惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Help Net Security
Help Net Security
Engineering at Meta
Engineering at Meta
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
小众软件
小众软件
爱范儿
爱范儿
IT之家
IT之家
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
阮一峰的网络日志
阮一峰的网络日志
C
CERT Recently Published Vulnerability Notes
月光博客
月光博客
Cisco Talos Blog
Cisco Talos Blog
Google DeepMind News
Google DeepMind News
T
Tor Project blog
T
Tenable Blog
Forbes - Security
Forbes - Security
AI
AI
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
NISL@THU
NISL@THU
人人都是产品经理
人人都是产品经理
博客园 - 司徒正美
F
Full Disclosure
雷峰网
雷峰网
N
News and Events Feed by Topic
T
Threatpost
TaoSecurity Blog
TaoSecurity Blog
Simon Willison's Weblog
Simon Willison's Weblog
AWS News Blog
AWS News Blog
Hacker News: Ask HN
Hacker News: Ask HN
S
Secure Thoughts
S
Security @ Cisco Blogs
The Hacker News
The Hacker News
P
Palo Alto Networks Blog
P
Privacy International News Feed
H
Heimdal Security Blog
博客园_首页
MongoDB | Blog
MongoDB | Blog
V
Visual Studio Blog
C
Check Point Blog
Stack Overflow Blog
Stack Overflow Blog
B
Blog RSS Feed
有赞技术团队
有赞技术团队
B
Blog
Microsoft Security Blog
Microsoft Security Blog
S
Schneier on Security
T
Tailwind CSS Blog
C
Cyber Attacks, Cyber Crime and Cyber Security
Project Zero
Project Zero
T
The Exploit Database - CXSecurity.com
U
Unit 42
Jina AI
Jina AI

The Register

Shadow IT has given way to shadow AI. Enter AI-BOMs Zed team releases version 1.0 of Rust-built editor: Traditional editor and AI tool Microsoft boss tells investors the company is working to 'win back fans' What type of 'C2 on a sleep cycle' do they leave behind? Novel Chinese spy group found in critical networks in Poland, Asia NASA boss: Make Pluto A Planet Again GitHub says sorry and vows to do better as uptime slips and devs complain Age checks could turn internet into an ID checkpoint, complains Proton CEO Microsoft gives your Word documents an AI co-author you didn’t ask for Datadog digs down into GPU efficiency as AI costs soar If malware via monitor cables is a matter of national security, this might be the gadget for you Thunderbird in hand worth 2 Outlooks as fresh FOSS fave and Firefox arrive Grafana offers AI assistant for free, warns users not to go mad Right to repair champ Framework punts modular 13in laptop with Core Ultra Series 3 France's 'Secure' ID agency probes breach as crooks claim 19M records Scotland Yard can keep using live facial recognition on Londoners, say judges UK tribunal sends £2B claim accusing Microsoft of overcharging for licensing to trial Nation-states want to cause harm, not just steal cash - stop handing your cyber defenses to the cheapest contractor Murder, she wrote: Ex-FBI chief wants some ransomware crims charged with homicide Phone-to-satellite use goes into orbit, growing 25% in 8 months macOS ClickFix attacks deliver AppleScript stealers to snarf credentials, wallets Anthropic bakes memory fixes into Bun 1.1.13 as developers complain of leaks The spaghettified DBMS chart that shows Oracle's crown is slowly slipping Yet another ex-ransomware negotiator admits turning rogue after payoff from crimelords FAA grounds Blue Origin's New Glenn as it probes missed satellite delivery 'mishap' AMD's Ryzen 9 9950X3D2 Dual Edition tested: Gratuitous overkill with a price to match AI-assisted intruders pwned Vercel via OAuth abuse and a pilfered employee account Crook claims to leak 'video surveillance footage' of companies Met police trials snoop tech platform in push to cuff more London shoplifters England's school phone ban gets teeth, just in time to bite no one Adaptavist Group breach spawns imposter emails as ransomware crew claims mega-haul Panasonic creates device-locked QR codes to speed facial biometric capture Iran claims US used backdoors to knock out networking equipment during war NASA Inspector fears new spacesuits won’t be ready for Moon landing Vibe coding upstart Lovable denies data leak, cites 'intentional behavior,' then throws HackerOne under the bus Trump-branded datacenter project fails to make itself great, again World's blandest man steps down from CEO job to spend more time in tastefully appointed home Chase got a spiff of $77 million to create one job with New York datacenter Scot becomes second Scattered Spider-linked crook to plead guilty in US You too can build a nuclear battery from junk you have lying around the house Schmoozebots: study finds flattery will get AI everywhere One of Europe's sovereign cloud picks may not be so-sovereign after all New Android development tool designed for robots, not humans AI is reshaping Britain's datacenter map away from London HP's remote desktop push retreats as Anyware heads for end of life 'Invisible mouse' made a mess of PC rebuild NASA working on ‘Big Bang’ upgrade to keep the Voyagers alive for longer Indonesia’s game rating system paused amid claims it leaked developer creds and glimpses of major new titles Just like phishing for gullible humans, prompt injecting AIs is here to stay Atlassian’s new data collection policy protects rich customers while AI eats the rest Intel eases reliance on TSMC with 'Merica-made Core Series 3 processors NASA gets the ball rolling on its part in Europe's jinxed Mars rover mission Attention data hoarders: Alexa loses its Plex appeal as voice feature gets canned Locked-out iPhone user tells The Reg that Apple is scrambling to fix character flaw passcode bug Would you like fries with that terminal? Capita won disastrous UK pensions gig after acing performance checks NodeWeaver says its perpetual licensing beats VMware’s perpetual price hikes Maine to pause big bit barns as local opposition spreads If you want into Anthropic's Claude club, you may have to show ID DuckDB uses RDBMS to tackle lakehouse 'small changes' issue Iran has something America can only dream of: cheap broadband Brussels tells Google to hand rivals its search crown jewels as privacy row brews Visual Studio 18.5 lands with AI debugging at a price Git identity spoof fools Claude into giving bad code the nod McGraw Hill linked to 13.5M-record data leak Microsoft announces product it doesn't want anyone to buy Obsolete Google nag drowns out vital bar information at Swedish concert hall Cops hand Motorola £25M to keep 2000-era radios alive Server-room lock was nothing but a crock QUIC will soon be as important as TCP – but it's vastly different Nobody knows how many CVEs Anthropic's Project Glasswing has actually found Allbirds shoe company moving to AI infra is the top 20-year-old Enlightenment E16 bug finally gets patched Bad teacher bots can leave hidden marks on model students Autovista blames ransomware for service disruption Networks not ready for the challenges of AI traffic Windows takes a crash dump after one McDonald's too many French cops free mother and son after crypto kidnapping US states can't account for datacenter tax breaks. Literally Salesforce debuts Headless 360 agentic platform Fission impossible: Uncle Sam wants nuclear power in space UK told its Big Tech habit is now a national security risk UKAEA lays out roadmap to take Britain closer to fusion Waymo's self-driving cars face their toughest test yet: London The only technology that died more times than VR is AI, and that seems to have worked out Boeing soars past Airbus for the first time in years Commvault has a Ctrl+Z for rogue AI agents Nvidia slaps forehead: AI, that's what quantum needs! Oracle taps Bloom for fuel cells to support datacenter binge GitHub recalls Phabricator with preview of Stacked PRs Physicist proposes two-button calculator Amazon pays $11.5B to satisfy satellite-envy while cowering in Musk's shadow No honor among thieves as 0APT threatens rival ransomware gang Krybit NASA insiders oddly relaxed about latest budget threats Microsoft raises UK Surface prices as RAM crisis reaches the checkout OpenAI CEO Sam Altman home attack suspect charged Microsoft kills off Outlook Lite as memory costs skyrocket UK state bank considers lengthening disastrous IT program Japan going back to the future by reviving its chip industry Windows Update: Torture chamber for seldom-used PCs Japanese rocket came unglued, causing mission fail
Smelly config files will make your agents waste tokens, researchers warn
Thomas Claburn · 2026-06-18 · via The Register

