Building Production AI Agents in 2026: What Actually Works

Carson Rodrigues

Carson Rodrigues / June 09, 2026

8 min read––– views

Everyone has a demo agent. Far fewer have an agent that survives contact with real users, real latency budgets, and a real bill at the end of the month. I've spent the last couple of years building agentic systems that people actually depend on — voice agents, LLM pipelines, tool-using assistants — and the gap between "works in the notebook" and "works in production" is where almost all the engineering lives.

This is the field guide I wish I'd had.

What an agent actually is

Strip away the hype and an agent is a loop: a model decides, calls a tool, observes the result, and decides again — until it reaches a stopping condition. That's it. The "intelligence" is the model; the system is everything around the loop that keeps it honest.

If you remember one thing: an agent is a control loop with a language model in the decision seat. Most production problems are control-loop problems, not model problems.

The loop: keep it boring

The single biggest mistake I see is over-engineering the orchestration. You do not need a graph framework with twelve node types for most products. You need:

  1. A clear system prompt that defines the agent's job, its tools, and its hard limits.
  2. A tool-calling loop that runs until the model emits a final answer or hits a step cap.
  3. A step cap (e.g. 8–12 tool calls) so a confused agent fails fast instead of burning $4 in a runaway loop.

Anthropic's own guidance on building effective agents makes the same point: start with the simplest thing that works, and only add orchestration complexity when you can name the specific failure it fixes. Workflows (fixed sequences) beat agents (model-driven control flow) whenever the steps are known in advance. Reach for a true agent only when the path can't be hardcoded.

Tools are your real API surface

The model is only as capable as the tools you give it, and only as safe as those tools' worst-case behavior. Treat each tool like a public API endpoint:

  • Narrow inputs. A tool called run_sql(query) is a liability. A tool called get_orders_by_customer(customer_id) is a feature.
  • Validate everything. The model will hallucinate an argument eventually. Validate at the tool boundary and return a structured error the model can recover from.
  • Make errors instructive. "Invalid date format, expected YYYY-MM-DD" lets the agent self-correct. A stack trace does not.
  • Keep the tool list short. Past ~15–20 tools, selection accuracy drops. Group rarely-used tools behind a router or a sub-agent.

The Model Context Protocol (MCP) has become the de-facto way to expose these tools in a portable, reusable way — I wrote a separate post on it because it deserves one.

Memory: the part everyone underestimates

Context windows are big now, but "big" is not "free" and not "unlimited." Stuffing the entire conversation history into every request is slow, expensive, and — past a point — worse for quality, because the model loses the signal in the noise.

What works in practice:

  • Short-term: keep the recent turns verbatim. They're cheap and high-signal.
  • Working memory: a small, structured scratchpad (the current task, decisions made, open questions) the agent rewrites as it goes. This is the highest-leverage memory primitive and the most overlooked.
  • Long-term: retrieval over a vector or keyword store, fetched on demand — not preloaded. Retrieve, then let the agent decide what's relevant.
  • Summarize, don't truncate. When you hit the budget, compress old turns into a summary instead of dropping them. Truncation loses the why; summaries keep it.

Latency is a product feature

For anything interactive — and especially voice — latency is not a metric you optimize later. It's the product. Users forgive a wrong answer faster than they forgive a three-second silence. (This is exactly the problem my ICANN 2026 paper on voice AI latency digs into.)

A few levers that move the needle:

  • Stream everything. First token, partial tool args, partial responses. Perceived latency is what matters.
  • Parallelize independent tool calls. If the model needs three lookups that don't depend on each other, fire them together.
  • Cache aggressively. Prompt caching on stable system prompts and tool definitions is close to free latency and cost savings.
  • Pick the smallest model that passes your evals. Don't run a frontier model for a classification step a smaller one nails.

Evals or it doesn't ship

Here's the uncomfortable truth: you cannot eyeball your way to a reliable agent. Vibes-based development gets you to the demo and no further. The teams that ship reliable agents have an eval suite, and they run it on every change.

Start small and grow it:

  • A golden set of 20–50 real tasks with known-good outcomes. Run it on every prompt or model change.
  • Assertion-based checks — did the agent call the right tool, stay under the step cap, avoid the forbidden action, return valid JSON?
  • LLM-as-judge for the fuzzy stuff (helpfulness, tone), with a human spot-checking the judge.
  • Production traces feeding back in. Every weird failure in prod becomes a new eval case. This is the flywheel.

Without evals, every prompt tweak is a coin flip. With them, you can refactor fearlessly.

The failure modes nobody warns you about

  • Silent tool failures. A tool returns an empty list and the agent confidently says "you have no orders." Always distinguish "no results" from "the call failed."
  • Loop thrash. The agent calls the same tool with the same args three times. Detect repeats and break the loop.
  • Prompt injection via tool output. If a tool returns user-controlled or web content, that content can hijack the agent. Treat tool output as untrusted; never let it silently rewrite the system instructions.
  • Cost blowups. One unbounded loop in production can cost more than a month of normal traffic. Hard caps and per-session budgets are not optional.

My pragmatic stack

For most products I reach for: a single strong model for planning, smaller models for narrow sub-tasks, MCP for tools, a thin hand-written loop instead of a heavy framework, prompt caching on, streaming on, and an eval suite from day one. Boring, observable, and debuggable beats clever every time.

If you're choosing where to run this, I've also written about deploying AI workloads on AWS and Kubernetes for AI/ML workloads — the infra decisions matter more than people expect once you have real traffic.

The takeaway

Production agents are won on the unglamorous stuff: tight tool design, honest error handling, real memory strategy, ruthless latency work, and evals you actually run. The model is a commodity you can swap. The system around it is your moat.

Build the boring loop well, and the impressive behavior takes care of itself.

Related reading

Available for senior AI / contract / FDE work

Building something with AI?

Voice agents, MCP servers, LLM pipelines, agentic workflows — pick a slot, drop a message, or send your email and I'll reply within a day.

Book a 30-min callWhatsApp me
or leave your email

Replies within ~24 hours · Remote-first · global · open to relocation