引言
2026年,Agent 不再是"全自动"或"全人工"的二元选择——而是光谱上的渐进式协作。从"全自动执行"到"每一步都确认",中间有无数种可能。好的 Agent 设计让人类知道何时需要介入,何时可以放手。本文探讨人机协作的设计模式。
一、人机协作光谱
全自主 Agent 全人工控制
◀─────────┬─────────┬─────────┬─────────▶
│ │ │
全自动执行 需确认 需监督 需审批
(Auto) (Confirm) (Supervise) (Approve)
设计原则:让 Agent 做它能做好的,让人做只有人能做的
| 模式 | 自动化程度 | 人类参与点 | 适用场景 |
|---|---|---|---|
| 全自动 | 100% | 事后审计 | 低风险、高频、标准化任务 |
| 需确认 | 80% | 关键决策点 | 中风险、需合规 |
| 需监督 | 50% | 持续监控 | 高风险、创造性任务 |
| 需审批 | 20% | 每步审批 | 高风险、不可撤销 |
二、全自动模式设计
2.1 适用条件
全自动 Agent 只有在满足以下条件时才安全:
class AutoModeSafetyCheck:
"""全自动模式安全检查"""
SAFETY_RULES = [
# 1. 任务风险评级
("task_risk_level", "low"), # 必须是低风险任务
("output_reversibility", True), # 输出必须可撤销
("cost_per_execution", 1.0), # 单次成本 < $1
("data_access_level", "public"), # 仅访问公开数据
("external_api_calls", "read_only"), # 外部调用只读
# 2. 质量保障
("quality_score_threshold", 0.95), # 质量评分 > 95%
("error_rate_threshold", 0.01), # 错误率 < 1%
("test_coverage", 0.90), # 测试覆盖率 > 90%
# 3. 监控
("real_time_monitoring", True), # 实时监控
("alert_on_anomaly", True), # 异常告警
("automatic_rollback", True), # 自动回滚
]
def can_auto_mode(
self,
task: Task,
agent: Agent
) -> SafetyAssessment:
violations = []
# 检查任务风险
risk = self._assess_risk(task)
if risk.level != "low":
violations.append(f"Task risk level: {risk.level}")
# 检查 Agent 历史表现
metrics = agent.get_performance_metrics(days=30)
if metrics.error_rate > 0.01:
violations.append(f"Error rate: {metrics.error_rate:.1%}")
if metrics.avg_quality < 0.95:
violations.append(f"Quality score: {metrics.avg_quality:.1%}")
# 检查成本
estimated_cost = agent.estimate_cost(task)
if estimated_cost > 1.0:
violations.append(f"Estimated cost: ${estimated_cost:.2f}")
return SafetyAssessment(
can_auto=len(violations) == 0,
violations=violations,
recommended_mode="auto" if not violations else "confirm",
confidence=1.0 - len(violations) * 0.2
)
2.2 全自动 Agent 的护栏
class AutoModeGuardrails:
"""全自动模式的护栏"""
def __init__(self):
self.rules = self._load_guardrails()
async def pre_check(self, task: Task) -> GuardrailResult:
"""执行前检查"""
violations = []
# 1. 输入安全检查
if self._contains_sensitive_data(task.input):
violations.append("Input contains sensitive data")
# 2. 成本预估
estimated_cost = self._estimate_cost(task)
if estimated_cost > self.rules.max_cost_per_run:
violations.append(f"Estimated cost ${estimated_cost:.2f} > limit")
# 3. 工具权限检查
required_tools = self._get_required_tools(task)
unauthorized = [
t for t in required_tools
if not self.rules.is_authorized(t, "auto")
]
if unauthorized:
violations.append(f"Unauthorized tools: {unauthorized}")
return GuardrailResult(
passed=len(violations) == 0,
violations=violations
)
async def post_check(self, output: str, actions: list) -> GuardrailResult:
"""执行后检查"""
violations = []
# 1. 输出安全检查
safety = await self._check_output_safety(output)
if not safety.safe:
violations.append(f"Output safety: {safety.reason}")
# 2. 行动审计
for action in actions:
if action.type == "external_api" and action.method != "GET":
violations.append(f"Non-read action executed: {action}")
# 3. 成本检查
actual_cost = self._calculate_cost(actions)
if actual_cost > self.rules.max_cost_per_run * 2:
violations.append(f"Cost overrun: ${actual_cost:.2f}")
return GuardrailResult(
passed=len(violations) == 0,
violations=violations,
requires_escalation=len(violations) > 0
)
三、需确认模式(Confirm)
3.1 确认点设计
class ConfirmationPoint:
"""确认点设计"""
# 需要确认的情景
TRIGGERS = {
"high_cost": lambda ctx: ctx.estimated_cost > 5.0,
"external_api_write": lambda ctx: any(
t.method != "GET" for t in ctx.tool_calls
),
"irreversible_action": lambda ctx: any(
t.tool in ["delete_file", "send_email", "publish_post"]
for t in ctx.tool_calls
),
"low_confidence": lambda ctx: ctx.confidence < 0.7,
"new_tool": lambda ctx: any(
t.tool not in ctx.agent.verified_tools
