Agent-Native 架构指南：构建原生智能体应用的核心原则与最佳实践

agent-native-architecture by everyinc/compound-engineering-plugin

261 周安装量

10,900 GitHub Stars

GitHub

安装命令

npx skills add https://github.com/everyinc/compound-engineering-plugin --skill agent-native-architecture

AI/机器学习自动化系统架构

🇨🇳中文介绍

<why_now>

为何是现在

软件智能体现在已能可靠工作。Claude Code 证明了，一个拥有 bash 和文件工具访问权限的大型语言模型，以循环运行直至达成目标的方式，能够自主完成复杂的多步骤任务。

令人惊讶的发现是：一个真正优秀的编码智能体，实际上就是一个真正优秀的通用智能体。 让 Claude Code 重构代码库的相同架构，也可以让一个智能体来组织你的文件、管理你的阅读清单或自动化你的工作流。

Claude Code SDK 使这变得触手可及。你可以构建这样的应用程序：其中的功能不是你编写的代码——而是你描述的结果，由拥有工具的智能体达成，该智能体循环运行直至达到预期结果。

这开辟了一个新领域：以 Claude Code 工作方式运行的软件，应用于远超出编码范畴的各类场景。</why_now>

<core_principles>

核心原则

1. 对等性

用户通过界面能做的任何事情，智能体都应该能够通过工具实现。

这是基本原则。没有它，其他一切都无从谈起。

假设你构建了一个笔记应用，拥有创建、组织和标记笔记的漂亮界面。用户要求智能体：“创建一个总结我会议的笔记，并将其标记为紧急。”

如果你构建了创建笔记的界面，但没有赋予智能体相同的能力，那么智能体就会束手无策。它可能会道歉或请求澄清问题，但无法提供帮助——即使这个操作对于使用界面的人类来说是微不足道的。

解决方案： 确保智能体拥有能够完成界面所能做的任何事情的工具（或工具组合）。

这并不是要创建界面按钮与工具之间的一一映射。而是要确保智能体能够达成相同的结果。有时这需要一个单一工具（create_note）。有时则需要组合多个基本操作（write_file 到笔记目录并进行适当格式化）。

准则： 当添加任何界面功能时，请问：智能体能否达成这个结果？如果不能，请添加必要的工具或基本操作。

能力映射表有助于理解：

用户操作

广告位招租

在这里展示您的产品或服务

触达数万 AI 开发者，精准高效

联系我们

文件与工作空间

共享工作空间： 智能体和用户在相同的数据空间中工作
context.md 模式： 智能体读取/更新上下文文件以积累知识
文件组织： 具有一致命名的实体作用域目录

完成信号： 智能体具有显式的 complete_task 工具（而非启发式检测）
部分完成： 多步骤任务跟踪进度以便恢复
上下文限制： 从一开始就为有限的上下文进行设计

可用资源： 系统提示包含存在的内容（文件、数据、类型）
可用能力： 系统提示用用户词汇记录工具
动态上下文： 对于长时间会话，上下文会刷新（或提供 refresh_context 工具）

智能体 → 界面： 智能体的更改反映在界面中（通过共享服务、文件监视或事件总线）
无静默操作： 智能体的写入会立即触发界面更新
能力发现： 用户可以了解智能体能做什么

移动端（如果适用）

检查点/恢复： 优雅处理 iOS 应用挂起
iCloud 存储： 优先使用 iCloud，本地回退以实现多设备同步
成本意识： 模型层级选择（Haiku/Sonnet/Opus）

设计架构时，在你的计划中明确处理每个复选框。</architecture_checklist>

快速开始：构建一个原生智能体功能

步骤 1：定义原子化工具

const tools = [
  tool("read_file", "读取任何文件", { path: z.string() }, ...),
  tool("write_file", "写入任何文件", { path: z.string(), content: z.string() }, ...),
  tool("list_files", "列出目录", { path: z.string() }, ...),
  tool("complete_task", "发出任务完成信号", { summary: z.string() }, ...),
];

