惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

S
Secure Thoughts
Recent Commits to openclaw:main
Recent Commits to openclaw:main
H
Heimdal Security Blog
SecWiki News
SecWiki News
H
Hacker News: Front Page
N
News | PayPal Newsroom
L
LINUX DO - 最新话题
N
News and Events Feed by Topic
TaoSecurity Blog
TaoSecurity Blog
AI
AI
C
Cybersecurity and Infrastructure Security Agency CISA
Scott Helme
Scott Helme
PCI Perspectives
PCI Perspectives
S
Securelist
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Cyberwarzone
Cyberwarzone
A
Arctic Wolf
Forbes - Security
Forbes - Security
T
Tor Project blog
Spread Privacy
Spread Privacy
WordPress大学
WordPress大学
I
Intezer
Martin Fowler
Martin Fowler
Help Net Security
Help Net Security
P
Proofpoint News Feed
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Cisco Talos Blog
Cisco Talos Blog
Latest news
Latest news
博客园 - 司徒正美
W
WeLiveSecurity
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
V
V2EX
P
Palo Alto Networks Blog
Google DeepMind News
Google DeepMind News
IT之家
IT之家
阮一峰的网络日志
阮一峰的网络日志
V
Vulnerabilities – Threatpost
Jina AI
Jina AI
S
Security Affairs
Hacker News - Newest:
Hacker News - Newest: "LLM"
Simon Willison's Weblog
Simon Willison's Weblog
Project Zero
Project Zero
T
Threatpost
P
Privacy International News Feed
人人都是产品经理
人人都是产品经理
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Application and Cybersecurity Blog
Application and Cybersecurity Blog
博客园 - Franky
Hugging Face - Blog
Hugging Face - Blog
Apple Machine Learning Research
Apple Machine Learning Research