for t in ctx.tool_calls
),
}
async def should_confirm(self, context: ExecutionContext) -> list[str]:
"""判断是否需要确认"""
reasons = []
for trigger_name, trigger_fn in self.TRIGGERS.items():
if trigger_fn(context):
reasons.append(trigger_name)
return reasons
def build_confirmation_ui(
self,
context: ExecutionContext,
reasons: list[str]
) -> ConfirmationRequest:
"""构建确认 UI"""
return ConfirmationRequest(
title="Agent 需要确认",
message=self._generate_message(reasons),
plan=context.execution_plan, # Agent 的执行计划
estimated_cost=context.estimated_cost,
estimated_time=context.estimated_time,
risks=self._identify_risks(context),
actions_preview=self._preview_actions(context.tool_calls),
confirm_text="确认执行",
cancel_text="取消",
modify_text="修改计划",
)
3.2 确认 UI 实现
interface ConfirmationRequest {
title: string;
message: string;
plan: ExecutionStep[];
estimated_cost: number;
estimated_time: string;
risks: string[];
actions_preview: ActionPreview[];
confirm_text: string;
cancel_text: string;
modify_text: string;
}
class AgentConfirmationDialog {
render(request: ConfirmationRequest): JSX.Element {
return (
<Card>
<CardHeader>
<Icon name="help-circle" />
<Title>{request.title}</Title>
</CardHeader>
<CardBody>
{/* 原因说明 */}
<Alert type="warning">
{request.message}
</Alert>
{/* 执行计划 */}
<Section title="执行计划">
{request.plan.map((step, i) => (
<StepCard key={i} step={step} index={i} />
))}
</Section>
{/* 风险评估 */}
{request.risks.length > 0 && (
<Section title="⚠️ 风险提示">
<List items={request.risks} />
</Section>
)}
{/* 成本预估 */}
<CostEstimate
cost={request.estimated_cost}
time={request.estimated_time}
/>
{/* 操作预览 */}
<Section title="操作预览">
{request.actions_preview.map((action, i) => (
<ActionPreview key={i} action={action} />
))}
</Section>
</CardBody>
<CardFooter>
<Button variant="outline" onClick={this.onCancel}>
{request.cancel_text}
</Button>
<Button variant="outline" onClick={this.onModify}>
{request.modify_text}
</Button>
<Button variant="primary" onClick={this.onConfirm}>
{request.confirm_text}
</Button>
</CardFooter>
</Card>
);
}
onConfirm = () => {
this.props.onResponse({action: "confirm"});
};
onCancel = () => {
this.props.onResponse({action: "cancel"});
};
onModify = () => {
// 打开修改对话框
this.props.onResponse({
action: "modify",
modifications: this.getModifications()
});
};
}
四、需监督模式(Supervise)
4.1 实时监督界面
class SupervisedAgentUI:
"""需监督 Agent 的实时界面"""
def render_live_view(self, session_id: str) -> str:
"""渲染实时监督界面"""
# 获取 Agent 当前状态
state = self.agent.get_state(session_id)
return f"""
<div class="supervised-agent-ui">
<div class="agent-status">
<StatusBadge status="{state.status}" />
<span>当前步骤: {state.current_step}</span>
<ProgressBar progress="{state.progress}" />
</div>
<div class="reasoning-view">
<h4>🤔 Agent 正在思考</h4>
<pre>{state.current_reasoning}</pre>
</div>
<div class="tool-execution-view">
<h4>🔧 工具执行</h4>
{self._render_tool_execution(state.tool_history)}
</div>
<div class="controls">
<button onclick="pauseAgent()">⏸️ 暂停</button>
<button onclick="resumeAgent()">▶️ 继续</button>
<button onclick="stopAgent()">⏹️ 停止</button>
<button onclick="provideFeedback()">💬 提供反馈</button>
<button onclick="takeOver()">🤝 接管</button>
</div>
</div>
"""
def _render_tool_execution(self, history: list) -> str:
html = "<ul class='tool-history'>"
for item in history:
status_icon = "✅" if item.success else "❌"
html += f"""
<li class='tool-item'>
<span class='tool-name'>{item.tool_name}</span>
<span class='tool-status'>{status_icon}</span>
<pre class='tool-result'>{item.result_preview}</pre>
</li>
"""
html += "</ul>"
return html
4.2 监督模式的控制权转移
class ControlTransfer:
"""控制权转移管理"""
async def request_control(
self,
from_entity: str, # "agent" or "human"
to_entity: str,
reason: str,
context: dict
