AI Agents in Action, Second Edition you own this product

Intelligent workflows with LLMs, MCP, A2A, and more

Micheal Lanham

MEAP began November 2025
Last updated March 2026
Publication in Summer 2026 (estimated)

ISBN 9781633434530
325 pages (estimated)

Included with a Manning Online subscription

printed in black & white

available in Complex Chinese

catalog / Data Science / AI / AI Agents

resources: Source code Book forum Source code on Github

table of content

1 The rise of AI agents

1.1 Defining agents and agentic thinking

1.1.1 Understanding agent/assistant and LLM patterns

1.1.2 Thinking like agents

1.1.3 Agents act with tools

1.2 Introducing the Model Context Protocol (MCP)

1.3 Understanding the functional layers of an agent

1.3.1 The Agent Persona

1.3.2 Agent Actions & Tools

1.3.3 Agent Reasoning & Planning

1.3.4 Agent Knowledge & Memory

1.3.5 Agent Evaluation & Feedback

1.4 Advancing onto multi-agent systems

1.4.1 The agent-flow assembly line

1.4.2 Agent orchestrations (hub-and-spoke)

1.4.3 Agent collaboration (teams of agents)

1.5 Summary

2 Core components: Large Language Models, prompting, and agents

2.1 Understanding Large Language Models

2.1.1 LLMs: Probabilistic Token Machines

2.1.2 What is a token?

2.1.3 Tuning Temperature, Top P, and more

2.2 Controlling LLMs with prompt engineering (Agent Persona)

2.2.1 Applying core prompt techniques

2.2.2 Thinking like an LLM

2.2.3 Avoiding common prompt pitfalls

2.3 Building an agent with OpenAI Agents

2.3.1 Building a minimal agent

2.3.2 Setting the Agent Model and other parameters

2.3.3 Controlling inputs and typed outputs

2.3.4 Tracing agents

2.4 Enhancing agents through tool integration

2.4.1 Providing agents with tools

2.4.2 Tracing agentic tool use

2.5 Exercises

2.6 Summary

3 Actions with Model Context Protocol for AI agents

3.1 Understanding MCP fundamentals for agent development

3.1.1 The standardization problem MCP solves

3.1.2 MCP architecture: Clients, servers, and services

3.1.3 Core components: Tools, resources, and prompts

3.1.4 MCP deployment patterns for agents

3.1.5 MCP powers the functional agent layers

3.2 Getting started with MCP Servers

3.2.1 Coding up an MCP Server for Claude

3.2.2 Using the MCP inspector

3.2.3 Understanding MCP transport types

3.2.4 From desktop to agents: the key differences

3.3 Actioning MCP servers for Agents

3.3.1 Actioning local MCP servers over STDIO with agents

3.3.2 Actioning local MCP servers over SSE with agents

3.3.3 Connecting to the standard MCP servers

3.4 Building MCP servers for agents

3.4.1 Converting tools to an MCP server

3.4.2 Consuming MCP servers locally or remotely

3.5 Exercises

3.6 Summary

4 Architecting and building multi-agent systems

4.1 Architecting multi-agent systems

4.1.1 Decision-making for agent systems

4.1.2 Communicating with shared-memory, message-passing, and MCP

4.1.3 Channeling multi-agent coordination strategies

4.2 Balancing agents with agentic flows

4.2.1 Transforming agents to agent flows

4.2.2 Building an Agent-to-Agent flow

4.2.3 Agency and decision making in agent flows

4.3 Understanding handoffs in aAgent flows

4.3.1 Agent-to-agent flow with handoffs

4.3.2 Visualizing agent flows

4.3.3 Monitoring the handoff

4.4 Validating agent flows with guardrails

4.4.1 Implementing input and output guardrails

4.4.2 Using agents as guardrails

4.4.3 Adding guardrails to pass off agent flows

4.5 Exercises

4.6 Summary

5 Agent Reasoning and Planning

5.1 Understanding LLM Reasoning and Planning

5.1.1 Chain of Thought Reasoning

5.1.2 ReAct Paradigm (Reasoning + Acting + Observing)

5.1.3 Planning with LLMs

5.2 Instructing agents to reason and plan

5.2.1 Applying CoT to an Agent

5.2.2 Implementing ReAct with Agents

5.3 Advanced reasoning with agents

5.3.1 Tree of Thought

5.3.2 Reflexion

5.3.3 Selecting the right pattern for your agents

5.4 Utilizing the Sequential Thinking MCP Server

5.4.1 Unchaining the Sequential Thinking Server

5.4.2 Revisiting time travel problems with Sequential Thinking

5.4.3 Advanced reasoning with sequential thinking

5.5 Exercises

5.6 Summary

6 Working with memory and knowledge RAG for agents

6.1 Understanding retrieval in AI applications

6.1.1 The basics of retrieval augmented generation (RAG)

