Skip to content

M9 solution

The expected, fully-commented artifacts for M9's two labs. Peek only after you've tried.

File What it is
tools.py The tools' real logic (plain functions): a safe calculator, count_characters, a tiny notes store, and the synthetic security data + lookup_ioc / search_logs. Shared by all agents.
agent_manual.py 9a: tool calling from first principles: the manual ReAct loop over the Messages API (calculator + custom tool).
soc_agent.py 9b: the headline SOC L1/L2 triage agent in LangGraph, with memory. (Synthetic data only.)
helper_agent.py 9b: a non-security personal helper in LangGraph (math + note memory), showing the pattern is general.

Run it

# 9a: only needs M4's anthropic
python agent_manual.py
# 9b: install the framework first
pip install langgraph langchain-anthropic     # (or: pip install -r ../../requirements.txt)
python soc_agent.py
python helper_agent.py
All need your .env key. The security data is synthetic: never point these at real systems.

How this was verified

Verified on Python 3 (anthropic 0.109.2; langgraph 1.2.5 + langchain-anthropic 1.4.6): - All tools verified for real (pure Python): the safe calculator computes correctly and rejects code injection (__import__(...) → safe error), lookup_ioc/search_logs return the right synthetic results, notes save/list. - 9a manual loop verified with the model mocked: given a tool_use response, it runs the real calculate() (→ 27), returns the tool_result, and produces the final answer on end_turn. - 9b LangGraph graphs verified to BUILD with real langgraph: create_react_agent(ChatAnthropic(...), tools=[...], prompt=..., checkpointer=MemorySaver()) compiles to a CompiledStateGraph for both agents, confirming the API/signatures are correct on the installed versions (only langgraph + langchain-anthropic needed; not the full langchain).

The only unverified step is the live agent.invoke() (needs a real key + makes billed calls), > the learner's run, flagged for a human pilot. No API key or billed call was used here. Version note: LangGraph's API changes across versions; the code targets langgraph 1.x. If a learner's installed version differs, the create_react_agent signature may need a small tweak, see the install guide.