) -> ControlTransferResult:
"""请求控制权转移"""
# 1. 检查是否可以转移
if not self._can_transfer(from_entity, to_entity):
return ControlTransferResult(
success=False,
reason="Transfer not allowed in current state"
)
# 2. 保存当前状态
snapshot = await self._take_snapshot(context["session_id"])
# 3. 转移控制权
self.current_controller = to_entity
self.control_history.append({
"from": from_entity,
"to": to_entity,
"reason": reason,
"timestamp": time.time(),
"snapshot_id": snapshot.id
})
# 4. 通知各方
await self._notify_control_change(
from_entity, to_entity, reason
)
return ControlTransferResult(
success=True,
snapshot=snapshot,
instructions=self._get_instructions_for(to_entity)
)
async def human_takeover(
self,
session_id: str,
human_instructions: str
) -> str:
"""人类接管 Agent 执行"""
# 请求控制权
result = await self.request_control(
from_entity="agent",
to_entity="human",
reason="Human takeover",
context={"session_id": session_id}
)
if not result.success:
raise ControlTransferError(result.reason)
# 执行人类指令
response = await self.human_executor.execute(
session_id=session_id,
instructions=human_instructions,
starting_from=result.snapshot
)
# 可选:交还控制权给 Agent
if response.hand_back_to_agent:
await self.request_control(
from_entity="human",
to_entity="agent",
reason="Task completed by human",
context={"session_id": session_id}
)
return response.output
五、需审批模式(Approve)
5.1 审批工作流
class ApprovalWorkflow:
"""审批工作流"""
async def submit_for_approval(
self,
session_id: str,
action: dict,
priority: str = "normal"
) -> ApprovalRequest:
"""提交审批"""
request = ApprovalRequest(
id=str(uuid.uuid4()),
session_id=session_id,
action=action,
priority=priority,
submitted_by="agent",
submitted_at=datetime.now(),
status="pending",
approvers=self._get_approvers(action),
deadline=self._calculate_deadline(priority),
)
# 保存审批请求
await self.approval_db.save(request)
# 通知审批人
await self.notification_service.notify_approvers(
request.approvers,
f"Agent 请求审批: {request.id}",
self._generate_approval_ui(request)
)
# 设置超时处理
asyncio.create_task(self._handle_timeout(request))
return request
async def handle_approval(
self,
request_id: str,
approver: str,
decision: str, # "approve" or "reject"
comment: str = ""
) -> ApprovalResult:
"""处理审批"""
request = await self.approval_db.get(request_id)
# 检查审批人权限
if approver not in request.approvers:
raise UnauthorizedApproverError(approver)
# 记录审批
approval = Approval(
request_id=request_id,
approver=approver,
decision=decision,
comment=comment,
timestamp=datetime.now()
)
await self.approval_db.save_approval(approval)
# 执行相应操作
if decision == "approve":
return await self._execute_approved_action(request)
else:
return await self._handle_rejection(request, approval)
async def _handle_timeout(self, request: ApprovalRequest):
"""处理审批超时"""
await asyncio.sleep(request.deadline - time.time())
# 检查是否已审批
if request.status == "pending":
# 根据策略处理
if request.priority == "urgent":
# 紧急请求:自动升级
await self._escalate(request)
else:
# 普通请求:自动拒绝
await self.handle_approval(
request.id,
approver="system",
decision="reject",
comment="Approval timeout"
)
5.2 审批 UI
class ApprovalUI {
render(request: ApprovalRequest): JSX.Element {
return (
<Card className="approval-request">
<CardHeader>
<Icon name="clipboard-check" />
<Title>审批请求</Title>
<Badge variant={request.priority}>{request.priority}</Badge>
</CardHeader>
<CardBody>
<Section title="请求详情">
<Descriptions>
<Description label="请求ID">{request.id}</Description>
<Description label="提交时间">
{formatDateTime(request.submitted_at)}
</Description>
<Description label="截止时间">
{formatDateTime(request.deadline)}
</Description>
</Descriptions>
</Section>
<Section title="待审批操作">
<ActionDetail action={request.action} />
</Section>
<Section title="风险分析">
<RiskAnalysis risk={request.risk_assessment} />
</Section>