DEV Community

Authentication Security Deep Dive: From Brute Force to Salted Hashing (With Java Examples) Why AI Systems Don’t Fail — They Drift Spilling beans for how i learn for exam😁"Reinforcement Learning Cheat Sheet" I Replaced Chrome with Safari for AI Browser Automation. Here's What Broke (and What Finally Worked) How Python Borrows Other People's Work The $40 Architecture: Processing 1 Billion API Requests with 99.99% Uptime Vibe Coding: A Workflow Guide (From Zero to SaaS) Most webhook security guides protect the wrong side. The scary part is delivery. Headless CMS for TanStack Start: Build a Blog with Cosmic EU Age Verification App "Hacked in 2 Minutes" — What Actually Happened Comfy Cloud’s delete function does not actually remove files Running AI Models on GPU Cloud Servers: A Beginner Guide Event-driven media intelligence with AWS Step Functions and Bedrock I scored 500 AI prompts across 8 quality dimensions — here's what broke How to Call Google Gemini API from Next.js (Free Tier, No Backend Needed) The Portal Protocol: Reclaiming Human Connection in the Age of AI How to Fix Your Team's Scattered Knowledge Problem With a Self-Hosted Forum Intro to tc Cloud Functors: A Graph-First Mental Model for the Modern Cloud Designing Multi-Tenant Backends With Both Ownership and Team Access I Built a Neumorphic CSS Library with 77+ Components — Here's What I Learned PostgreSQL Performance Optimization: Why Connection Pooling Is Critical at Scale Cómo construí un SaaS multi-rubro para gestionar expensas en Argentina con FastAPI + Vue 3 🚀 I Built an Ethical Hacking Scanner Tool – Open Source Project I Replaced /usage and /context in Claude Code With a Single Statusline A Pythonic Way to Handle Emails (IMAP/SMTP) with Auto-Discovery and AI-Ready Design I Collected 8.9 Million Polymarket Price Points — Here's What I Found About How Markets Really Move EcoTrack AI — Carbon Footprint Tracker & Dashboard Everyone's Using AI. No One Agrees How. 5 self-hosted ebook managers worth trying in 2026 Building Your First AI Agent with LangChain: From Chatbot to Autonomous Assistant Common SOC 2 Failures (Real World) Stop Vibe-Checking Your AI App: A Practical Guide to Evals How to Use SonarQube and SonarScanner Locally to Level Up Your Code Quality Your Next To-Do App Is Dead — I Replaced Mine with an OpenClaw AI Sign a Nostr event in 60 lines of Python using coincurve — no nostr-sdk, no nbxplorer, no rust toolchain ITGC Audit Explained Like You’re in Big 4 Patch Tuesday abril 2026: Microsoft parcha 163 vulnerabilidades y un zero-day en SharePoint Stop scraping everything: a better way to track competitor price changes Listing on MCPize + the Official MCP Registry while routing payments OUTSIDE the marketplace — how I kept 100% of my x402 revenue Building an AI-Powered Risk Intelligence System Using Serverless Architecture Why We Ripped Function Overloading Out of Our AI Toolchain Testing AI-Generated Code: How to Actually Know If It Works SaaS Churn Is Killing Your Business. Here Is What to Do About It (Without a Support Team) The Speed of AI Is No Longer Linear - And Self-Improving Models Are Why How to Implement RBAC for MCP Tools: A Practical Guide for Engineering Teams From Standard Quote to Persuasive Proposal: AI Automation for Arborists I built a CLI that scaffolds complete multi-tenant SaaS apps Axios CVE-2025–62718: The Silent SSRF Bug That Could Be Hiding in Your Node.js App Right Now The dashboard that ended our friendship Data Pipelines Explained Simply (and How to Build Them with Python) The Hidden Cost of AI Systems Nobody Talks About. undefined vs undeclared, and how typeof behaves Switching from file-based jobs to NATS/Kafka in Rust without changing code io_uring Adventures: Rust Servers That Love Syscalls Why Agentic AI is Killing the Traditional Database The POUR principles of web accessibility for developers and designers Quantum Neural Network 3D — A Deep Dive into Interactive WebGL Visualization How To Install Caveman In Codex On macOS And Windows Automation Pipeline Reliability: Why Your Workflow Breaks When Nobody Is Watching I Built an 'Open World' AI Coding Agent — It Works From ANY Folder From Freelancing to Product: A Tech Service Company's SaaS Transformation China's AI Giants: Adding Tencent Hunyuan & ByteDance Doubao to AI University (74 Providers) On the Vibe Coders and Their Lies clerk: Auto-Summarize Your Claude Code Sessions AI Weekly — 2026/04/10–04/17 | The Model Lockdown Is Here, but the Toolchain Is the Real Battleground AI 週報 — 2026/04/10–2026/04/17 模型封鎖潮來了,但工具鏈才是真戰場 Maybe this is how Open-Source apps are born... 🚀 Fine-Tune LLMs with LoRA and QLoRA: 2026 Guide tRPC v11 + Next.js App Router: End-to-End Type Safety Without the Boilerplate ShadCN UI in 2026: Why I Stopped Installing Component Libraries and Started Owning My Components SaaS Billing in React Server Components: Stripe + Supabase Without a Single `useEffect` Join our DEV Weekend Challenge — $1,000 in Prizes Across TEN winners! Submissions Due April 20 at 6:59 AM UTC. Implementing FSRS Spaced Repetition in Flutter + Supabase — Adding Memory Science to an AI Learning App "I Texted My Localhost From the Train — Claude Code Fixed the Bug Before I Got Home" I Built a Sales Prep AI and It Went Deeper Than Expected Design to Code #2: One JSON, Eleven Outputs Solving the 100M-Row Problem: A Summary Table Pattern for High-Volume Push Notification Logs Flutter Web With Wasm: What Actually Changes For Developers I Built 50 Royalty-Free Soundtracks for My Side Project in a Weekend Using AI Music Generation The Vibe Coding Security Checklist: 7 Things to Check Before You Ship Stop Letting Googlebot Guess Fix Your React App's SEO Right Desconstruindo o Streaming do LinkedIn: Como Criar um Engine de Extração de Vídeo de Alta Performance com HLS e FFmpeg (EDA Part-1) EDA (Exploratory Data Analysis) Explained With Real Life — Why Looking at Your Data Is the Most Important Step in Machine Learning Brand Relationship Management at Scale: Our 4-Touch Outreach System for 200+ Brands Why String.fromEnvironment() Might Return an Empty String in Dart JGuardrails 1.0.0 — Hardening Java LLM Apps Against Jailbreaks, Toxicity, and Prompt Injection Plan and Schedule a Full Week of Threads Content From One Claude Conversation Coding Cat Oran Ep3, Five Tables Changed Everything Updated: BFF Pattern I'm done watching freelancers get buried by 200 proposals. So I'm building the alternative. This is my first post BFS Algorithm in Java Step by Step Tutorial with Examples Tracking LLM Pricing Monthly: An Open Dataset for 22 AI Models How We Measure Content ROI on a Comparison Site: Revenue Attribution Without Perfect Data Introducing Nova AI Ops: The AI-Native Operating System for SRE Teams I built a free desktop video downloader for Windows — Grabbit How Talkie OCR Helps Vision-Impaired & Dyslexic Users Read the World Around Them VRCFaceTracking安装和iPhone面捕配置教程,有bug Even CrowdStrike Can't See Your Agents The Automation Gold Rush: What n8n Workflows and Claude Are Opening Up for Developers Right Now
Why Attractor Guided Engineering Cannot Be Demoted to an AI Agent Skill
canonical · 2026-06-01 · via DEV Community