6.1.2 Delving into semantic search and document indexing

6.1.3 Applying vector similarity search

6.2 Vector databases and similarity search

6.2.1 Demystifying document embeddings

6.2.2 Querying document embeddings from Chroma

6.3 Building practical RAG knowledge agents

6.3.1 Everything begins with search and relevance

6.3.2 Building a vector search RAG agent

6.3.3 Building a hybrid search RAG agent

6.4 Adding memory to agents with MCP

6.4.1 Understanding memory form and agent function

6.4.2 Implementing a graph database for memory using MCP

6.4.3 Creating hybrid memory systems with MCP

6.4.4 Semantic augmented memory and applications to semantic, episodic, and procedural memory

6.4.5 Uncluttering memory with compression and forgetting

6.5 Exercises

6.6 Summary

7 Building robust agents with evaluation and feedback

7.1 Introducing agent evaluation and feedback

7.2 Implementing test-driven agent development

7.2.1 Exploring TDAD in practice

7.2.2 Coding and testing the RAG agent

7.2.3 Refactoring the agent

7.2.4 Extending evaluation with an agent evaluator

7.3 Employing grounding, critic, and evaluation agents

7.3.1 Reviewing the grounding agent

7.3.2 Grounding the RAG agent

7.3.3 Implementing grounding agents as guardrails

7.3.4 Understanding the role of rubrics in evaluation

7.3.5 Building a rubric critic agent

7.4 Phoenix for evaluation and feedback

7.4.1 Connecting to Phoenix

7.4.2 Adding metadata and session tracking

7.4.3 Experimenting with evaluators

7.4.4 Providing feedback with Annotations

7.5 Exercises

7.6 Summary

8 Deploying agents and agentic systems

8.1 Strategies for consuming agents

8.1.1 Embedding real-time voice agents into web applications

8.1.2 Hosting agents through an API

8.1.3 Consuming an agent web service in a web application

8.2 Dockerizing agent systems

8.2.1 Containerizing an agent microservice

8.2.2 Orchestrating agentic systems with Docker Compose

8.2.3 Externalizing local agent microservices

8.3 Considering advanced deployment strategies

8.3.1 Choosing a runtime: edge, API, or event-driven

8.3.2 The three “wires” of communication

8.3.3 Practical multi-agent topologies that adapt well

8.3.4 State, memory, and idempotency

8.3.5 Release engineering for agents (prompts, tools, models)

8.3.6 Observability matters

8.3.7 Reliability patterns: timeouts, fallbacks, and budgets

8.3.8 Cost control and model routing

8.4 Security, safety, and governance in production

8.4.1 A quick threat model for agentic systems

8.4.2 Identity and access—for people, services, and agents

8.4.3 Secrets and configuration management

8.4.4 Tool safety: sandboxing and egress control

8.4.5 Prompt-injection and data-exfiltration defenses

8.4.6 Safety and policy enforcement

8.5 Exercises

8.6 Summary

9 Engaging GPT Assistants

10 Exploring collaborative agent systems

11 Troubleshooting

Overview

3 Actions with Model Context Protocol for AI agents

This chapter introduces the Model Context Protocol (MCP) as a unifying “USB‑C for agents and LLMs” that standardizes how AI systems discover and use tools, data, and other agents. Built on JSON‑RPC 2.0, MCP addresses fragmented tool integrations, inconsistent data access, brittle multi‑agent orchestration, and uneven security controls. By turning external capabilities into discoverable, interchangeable components, MCP shifts agent development from custom glue code to composing reusable parts, enabling richer research workflows and letting developers both consume existing servers and publish their own agent capabilities as servers for reuse.

The chapter explains the MCP ecosystem of clients, servers, and services, and the core server components—tools for actions, resources for data, and prompts for standardized interactions—exposed via discovery endpoints. It details deployment and transport patterns: low‑latency local subprocess communication over STDIO, networked HTTP access via Server‑Sent Events (SSE), and hybrid setups that mix both for sensitivity, scale, and sharing. Beyond simple tool use, MCP augments all agent layers—from tools and actions to reasoning/planning, knowledge/memory, and evaluation/feedback—while highlighting crucial behavioral differences between supervised assistants and autonomous agents, and the need for safety, validation, and access control to avoid unintended actions.

