惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

博客园 - 【当耐特】
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
AI
AI
酷 壳 – CoolShell
酷 壳 – CoolShell
D
Docker
宝玉的分享
宝玉的分享
Hugging Face - Blog
Hugging Face - Blog
云风的 BLOG
云风的 BLOG
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
博客园 - 三生石上(FineUI控件)
J
Java Code Geeks
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Y
Y Combinator Blog
P
Palo Alto Networks Blog
P
Privacy & Cybersecurity Law Blog
T
Tenable Blog
B
Blog
大猫的无限游戏
大猫的无限游戏
L
LINUX DO - 热门话题
Cisco Talos Blog
Cisco Talos Blog
IT之家
IT之家
Engineering at Meta
Engineering at Meta
C
CERT Recently Published Vulnerability Notes
A
Arctic Wolf
Scott Helme
Scott Helme
C
Cisco Blogs
F
Fortinet All Blogs
Jina AI
Jina AI
W
WeLiveSecurity
Hacker News: Ask HN
Hacker News: Ask HN
GbyAI
GbyAI
L
LangChain Blog
P
Privacy International News Feed
Martin Fowler
Martin Fowler
The GitHub Blog
The GitHub Blog
Project Zero
Project Zero
TaoSecurity Blog
TaoSecurity Blog
A
About on SuperTechFans
N
News | PayPal Newsroom
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
G
GRAHAM CLULEY
I
InfoQ
K
Kaspersky official blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
T
Troy Hunt's Blog
博客园_首页
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
I
Intezer
博客园 - 聂微东

The Register - Special Features

Troops’ phones gave away location data to foreign adversaries Qualcomm picks bad time to pitch a $300 laptop platform AI agents get their own phone directory built atop DNS Carnival confirms ShinyHunters cruised off with 6M customer records after April breach Google engineer accused of turning Year in Search secrets into Polymarket payday Are we human? India's cyber agency sets clock at 12 hours to tackle exploited bugs as AI turns up the heat Broadcom gets early start on WiFi 8 with next-gen wireless routing kit Are we human? Microsoft Excel champ proves he still has the formula Anthropic co-founder hallucinates ghost in the machine Anthropic co-founder hallucinates ghost in the machine NASA plans Moon Base buildout with rovers, drones, cargo landers MyPillow must decide whether to be firm or soft as ransomware crims demand pay Starship shows it can deploy satellites, but Moon mission clock still ticks Huawei's chip law looks less like Moore and more like marketing Experts pour cold borscht on Farage's Russian hack claim Logitech unveils a cushioned mouse for all-day use AI eyes scanning for bugs create a worrisome Linux security trend A Russian speaker and jailbroken Gemini went on a hacking spree and emptied at least one MAGA victim's crypto wallets AI datacenter boom collides with US grid reality Media giant settles for $930k amid user-snooping allegations AT&T sues to ditch Cali copper phone lines to save billions FBI warns of Kali365 as device code phishing soars Techie claims Trump Mobile website was leaking thousands of people's data BOFH: Vibe-coded solutions arrive for problems nobody has Dems slam Trump for making cybersecurity hold out the tin cup while splurging on ballroom and Jan. 6 'slush fund' Google explains how it will infuse ads into AI answers AI is getting pricey, but relief is coming, but not for you Deus ex machina: Half of US Christians trust AI's spiritual advice Attackers spill plaintext passwords of 46k Myspace93 users after 2021 breach Apple adds AI smarts to Voice Control, VoiceOver and Magnifier ahead of Accessibility Day Microsoft open-sources agentic AI safety tools OpenAI wants upfront cash for guaranteed AI capacity Fedora: Microsoft is all aboard, but Deepin is dumped Bye-bye, Gemini CLI; Google nudges devs toward Antigravity Plex appeal fades as Lifetime Pass jumps to $750 AI sackings reach New Zealand, which will use it to eject 14 percent of government staff Anthropic’s Stainless steal tightens grip on AI dev tooling Are we human? Google touts tokenmaxxing, huge capex, and AI agents at I/O America's top cyber-defense agency left a GitHub repo open with with passwords, keys, tokens – and incredibly obvious filenames America's top cyber-defense agency left a GitHub repo open with passwords, keys, tokens – and incredibly obvious filenames Shadow AI invades the workplace, up 4x in the last year Microsoft refreshes Surface for Business lineup, starts AI PC upsell at $1,499 Broadcom finds a VMware customer willing to stick around: London Stock Exchange 468k records allegedly stolen from Portugal’s postal carrier Baidu says the quiet part out loud – you can’t build AI infrastructure, so clouds can cash in Shai-Hulud copycat worm infects yet another npm package Uncle Sam's next big super might not use GPUs Are we human? Datacenters slurping up so much juice they boosted prices 75% in largest US energy market MPs want social media treated more like unsafe toys than harmless apps Cerebras’ wafer-scale AI bet delivers blockbuster IPO Nobody believes the 'criminals and scumbags' who hacked Canvas really deleted stolen student data Anthropic tosses agents into the API billing pool Jen Easterly, cybersecurity's 'relentless optimist,' hopes feds come back to RSAC next year Jen Easterly, cybersecurity's 'relentless optimist' Smooth criminals talking their way into cloud environments, Google says Voice phishing skyrockets as smooth crims talk their way in RSAC 2026: Uncle Sam backs out, AI agents everywhere RSAC 2026: Uncle Sam backs out, AI agents everywhere Decoding Nvidia's Groq-powered LPX and the rest of its new rack systems A closer look at Nvidia's Groq-powered LPX rack systems Nvidia slaps $20B Groq tech into massive new LPX racks to speed AI response time Nvidia slaps Groq into new LPX racks for faster AI response AI Burning Man happens next week – what to expect at Nvidia GTC 2026 Nvidia GTC 2026: What to expect at AI Burning Man Unaccounted-for AI agents are being handed wide access Unaccounted-for AI agents are being handed wide access Google to foist Gemini pane on Chrome users Google to foist Gemini pane on Chrome users Yes, you can build an AI agent – here's how, using LangFlow How to build an AI agent using LangFlow Clawdbot becomes Moltbot, but can’t shed security concerns Clawdbot becomes Moltbot, but can’t shed security concerns Gartner questions if Salesforce AI will stay all-you-can-eat Gartner questions if Salesforce AI will stay all-you-can-eat Claude supports MCP Apps, presents UI within chat window Claude supports MCP Apps, presents UI within chat window Cursor is better at marketing than coding Cursor is better at marketing than coding Feds skipping infosec industry's biggest conference, RSAC AI is rewriting how power flows through the datacenter All aglow about DCs, investors launch $300M at microreactor startup Radiant bags $300M-plus to commercialize its microreactors Why do bit barns keep bumping up our bills, Senators ask DC operators Senate trio questions DC operators over rising energy costs Building the AI factory datacenter Delays? What delays? Oracle insists its $300B cloud contract with OpenAI is on track Oracle insists its $300B contract with OpenAI is on schedule Salesforce willing to lose money on AI to lock in customers Salesforce willing to lose money on AI to lock in customers Galactic Brain space datacenter coming in 2027, pledges startup Aetherflux Galactic Brain space datacenter promised in 2027 Activist groups urge Congress to pause datacenter buildouts Activist groups urge Congress to pause datacenter buildouts Bezos-backed Unconventional AI addresses datacenter power Bezos-backed Unconventional AI addresses datacenter power AWS re:Invent keynote: Matt Garman bores, then thrills
Smelly config files will make your agents waste tokens, researchers warn
Thomas Claburn · 2026-06-18 · via The Register - Special Features