Agent Skill is already one of the most widely accepted practices in AI Agent engineering: encapsulating repeatable tasks into capability packages that are discoverable, callable, and injectable into context.

This is certainly valuable. Diagnosing bugs can be a skill. Reviewing code can be a skill. Generating slides can be a skill. Converting files can be a skill. Skills let an Agent enter a proven way of working faster, and they allow teams to distill experience into reusable work specifications.

But as the saying goes: “If all you have is a hammer, everything looks like a nail.” The same is true for skills: as soon as people find a useful practice, their first instinct is often “wrap it into a reusable skill.”

Attractor Guided Engineering (AGE) points out that if every AI engineering practice is turned into a skill, we lose sight of the most critical question in AI-dominated software engineering: how does the system remain controlled and convergent under continuous perturbation?

Skills solve the problem of capability invocation. AGE solves the problem of how domain structure is preserved during the long-term evolution of a repository, and how trajectory drift is suppressed.

This also explains why AGE cannot be demoted to a skill: making skills the primary vehicle for AGE practices would collapse repository-level convergence mechanisms into one-shot invocation capabilities, defeating the purpose of AGE.

1. The Essence of a Skill is a Semantic-Level Hash Map

When many people think of skills, they first see the file form: SKILL.md, description, trigger words, supporting files, scripts, templates.

But these are just the shell. Where a skill really works is that the Agent runtime organizes them into a semantic-level lookup table:

task intent -> matched skill -> procedure bundle

In other words, the Agent does not gain capability simply because a file is named SKILL.md; it gains capability because the current task intent can be matched in the skill description space to a loadable work specification.

The hash here is not a string hash. The key is not a fixed string but a combination of task intent, contextual clues, trigger words, and descriptions; the value is not a single file but a collection of instructions, scripts, templates, and examples that can be injected into the context.

This structure is ideally suited to answering one question:

I need to do this kind of task — which set of practices should I load?

Therefore, skills are very suitable for encapsulating local capabilities: diagnosing bugs, reviewing diffs, calling tools, generating reports, executing checklists. Their organizing axis is invocation intent, mapping “what to do” to “which capability package to load.”

2. The Information Format Is Not the Key

Since the real mechanism of a skill is semantic matching, we must not fetishize the file format of a skill.