步骤 2：在系统提示中编写行为

## 你的职责
当被要求组织内容时，你应该：
1. 读取现有文件以了解结构
2. 分析什么样的组织方式有意义
3. 使用你的工具创建/移动文件
4. 运用你的判断来决定布局和格式
5. 完成后调用 complete_task

你来决定结构。把它做好。

步骤 3：让智能体在循环中工作

const result = await agent.run({
  prompt: userMessage,
  tools: tools,
  systemPrompt: systemPrompt,
  // 智能体循环运行，直到调用 complete_task
});

references/ 中的所有参考资料：

architecture-patterns.md - 事件驱动、统一编排器、智能体到界面
files-universal-interface.md - 为何使用文件、组织模式、context.md
mcp-tool-design.md - 工具设计、动态能力发现、CRUD
from-primitives-to-domain-tools.md - 何时添加领域工具、演进为代码
agent-execution-patterns.md - 完成信号、部分完成、上下文限制
system-prompt-design.md - 功能即提示、判断标准

原生智能体准则：

dynamic-context-injection.md - 运行时上下文、注入内容
action-parity-discipline.md - 能力映射、对等工作流
shared-workspace-architecture.md - 共享数据空间、界面集成
product-implications.md - 渐进式披露、潜在需求、审批
agent-native-testing.md - 测试结果、对等性测试

mobile-patterns.md - iOS 存储、检查点/恢复、成本意识
self-modification.md - 基于 Git 的演进、防护栏
refactoring-to-prompt-native.md - 迁移现有代码</reference_index>

常见的非完全原生智能体方法

这些不一定错——它们可能适合你的用例。但值得认识到它们与本文档描述的架构不同。

智能体作为路由器 — 智能体弄清楚用户想要什么，然后调用正确的函数。智能体的智能用于路由，而不是行动。这可能有效，但你只使用了智能体能力的一小部分。

先构建应用，再添加智能体 — 你以传统方式（作为代码）构建功能，然后将其暴露给智能体。智能体只能做你现有功能已经能做的事情。你不会获得涌现能力。

请求/响应思维 — 智能体获取输入，做一件事，返回输出。这忽略了循环：智能体获取一个要达成的结果，运行直到完成，在此过程中处理意外情况。

防御性工具设计 — 因为你习惯于防御性编程，所以过度约束了工具输入。严格的枚举、每一层的验证。这是安全的，但它阻止了智能体做你未预料到的事情。

代码处理理想路径，智能体仅执行 — 传统软件在代码中处理边缘情况——你编写了当 X 出错时发生什么的逻辑。原生智能体让智能体用判断力处理边缘情况。如果你的代码处理了所有边缘情况，那么智能体就只是一个调用者。

首要原则：智能体执行你的代码，而不是自己解决问题

// 错误 - 你编写了工作流，智能体只是执行它
tool("process_feedback", async ({ message }) => {
  const category = categorize(message);      // 你的代码做决定
  const priority = calculatePriority(message); // 你的代码做决定
  await store(message, category, priority);   // 你的代码编排
  if (priority > 3) await notify();           // 你的代码做决定
});

// 正确 - 智能体弄清楚如何处理反馈
tools: store_item, send_message  // 基本操作
prompt: "根据可操作性将重要性评为 1-5 级，存储反馈，如果 >= 4 则通知"

工作流形状的工具 — analyze_and_organize 将判断力捆绑到工具中。将其分解为基本操作，让智能体组合它们。

上下文匮乏 — 智能体不知道应用中存在哪些资源。

User: "在我的 feed 中写一些关于叶卡捷琳娜大帝的内容"
Agent: "什么 feed？我不明白你指的是什么系统。"

修复：将可用资源、能力和词汇注入系统提示。

孤立的界面操作 — 用户可以通过界面做某事，但智能体无法实现。修复：保持对等性。

静默操作 — 智能体更改了状态，但界面没有更新。修复：使用具有反应性绑定的共享数据存储，或文件系统监视。

启发式完成检测 — 通过启发式方法检测智能体完成（连续迭代没有工具调用、检查预期的输出文件）。这是脆弱的。修复：要求智能体通过 complete_task 工具显式发出完成信号。