Practically, the chapter walks through spinning up a minimal FastMCP server, exercising it with a desktop client and the MCP Inspector, and wiring it into an agent using an SDK—showing how to swap between STDIO and SSE with minimal code changes. It demonstrates consuming a growing catalog of ready‑made servers (for files, planning, web/data APIs, and productivity apps) and motivates building bespoke servers to encapsulate business logic and constrain permissions. A worked example converts a journaling agent’s internal tools into an MCP server, illustrating the benefits of separation of concerns, reuse, and scalability, along with cautions about scoping file access and sharing state across clients. Exercises reinforce the concepts by having readers install, inspect, connect, switch transports, wrap restricted capabilities, and package an agent as a reusable MCP service.

The leading challenges AI Agent developers face when building agents include fragmented tool integration, inconsistant data access, complicated multiple-agent orchestration, and security and control.

A typical problem agent/LLM developers face when connecting to multiple services and resources is the lack of standardized connections and the need to support multiple different connectors to whatever services they need access to.

Implementing MCP as a service layer abstracts access to the various services that agent may want to connect to and use.

The basic components of MCP architecture are the client, server, and services. Here you can see some common clients (agents, LLM applications, Claude desktop, and VS code) and potential services (file operations, database queries, web APIs, and other agents) that the clients might connect to.

The main components of an MCP server include prompts, specialized system instructions; resources (used for access to files), configuration, and databases; and Tools, which are extensions of an internals agent’s ability to consume and use tools

The various deployment patterns that may be used to connect MCP servers to agents. From running locally and within a child process on the same machine, running remotely and accessible over HTTP to include hybrid architectures that blend local and remote MCP servers to single agent.

MCP can be used to add functionality in the form of tools to all the functional agent layers.

Claude desktop may consume multiple MCP servers deployed locally or remotely. The LLM that powers Claude then uses the MCP components (generally tools) to enhance its capabilities.

Shows the MCP server settings for Python file

Shows the MCP hosted tool being executed within Claude desktop

Shows the MCP Inspector interface examing available tools and executing them

The key differences between MCP tool execution from an LLM application (Claude Desktop) or through using an agent include; assistants require human supervision while agents are autonomous, assistants are interactive to agents programmatic, agents perform more complex multi-step workflows and assistants typically are limited to performing simple plans.

Shows the various ways an agent may interact with and consume MCP servers

The time tracker agent will record time events using internal function tools as it processes the events in a loop. After the loop finishes the agent is asked to summarize the events and it will use the Load Journal Evants tool to load the journal of events and summarize

The separation of tools from the agent into a standalone MCP server that could be hosted locally or remotely and access through STDIO (local) or SSE (remote). Now the agent registers the MCP server instead of individual tools and then internally discovers the tools the server supports and how to use those tools.

Summary

MCP = “USB-C for LLMs & agents.” A JSON-RPC-2.0 spec that erases bespoke glue code for tools, data sources, and even other agents.
MCP solves fragmentation (multiple tool schemas), brittle data access, ad-hoc orchestration, and uneven security by giving every capability a uniform interface.
MCP supports three components: Tools (actions), Resources (data/objects), and Prompts (re-usable templates). Agents can treat any of them as callable verbs.
MCP Architecture is in 3 parts: MCP Client, Server, and the Service/Resource it fronts. An agent is just one kind of client.
STDIO – sub-process, zero-latency, single caller (great for local development).
SSE – HTTP + Server-Sent Events, multi-client, cloud-friendly. Switching is literally a constructor swap.
MCP is not just for tools/actions but can support the other functional layers (Reasoning & Planning, Knowledge & Memory, Evaluation & Feedback)
MCP can be deployed using a mixture of patterns: Local, remote, or hybrid — mix and match to keep sensitive operations local while sharing heavy APIs remotely.
The MCP Inspector gives a live, clickable view of any server—perfect for debugging tool schemas and outputs before wiring agents to them.
MCP reference servers are available for use or inspection and include: filesystem, brave-search, google-calendar, github, etc.—all installable with a single npx or mcp run.
Agents themselves can be wrapped as servers, turning an entire reasoning pipeline into a reusable, strongly typed tool.
Typed Pydantic I/O flows end-to-end, eliminating fragile string parsing in multi-agent chains.
MCP enables LEGO-style composition of agent systems—each block isolated, testable, and instantly swappable without touching the others.

FAQ

What is the Model Context Protocol (MCP) and why does it matter for agents?

MCP is an open standard by Anthropic (built on JSON-RPC 2.0) that standardizes how agents and LLM apps connect to external tools, data, and services. It’s often called “USB‑C for agents” because it replaces bespoke integrations with a single, consistent protocol, letting you plug in capabilities (tools, resources, prompts) quickly and safely.

