AI Workflow Store: A New Paradigm for Infusing Software Engineering Rigor into Personal Agents

The mainstream on-the-fly synthesis paradigm of current AI agents has hidden concerns regarding reliability and security. The paper proposes the AI Workflow Store as a solution: by reusing strictly engineered and verified workflows, it strikes a balance between flexibility and reliability, infusing software engineering rigor into personal agents.

Hidden Concerns of On-the-Fly Synthesis

Current AI agents adopt the on-the-fly synthesis paradigm, which, while flexible and responsive, sacrifices reliability and security. It is like generating ad-hoc prototypes by bypassing rigorous software engineering practices (iterative design, strict testing, etc.), which may pose risks in high-stakes scenarios (financial operations, medical decisions, etc.).

Tension Between Flexibility and Reliability

On-the-fly synthesis provides extremely high flexibility to handle arbitrary tasks, but overemphasis on flexibility leads to a lack of reliability; software engineering practices ensure systems are reliable and predictable—there is a fundamental trade-off between the two.

The AI Workflow Store is a repository containing hardened and verified reusable workflows:

• Workflow Definition: Not a simple prompt template, but an agentic program that includes input/output specifications, testing logic, error handling, security constraints, etc.;
• Hardened Verification: Strictly verified through functional testing, boundary testing, adversarial testing, etc.;
• Deterministic Constraints: Consistent output for the same input to build user trust;
• Reuse Amortization: Create and verify once, reuse multiple times to reduce engineering costs.

Dimension	On-the-Fly Synthesis	Workflow Store
Response Time	Seconds to minutes	May be longer (but optimizable)
Flexibility	Extremely high, handles arbitrary tasks	Limited to workflows in the Store
Reliability	Uncertain, depends on prompts and models	Verified with clear guarantees
Security	Relies on model alignment and sandboxing	Built-in security constraints
Predictability	Low, same input may yield different outputs	High, deterministic behavior
Application Scenarios	Low-risk exploratory tasks	High-risk production tasks
The paper advocates for the coexistence of both modes: use on-the-fly synthesis for low-risk tasks and Store workflows for high-risk tasks.

Implementing the AI Workflow Store faces multiple challenges:

1. Workflow Discovery and Synthesis: Requirement mapping, automatic creation of new workflows;
2. Verification and Testing: New testing methodologies for agentic systems;
3. Formalization of Security Constraints: Encoding security policies into workflows;
4. Version Management and Compatibility: Workflow evolution and updates;
5. User Experience Design: Workflow discovery and selection;
6. Ecosystem Construction: Incentivizing developer contributions and trust mechanisms.

The AI Workflow Store is suitable for scenarios requiring high reliability and security:

• Financial Automation: Zero-error-tolerance tasks such as transactions and transfers;
• Medical Assistance: Processing sensitive health information like diagnosis and drug checks;
• Enterprise Processes: Complex business rules like HR onboarding and compliance checks;
• Critical Infrastructure: High-risk operations like energy network and traffic signal monitoring.

Critical Reflections

• Loss of Flexibility: Does it lead to excessive rigidity?
• Feasibility of Verification: Difficulty in fully verifying agentic systems;
• Centralization Risks: Single point of failure or monopoly issues with the Store;
• User Education: How to guide correct mode selection.

Future Outlook

The AI ecosystem may be layered: the bottom layer is a verified workflow library, the middle layer is a composition and orchestration system, and the top layer is a natural language interface—retaining flexibility while ensuring reliability. The Workflow Store provides an engineering path for the long-term development of AI agents.