Research Papers 论文研究 3h ago Updated 1h ago 更新于 1小时前 49

From Prompts to Contracts: Harness Engineering for Auditable Enterprise LLM Agents 从提示词到契约:利用工程化构建可审计的企业级LLM智能体

Introduces a "harness-engineering" approach that shifts deterministic logic from prompts to code, enabling auditable and traceable enterprise LLM agents. Validates the architecture using a dataset of 25 listed Korean companies, demonstrating robust performance across source grounding, entity routing, and output hygiene. Proves that code-enforced contracts maintain full utility (120/120) compared to external guardrails (88/120) which suffer from excessive refusal rates. Demonstrates that prompt-o 提出“Harness Engineering”范式,将LLM应用从依赖Prompt的原型阶段升级为具备可审计性的企业级架构。 通过代码层强制执行源 grounding、实体路由、输出卫生等契约,确保行为确定性与可追溯性。 实验证明该架构在替换不同底层模型时仍能保持稳定性,且比外部护栏机制更好地平衡了安全性与实用性。

65
Hot 热度
75
Quality 质量
70
Impact 影响力

Analysis 深度分析

TL;DR

  • Introduces a "harness-engineering" approach that shifts deterministic logic from prompts to code, enabling auditable and traceable enterprise LLM agents.
  • Validates the architecture using a dataset of 25 listed Korean companies, demonstrating robust performance across source grounding, entity routing, and output hygiene.
  • Proves that code-enforced contracts maintain full utility (120/120) compared to external guardrails (88/120) which suffer from excessive refusal rates.
  • Demonstrates that prompt-only instructions fail to prevent internal trace leakage, whereas the proposed harness completely blocks such violations.

Why It Matters

This research addresses the critical gap between experimental LLM prototypes and production-ready enterprise applications by providing a structured method for ensuring reliability and auditability. It offers practical insights for AI engineers on how to balance safety constraints with operational utility, showing that rigid code-based enforcement outperforms both pure prompting and external guardrails.

Technical Details

  • Architecture: Reconstructs LLM agent patterns by moving deterministic behavior into code, manifests, schemas, and validation artifacts surrounding a replaceable composition boundary.
  • Dataset: Evaluated on a public-data slice comprising five Korean corporate groups and 25 listed companies.
  • Validation Scenarios: Tested for source-grounding, entity-routing, traceability, output-hygiene, and recommendation-language contracts.
  • Model Substitution: Verified stability across three different hosted models, with all 270 composition-boundary runs passing checks.
  • Ablation Study: Compared the harness against prompt-only instructions and bolt-on external guardrails, highlighting the trade-off between safety and utility.

Industry Insight

  • Enterprises should prioritize code-based validation layers over prompt engineering alone to ensure consistent compliance and prevent data leakage in production environments.
  • When implementing guardrails, teams must carefully tune refusal thresholds to avoid degrading user experience, as overly strict external filters can significantly reduce utility.
  • Adopting a modular harness design allows for easier model substitution and maintenance, facilitating the transition from prototype to scalable, auditable AI products.

TL;DR

  • 提出“Harness Engineering”范式,将LLM应用从依赖Prompt的原型阶段升级为具备可审计性的企业级架构。
  • 通过代码层强制执行源 grounding、实体路由、输出卫生等契约,确保行为确定性与可追溯性。
  • 实验证明该架构在替换不同底层模型时仍能保持稳定性,且比外部护栏机制更好地平衡了安全性与实用性。

为什么值得看

本文解决了企业级LLM应用落地中“原型易得,生产难控”的核心痛点,提供了从探索性原型到可审计产品的工程化路径。对于追求合规、安全及稳定性的AI工程师和产品负责人而言,其提出的契约化验证模式具有重要的实践指导意义。

技术解析

  • 架构重构:将确定性逻辑(如边界检查、实体路由、验证)从Prompt移至代码层,围绕可替换的组合边界构建Manifests、Schema和验证工件,使来源支持的声明成为运行时答案的唯一权威。
  • 实证评估:基于韩国五大企业集团(25家上市公司)的公开数据切片进行实例化,通过故障注入控制验证了校验器对违规契约的捕获能力。
  • 模型无关性与对比:在三种托管模型上进行的270次组合边界运行中,契约检查均通过;对比显示,仅靠Prompt指令无法阻止内部痕迹泄露,而外挂式护栏会导致过度拒绝(效用降至88/120),唯有代码拥有的强制力能同时保障安全与完整效用(120/120)。

行业启示

  • 工程范式转移:企业应摒弃单纯依赖Prompt优化的思路,转向“代码即契约”的工程模式,将LLM视为组件而非黑盒,通过严格的接口定义和验证层来管理不确定性。
  • 合规与审计优先:在金融、法律等高监管行业,建立版本化的来源控制和可重现的执行轨迹是产品化的必要前提,而非可选功能。
  • 平衡安全与效用:在设计Guardrails时,需警惕过度防御导致的可用性下降;内嵌式的代码验证层相比外部拦截器,能在保证安全的同时最大化业务价值。

Disclaimer: The above content is generated by AI and is for reference only. 免责声明:以上内容由 AI 生成,仅供参考。

LLM 大模型 Agent Agent Security 安全 Research 科学研究 Deployment 部署