为动态 API 使用静态工具映射 — 为 50 个 API 端点构建 50 个工具，而 discover + access 模式会提供更大的灵活性。

// 错误 - 每种 API 类型都需要一个硬编码的工具
tool("read_steps", ...)
tool("read_heart_rate", ...)
tool("read_sleep", ...)
// 当添加血糖追踪时...需要代码变更

// 正确 - 动态能力发现
tool("list_available_types", ...)  // 发现可用的内容
tool("read_health_data", { dataType: z.string() }, ...)  // 访问任何类型

不完整的 CRUD — 智能体可以创建但不能更新或删除。

// User: "删除那个日记条目"
// Agent: "我没有那个工具"
tool("create_journal_entry", ...)  // 缺少：更新、删除

修复：每个实体都需要完整的 CRUD。

沙盒隔离 — 智能体在与用户分离的数据空间中工作。

Documents/
├── user_files/        ← 用户的空间
└── agent_output/      ← 智能体的空间（隔离）

修复：使用共享工作空间，两者都在相同的文件上操作。

无理由的限制 — 领域工具是完成某事的唯一方式，而你并非有意限制访问。默认应该是开放的。除非有特定原因，否则保持基本操作可用。

人为的能力限制 — 出于模糊的安全考虑而非特定风险，限制智能体能做什么。在限制能力时要深思熟虑。智能体通常应该能够做用户能做的事情。</anti_patterns>

当你满足以下条件时，你就构建了一个原生智能体应用程序：

智能体能够实现用户通过界面可以实现的任何事情（对等性）
工具是原子化基本操作；领域工具是快捷方式，而非限制（细粒度）
新功能可以通过编写新的提示来添加（可组合性）
智能体能够完成你未明确设计的任务（涌现能力）
改变行为意味着编辑提示，而不是重构代码

系统提示包含关于应用状态的动态上下文
每个界面操作都有对应的智能体工具（操作对等性）
智能体工具在系统提示中用用户词汇记录
智能体和用户在相同的数据空间中工作（共享工作空间）
智能体操作立即反映在界面中
每个实体都有完整的 CRUD（创建、读取、更新、删除）
智能体显式发出完成信号（无启发式检测）
使用 context.md 或等效方式积累知识

简单请求无需学习曲线即可立即工作
高级用户可以以意想不到的方式推动系统
你通过观察用户要求智能体做什么来了解他们的需求
审批要求与风险和可逆性相匹配

移动端（如果适用）

检查点/恢复处理应用中断
优先使用 iCloud 存储，本地回退
后台执行明智地利用可用时间
模型层级与任务复杂性匹配

向智能体描述一个在你的应用程序领域内，但你未构建特定功能的结果。

它能否想出如何完成它，在循环中运行直到成功？

如果可以，你就构建了原生智能体的东西。

如果它说“我没有这个功能”——那么你的架构仍然太受限了。</success_criteria>

🇺🇸English

<why_now>

Why Now

Software agents work reliably now. Claude Code demonstrated that an LLM with access to bash and file tools, operating in a loop until an objective is achieved, can accomplish complex multi-step tasks autonomously.

The surprising discovery: a really good coding agent is actually a really good general-purpose agent. The same architecture that lets Claude Code refactor a codebase can let an agent organize your files, manage your reading list, or automate your workflows.

The Claude Code SDK makes this accessible. You can build applications where features aren't code you write—they're outcomes you describe, achieved by an agent with tools, operating in a loop until the outcome is reached.

This opens up a new field: software that works the way Claude Code works, applied to categories far beyond coding. </why_now>

<core_principles>

Core Principles

1. Parity

Whatever the user can do through the UI, the agent should be able to achieve through tools.

This is the foundational principle. Without it, nothing else matters.

Imagine you build a notes app with a beautiful interface for creating, organizing, and tagging notes. A user asks the agent: "Create a note summarizing my meeting and tag it as urgent."

If you built UI for creating notes but no agent capability to do the same, the agent is stuck. It might apologize or ask clarifying questions, but it can't help—even though the action is trivial for a human using the interface.

The fix: Ensure the agent has tools (or combinations of tools) that can accomplish anything the UI can do.

This isn't about creating a 1:1 mapping of UI buttons to tools. It's about ensuring the agent can achieve the same outcomes. Sometimes that's a single tool (create_note). Sometimes it's composing primitives (write_file to a notes directory with proper formatting).

