AI Agents in Action, Second Edition you own this product

Intelligent workflows with LLMs, MCP, A2A, and more

Micheal Lanham

MEAP began November 2025
Last updated March 2026
Publication in Summer 2026 (estimated)

ISBN 9781633434530
325 pages (estimated)

Included with a Manning Online subscription

printed in black & white

available in Complex Chinese

catalog / Data Science / AI / AI Agents

resources: Source code Book forum Source code on Github

table of content

1 The rise of AI agents

1.1 Defining agents and agentic thinking

1.1.1 Understanding agent/assistant and LLM patterns

1.1.2 Thinking like agents

1.1.3 Agents act with tools

1.2 Introducing the Model Context Protocol (MCP)

1.3 Understanding the functional layers of an agent

1.3.1 The Agent Persona

1.3.2 Agent Actions & Tools

1.3.3 Agent Reasoning & Planning

1.3.4 Agent Knowledge & Memory

1.3.5 Agent Evaluation & Feedback

1.4 Advancing onto multi-agent systems

1.4.1 The agent-flow assembly line

1.4.2 Agent orchestrations (hub-and-spoke)

1.4.3 Agent collaboration (teams of agents)

1.5 Summary

2 Core components: Large Language Models, prompting, and agents

2.1 Understanding Large Language Models

2.1.1 LLMs: Probabilistic Token Machines

2.1.2 What is a token?

2.1.3 Tuning Temperature, Top P, and more

2.2 Controlling LLMs with prompt engineering (Agent Persona)

2.2.1 Applying core prompt techniques

2.2.2 Thinking like an LLM

2.2.3 Avoiding common prompt pitfalls

2.3 Building an agent with OpenAI Agents

2.3.1 Building a minimal agent

2.3.2 Setting the Agent Model and other parameters

2.3.3 Controlling inputs and typed outputs

2.3.4 Tracing agents

2.4 Enhancing agents through tool integration

2.4.1 Providing agents with tools

2.4.2 Tracing agentic tool use

2.5 Exercises

2.6 Summary

3 Actions with Model Context Protocol for AI agents

3.1 Understanding MCP fundamentals for agent development

3.1.1 The standardization problem MCP solves

3.1.2 MCP architecture: Clients, servers, and services

3.1.3 Core components: Tools, resources, and prompts

3.1.4 MCP deployment patterns for agents

3.1.5 MCP powers the functional agent layers

3.2 Getting started with MCP Servers

3.2.1 Coding up an MCP Server for Claude

3.2.2 Using the MCP inspector

3.2.3 Understanding MCP transport types

3.2.4 From desktop to agents: the key differences

3.3 Actioning MCP servers for Agents

3.3.1 Actioning local MCP servers over STDIO with agents

3.3.2 Actioning local MCP servers over SSE with agents

3.3.3 Connecting to the standard MCP servers

3.4 Building MCP servers for agents

3.4.1 Converting tools to an MCP server

3.4.2 Consuming MCP servers locally or remotely

3.5 Exercises

3.6 Summary

4 Architecting and building multi-agent systems

4.1 Architecting multi-agent systems

4.1.1 Decision-making for agent systems

4.1.2 Communicating with shared-memory, message-passing, and MCP

4.1.3 Channeling multi-agent coordination strategies

4.2 Balancing agents with agentic flows

4.2.1 Transforming agents to agent flows

4.2.2 Building an Agent-to-Agent flow

4.2.3 Agency and decision making in agent flows

4.3 Understanding handoffs in aAgent flows

4.3.1 Agent-to-agent flow with handoffs

4.3.2 Visualizing agent flows

4.3.3 Monitoring the handoff

4.4 Validating agent flows with guardrails

4.4.1 Implementing input and output guardrails

4.4.2 Using agents as guardrails

4.4.3 Adding guardrails to pass off agent flows

4.5 Exercises

4.6 Summary

5 Agent Reasoning and Planning

5.1 Understanding LLM Reasoning and Planning

5.1.1 Chain of Thought Reasoning

5.1.2 ReAct Paradigm (Reasoning + Acting + Observing)

5.1.3 Planning with LLMs

5.2 Instructing agents to reason and plan

5.2.1 Applying CoT to an Agent

5.2.2 Implementing ReAct with Agents

5.3 Advanced reasoning with agents

5.3.1 Tree of Thought

5.3.2 Reflexion

5.3.3 Selecting the right pattern for your agents

5.4 Utilizing the Sequential Thinking MCP Server

5.4.1 Unchaining the Sequential Thinking Server

5.4.2 Revisiting time travel problems with Sequential Thinking

5.4.3 Advanced reasoning with sequential thinking

5.5 Exercises

5.6 Summary

6 Working with memory and knowledge RAG for agents

6.1 Understanding retrieval in AI applications

6.1.1 The basics of retrieval augmented generation (RAG)

6.1.2 Delving into semantic search and document indexing

6.1.3 Applying vector similarity search

6.2 Vector databases and similarity search

