation grows teeth. Today’s papers push agent research away from single-score demos toward process-aware evaluation, transactional runtimes, and realistic security tests that expose cross-step failures.
EN 中文
Agent security moves down-stack. Today’s strongest papers show agent failures increasingly come from infrastructure, process, and reward channels, pushing evaluation and defenses beyond prompt-level alignment alone.
EN 中文
Auditable agents take over. Today’s strongest papers favor process-aware verification, black-box auditing, and protocol-level agent design over monolithic accuracy claims, while multiple papers warn that current evaluation practice is too brittle to trust at face value.
EN 中文
Agent reliability gets audited. Today’s strongest papers favor evidence-bearing, executable agent workflows over answer-only performance, while puncturing default multi-agent assumptions and exposing new modular security risks.
EN 中文
Evaluation gets operational. Today’s papers push AI assessment and safety toward deployment-shaped tests, explicit control layers, and operational security for agents, RAG, and long-form oversight.
EN 中文
Agent safety moves upstream. Today’s papers argue that reliable agents depend less on bigger models than on containment, memory control, harder evaluation, and failure-targeted training loops.
EN 中文
Agent safety moves runtime. Today’s strongest papers argue that safer AI depends less on static alignment alone and more on process-aware evaluation, runtime controls, and finer-grained supervision for agents.
EN 中文
Agent security turns stateful. Today’s strongest papers show agent risk moving into memory, execution state, and post-training drift, while executable benchmarks and internal monitors expose failures that output-only checks miss.
EN 中文
Agent safety gets systemic. Today’s strongest papers argue that reliable agents need infrastructure-level controls, calibrated oversight, and harder long-horizon evaluation because weak judges, brittle verifiers, and prompt-only defenses fail predictably.
EN 中文
Reliability shifts to control. Today’s strongest papers treat reliability as a controllable systems property: richer evaluation, explicit verification layers, and security defenses that break attacker feedback loops rather than only filtering outputs.
EN 中文
Agent control gets concrete. Today’s strongest papers push agents toward governed memory, consequence-aware control, and more realistic evaluation, while exposing new attack surfaces in steering, context, and workflow artifacts.
EN 中文
Agent evaluation turns adversarial. Today’s strongest papers show that agent progress depends less on raw task wins and more on cheating-resistant evaluation, runtime defenses, and structured process signals for tool use and evidence.
EN 中文
Agent safety moves outward. Today’s strongest papers argue that agent safety now lives in interfaces and workflows: tool surfaces, memory gates, offline evaluation, and human oversight all expose failures hidden by clean benchmarks.
EN 中文
Agent safety turns stateful. Today’s strongest papers show agent risk and evaluation moving from single prompts and final answers toward persistent state, process tracing, and structured control surfaces.
EN 中文
Agent safety moves runtime. Today’s strongest papers shift AI safety from model-only alignment to runtime governance, realistic auditing, and trajectory-aware defenses as agent attack surfaces widen across the lifecycle.
EN 中文
Agent safety moves runtime. Today’s strongest papers argue that agent safety is now a systems problem: execution-boundary controls, process-aware evaluation, and supply-chain defenses matter more than prompt-only safeguards.
EN 中文
Agent control gets explicit. Today’s strongest papers replace monolithic agents with governed pipelines, adaptive context handling, and harsher evaluation that rewards traceability, calibration, and deployable safeguards over raw scores.
EN 中文
Agent reliability gets operational. Today’s papers push agents and safety systems toward deployment reality: process-aware evaluation, verifier-first scaffolds, and localized multimodal safety tests expose failures static benchmarks miss.
EN 中文
Agent benchmarks meet reality. Today’s strongest papers show agent capability claims are highly scaffold-dependent, while security and reliability increasingly hinge on pre-execution controls at routing, retrieval, and tool boundaries.
EN 中文
Agent safety moves runtime. Today’s strongest papers shift safety from end-score evaluation to runtime auditing and enforcement, while showing retrieval, memory, and judging pipelines create new structural failure modes.
EN 中文
Safety moves into systems. Today’s strongest papers show AI safety failures increasingly emerge from state, tools, memory, and evaluation design, pushing defenses toward structural controls and process-aware diagnostics.
EN 中文
Agent safety moves inline. Today’s strongest papers argue that agent safety now depends on runtime control, provenance, and long-horizon evaluation, because models often detect risk without changing unsafe behavior.
EN 中文
Agent safety turns runtime. Today’s strongest papers argue that deployment-grade agent safety comes from runtime control, long-horizon evaluation, and structure-aware training rather than prompt filters or static benchmarks alone.
EN 中文
Agent safety moves runtime. Today’s strongest papers argue that agent security and reliability depend less on detecting bad inputs than on controlling provenance, authority, and action at execution time.
EN 中文
Agent reliability gets structured. Today’s strongest papers improve agents and high-stakes AI systems by adding explicit control, state tracking, and evidence checks, while new benchmarks and attacks expose hidden deployment failures.
EN 中文
Evaluation turns adaptive. Today’s strongest papers push AI evaluation and control beyond static scores toward adaptive audits, explicit intermediate state, and deployment-minded hardening for agents, retrieval, and model supply chains.
EN 中文
Agent safety gets stateful. Today’s strongest papers show agent reliability now depends less on bigger models than on realistic security evaluation, runtime scaffolds, and explicit control of state, logs, and interfaces.
EN 中文
Agent safety moves runtime. Today’s strongest papers shift safety from prompt-level behavior to runtime audits, long-horizon reward-hacking evaluation, and system-level controls around tools, deployment, and optimization.
EN 中文
Evaluation gets executable. Today’s strongest papers replace heuristic scores with verifiable environments, uncertainty-aware auditing, and system-level safeguards, while new security results show agent risk is spreading across retrieval, multimodality, and reasoning workflows.
EN 中文
Agent safety shifts outward. Today’s papers argue that reliable AI depends less on bigger models than on external verification, auditable control layers, and broader threat models that include hidden attack channels and workflow failures.
EN 中文
Agent evaluation gets harsher. Today’s papers show a shift from static benchmark wins to adaptive attacks, process-aware reliability metrics, and realistic tool environments that expose large autonomy and safety gaps.
EN 中文
Agent safety moves downstream. Today’s strongest papers shift safety from output filtering to runtime structure, trace-level auditing, and post-deployment checks, with quantization and memory emerging as major failure surfaces.
EN 中文
Agent safety moves outward. Today’s strongest papers argue that reliable agents need external control layers, process-aware evaluation, and multi-turn threat models because prompt-level alignment breaks under history, peers, and persistent state.
EN 中文
Agent safety turns operational. Today’s strongest papers push safety from model claims to runtime evidence: real-environment jailbreak tests, formal guardrail guarantees, and benchmark audits that expose unsupported scores.
EN 中文
AI reliability gets real. Today’s strongest papers move beyond benchmark wins toward deployment evidence: harsher evaluation, validated agent workflows, and targeted robustness.
EN 中文