What Is an AI Agent?

The textbook definition, then the modern one.

The classic definition predates LLMs by decades. In Russell and Norvig's Artificial Intelligence: A Modern Approach, an agent is anything that perceives its environment through sensors and acts upon that environment through actuators. A thermostat is an agent: it senses temperature, acts by switching a heater. A web crawler is an agent: it perceives pages, acts by following links. The definition is deliberately broad and says nothing about intelligence — only about the perceive-and-act structure.

The modern, LLM-era definition narrows this to something concrete and useful. An AI agent is:

• a language model that decides what to do next,
• given a set of tools (functions it can call to affect or observe the world),
• run in a loop until a goal is met or a stop condition fires,
• where the model — not a human, not a fixed script — chooses each next step.

That last clause is the whole game. If a human approves every action, you have an assistant. If a fixed script decides the order of steps, you have a workflow. It becomes an agent precisely when the model is the thing deciding, in the moment, what happens next based on what it just observed.

Perceive → decide → act, made concrete.

Strip away the jargon and an agent is three verbs on repeat. Take a real task: "Find out whether our API docs still mention the deprecated v1 endpoint, and if so, list the files."

PERCEIVE   The model reads the goal + everything observed so far.
           Right now: just the user's request.

DECIDE     "I can't answer from memory. I should search the
            repository for the string 'v1' in the docs folder."
            → emits a tool call: search_files(query="v1", path="docs/")

ACT        The tool runs. It returns:
            docs/api/auth.md:14
            docs/api/legacy.md:3
            docs/changelog.md:88

PERCEIVE   The model now reads those three hits as new observations.

DECIDE     "Two of these look like real mentions; the changelog is
            historical and fine. I should open the two doc files to
            confirm they describe v1 as current, not deprecated."
            → emits: read_file("docs/api/auth.md")  ... etc.

...        The loop continues until the model decides it has enough
           to answer, then it stops and writes the final list.

Notice what is and is not happening. The model did not plan all five steps up front. It took one step, looked at the result, and decided the next step in light of that result. That feedback — act, then perceive the consequence, then decide again — is the defining quality. A model that answers in one shot, however cleverly, is not an agent. A model whose next move is conditioned on the actual outcome of its previous move is.

The four parts every agent has.

However simple or elaborate, every agent decomposes into the same four parts. Keep these labels; the rest of this section refers back to them.

• The model (the policy). The LLM that, given the goal and the history so far, picks the next action. In reinforcement-learning language this is the policy: a function from situation to action. The model's quality is the ceiling on the agent's quality.
• The tools (the actuators). The functions the model is allowed to call: search_web, run_python, send_email, query_database. Tools are how the agent reaches outside its own text. Without tools an agent can only think out loud.
• The environment. Everything the tools touch: a codebase, a browser, a database, a customer's account, the physical world via a robot. The environment is what gives feedback and what the agent can damage — which is why later entries spend real time on it.
• The loop (the orchestration). The harness that calls the model, executes the tool the model asked for, feeds the result back, and decides whether to continue or stop. It is usually a small amount of ordinary code wrapped around the model.

Why this is suddenly a big deal.

The perceive–decide–act structure is decades old. What changed around 2023 is that language models became good enough at two specific things to make the structure practical with a general-purpose brain rather than hand-built logic:

• Reading messy, open-ended observations. A tool result is rarely clean. It's a stack trace, a half-relevant search snippet, a 4xx error, a wall of HTML. Earlier systems needed a programmer to anticipate every shape of result. A capable LLM can read an unexpected error and reasonably decide what to do about it.
• Choosing a sensible next action in open-ended space. Given a goal and a toolbox, the model can propose a plausible next step without that step being enumerated in advance by a human. This is what lets one agent handle tasks its author never specifically wrote code for.

Combine those and you get the headline: a single model, given tools and a loop, can take a fuzzy goal stated in English and make real progress on it through a sequence of self-chosen actions. That capability is powerful and genuinely useful — and it is also exactly why autonomy, stop conditions, and risk get their own entries. An entity that decides its own next action and can act on the world is, by construction, harder to predict and contain than one that only emits text. Hold that thought; the rest of this section is, in a sense, an extended exploration of its consequences.