6.2.1 Demystifying document embeddings

6.2.2 Querying document embeddings from Chroma

6.3 Building practical RAG knowledge agents

6.3.1 Everything begins with search and relevance

6.3.2 Building a vector search RAG agent

6.3.3 Building a hybrid search RAG agent

6.4 Adding memory to agents with MCP

6.4.1 Understanding memory form and agent function

6.4.2 Implementing a graph database for memory using MCP

6.4.3 Creating hybrid memory systems with MCP

6.4.4 Semantic augmented memory and applications to semantic, episodic, and procedural memory

6.4.5 Uncluttering memory with compression and forgetting

6.5 Exercises

6.6 Summary

7 Building robust agents with evaluation and feedback

7.1 Introducing agent evaluation and feedback

7.2 Implementing test-driven agent development

7.2.1 Exploring TDAD in practice

7.2.2 Coding and testing the RAG agent

7.2.3 Refactoring the agent

7.2.4 Extending evaluation with an agent evaluator

7.3 Employing grounding, critic, and evaluation agents

7.3.1 Reviewing the grounding agent

7.3.2 Grounding the RAG agent

7.3.3 Implementing grounding agents as guardrails

7.3.4 Understanding the role of rubrics in evaluation

7.3.5 Building a rubric critic agent

7.4 Phoenix for evaluation and feedback

7.4.1 Connecting to Phoenix

7.4.2 Adding metadata and session tracking

7.4.3 Experimenting with evaluators

7.4.4 Providing feedback with Annotations

7.5 Exercises

7.6 Summary

8 Deploying agents and agentic systems

8.1 Strategies for consuming agents

8.1.1 Embedding real-time voice agents into web applications

8.1.2 Hosting agents through an API

8.1.3 Consuming an agent web service in a web application

8.2 Dockerizing agent systems

8.2.1 Containerizing an agent microservice

8.2.2 Orchestrating agentic systems with Docker Compose

8.2.3 Externalizing local agent microservices

8.3 Considering advanced deployment strategies

8.3.1 Choosing a runtime: edge, API, or event-driven

8.3.2 The three “wires” of communication

8.3.3 Practical multi-agent topologies that adapt well

8.3.4 State, memory, and idempotency

8.3.5 Release engineering for agents (prompts, tools, models)

8.3.6 Observability matters

8.3.7 Reliability patterns: timeouts, fallbacks, and budgets

8.3.8 Cost control and model routing

8.4 Security, safety, and governance in production

8.4.1 A quick threat model for agentic systems

8.4.2 Identity and access—for people, services, and agents

8.4.3 Secrets and configuration management

8.4.4 Tool safety: sandboxing and egress control

8.4.5 Prompt-injection and data-exfiltration defenses

8.4.6 Safety and policy enforcement

8.5 Exercises

8.6 Summary

9 Engaging GPT Assistants

10 Exploring collaborative agent systems

11 Troubleshooting

Overview

3 Actions with Model Context Protocol for AI agents

This chapter introduces the Model Context Protocol (MCP) as the “USB‑C” for AI agents and LLMs—a unified, JSON‑RPC 2.0–based standard that normalizes how models discover and invoke external capabilities. It explains the problems MCP solves—fragmented tool interfaces, inconsistent data access, brittle multi‑agent orchestration, and uneven security—and presents its core architecture of clients, servers, and backing services. Servers expose three discoverable component types—tools, resources, and prompts—with tools as the primary execution surface. The chapter also outlines deployment patterns and transports: local STDIO for low‑latency, one‑to‑one integrations; HTTP/SSE for scalable, multi‑client, networked access; and hybrids that mix both. MCP is positioned not just as a tool bridge but as a connective layer across all agent functions—from actions and planning to memory and evaluation.

Readers learn how to get started by connecting MCP servers to LLM applications (e.g., configuring a desktop client to register and use server tools) and by exploring servers with the MCP Inspector to enumerate capabilities and run tools interactively. The text contrasts assistant-style usage, which requires human approval for tool execution, with autonomous agents that programmatically discover and call MCP tools without supervision—highlighting the need for careful permissions and guardrails. It further shows how MCP augments every agent layer: domain tools for action execution, reasoning and planning helpers, knowledge/memory connectors to files and databases, and feedback/evaluation utilities—all accessed through consistent discovery endpoints.