AI AND ML

Researchers urge developers to see that less is more when it comes to instructions

If you're exposing your agent to a strong odor, it's time to clean up your instructions.

Risky or poorly structured code patterns are known as "code smells," and it turns out coding agent directives can be similarly redolent, leading to wasted tokens and worse output. 

Coding agents rely on configuration files that summarize expected agent behavior. These context-enhancing files are commonly written in Markdown and named either CLAUDE.md for those using Anthropic models or AGENTS.md for pretty much everyone else.

They include various text instructions that advise the coding agent about desired behavior and tool use. And they can get rather wordy. Anthropic advises no more than 200 lines of text because longer files consume model context and may hinder model coherence.

Researchers affiliated with the computer science department of the Federal Institute of Minas Gerais in Brazil recently scoured some 532,000 files to build and analyze a dataset of 100 popular open-source projects containing either an AGENTS.md or a CLAUDE.md file.

"Our results show that configuration smells are widespread," the authors state. "Lint Leakage was the most common smell, affecting 62 percent of the files, followed by Context Bloat (42 percent) and Skill Leakage (35 percent)."

Linting is the process of running automated tools to check code for programming and style errors. Lint Leakage refers to agent instructions that repeat rules already enforced by linters, format checkers, and static analysis tools. Duplicative rules waste tokens by burdening the underlying model with guidance for a task already handled reliably by programmatic tools.

Context Bloat, as its name suggests, describes the tendency of developers to overspecify code agent behavior. "Bloated configuration files increase token consumption, raise costs, and reduce the visibility of important instructions," the authors observe, pointing to Anthropic's recommendation of no more than 200 lines of text.

Skill Leakage, another common configuration smell, occurs when rarely used tools or practices get added to the AGENTS.md file, which gets loaded in every agent session. The agent instructions would be better in a separate skills file (e.g. SKILLs.md) that gets loaded only when needed. Skill leakage also expands the agent's context unnecessarily and potentially distracts agents from other things.

Other agentic odors include: Blind References, which happens when configuration files reference external documents (e.g. via URLs) without explaining when that resource becomes relevant; Init Fossilization, configuration details set up upon a project's initialization that are no longer relevant; and Conflicting Instructions, which occur when agent directives contradict each other.

The study authors say that they found at least one of these six smells in 91 of the 100 AGENTS.md files tested.

"These results suggest that developers could benefit from catalogs and tools designed to spot configuration issues in agent configuration files," they conclude in the preprint paper, entitled "Configuration Smells in AGENTS.md Files: Common Mistakes in Configuring Coding Agents." The authors are Helio Victor F. dos Santos, Vitor Costa, Joao Eduardo Montandon, Luciana Lourdes Silva, and Marco Tulio Valente.

The message here is that less is more when it comes to code agent configuration files, perhaps even to the point that anything is worse than nothing. 

Similarly, when ETH Zurich boffins examined the impact of context files for agents a few months ago, they found [PDF] that developer-generated instructions raised costs and only improved code performance about 4 percent, while LLM-generated instructions had a small (3 percent) negative impact on agent-generated code.

They concluded "unnecessary requirements from context files make tasks harder, and human-written context files should describe only minimal requirements." ®