- 官方安全设计主轴:OpenAI
Safety in the Agent Builder/Designing AI agents to resist prompt injection/Practices for Governing Agentic AI Systems/ChatGPT Agent System Card/Operator System Card - 运行时控制主轴:Anthropic
Securely deploying AI agents/Handle approvals and user input/Computer use tool、GoogleEnhanced Tool Governance/Model Armor、AWSBedrock AgentCore、MicrosoftFoundry Agent Service/Tracing - 安全治理与标准主轴:
NIST AI RMF 1.0、Generative AI Profile、Cyber AI Profile、OWASP LLM Top 10、MITRE ATLAS、EU AI Act - Agent 特有威胁主轴:
Indirect Prompt Injection、AI Agents Under Threat - 安全 benchmark 与 red teaming 主轴:
Agent Security Bench、Agent-SafetyBench、Cybench、Risky-Bench - 本章落点主轴:安全的对象已从“输出内容”升级为“权限、状态、动作、运行时和责任链”,因此 Agent 安全本质上是系统设计问题
附录 G:分章资料清单