On the agent side, the chapter demonstrates actioning MCP servers locally (via STDIO) or remotely (via SSE) with modern agent SDKs, and shows how to consume community servers (filesystem, web search, calendars, docs, code hosts, and more) to extend capabilities rapidly. It then walks through building MCP servers with minimal code, converting existing in‑agent tools into reusable, isolated services that enable clean separation of concerns, reuse across workflows, and easier scaling. A running example migrates journaling tools into a standalone server and consumes them from agents over either transport, while emphasizing safety practices: validate server behavior, limit scope (especially for file operations), and bake in evaluation/feedback to prevent unintended actions. The result is a practical blueprint for interoperable, secure, and maintainable agent systems powered by MCP.

The leading challenges AI Agent developers face when building agents include fragmented tool integration, inconsistant data access, complicated multiple-agent orchestration, and security and control.

A typical problem agent/LLM developers face when connecting to multiple services and resources is the lack of standardized connections and the need to support multiple different connectors to whatever services they need access to.

Implementing MCP as a service layer abstracts access to the various services that agent may want to connect to and use.

The basic components of MCP architecture are the client, server, and services. Here you can see some common clients (agents, LLM applications, Claude desktop, and VS code) and potential services (file operations, database queries, web APIs, and other agents) that the clients might connect to.

The main components of an MCP server include prompts, specialized system instructions; resources (used for access to files), configuration, and databases; and Tools, which are extensions of an internals agent’s ability to consume and use tools

The various deployment patterns that may be used to connect MCP servers to agents. From running locally and within a child process on the same machine, running remotely and accessible over HTTP to include hybrid architectures that blend local and remote MCP servers to single agent.

MCP can be used to add functionality in the form of tools to all the functional agent layers.

Claude desktop may consume multiple MCP servers deployed locally or remotely. The LLM that powers Claude then uses the MCP components (generally tools) to enhance its capabilities.

Shows the MCP server settings for Python file

Shows the MCP hosted tool being executed within Claude desktop

Shows the MCP Inspector interface examing available tools and executing them

The key differences between MCP tool execution from an LLM application (Claude Desktop) or through using an agent include; assistants require human supervision while agents are autonomous, assistants are interactive to agents programmatic, agents perform more complex multi-step workflows and assistants typically are limited to performing simple plans.

Shows the various ways an agent may interact with and consume MCP servers

The time tracker agent will record time events using internal function tools as it processes the events in a loop. After the loop finishes the agent is asked to summarize the events and it will use the Load Journal Evants tool to load the journal of events and summarize

The separation of tools from the agent into a standalone MCP server that could be hosted locally or remotely and access through STDIO (local) or SSE (remote). Now the agent registers the MCP server instead of individual tools and then internally discovers the tools the server supports and how to use those tools.

Summary

MCP = “USB-C for LLMs & agents.” A JSON-RPC-2.0 spec that erases bespoke glue code for tools, data sources, and even other agents.
MCP solves fragmentation (multiple tool schemas), brittle data access, ad-hoc orchestration, and uneven security by giving every capability a uniform interface.
MCP supports three components: Tools (actions), Resources (data/objects), and Prompts (re-usable templates). Agents can treat any of them as callable verbs.
MCP Architecture is in 3 parts: MCP Client, Server, and the Service/Resource it fronts. An agent is just one kind of client.
STDIO – sub-process, zero-latency, single caller (great for local development).
SSE – HTTP + Server-Sent Events, multi-client, cloud-friendly. Switching is literally a constructor swap.
MCP is not just for tools/actions but can support the other functional layers (Reasoning & Planning, Knowledge & Memory, Evaluation & Feedback)
MCP can be deployed using a mixture of patterns: Local, remote, or hybrid — mix and match to keep sensitive operations local while sharing heavy APIs remotely.
The MCP Inspector gives a live, clickable view of any server—perfect for debugging tool schemas and outputs before wiring agents to them.
MCP reference servers are available for use or inspection and include: filesystem, brave-search, google-calendar, github, etc.—all installable with a single npx or mcp run.
Agents themselves can be wrapped as servers, turning an entire reasoning pipeline into a reusable, strongly typed tool.
Typed Pydantic I/O flows end-to-end, eliminating fragile string parsing in multi-agent chains.
MCP enables LEGO-style composition of agent systems—each block isolated, testable, and instantly swappable without touching the others.