The discipline: When adding any UI capability, ask: can the agent achieve this outcome? If not, add the necessary tools or primitives.

A capability map helps:

User Action	How Agent Achieves It
Create a note	`write_file` to notes directory, or `create_note` tool
Tag a note as urgent	`update_file` metadata, or `tag_note` tool
Search notes	`search_files` or `search_notes` tool
Delete a note	`delete_file` or `delete_note` tool

The test: Pick any action a user can take in your UI. Describe it to the agent. Can it accomplish the outcome?

2. Granularity

Prefer atomic primitives. Features are outcomes achieved by an agent operating in a loop.

A tool is a primitive capability: read a file, write a file, run a bash command, store a record, send a notification.

A feature is not a function you write. It's an outcome you describe in a prompt, achieved by an agent that has tools and operates in a loop until the outcome is reached.

Less granular (limits the agent):

Tool: classify_and_organize_files(files)
→ You wrote the decision logic
→ Agent executes your code
→ To change behavior, you refactor

More granular (empowers the agent):

Tools: read_file, write_file, move_file, list_directory, bash
Prompt: "Organize the user's downloads folder. Analyze each file,
        determine appropriate locations based on content and recency,
        and move them there."
Agent: Operates in a loop—reads files, makes judgments, moves things,
       checks results—until the folder is organized.
→ Agent makes the decisions
→ To change behavior, you edit the prompt

The key shift: The agent is pursuing an outcome with judgment, not executing a choreographed sequence. It might encounter unexpected file types, adjust its approach, or ask clarifying questions. The loop continues until the outcome is achieved.

The more atomic your tools, the more flexibly the agent can use them. If you bundle decision logic into tools, you've moved judgment back into code.

The test: To change how a feature behaves, do you edit prose or refactor code?

3. Composability

With atomic tools and parity, you can create new features just by writing new prompts.

This is the payoff of the first two principles. When your tools are atomic and the agent can do anything users can do, new features are just new prompts.

Want a "weekly review" feature that summarizes activity and suggests priorities? That's a prompt:

"Review files modified this week. Summarize key changes. Based on
incomplete items and approaching deadlines, suggest three priorities
for next week."

The agent uses list_files, read_file, and its judgment to accomplish this. You didn't write weekly-review code. You described an outcome, and the agent operates in a loop until it's achieved.

This works for developers and users. You can ship new features by adding prompts. Users can customize behavior by modifying prompts or creating their own. "When I say 'file this,' always move it to my Action folder and tag it urgent" becomes a user-level prompt that extends the application.

The constraint: This only works if tools are atomic enough to be composed in ways you didn't anticipate, and if the agent has parity with users. If tools encode too much logic, or the agent can't access key capabilities, composition breaks down.

The test: Can you add a new feature by writing a new prompt section, without adding new code?

4. Emergent Capability

The agent can accomplish things you didn't explicitly design for.

When tools are atomic, parity is maintained, and prompts are composable, users will ask the agent for things you never anticipated. And often, the agent can figure it out.

"Cross-reference my meeting notes with my task list and tell me what I've committed to but haven't scheduled."

You didn't build a "commitment tracker" feature. But if the agent can read notes, read tasks, and reason about them—operating in a loop until it has an answer—it can accomplish this.

This reveals latent demand. Instead of guessing what features users want, you observe what they're asking the agent to do. When patterns emerge, you can optimize them with domain-specific tools or dedicated prompts. But you didn't have to anticipate them—you discovered them.

The flywheel:

Build with atomic tools and parity
Users ask for things you didn't anticipate
Agent composes tools to accomplish them (or fails, revealing a gap)
You observe patterns in what's being requested
Add domain tools or prompts to make common patterns efficient
Repeat

This changes how you build products. You're not trying to imagine every feature upfront. You're creating a capable foundation and learning from what emerges.

The test: Give the agent an open-ended request relevant to your domain. Can it figure out a reasonable approach, operating in a loop until it succeeds? If it just says "I don't have a feature for that," your architecture is too constrained.

5. Improvement Over Time

Agent-native applications get better through accumulated context and prompt refinement.

