The term agent in AI has been used and abused throughout the last couple of years.

Depending on who says it, it may cover a chatbot that answers customer questions, a multi-step workflow that processes invoices, or a swarm of specialized systems coordinating on a complex task.

It is used to refer to simple zero-shot based query systems, as well as complex multi-agent architectures and hybrid systems. The part or the whole. The individual or the conjunction.

Getting the definition right matters. If you are assessing what parts of your business may benefit the most from redesigning them as agentic systems, or evaluating vendor pitches scoping a build. Or even for explaining to an executive what you actually want. You need a working model.

In this week’s piece, I decompose what an AI agent is and what its components are.

What is an agent

In its broadest definition, an agent is a system that can perceive its environment and take action upon it.

That’s it. But there is more...

From the above, an AI agent is characterized by four things: the environment it operates in, how it perceives that environment, its capacity to reason about what it perceives, and the actions it can take.

Consider a customer service agent. Its environment is the product documentation, client data, and chat channel. It perceives through the incoming message and whatever information it retrieves from memory. It reasons by planning a response strategy, evaluating intermediate results, deciding whether to escalate. And it acts by composing a reply, logging the interaction, or handing off to a human.

If the agent is built to play chess, the game and its rules are the environment. If its goal is to write and deploy code, the codebase and its toolchain are the environment.

Unlike simple prompt-response flows, an agent doesn’t just answer a question. It plans, acts, observes the result, and adjusts.

“Workflows are systems where LLMs and tools are orchestrated through predefined code paths. Agents, on the other hand, are systems where LLMs dynamically direct their own processes and tool usage.”

Building effective agents, Anthropic

So, how does an agent accomplish its perception, planning, reasoning, and action capabilities? What makes an agent an agent?

Much like the AI stack, through a five-layer cake of components:

1. Model

In an agent, the AI model is the brain that perceives, reasons and acts.

Generally, a foundation model sits at the core and handles the cognitive work: planning steps to accomplish a task, reasoning about inputs and intermediate outputs, reflecting on action outcomes, calling tools, and deciding when the job is done.

“Planning” refers to specific techniques that have emerged in the research. Chain-of-thought prompting breaks a complex task into sequential reasoning steps. Tree of Thoughts extends this by exploring multiple possible paths before committing to one. And reflection patterns like ReAct (think, act, observe, repeat) allow the model to evaluate its own intermediate results and correct course before proceeding. Just to name a few classical ones.

Well-designed systems decouple planning from execution. The model generates a plan, validates it, then executes step by step. At runtime, the plan can shift in response to what the agent discovers along the way. This also makes it easier to introduce human-in-the-loop validation techniques.

Whether foundation models can truly plan remains actively debated. What practical experience consistently confirms is that larger, more capable models are reliably better at the multi-step reasoning that agentic workflows demand.

Also, in general, agentic systems demand more capable models than simple prompt-response use cases:

• Tool use is hard: selecting the right tool from a growing inventory, constructing correct parameters, and chaining multiple calls is a sophisticated capability that frontier models handle materially better than smaller ones.

• Errors compound: a 10-step process with 99% per-step accuracy still yields only ~90.4% end-to-end success, and at 20 steps you’re down to ~82%.

• Severity is higher: On read operations, an agent can retrieve wrong information and reason confidently over it, producing plausible but incorrect conclusions. On write operations, the damage is material: sent emails, modified databases, deployed code.

2. Context

Context is the agent’s briefing: what it uses to understand a task and perceive its environment at each step. It’s a layered set of instructions, from general to specific, that the agent receives before it starts working and while it runs.

In practice, context follows a hierarchy. At the top sits the system prompt: the permanent instructions that define the agent’s role, constraints, and personality. Below that, tool definitions describe what the agent can do and how each tool should be invoked. Then come memory files (persistent context from prior sessions), conversation history, and finally the current user message. Each layer narrows the focus from “who you are” to “what you’re doing right now.”

Why does this matter? Because models are sensitive to how information is positioned. Reasoning performance degrades by as much as 73% when critical content lands in the middle of long contexts instead of near the beginning or end, a phenomenon researchers call “Lost in the Middle.”

How you structure the briefing is as important as what’s in it. Getting the context architecture right is one of the highest-leverage activities in agent design, and one of the least visible until something breaks.

3. Memory

Memory is how an agent retains, references, and uses information across and within tasks.

An agentic system needs memory to store instructions, examples, plans, tool outputs, and reflections. It operates on three tiers.

Internal knowledge is what the model absorbed during training. Baked in, frozen in time, available in every query. Think of it as the agent’s education (and, like most education, occasionally wrong). It knows what Python is and how HTTP works. It doesn’t know what happened in your codebase last Tuesday.