For an intelligent agent, the format in which information is written is not essential. AI can read Markdown, and it can also read XML and other formats. Database models, API models, and the like can be fully expressed in DSLs (domain-specific languages).

AGENTS.md and docs/index.md can perfectly serve as information routers and can even do better: through file links, we can provide hierarchical routing by domain structure. The AI can first read a compact entry point and then, as the task requires, progressively open more specific owner docs, model files, tests, and source code.

Therefore, the question is not “has this piece of knowledge been written as a skill?”

The question is: after the information changes form, does the original structure still exist?

A key capability of intelligence is the ability to freely transform information across forms. If the structure remains, knowledge written as Markdown, XML, tests, DSL/schema, or source code anchors can all be used by the AI. If the structure is lost, wrapping it in the most exquisite skill only makes the fragments—after the structure is lost—easier to invoke.

3. Why Dynamical Systems Care About Preserving Structure

Dynamical systems in mathematics and physics provide a useful intuition: the variables describing a system can change, but the key structures governing the system’s evolution must not be casually discarded.

Imagine a pendulum clock. You can describe it with angle and angular velocity, or with position and velocity, or with energy and phase. The form of expression can change, but the key structure of the pendulum cannot be lost: how position and velocity are coupled, how energy changes, how damping dissipates energy, where external forces enter.

If an algorithm only pursues “the next position looks roughly right” without preserving these structures, it might make only small errors at each step, yet over the long term it makes the pendulum swing higher and higher for no reason, or stop suddenly. The local output looks similar, but the long-term system is no longer the original system.

Consider an electrical circuit. You can describe it with node voltages, or with branch currents, or treat the energy stored in capacitors and inductors as state variables. The variable form can change, but some structures must not be lost: charge conservation, the coupling relationships between voltage and current, energy storage and dissipation in components, where the external power source injects energy.

If an algorithm only pursues voltage values at a few sampling points that look close, without preserving these structures, the long-term simulation may spontaneously generate energy, or turn a system that should dissipate into one that oscillates endlessly. The local curve resembles the truth, but the physical meaning of the system is already wrong.

This is what it means to preserve structure:

The form of expression can change, but key constraints, coupling relationships, and conservation/dissipation structures must not be lost.

A controlled system converges over the long term not because each step seems reasonable, but because these structures are preserved through repeated transformations and perturbations.

4. The State Space Is Not the Source Code Space

If we observe software engineering through the lens of dynamical systems, a repository is no longer a static folder but a system that is repeatedly perturbed. Every requirements clarification, plan generation, code modification, test addition, review, and log update pushes the repository to a new state.

Traditional software engineering rests on an implicit assumption: the human brain can serve as the long-term implicit integrator of system truth. Source code, requirements, architectural trade-offs, historical bugs, and unwritten context can ultimately be fully understood by a few core engineers who decide the direction of evolution.

After deep participation of AI, this underlying assumption is shaken. AI can generate at high frequency, modify at large amplitude, and spread across modules, while each session lacks a sustained sense of direction. The expansive force that AI introduces into the state space far exceeds the information processing capacity of a few humans. At this point, unless we forcibly slow AI down to a rhythm that humans can continuously integrate, the source of truth in the system's evolution can no longer be the memory inside someone's head. What the next session can re-read is not the complete intent in the author’s mind, but the code, diffs, logs, tests, docs, models, and audit evidence in the repository.

The history of nop-chaos-flux has already recorded this kind of drift multiple times. Workstream 8 of docs/plans/436-deep-audit-2026-05-24-full-remediation-plan.md fixed an active-doc drift: the documentation described component:open/close/toggle, component:refresh, the old package split, old source anchors, and an outdated component inventory as current facts, while the live repo was no longer like that. docs/logs/2026/05-26.md recorded a proof drift: the E2E tests still asserted that the spreadsheet's 30 row headers were mounted simultaneously, while the live spreadsheet shell had already been virtualized, so the correct proof could only assert that visible row headers were mounted. Code, documentation, and tests might each be locally reasonable, but the owner/proof/precedence relationships among them had already drifted.