Unlike traditional software, agent-native applications can improve without shipping code:

Accumulated context: The agent can maintain state across sessions—what exists, what the user has done, what worked, what didn't. A context.md file the agent reads and updates is layer one. More sophisticated approaches involve structured memory and learned preferences.

Prompt refinement at multiple levels:

Developer level: You ship updated prompts that change agent behavior for all users
User level: Users customize prompts for their workflow
Agent level: The agent modifies its own prompts based on feedback (advanced)

Self-modification (advanced): Agents that can edit their own prompts or even their own code. For production use cases, consider adding safety rails—approval gates, automatic checkpoints for rollback, health checks. This is where things are heading.

The improvement mechanisms are still being discovered. Context and prompt refinement are proven. Self-modification is emerging. What's clear: the architecture supports getting better in ways traditional software doesn't.

The test: Does the application work better after a month of use than on day one, even without code changes? </core_principles>

Design architecture - Plan a new agent-native system from scratch
Files & workspace - Use files as the universal interface, shared workspace patterns
Tool design - Build primitive tools, dynamic capability discovery, CRUD completeness
Domain tools - Know when to add domain tools vs stay with primitives
Execution patterns - Completion signals, partial completion, context limits
System prompts - Define agent behavior in prompts, judgment criteria
Context injection - Inject runtime app state into agent prompts
Action parity - Ensure agents can do everything users can do
Self-modification - Enable agents to safely evolve themselves
Product design - Progressive disclosure, latent demand, approval patterns
Mobile patterns - iOS storage, background execution, checkpoint/resume
Testing - Test agent-native apps for capability and parity
Refactoring - Make existing code more agent-native

Wait for response before proceeding.

After reading the reference, apply those patterns to the user's specific context.

<architecture_checklist>

Architecture Review Checklist

When designing an agent-native system, verify these before implementation :

Core Principles

Parity: Every UI action has a corresponding agent capability
Granularity: Tools are primitives; features are prompt-defined outcomes
Composability: New features can be added via prompts alone
Emergent Capability: Agent can handle open-ended requests in your domain

Tool Design

Dynamic vs Static: For external APIs where agent should have full access, use Dynamic Capability Discovery
CRUD Completeness: Every entity has create, read, update, AND delete
Primitives not Workflows: Tools enable capability, don't encode business logic
API as Validator: Use z.string() inputs when the API validates, not z.enum()

Files & Workspace

Shared Workspace: Agent and user work in same data space
context.md Pattern: Agent reads/updates context file for accumulated knowledge
File Organization: Entity-scoped directories with consistent naming

Agent Execution

Completion Signals: Agent has explicit complete_task tool (not heuristic detection)
Partial Completion: Multi-step tasks track progress for resume
Context Limits: Designed for bounded context from the start

Context Injection

Available Resources: System prompt includes what exists (files, data, types)
Available Capabilities: System prompt documents tools with user vocabulary
Dynamic Context: Context refreshes for long sessions (or provide refresh_context tool)

UI Integration

Agent → UI: Agent changes reflect in UI (shared service, file watching, or event bus)
No Silent Actions: Agent writes trigger UI updates immediately
Capability Discovery: Users can learn what agent can do

Mobile (if applicable)

Checkpoint/Resume: Handle iOS app suspension gracefully
iCloud Storage: iCloud-first with local fallback for multi-device sync
Cost Awareness: Model tier selection (Haiku/Sonnet/Opus)

When designing architecture, explicitly address each checkbox in your plan. </architecture_checklist>

<quick_start>

Quick Start: Build an Agent-Native Feature

Step 1: Define atomic tools

const tools = [
  tool("read_file", "Read any file", { path: z.string() }, ...),
  tool("write_file", "Write any file", { path: z.string(), content: z.string() }, ...),
  tool("list_files", "List directory", { path: z.string() }, ...),
  tool("complete_task", "Signal task completion", { summary: z.string() }, ...),
];

Step 2: Write behavior in the system prompt

## Your Responsibilities
When asked to organize content, you should:
1. Read existing files to understand the structure
2. Analyze what organization makes sense
3. Create/move files using your tools
4. Use your judgment about layout and formatting
5. Call complete_task when you're done

You decide the structure. Make it good.