Short-term memory is the context window itself: the accumulating record of the current conversation, intermediate outputs, and tool results. It lives for the duration of the task. As a session progresses, earlier exchanges become part of this working memory, letting the agent reference what came before.

Context windows have limits. When they fill up, the system compresses or drops older information. Every piece of data in the window competes for the model’s attention.

Long-term memory is externally stored information (databases, vector stores, file systems, static markdown docs) that the agent retrieves as needed. It also can be persisted across tasks and sessions.

Unlike internal knowledge, it can be updated, expanded, and pruned without retraining the model. This is the most actively engineered layer in agent development.

4. Tools

Tools are what give an agent its hands. The set of actions an AI agent can perform is augmented by the tools it has access to.

They enable both perception (reading from the environment) and action (writing to it). A web search tool reads. A code execution tool writes. An API connector does both.

The mechanics: when a model decides it needs to take an action or retrieve information, it generates a structured tool call (specifying which tool and what parameters). The system executes the call, and the result flows back into the agent’s context for the next reasoning step.

This tool-call-result loop is what makes an agent iterative rather than one-shot.

Most model providers now support tool use natively, commonly called function calling.

Tools represent a new kind of software: unlike traditional APIs designed for predictable callers, tools must be legible to a model that will interpret, select, and combine them in ways the designer can’t fully anticipate. Tool descriptions need to be precise (the model reads them to decide which tool to use).

Some examples:

• Knowledge augmentation tools: Web browsing (including search APIs, social media APIs, proprietary interfaces or web parsing), Image retrievers, SQL executors, internal APIs, or Slack connectors.

• Capability extension tools: Calculators, unit converters, code interpreters, other AI models (e.g., ImageGen model), LaTeX compilers, pdf editing tools, OCR library, or Command Line Interfaces (CLIs).

More tools mean more capabilities. But more tools can also hurt performance. A disciplined, well-documented tool inventory often outperforms a sprawling one. You sometimes improve an agent by removing tools, not adding them.

5. Data

Data is the external knowledge an agent accesses at query time. The model’s internal knowledge covers what it learned during training. Long-term memory stores persistent context about the user or environment. Data is the broader pool: the information the agent can search and retrieve on demand.

One of the primary mechanisms is retrieval-augmented generation (RAG). A useful framing: if the model’s training is a closed-book exam, RAG turns it into an open-book one.

The agent queries an external source (a vector database, a search index, a document store), retrieves relevant passages, and feeds them into its context alongside the user’s question. The model then reasons over both the question and the retrieved content to produce its answer.

In more sophisticated systems, the agent doesn’t just retrieve passively. It autonomously constructs queries, evaluates whether results are sufficient, and performs multi-hop retrieval when initial results fall short (this is sometimes called agentic RAG).

There are new and complementary techniques emerging as we go.

For enterprise deployments, where the agent must navigate proprietary documentation, internal wikis, and structured databases, the quality of this data layer often determines whether the agent is useful or merely impressive in demos.

These five components are the core anatomy. Production-grade agents also require observability (tracing what each component produced and why) and evaluation (systematic detection of failures). Both deserve their own treatment.

Practitioners use a term for everything wrapping the LLM: the harness. In other words, what is not the model is the harness. And it can matter more than the quality of the model itself.

When one agent isn’t enough

Some tasks outgrow a single agent. Multi-agent systems combine specialized agents, each with its own model configuration, tool inventory, and defined scope, into coordinated pipelines capable of handling tasks no single agent could manage alone.

Enterprise interest in this space is accelerating. Inquiry volume for multi-agent systems surged 1,445% from Q1 2024 to Q2 2025, and projections suggest that by 2027, 70% of multi-agent deployments will use narrowly specialized agents rather than generalists.

On the one hand, the promise of specialization is that a focused agent can be smaller, faster, and more reliable than a general-purpose one given the same sub-task.

On the other, the risk is complexity. Coordinating multiple agents introduces failure modes (communication overhead, conflicting plans, cascading errors) that can outweigh the benefits.

This deserves its own piece.

Understanding what an agent is and being able to name its parts is a practical skill.

When someone pitches you an “AI agent solution,” you now have five questions: What model? What context? What memory? What tools? What data?

Also, what I described here is the anatomy.

There is another side worth exploring: how the agent actually works at runtime. The orchestration loop that governs step-by-step execution. State persistence across sessions. Error recovery. Guardrails. The physiology, how these components interact when the agent is running.

I’ll save that for a follow-up.