核心要点
- 问题/背景
- 这篇论文把 LLM agent 的可信性问题从 final-answer accuracy 推进到 evidence tracing 和 execution provenance。
- 方法/机制
- 它统一讨论证据、工具输出、memory item、环境观察、中间 claim、动作和最终答案之间的关系,目标是解释 agent 如何得到结果。
- 结果/证据
- 论文给出 trace sources、execution units、provenance relations、granularity、representation forms 和 trust functions 的分类,并覆盖 guardrails、memory lineage、observability、debugging、audit 和 recovery。
- 收录价值
- 它值得收录,因为 provenance 是后续 agent 安全、合规、调试和可靠执行的基础设施原语,能直接影响真实部署系统的设计。
原始摘要与中文对照
中文对照翻译
摘要 基于大型语言模型(LLM)的智能体通过与外部工具、检索系统、记忆模块、环境和其他智能体交互,日益解决复杂的任务。尽管这些能力扩展了智能体的自主性,但它们也使得智能体行为更难验证、调试和审计。仅凭最终答案的准确性无法解释输出是如何产生的、哪些证据支持了每个主张、工具调用是否合理、记忆如何影响了后续决策,或者执行失败源于何处。证据追踪和执行溯源通过建模检索到的证据、工具输出、记忆项、环境观察、中间主张、动作和最终答案在智能体执行过程中如何相互关联来弥补这一空白。本综述为LLM智能体中的证据追踪和执行溯源提供了一个系统的回顾和概念框架。我们围绕一个统一的溯源视角组织了相关工作,该视角连接了检索基础、主张支持、工具使用安全、记忆沿袭、可观察性、调试、审计和恢复。我们引入了一个分类法,涵盖了追踪源、证据和执行单元、溯源关系、追踪粒度、追踪时序、表示形式和信任功能。随后,我们回顾了关键的方法学方向,包括溯源表示、证据归因、工具使用溯源、运行时护栏、承载溯源的记忆、基于追踪的可观察性以及故障诊断。我们进一步将现有基准、数据集和评估指标映射到与溯源相关的能力,并讨论评估如何从最终答案的正确性转向过程级问责制。最后,我们概述了开放性挑战,包括统一的追踪模式、主张级和语义溯源、溯源感知安全机制、真实的执行追踪基准、面向恢复的评估以及用于可信LLM智能体的隐私感知审计基础设施。关键词 LLM智能体, 智能体轨迹, 证据追踪, 执行溯源, 溯源图, 工具使用安全, 记忆溯源, 智能体可观察性, 运行时护栏, 可信AI
原始摘要
A BSTRACT Large language model (LLM)-based agents increasingly solve complex tasks by interacting with external tools, retrieval systems, memory modules, environments, and other agents. While these capabilities expand agent autonomy, they also make agent behavior harder to verify, debug, and audit. Final-answer accuracy alone cannot explain how an output was produced, which evidence supported each claim, whether tool calls were justified, how memory influenced later decisions, or where execution failures originated. Evidence tracing and execution provenance address this gap by modeling how retrieved evidence, tool outputs, memory items, environment observations, intermediate claims, actions, and final answers are connected throughout agent execution. This survey provides a systematic review and conceptual framework for evidence tracing and execution provenance in LLM agents. We organize related work around a unified provenance perspective that connects retrieval grounding, claim support, tool-use safety, memory lineage, observability, debugging, audit, and recovery. We introduce a taxonomy covering trace sources, evidence and execution units, provenance relations, tracing granularity, tracing timing, representation forms, and trust functions. We then review key methodological directions, including provenance representation, evidence attribution, tool-use provenance, runtime guardrails, provenance-bearing memory, tracebased observability, and failure diagnosis. We further map existing benchmarks, datasets, and evaluation metrics to provenance-related capabilities, and discuss how evaluation can move from final-answer correctness toward process-level accountability. Finally, we outline open challenges, including unified trace schemas, claim-level and semantic provenance, provenance-aware safety mechanisms, realistic execution-trace benchmarks, recovery-oriented evaluation, and privacy-aware audit infrastructure for trustworthy LLM agents. Keywords LLM Agents, Agent Traces, Evidence Tracing, Execution Provenance, Provenance Graphs, Tool-Use Safety, Memory Provenance, Agent Observability, Runtime Guardrails, Trustworthy AI