AI代理行动指南：可信采用、授权与扩展的 playbook

AI Agents in Action:A Playbook for Trusted Adoption,Authorization and Scaling I N S I G H TR E P O R TM A Y2 0 2 6 Contents Foreword3 Executive summary4 Introduction5 1Agent guidelines7 1.1Establishing a shared language for autonomy,8authority and consequence1.2Allocating decision rights and accountability across the life cycle91.3Defining when agentic systems are the appropriate solution91.4Sequencing adoption and prioritizing early use cases101.5Deployment contexts and baseline governance111.6Defining the human–agent operating model121.7From enterprise guidelines to deployment authorization12 2ACAP: The Agent Capability and Authorization Profile14 2.4Monitor and improve27 Conclusion30 Appendix: ACAP summary playbook31 Contributors34 Endnotes37 Disclaimer This document is published by theWorld Economic Forum as a contributionto a project, insight area or interaction.The findings, interpretations andconclusions expressed herein are a resultof a collaborative process facilitated andendorsed by the World Economic Forumbut whose results do not necessarilyrepresent the views of the World EconomicForum, nor the entirety of its Members,Partners or other stakeholders. ©2026 World Economic Forum. All rightsreserved. No part of this publication maybe reproduced or transmitted in any formor by any means, including photocopyingand recording, or by any informationstorage and retrieval system. Foreword Stephan MergenthalerManaging Director,Chief Technology Officer,World Economic Forum Volker DariusChief Executive Officer,Capgemini Invent Cathy LiHead, Centre for AI Excellence;Member of the ExecutiveCommittee, World Economic Forum Artificial intelligence (AI) agents have left researchlaboratories to become a permanent fixture inorganizational workflows. This shift has outpacedour existing governance frameworks. Where thefirst publication in this series laid the conceptualfoundations, and the second introducedassessment and classification tools, this third reporttackles a decidedly practical question: how can anorganization, in concrete terms, delegate authorityto an automated system while remaining fullyaccountable for its actions? actively maintained in production. Only then canorganizations move from isolated pilots to portfoliosof agents deployed with confidence, enabling theexpected benefits of automation to be realizedwithout compromising internal controls, regulatorycompliance or stakeholder trust. This report is the result of intensive collaborationbetween practitioners, technical teams, riskmanagement functions and legal experts froma variety of industries. It does not offer universalanswers, but rather a structured, adaptable andauditable authorization model: the Agent Capabilityand Authorization Profile (ACAP). This modeltranslates corporate policy into an operationalmandate for each deployment. The answer to this question is not primarilytechnical. It is organizational. What we haveobserved in our work with members of the AI GlobalAlliance’s Safe Systems and Technologies workinggroup is that organizations grasp what an agentcan do, but they struggle to define what it shouldbe authorized to do in context. This gap betweencapability and authorization is both the centralchallenge to large-scale adoption and the rationaleof this playbook. We hope this playbook will provide a practicalresource for teams seeking to integrate AIagents into their organizations responsibly andcontribute more broadly to the development ofshared standards for the governance of delegatedagency. As Andrej Karpathy has framed it: thedecade of AI agents has begun.1The way we laythe foundations today will determine the trust wecan place in them tomorrow. The governance of AI agents cannot be anafterthought. It must be built in at the designstage, formalized before deployment and Executive summary The Agent Capability and AuthorizationProfile is a practical framework designedto help organizations adopt, authorizeand scale AI agents. Artificial intelligence (AI) agents introduce newadoption challenges for organizations, particularlyin defining the conditions under which they areauthorized to act and in ensuring that this authorityis enforced as systems evolve in operation. technical controls and maintaining authorizationthrough production monitoring. Many agents in a portfolio may share the samefoundation model, therefore, a single model-level vulnerability can propagate across anorganization’s entire agent estate simultaneously,reinforcing the need for deployment-levelauthorization and monitoring for each instance. This playbook introduces the Agent Capabilityand Authorization Profile (ACAP) as a deployment-level authorization instrument for agentic systems.The ACAP connects enterprise delegation policy,system design and operational oversight in asingle, repeatable workflow that makes delegatedaction auditable, enforceable and reviewable. It provides three core elements: clear agentguidelines, enforceable autho