FAQ

What is the Model Context Protocol (MCP)?

MCP is an open standard (from Anthropic) based on JSON-RPC 2.0 that standardizes how agents and LLM-powered apps discover and call external tools, access resources, and use predefined prompts. It acts like “USB-C for agents,” letting clients connect to many services in a consistent, secure, and efficient way.

Which problems in agent development does MCP solve?

MCP addresses four main pain points: - Fragmented tool integration across model/providers - Inconsistent data access patterns for files, databases, and web APIs - Complex multi-agent orchestration and capability sharing - Security and control challenges across heterogeneous integrations By unifying the interface, it turns bespoke glue code into reusable, discoverable components.

How is MCP architected (clients, servers, services)?

- MCP client: an agent or LLM app that connects to MCP servers and discovers available tools/resources/prompts. - MCP server: exposes capabilities via standardized JSON-RPC 2.0 endpoints. - Service/resource: the actual system being wrapped (files, databases, web APIs, even other agents). Clients discover and invoke server capabilities through well-defined lists and schemas.

What are MCP tools, resources, and prompts?

- Tools: actionable functions agents call to perform tasks (primary way agents interact with servers). - Resources: external data or configuration exposed for consumption (files, DB rows, settings). - Prompts: predefined templates/instructions that standardize complex interactions. If a client doesn’t support resources/prompts, tools can be designed to cover those roles.

What transport options does MCP support and when should I use each?

- STDIO: client launches the server as a local subprocess and exchanges JSON-RPC over stdin/stdout. Best for low-latency local development, single-machine deployments, or simple one-to-one integrations. - SSE (HTTP): server runs as a network service; clients POST requests and receive streamed responses over Server-Sent Events. Best for remote/cloud deployments, multi-client access, and sharing tools across agents.

How do LLM apps like Claude Desktop use MCP?

Claude Desktop can be configured to connect to multiple local or remote MCP servers. After configuration, Claude discovers available tools (and other components) and asks for human approval before executing them. You can also use the MCP Inspector to explore a server’s tools, run them, and view request/response history during development.

How do agents consume MCP servers, and how hard is it to switch transports?

Agents register MCP servers and then discover tools programmatically. Switching between local STDIO and remote SSE usually requires only swapping the server wrapper and parameters (from command/args to a URL). The agent logic and tool usage typically stay the same.

Which standard MCP servers are available out of the box?

There is a growing set, including examples like Filesystem (safe local file access), Sequential Thinking (task decomposition), Google Drive, Google Calendar, Todoist, Notion, Slack, Brave Search, GitHub, Google Maps, and Fetch (webpage/API fetch and preprocess). These provide immediate functionality without building your own server.

Why convert internal agent tools into an MCP server?

Encapsulation via MCP brings separation of concerns, reuse across multiple agents, consistent discovery, and easier deployment (local or remote). The chapter’s “Time Travel Tracker” demonstrates moving journal tools into a standalone MCP server so any agent can consume them over STDIO or SSE.

What security and safety practices should I follow with MCP?

- Principle of least privilege (e.g., scope filesystem servers to a safe directory) - Review and validate tool behavior before exposing to autonomous agents - Prefer human approval in assistant-style apps; add evaluation/feedback in agents - Monitor and log usage (inspector, traces) - Be cautious with destructive capabilities (e.g., delete) and test thoroughly

pro $24.99 per month

access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
choose one free eBook per month to keep
exclusive 50% discount on all purchases
renews monthly, pause or cancel renewal anytime

lite $19.99 per month

access to all Manning books, including MEAPs!

team

5, 10 or 20 seats+ for your team - learn more

eBook

pdf, ePub, online

$47.99 $33.59

you save $14.40 (30%)

pro $24.99 per month

access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
choose one free eBook per month to keep
exclusive 50% discount on all purchases
renews monthly, pause or cancel renewal anytime

lite $19.99 per month

access to all Manning books, including MEAPs!

team

5, 10 or 20 seats+ for your team - learn more

eBook

$47.99 $33.59

you save $14.40 (30%)

eBook

pdf, ePub, online

$47.99 $33.59

you save $14.40 (30%)

pro $24.99 per month

access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
choose one free eBook per month to keep
exclusive 50% discount on all purchases
renews monthly, pause or cancel renewal anytime

lite $19.99 per month

access to all Manning books, including MEAPs!

team

5, 10 or 20 seats+ for your team - learn more