Which development problems does MCP solve?

Fragmented tool integration: One protocol instead of multiple vendor-specific tool formats.
Inconsistent data access: Unified access to files, databases, and web APIs.
Complex multi-agent orchestration: A standard way for agents to expose and consume capabilities.
Security and control gaps: Consistent policy, permissions, and monitoring across integrations.

How is MCP structured? What are clients, servers, and services?

MCP client: The agent or LLM app (e.g., Claude Desktop, VS Code, your agent) that discovers and uses capabilities.
MCP server: Exposes tools, resources, and prompts; handles requests via JSON-RPC 2.0.
Service/resource: The underlying system (files, DBs, web APIs, or even other agents) the server wraps.

What are the core MCP components: tools, resources, and prompts?

Tools: Actionable operations agents can invoke (primary way most agents/LLMs interact).
Resources: Expose external data or artifacts (files, configs, DB records) for consumption.
Prompts: Reusable templates/instructions for consistent workflows.

Note: The OpenAI Agents SDK currently focuses on tools; tools can emulate resources/prompts when needed.

What deployment and transport options does MCP support?

Local (STDIO): Server runs as a subprocess; low latency, no networking, 1:1 client–server. Great for development and single-machine setups.
Remote (SSE over HTTP): Network-addressable; supports multiple clients, load balancing, and cloud deployments.
Hybrid: Mix local servers for sensitive tasks (e.g., file access) and remote servers for shared/scale-out services.

How do I get started quickly with a simple MCP server?

Write a small server with FastMCP and annotate functions with @mcp.tool().
Run locally over SSE: mcp run -t sse your_server.py.
Or integrate with Claude Desktop via mcp install your_server.py and enable it in Settings → Developer.
In assistants like Claude Desktop, tool execution requires human approval.

How can I explore and debug an MCP server?

Use the MCP Inspector:

Start: mcp dev <absolute-path-to>/your_server.py (absolute path required).
Open the printed URL and inspect tools, run them, and view logs/history.
Note: When launched via uv as a child process, transport typically shows as STDIO.

How do agents connect to MCP servers locally and remotely?

Local (STDIO) from code: Use MCPServerStdio with a command like mcp run your_server.py to spawn a subprocess and pass it to the agent’s mcp_servers.
Remote (SSE): Run the server separately with mcp run -t sse ..., then use MCPServerSse and point to the server’s /sse URL.
Swapping STDIO ↔ SSE is typically a small code change.

What ready-to-use MCP servers can I plug in?

Common options include filesystem, sequential thinking, fetch, web search, and productivity/integration servers. Examples:

Filesystem: npx -y @modelcontextprotocol/server-filesystem <path>
Brave Search: npx -y @modelcontextprotocol/server-brave-search
Fetch: npx -y @modelcontextprotocol/server-fetch
GitHub: npx -y @modelcontextprotocol/server-github
Google Drive/Calendar/Maps, Notion, Slack, Todoist, and more

What are key safety and best practices when using MCP with agents?

Agents are autonomous; unlike assistants, they don’t require human approval. Validate and constrain what tools they can access.
Least privilege: Scope filesystem servers to a safe directory; avoid broad destructive permissions.
Test and monitor: Use the inspector; add evaluation/feedback loops (covered later) to prevent “rogue” actions.
State awareness: Remote/SSE servers may be shared across agents; in-memory state (e.g., journals) can persist and be updated by multiple clients.
Prefer building your own MCP servers for critical workflows to ensure predictable behavior and reuse.

pro $24.99 per month

access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
choose one free eBook per month to keep
exclusive 50% discount on all purchases
renews monthly, pause or cancel renewal anytime

lite $19.99 per month

access to all Manning books, including MEAPs!

team

5, 10 or 20 seats+ for your team - learn more

eBook

pdf, ePub, online

$47.99 $33.59

you save $14.40 (30%)

pro $24.99 per month

access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
choose one free eBook per month to keep
exclusive 50% discount on all purchases
renews monthly, pause or cancel renewal anytime

lite $19.99 per month

access to all Manning books, including MEAPs!

team

5, 10 or 20 seats+ for your team - learn more

eBook

$47.99 $33.59

you save $14.40 (30%)

eBook

pdf, ePub, online

$47.99 $33.59

you save $14.40 (30%)

pro $24.99 per month

access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
choose one free eBook per month to keep
exclusive 50% discount on all purchases
renews monthly, pause or cancel renewal anytime

lite $19.99 per month

access to all Manning books, including MEAPs!

team

5, 10 or 20 seats+ for your team - learn more