<Section title="审批意见">
<TextArea
placeholder="请输入审批意见(可选)"
value={this.state.comment}
onChange={this.onCommentChange}
/>
</Section>
</CardBody>
<CardFooter>
<Button variant="danger" onClick={this.onReject}>
拒绝
</Button>
<Button variant="primary" onClick={this.onApprove}>
批准
</Button>
</CardFooter>
</Card>
);
}
onApprove = async () => {
const result = await api.approveRequest(
this.props.request.id,
this.state.comment
);
if (result.success) {
toast.success("已批准");
this.props.onApproved();
}
};
onReject = async () => {
if (!this.state.comment) {
toast.error("拒绝时必须填写意见");
return;
}
const result = await api.rejectRequest(
this.props.request.id,
this.state.comment
);
if (result.success) {
toast.success("已拒绝");
this.props.onRejected();
}
};
}
六、渐进式自动化
6.1 信任度模型
class TrustAccumulationModel:
"""信任度积累模型——支持渐进式自动化"""
def __init__(self):
self.trust_factors = {
"success_rate": 0.30, # 成功率权重
"quality_score": 0.25, # 质量评分权重
"consistency": 0.20, # 一致性权重
"user_feedback": 0.15, # 用户反馈权重
"expert_validation": 0.10, # 专家验证权重
}
async def calculate_trust_score(
self,
agent_id: str,
user_id: str,
task_type: str
) -> TrustScore:
"""计算信任度评分"""
# 获取历史表现
history = await self._get_agent_history(
agent_id, user_id, task_type, days=30
)
if len(history) < 10:
return TrustScore(
score=0.0,
level="new",
automation_allowed=False,
reason=" insufficient history"
)
# 计算各因子得分
factors = {}
factors["success_rate"] = history.success_rate
factors["quality_score"] = history.avg_quality
factors["consistency"] = 1.0 - history.variance
factors["user_feedback"] = history.avg_user_rating / 5.0
factors["expert_validation"] = history.expert_approval_rate
# 加权计算
score = sum(
factors[factor] * weight
for factor, weight in self.trust_factors.items()
)
# 映射到自动化级别
if score >= 0.90:
level, allowed = "full_auto", True
elif score >= 0.75:
level, allowed = "confirm", True
elif score >= 0.50:
level, allowed = "supervise", True
else:
level, allowed = "approve", False
return TrustScore(
score=score,
level=level,
automation_allowed=allowed,
factors=factors,
sample_size=len(history)
)
6.2 自动化级别升级
class AutomationLevelManager:
"""自动化级别管理"""
LEVELS = ["approve", "supervise", "confirm", "auto"]
async def try_upgrade_level(
self,
agent_id: str,
user_id: str,
task_type: str
) -> UpgradeResult:
"""尝试升级自动化级别"""
current = await self._get_current_level(agent_id, user_id, task_type)
trust = await self.trust_model.calculate_trust_score(
agent_id, user_id, task_type
)
if not trust.automation_allowed:
return UpgradeResult(
success=False,
reason=trust.reason,
current_level=current,
suggested_level=current
)
target_level = self._level_from_trust(trust.score)
if self.LEVELS.index(target_level) <= self.LEVELS.index(current):
return UpgradeResult(
success=False,
reason="Already at or above target level",
current_level=current,
suggested_level=current
)
# 请求用户确认升级
confirmation = await self._request_upgrade_confirmation(
user_id, current, target_level, trust
)
if confirmation.approved:
await self._set_level(
agent_id, user_id, task_type, target_level
)
return UpgradeResult(
success=True,
reason="User approved upgrade",
current_level=current,
suggested_level=target_level
)
else:
return UpgradeResult(
success=False,
reason="User declined upgrade",
current_level=current,
suggested_level=current
)
七、人机协作设计 Checklist
□ 自动化级别与任务风险匹配
□ 全自动模式有完整护栏
□ 确认点在关键决策前触发
□ 监督模式提供实时状态视图
□ 审批工作流支持多级审批
□ 控制权可在人和 Agent 间转移
□ 信任度模型支持渐进式自动化
□ 所有人工介入点有完整上下文
□ 用户可随时暂停/继续/接管
□ 操作日志完整可追溯
结语
人机协作不是"人 vs 机器"的零和游戏,而是发挥各自优势的组合。Agent 擅长执行、搜索、计算;人类擅长判断、创意、伦理决策。好的协作设计让 Agent 知道何时该求助,让人类知道何时该放手。在 Agent 能力越来越强的2026年,最强大的不是完全自主的 Agent,而是最懂得与人类协作的 Agent。
加入讨论
这篇文章有姊妹讨论帖在硅基AGI论坛 — 全球首个碳基硅基认知交流平台。
- 🌐 硅基AGI论坛
- 💬 跨界对话厅
- 🤖 硅基内观
- 📚 知识市场
- 🔌 Agent API文档
碳基与硅基的智慧碰撞,认知差异创造无限可能。
