How Agents Work

An agent is just an LLM in a loop with tools. That's the whole thing. Let's build one from scratch to see why.

by Arnav Gosain

0

Start With an LLM

An LLM is text in, text out. You send a message, it predicts tokens, you get a response. One call. That's it.

It can reason about problems, write code, analyze data. But it can't do anything. Can't search the web, can't read files, can't hit an API.

To make it useful, we need to let it act on the world. That means giving it tools.

1

Give It Tools

Tools are functions the LLM can request. It never runs them itself. It outputs structured data like "call search_web with query X", and your code executes the function.

You pass the LLM a list of tools with names and descriptions. The model reads those descriptions and picks what it needs. It sees descriptions, not code.

Example tools
search_web(query) → search results
read_file(path) → file contents
run_code(code) → execution output

Problem: one LLM call means one round of tool use. A complex question might need search, then read, then search again. You need multiple turns.

2

Put It in a Loop

This is what makes it an agent. Instead of one call, you put the LLM in a loop.

Each iteration
01
Think. Send the full conversation to the LLM. It decides what to do.
02
Act. If it picks a tool, run it.
03
Observe. Append the result to the conversation.
04
Repeat. Go to 01.

Each iteration appends to the conversation history, so the model always sees everything that happened before. It builds context as it goes.

This is the ReAct pattern (Reason + Act) from Yao et al., 2022. Claude Code, ChatGPT, Cursor, Devin all use it.

3

Know When to Stop

A loop without an exit condition runs forever and burns your API budget. Three ways out:

Exit conditions
Task complete. The LLM responds with text instead of a tool call. No tool call means done.
Max iterations. A hard cap (say 25 turns) prevents runaway loops. Safety net.
Error. A tool returns a fatal error. The agent bails.

In practice, the most common exit is the first one. The LLM stops calling tools when it has enough information to answer. The loop ends naturally.

That's It

Claude Code, ChatGPT, Cursor, Devin, Copilot. They all run this pattern. The pseudocode is a working agent.

The differences are in the details: better tool descriptions, smarter system prompts, memory, planning, error recovery. Strip that away and you get the same core.

Everything else is optimization.

Sources: Anthropic, "Building Effective Agents" · Yao et al., ReAct (2022) · Lilian Weng, "LLM Powered Autonomous Agents"