Thus, the basic premise of AGE is:

Repository = Source of Truth
Chat = Transient work surface

Under this premise, the core question is not:

Did the Agent invoke the right skill this time?

but:

After many Agent perturbations, does the repository still converge in a controlled manner along the domain structure?

The basic picture of AGE is:

State space -> Attractor -> Trajectory -> Control

The state space here is not the “source code state space.” Source code answers what the current implementation is, but it cannot alone answer where the system should converge, why a certain design is valid, which behavior has been proven, why a certain deviation was accepted, and from where the AI should recover context next time.

AGE is concerned with the state of the entire repository engineering reality: source code, tests, owner docs, requirements, plans, logs, bug notes, schemas, XML models, database models, XDSL, AGENTS.md, docs/index.md, CI configuration, and audit evidence together constitute a state.

These are not several separable materials, but the distribution of the same set of semantic commitments across different carriers. Code has authority over implementation facts; owner docs have authority over convergence direction; tests have authority over proven behavior; logs/bug notes have authority over the evolution trajectory; plans/audits have authority over whether the current cycle of changes is closed. What AGE must maintain is the relationships among these authorities, not the sanctification of any single file format.

A Skill occupies a different position. AGE organizes the repository itself; skills are external capabilities or control inputs that act upon the repository.

External capabilities can change the system, but they cannot replace the internal structure of the system. A bug-diagnosis skill can be used in many repositories, many domains, many bug types. Its organizing logic is general task capability, not the topology of domain concepts inside a specific repository.

What truly needs to be preserved inside the repository are the relationships among source code, documentation, tests, models, plans, logs, and audit evidence — relationships such as owner, proof, precedence, and freshness. Skills can help modify these things, but they cannot replace the relationships themselves.

At this point, we realize that the skill’s semantic hash is insufficient to solve the problem. What a skill stores is:

task intent -> capability package

What AGE needs to preserve is:

domain concept -> semantic commitment -> implementation location -> proof evidence -> audit/memory -> subsequent obligations

These two structures are not the same. A skill can tell an Agent how to review, but it cannot automatically know which owner doc holds the current semantic fact. A skill can tell an Agent how to write tests, but it cannot automatically know which domain commitment this test protects. A skill can tell an Agent how to update documentation, but it cannot automatically determine whether a piece of information should go into an owner doc, a bug note, a log, a lesson, a reference, or a skill.

These judgments are not invocation capabilities; they are the semantic authority structure of the repository.

5. Why age-skill Is a Wrong Abstraction

Turning AGE into an age-skill is superficially tempting: take AGE’s rules, procedures, checklists, and document templates and write them into a callable capability package. When the Agent needs AGE, it loads this skill.

But this places AGE at exactly the wrong level. A skill is a capability package that is matched and loaded after a task occurs; AGE should be the repository structure that already exists before the task begins. It determines how the task is understood, where information is read from, whose voice prevails in a conflict, and how closure is proved after completion.

AGE cannot wait to appear only after a certain skill is selected. It should already be embodied in:

  • The operational boundary of AGENTS.md
  • The routing structure of docs/index.md
  • The fact ownership of owner docs
  • The conflict rules of source-of-truth precedence
  • The obligation declarations of plans
  • The proof relations of tests
  • The closure gates of audits
  • The trajectory memory of logs, bug notes, and lessons
  • The action constraints of freshness/autonomy

If these relationships exist only inside an age-skill, they are not repository structure but merely the content of a procedure bundle. Whenever the Agent does not match this skill, or the skill conflicts with the live repo, AGE becomes ineffective.

Making age-skill an always-on or global skill does not solve this problem either. At best, it can prescribe “read these owner docs first, check precedence this way, do a closure audit like that.” But the real owner, proof, precedence, and freshness relationships must still exist among the repository’s files, tests, logs, plans, and audit evidence.