AI AND ML

Researchers urge developers to see that less is more when it comes to instructions

If you're exposing your agent to a strong odor, it's time to clean up your instructions.

Risky or poorly structured code patterns are known as "code smells," and it turns out coding agent directives can be similarly redolent, leading to wasted tokens and worse output. 

Coding agents rely on configuration files that summarize expected agent behavior. These context-enhancing files are commonly written in Markdown and named either CLAUDE.md for those using Anthropic models or AGENTS.md for pretty much everyone else.

They include various text instructions that advise the coding agent about desired behavior and tool use. And they can get rather wordy. Anthropic advises no more than 200 lines of text because longer files consume model context and may hinder model coherence.

Researchers affiliated with the computer science department of the Federal Institute of Minas Gerais in Brazil recently scoured some 532,000 files to build and analyze a dataset of 100 popular open-source projects containing either an AGENTS.md or a CLAUDE.md file.

"Our results show that configuration smells are widespread," the authors state. "Lint Leakage was the most common smell, affecting 62 percent of the files, followed by Context Bloat (42 percent) and Skill Leakage (35 percent)."

Linting is the process of running automated tools to check code for programming and style errors. Lint Leakage refers to agent instructions that repeat rules already enforced by linters, format checkers, and static analysis tools. Duplicative rules waste tokens by burdening the underlying model with guidance for a task already handled reliably by programmatic tools.

Context Bloat, as its name suggests, describes the tendency of developers to overspecify code agent behavior. "Bloated configuration files increase token consumption, raise costs, and reduce the visibility of important instructions," the authors observe, pointing to Anthropic's recommendation of no more than 200 lines of text.

Skill Leakage, another common configuration smell, occurs when rarely used tools or practices get added to the AGENTS.md file, which gets loaded in every agent session. The agent instructions would be better in a separate skills file (e.g. SKILLs.md) that gets loaded only when needed. Skill leakage also expands the agent's context unnecessarily and potentially distracts agents from other things.

Other agentic odors include: Blind References, which happens when configuration files reference external documents (e.g. via URLs) without explaining when that resource becomes relevant; Init Fossilization, configuration details set up upon a project's initialization that are no longer relevant; and Conflicting Instructions, which occur when agent directives contradict each other.

The study authors say that they found at least one of these six smells in 91 of the 100 AGENTS.md files tested.

"These results suggest that developers could benefit from catalogs and tools designed to spot configuration issues in agent configuration files," they conclude in the preprint paper, entitled "Configuration Smells in AGENTS.md Files: Common Mistakes in Configuring Coding Agents." The authors are Helio Victor F. dos Santos, Vitor Costa, Joao Eduardo Montandon, Luciana Lourdes Silva, and Marco Tulio Valente.

The message here is that less is more when it comes to code agent configuration files, perhaps even to the point that anything is worse than nothing. 

Similarly, when ETH Zurich boffins examined the impact of context files for agents a few months ago, they found [PDF] that developer-generated instructions raised costs and only improved code performance about 4 percent, while LLM-generated instructions had a small (3 percent) negative impact on agent-generated code.

They concluded "unnecessary requirements from context files make tasks harder, and human-written context files should describe only minimal requirements." ®