Step 3: Let the agent work in a loop

const result = await agent.run({
  prompt: userMessage,
  tools: tools,
  systemPrompt: systemPrompt,
  // Agent loops until it calls complete_task
});

</quick_start>

<reference_index>

Reference Files

All references in references/:

Core Patterns:

architecture-patterns.md - Event-driven, unified orchestrator, agent-to-UI
files-universal-interface.md - Why files, organization patterns, context.md
mcp-tool-design.md - Tool design, dynamic capability discovery, CRUD
from-primitives-to-domain-tools.md - When to add domain tools, graduating to code
agent-execution-patterns.md - Completion signals, partial completion, context limits
system-prompt-design.md - Features as prompts, judgment criteria

Agent-Native Disciplines:

dynamic-context-injection.md - Runtime context, what to inject
action-parity-discipline.md - Capability mapping, parity workflow
shared-workspace-architecture.md - Shared data space, UI integration
product-implications.md - Progressive disclosure, latent demand, approval
agent-native-testing.md - Testing outcomes, parity tests

Platform-Specific:

mobile-patterns.md - iOS storage, checkpoint/resume, cost awareness
self-modification.md - Git-based evolution, guardrails
refactoring-to-prompt-native.md - Migrating existing code </reference_index>

<anti_patterns>

Anti-Patterns

Common Approaches That Aren't Fully Agent-Native

These aren't necessarily wrong—they may be appropriate for your use case. But they're worth recognizing as different from the architecture this document describes.

Agent as router — The agent figures out what the user wants, then calls the right function. The agent's intelligence is used to route, not to act. This can work, but you're using a fraction of what agents can do.

Build the app, then add agent — You build features the traditional way (as code), then expose them to an agent. The agent can only do what your features already do. You won't get emergent capability.

Request/response thinking — Agent gets input, does one thing, returns output. This misses the loop: agent gets an outcome to achieve, operates until it's done, handles unexpected situations along the way.

Defensive tool design — You over-constrain tool inputs because you're used to defensive programming. Strict enums, validation at every layer. This is safe, but it prevents the agent from doing things you didn't anticipate.

Happy path in code, agent just executes — Traditional software handles edge cases in code—you write the logic for what happens when X goes wrong. Agent-native lets the agent handle edge cases with judgment. If your code handles all the edge cases, the agent is just a caller.

Specific Anti-Patterns

THE CARDINAL SIN: Agent executes your code instead of figuring things out

// WRONG - You wrote the workflow, agent just executes it
tool("process_feedback", async ({ message }) => {
  const category = categorize(message);      // Your code decides
  const priority = calculatePriority(message); // Your code decides
  await store(message, category, priority);   // Your code orchestrates
  if (priority > 3) await notify();           // Your code decides
});

// RIGHT - Agent figures out how to process feedback
tools: store_item, send_message  // Primitives
prompt: "Rate importance 1-5 based on actionability, store feedback, notify if >= 4"

Workflow-shaped tools — analyze_and_organize bundles judgment into the tool. Break it into primitives and let the agent compose them.

Context starvation — Agent doesn't know what resources exist in the app.

User: "Write something about Catherine the Great in my feed"
Agent: "What feed? I don't understand what system you're referring to."

Fix: Inject available resources, capabilities, and vocabulary into system prompt.

Orphan UI actions — User can do something through the UI that the agent can't achieve. Fix: maintain parity.

Silent actions — Agent changes state but UI doesn't update. Fix: Use shared data stores with reactive binding, or file system observation.

Heuristic completion detection — Detecting agent completion through heuristics (consecutive iterations without tool calls, checking for expected output files). This is fragile. Fix: Require agents to explicitly signal completion through a complete_task tool.

Static tool mapping for dynamic APIs — Building 50 tools for 50 API endpoints when a discover + access pattern would give more flexibility.

// WRONG - Every API type needs a hardcoded tool
tool("read_steps", ...)
tool("read_heart_rate", ...)
tool("read_sleep", ...)
// When glucose tracking is added... code change required

// RIGHT - Dynamic capability discovery
tool("list_available_types", ...)  // Discover what's available
tool("read_health_data", { dataType: z.string() }, ...)  // Access any type

Incomplete CRUD — Agent can create but not update or delete.