So the problem is not whether age-skill is loaded every time; the problem is that a skill is still a capability package imposed on the repository from the outside. AGE must become the underlying topology of the repository itself. As long as owner, proof, precedence, and freshness are not internalized as repository state, AGE is demoted to an external operating method rather than an intrinsic convergence structure.

6. The Missing Concepts That AGE Supplies

Under the image of controlled convergence and structure preservation, what AGE supplies is not a new checklist, but a set of first-class system concepts that skill-ification practices lack.

1. Attractor

To what structure should the system return in the long run? This cannot be decided by any single skill. It needs to be carried by owner docs, architectural baselines, domain design, and source-of-truth precedence. Without an attractor, a skill can only tell the Agent how to do things; it cannot tell the repository where it should converge.

2. Trajectory

Completing a single task does not mean the system direction is correct. Logs, bug notes, lessons, plans, and audit records record how the repository arrived at its current state step by step. Without trajectory memory, the AI starts anew from a local cross-section each time, making it hard to judge whether the system is converging or drifting.

3. Semantic Authority

When a skill, plan, code, test, and documentation disagree, whose voice prevails? AGE requires owner, routing, and precedence, rather than letting the currently invoked skill adjudicate on the fly. Semantic authority is not part of the execution steps; it is the internal order of the repository’s state space.

4. Proof Relation

It is not enough for tests to “have coverage.” Tests must declare which semantic commitment they protect. Audit is not a checklist, either, but an examination of whether commitments have disappeared, weakened, or migrated to non-authoritative carriers. Proof relation makes verification not just about passing commands, but about returning to domain commitments.

5. Freshness / Autonomy

Documentation is not eternally trustworthy just because it was written. Whether a document is fresh affects whether the AI can act on it, how far it can go autonomously, and when it must stop and ask a human. Freshness/autonomy turns “can we trust this, can we do this automatically” into a visible state of the repository, rather than an ad-hoc judgment inside a single session.

6. Structure-Preserving Document Routing

AGENTS.md can provide the AI with a compact operational entry point, and docs/index.md can provide complete routing. The purpose of both is not to cram all knowledge into a single file, but to let the AI progressively open the right information according to the task’s needs. Information disclosure can be layered, but the domain structure must not be fragmented.

These concepts together form the semantic authority topology of AGE.

7. AGE Can Use Skills, But Cannot Become a Skill

AGE is not opposed to skills. Skills are excellent execution scaffolds.

But within AGE, skills can only be method nodes; they cannot be the source of truth, nor can they be AGE itself.

The correct order is:

First, find the route via AGENTS.md / docs/index.md
Then, read the domain or architectural owner doc
Then, read the active requirement / plan / audit evidence
Finally, select the appropriate skill as the execution method

Not:

First, select a skill, then let the skill decide fact ownership

For example, a bug diagnosis skill can tell the Agent how to reproduce and locate a problem. But which domain concept the root cause belongs to, which owner doc needs updating, which test proves the fix, and which category of regression the bug note will constrain in the future — all of these must be decided by returning to the semantic topology of AGE.

A good skill accelerates execution. Bad skill-ification replaces domain structure with execution methods.

8. Judgment Criteria

To judge whether a set of AI engineering practices is over-skill-ified, ask:

  1. Does it organize knowledge primarily by operational verbs, or by domain concepts and architectural ownership?
  2. Are its links mainly execution resource references, or owner / invariant / proof / precedence / freshness relationships?
  3. After information is transformed between skills, plans, code, tests, docs, and logs, can the domain structure still be recovered?
  4. If all skills are deleted, does the repository still know what is correct, who owns it, and how to prove it?

If the answers are negative, skills have already taken on attractor responsibilities they should not bear.

The ultimate distinction can be compressed into a single sentence:

Skill packages capabilities by invocation.
AGE preserves domain structure across transformations.

Skills make the Agent better at doing things. AGE ensures that after the Agent does things repeatedly, the repository still converges in a controlled manner along the domain structure.

AGE Application Development Template