Lab: M9: build an AI agent (tools, function calling & a framework)
You'll need: your M4 setup (venv, key in .env, anthropic). For Session 2, two new installs:
langgraph and langchain-anthropic. Time: ~2 sessions • Work in your breakout pair.
Responsible use: the security parts use synthetic, made-up data (see
tools.py). This is for learning to investigate and summarize, never point an agent at real systems, real logs, or real threat feeds without authorization. Errors are normal and safe.
flowchart LR
U["question"] --> M["model decides"]
M -->|needs a tool| T["you run the tool<br/>(real function)"]
T -->|result| M
M -->|done| A["final answer"]
Session 1 · Part 9a: build an agent from first principles
Step 1: Set up the folder
Put agent_manual.py, tools.py (from solution/) and agent_starter.py (from
starters/) in a folder with your M4 .env. Activate your venv.
You should now see: (.venv) and those files (ls / dir).
Step 2: Run it and watch a tool fire
python agent_manual.py
You should now see: a line like [tool] calculate({'expression': '245 * 18 / 100'}) -> 44.1,
then an answer of about 44.1. That [tool] line is the agent deciding to use a tool, your code
running it, and the result going back, the whole loop, visible.
Step 3: A two-step task
Ask: What is 12 * 9, and how many characters are in that answer?
You should now see: two tool calls, first calculate (→ 108), then count_characters
(→ "3 characters"), and a final answer. The agent chained tools to finish a multi-step task. That
chaining is what makes it an agent, not just a chatbot.
Step 4: Read the loop
Open agent_manual.py and find agent(). Match the code to the four steps: send tools + question →
if stop_reason == "tool_use", run the function → append the tool_result → loop until done.
You should now see / say: "describe tools → model asks for one → I run it → send the result back → repeat." No framework, you can see every step.
Step 5: Add your own tool
Open agent_starter.py. Uncomment the reverse_text tool definition (TODO 2) and its entry in
TOOL_FUNCS (TODO 3). Run it and ask: Reverse the word 'hello'.
You should now see: [tool] reverse_text({'text': 'hello'}) -> olleh, then the answer. You
just gave an AI a brand-new ability by writing one function and describing it.
Session 2 · Part 9b: rebuild with a framework (LangGraph) + memory
Step 6: Install the framework
With your venv active:
pip install langgraph langchain-anthropic
python -c "import langgraph, langchain_anthropic; print('frameworks ready')"
frameworks ready. (Build error? Use Python 3.12, same fix as M7.)
Step 7: Run the SOC triage agent (synthetic data)
Put soc_agent.py in the folder (it imports tools.py). Run it:
python soc_agent.py
You should now see: the agent enrich the IP with lookup_ioc (returns MALICIOUS, Tor exit
node…), search the logs with search_logs (finds the failed logins, a successful one, then a
customer_db.csv download), and finish with a short summary + suggested next step. You wrote no
loop, LangGraph ran it. (Synthetic data.)
Step 8: See its memory
Ask a follow-up that refers back: Which user was being targeted, and what did they download?
You should now see: it answers from the earlier investigation (user admin, downloaded
customer_db.csv) without you re-pasting the alert. The MemorySaver + thread_id give it
conversation memory.
Step 9: A non-security agent (broad appeal)
Run the everyday helper:
python helper_agent.py
You should now see: it saves a note (save_note) and later recalls it, same framework, a
totally different, friendly use. Try what's 18% of 240? too.
Step 10: Survey the landscape
Read the framework survey table in notes.md.
You should now see / say: you can name what LangGraph, CrewAI, AutoGen, the OpenAI/Claude SDKs, LlamaIndex, smolagents, Hermes, and MCP are for, and which one you'd reach for next. (You don't install them all, that's the point of a survey.)
Stuck? Working solutions are in
../solution/. Peek only after you've tried.
Your win
You built an AI agent two ways, by hand and with LangGraph, gave it tools and memory, and pointed it at a real-shaped task (security triage on safe data) and an everyday one.
Post it to the chat wins board: your agent's tool trace, e.g. "My SOC agent: lookup_ioc(185.220.101.45)→MALICIOUS, search_logs→data exfil, 'escalate to L2'. I built an agent that investigates "
Take-home (optional)
Add a third tool to the SOC agent, e.g. a whois-style domain_age(domain) that returns a
(synthetic) age, and ask a question that needs it. Then skim M10's preview: an agent that can act
is powerful and risky, which is exactly why guardrails come next.