Skip to content

M9: Agents: tools, function calling & frameworks (plan for ~2 sessions)

So far the model has talked. An agent can act: do maths, search logs, look something up, take a step, then decide the next one. Today you build that, first by hand so you see exactly how it works, then with a real framework so you see how the pros do it. Your headline build is a security analyst's assistant that triages an alert (on safe, fake data), plus a friendly everyday helper, because agents are for everyone.

Today's win: you build an AI agent that uses tools to complete a multi-step task, once from first principles, once with a framework (LangGraph) plus memory.

Today you will

  • Understand tool calling / function calling from first principles: schema → model picks a tool → you run it → return the result → repeat (the ReAct loop)
  • Build a tool-using agent by hand, then rebuild it in LangGraph with memory
  • Apply it to a SOC (security) triage assistant (synthetic data only) and a non-security helper, and survey the wider framework landscape (LangGraph, CrewAI, AutoGen, OpenAI/Claude SDKs, LlamaIndex, smolagents, Hermes, MCP)

Run of show (~2 sessions)

Time What we do
Session 1 Hook → the ReAct loop idea → Lab 9a: build a tool-using agent from scratch (manual loop)
Session 2 Frameworks & why → Lab 9b: rebuild in LangGraph + memory → the SOC agent + a helper → survey table

If you get stuck

  • New installs in 9b: langgraph + langchain-anthropic (Python 3.10-3.12; see the install guide). 9a needs only M4's anthropic.
  • An agent calling the wrong tool (or none) is usually a tool description problem, make the description say when to use it. Re-read the You should now see line; compare with your partner.
  • Security content is educational and uses synthetic data only. Never point an agent at real systems, real logs, or real intel without authorization. These agents only investigate and summarize, they take no real action.

Optional challenge

Give the SOC agent a question that needs two tools in sequence ("is the IP that failed logins in our logs also known-bad?"). Watch it correlate, enrich the indicator and search the logs, before answering. That multi-step chaining is what makes it an agent, not a chatbot.