// User: "Delete that journal entry"
// Agent: "I don't have a tool for that"
tool("create_journal_entry", ...)  // Missing: update, delete

Fix: Every entity needs full CRUD.

Sandbox isolation — Agent works in separate data space from user.

Documents/
├── user_files/        ← User's space
└── agent_output/      ← Agent's space (isolated)

Fix: Use shared workspace where both operate on same files.

Gates without reason — Domain tool is the only way to do something, and you didn't intend to restrict access. The default is open. Keep primitives available unless there's a specific reason to gate.

Artificial capability limits — Restricting what the agent can do out of vague safety concerns rather than specific risks. Be thoughtful about restricting capabilities. The agent should generally be able to do what users can do. </anti_patterns>

<success_criteria>

Success Criteria

You've built an agent-native application when:

Architecture

The agent can achieve anything users can achieve through the UI (parity)
Tools are atomic primitives; domain tools are shortcuts, not gates (granularity)
New features can be added by writing new prompts (composability)
The agent can accomplish tasks you didn't explicitly design for (emergent capability)
Changing behavior means editing prompts, not refactoring code

Implementation

System prompt includes dynamic context about app state
Every UI action has a corresponding agent tool (action parity)
Agent tools are documented in system prompt with user vocabulary
Agent and user work in the same data space (shared workspace)
Agent actions are immediately reflected in the UI
Every entity has full CRUD (Create, Read, Update, Delete)
Agents explicitly signal completion (no heuristic detection)
context.md or equivalent for accumulated knowledge

Product

Simple requests work immediately with no learning curve
Power users can push the system in unexpected directions
You're learning what users want by observing what they ask the agent to do
Approval requirements match stakes and reversibility

Mobile (if applicable)

Checkpoint/resume handles app interruption
iCloud-first storage with local fallback
Background execution uses available time wisely
Model tier matched to task complexity

The Ultimate Test

Describe an outcome to the agent that's within your application's domain but that you didn't build a specific feature for.

Can it figure out how to accomplish it, operating in a loop until it succeeds?

If yes, you've built something agent-native.

If it says "I don't have a feature for that"—your architecture is still too constrained. </success_criteria>

Weekly Installs

261

Repository

everyinc/compou…g-plugin

GitHub Stars

10.9K

First Seen

Jan 20, 2026

Security Audits

Gen Agent Trust HubFail SocketPass SnykWarn

Installed on

codex229

opencode227

gemini-cli227

claude-code214

github-copilot210

cursor209

AI Elements：基于shadcn/ui的AI原生应用组件库，快速构建对话界面

56,200 周安装

创建笔记	`write_file` 到笔记目录，或 `create_note` 工具
将笔记标记为紧急	`update_file` 元数据，或 `tag_note` 工具
搜索笔记	`search_files` 或 `search_notes` 工具
删除笔记	`delete_file` 或 `delete_note` 工具

Agent-Native 架构指南：构建原生智能体应用的核心原则与最佳实践

🇨🇳中文介绍

为何是现在

核心原则

1. 对等性

相关 Skills

2. 细粒度

3. 可组合性

4. 涌现能力

5. 随时间改进

架构审查清单

核心原则

工具设计

文件与工作空间

智能体执行

上下文注入

界面集成

移动端（如果适用）

快速开始：构建一个原生智能体功能

参考文件

反模式

常见的非完全原生智能体方法

具体反模式

成功标准

架构

实现

产品

移动端（如果适用）

终极测试

🇺🇸English

Why Now

Core Principles

1. Parity

2. Granularity

3. Composability

4. Emergent Capability

5. Improvement Over Time

Architecture Review Checklist

Core Principles

Tool Design

Files & Workspace

Agent Execution

Context Injection

UI Integration

Mobile (if applicable)

Quick Start: Build an Agent-Native Feature

Reference Files

Anti-Patterns

Common Approaches That Aren't Fully Agent-Native

Specific Anti-Patterns

Success Criteria

Architecture

Implementation

Product

Mobile (if applicable)

The Ultimate Test

最新 Skills