Inside an Agent — the full anatomy

Look at the log of any serious agent and you'll see the same repeating pattern: a model message, a tool call, a result, another model message. This pattern — which you could prototype in 100 lines of Python — is the same thing companies are valued in billions for doing right. How can something this simple be this hard? Let's open the hood.

Part 1: the system prompt — the constitution

Every agent starts with a system prompt: text at the top of the context defining who the model is, what its job is, where its boundaries are, and what tools it has. It's not mere "instructions" — it's the constitution governing every decision that follows.

Part 2: tools — the hands

Each tool is described to the model by a name, a description, and a parameter schema (usually JSON Schema). When the model decides to act, it emits structured output — e.g. {"name": "read_file", "input": {"path": "src/auth.ts"}} — and the runtime around the model actually executes it and feeds the result back.

Key point: the model never executes anything itself. The model proposes; the runtime disposes. That's why permissions and sandboxing live in the runtime — and why you can sleep while an agent works on your machine.

Part 3: the context window — the desk

Picture a genius employee with total amnesia between phone calls. Everything must be written on the desk in front of them: the constitution, the goal, the code they read, the errors they saw, the attempts they made. That desk is the context window.

The desk has limited area. As sessions grow, a good agent must either compact (summarize old material to free space) or offload to external memory — files it writes to itself and re-reads later. Context management isn't a luxury; it's the difference between finishing a 50-step task and forgetting what you were doing halfway through.

Part 4: MCP — the standard plug

Before, every company wired tools its own way: custom integration per data source, per model. Chaos. In November 2024, Anthropic open-sourced the Model Context Protocol — an open standard for how any tool or data source presents itself to any agent. Like USB unified device connections, MCP unified tool connections. Write an MCP server once; it works with every agent that speaks the protocol. Through 2025 adoption grew so fast that competitors — OpenAI and Google among them — announced support. When your competitors adopt your standard, the game is settled.

The twist

Now connect the four parts and take the twist: the model itself — the piece everyone thinks is the hero — is actually the easiest part to swap in the whole system. The prompt, tools, context management, and harness stay; you swap the model underneath like a battery. That's why teams who built good agents don't fear new model releases — they welcome them: same machine, stronger engine.

Takeaways:

1. Agent = system prompt (constitution) + tools (hands) + context window (desk) + runtime loop (bloodstream).
2. The model proposes, the runtime executes — all safety lives in the runtime.
3. Context management is the real bottleneck on long tasks — master it.
4. MCP is the standard — build any new tool as an MCP server from day one.

So here's your question, engineer: if the model became a swappable part… where did the real value move? Into the model, or into the harness around it? Hold that thought going into the next chapter — a tour of the coder agents currently fighting over the market.