Skip to content

Lab: M9: build an AI agent (tools, function calling & a framework)

You'll need: your M4 setup (venv, key in .env, anthropic). For Session 2, two new installs: langgraph and langchain-anthropic. Time: ~2 sessions • Work in your breakout pair.

Responsible use: the security parts use synthetic, made-up data (see tools.py). This is for learning to investigate and summarize, never point an agent at real systems, real logs, or real threat feeds without authorization. Errors are normal and safe.

flowchart LR
  U["question"] --> M["model decides"]
  M -->|needs a tool| T["you run the tool<br/>(real function)"]
  T -->|result| M
  M -->|done| A["final answer"]

Session 1 · Part 9a: build an agent from first principles

Step 1: Set up the folder

Put agent_manual.py, tools.py (from solution/) and agent_starter.py (from starters/) in a folder with your M4 .env. Activate your venv.

You should now see: (.venv) and those files (ls / dir).

Step 2: Run it and watch a tool fire

python agent_manual.py
Ask: What is 18% of 245?

You should now see: a line like [tool] calculate({'expression': '245 * 18 / 100'}) -> 44.1, then an answer of about 44.1. That [tool] line is the agent deciding to use a tool, your code running it, and the result going back, the whole loop, visible.

Step 3: A two-step task

Ask: What is 12 * 9, and how many characters are in that answer?

You should now see: two tool calls, first calculate (→ 108), then count_characters (→ "3 characters"), and a final answer. The agent chained tools to finish a multi-step task. That chaining is what makes it an agent, not just a chatbot.

Step 4: Read the loop

Open agent_manual.py and find agent(). Match the code to the four steps: send tools + question → if stop_reason == "tool_use", run the function → append the tool_result → loop until done.

You should now see / say: "describe tools → model asks for one → I run it → send the result back → repeat." No framework, you can see every step.

Step 5: Add your own tool

Open agent_starter.py. Uncomment the reverse_text tool definition (TODO 2) and its entry in TOOL_FUNCS (TODO 3). Run it and ask: Reverse the word 'hello'.

You should now see: [tool] reverse_text({'text': 'hello'}) -> olleh, then the answer. You just gave an AI a brand-new ability by writing one function and describing it.

Session 2 · Part 9b: rebuild with a framework (LangGraph) + memory

Step 6: Install the framework

With your venv active: 

pip install langgraph langchain-anthropic
python -c "import langgraph, langchain_anthropic; print('frameworks ready')"
You should now see: frameworks ready. (Build error? Use Python 3.12, same fix as M7.)

Step 7: Run the SOC triage agent (synthetic data)

Put soc_agent.py in the folder (it imports tools.py). Run it: 

python soc_agent.py
Paste: Alert: repeated failed logins for "admin" from 185.220.101.45, triage it.

You should now see: the agent enrich the IP with lookup_ioc (returns MALICIOUS, Tor exit node…), search the logs with search_logs (finds the failed logins, a successful one, then a customer_db.csv download), and finish with a short summary + suggested next step. You wrote no loop, LangGraph ran it. (Synthetic data.)

Step 8: See its memory

Ask a follow-up that refers back: Which user was being targeted, and what did they download?

You should now see: it answers from the earlier investigation (user admin, downloaded customer_db.csv) without you re-pasting the alert. The MemorySaver + thread_id give it conversation memory.

Step 9: A non-security agent (broad appeal)

Run the everyday helper: 

python helper_agent.py
Say: Remember I parked on level 3. Then ask: Where did I park?

You should now see: it saves a note (save_note) and later recalls it, same framework, a totally different, friendly use. Try what's 18% of 240? too.

Step 10: Survey the landscape

Read the framework survey table in notes.md.

You should now see / say: you can name what LangGraph, CrewAI, AutoGen, the OpenAI/Claude SDKs, LlamaIndex, smolagents, Hermes, and MCP are for, and which one you'd reach for next. (You don't install them all, that's the point of a survey.)

Stuck? Working solutions are in ../solution/. Peek only after you've tried.

Your win

You built an AI agent two ways, by hand and with LangGraph, gave it tools and memory, and pointed it at a real-shaped task (security triage on safe data) and an everyday one.

Post it to the chat wins board: your agent's tool trace, e.g. "My SOC agent: lookup_ioc(185.220.101.45)→MALICIOUS, search_logs→data exfil, 'escalate to L2'. I built an agent that investigates "

Take-home (optional)

Add a third tool to the SOC agent, e.g. a whois-style domain_age(domain) that returns a (synthetic) age, and ask a question that needs it. Then skim M10's preview: an agent that can act is powerful and risky, which is exactly why guardrails come next.