AI Agent Design Patterns for Production Systems

Building a demo agent is easy. Building a production agent that handles edge cases, recovers from failures, and scales reliably is an engineering challenge. These patterns — drawn from production deployments at companies using AI agents at scale — provide the architectural building blocks for reliable agent systems.

The foundational agent pattern. The agent alternates between reasoning (thinking about what to do) and acting (calling tools). Loop: Observe → Think → Act → Observe → Think → Act → ... → Done When to use: General-purpose agents that need to solve open-ended tasks. This is the default pattern used by Claude Code, ChatGPT, and most agent frameworks. Key implementation detail: Set a maximum iteration limit (e.g., 25 turns) to prevent infinite loops. Include a 'done' tool or termination condition so the agent can signal completion.

The agent first creates a complete plan, then executes it step by step. Unlike ReAct where each step is decided dynamically, plan-and-execute front-loads the thinking. Flow: Analyze task → Create plan → Execute step 1 → Execute step 2 → ... → Verify result When to use: Tasks with clear stages where you want predictability. Great for code refactoring, migrations, and multi-file changes. Advantage: Users can review and approve the plan before execution begins. Claude Code's plan mode (/plan) implements this pattern. Caveat: Plans can become stale if the environment changes during execution. Implement plan re-evaluation after each step.

Critical for production systems where agent mistakes have real consequences. The agent works autonomously but pauses for human approval at decision points. Implementation strategies: • Approval gates — Agent must get approval before destructive actions (delete, deploy, send). • Confidence thresholds — Agent auto-proceeds when confident, asks for input when uncertain. • Periodic check-ins — Agent summarizes progress every N steps and asks if it should continue. • Escalation — Agent attempts the task, but escalates to a human if it fails after N retries. Claude Code's permission system is a good example: tools are categorized as safe (read) or dangerous (write, execute), and users configure which require approval.

Agents fail. Tools timeout. APIs return errors. The difference between a demo and a production agent is how it handles failures. Strategies: • Retry with backoff — Transient errors (network, rate limits) often resolve with a retry. • Alternative approaches — If one tool fails, try achieving the same goal with a different tool. • Graceful degradation — If a non-critical step fails, skip it and continue with the rest. • Checkpoint and resume — Save progress periodically so the agent can resume from the last checkpoint after a crash. • Error context — Feed error messages back to the agent so it can reason about what went wrong and adapt. Avoid: Infinite retry loops, silently swallowing errors, or abandoning the entire task because one step failed.

Production agents need boundaries. Without guardrails, an agent asked to 'clean up the repo' might delete important files. Types of guardrails: • Input validation — Filter or transform user inputs before they reach the agent. • Tool restrictions — Limit which tools the agent can access based on the task. • Output validation — Check agent outputs against rules before returning to the user. • Resource limits — Cap token usage, API calls, and execution time. • Sandbox execution — Run agent actions in isolated environments (containers, VMs, git worktrees). Claude Code implements several: permission modes (ask, auto-edit, full-auto), allowed_tools configuration, and sandbox mode for dangerous operations.

Agents that forget everything between tasks are frustrating. Effective memory management enables agents to learn and improve. Memory types: • Working memory — Current conversation context. Limited by context window size. • Episodic memory — Records of past interactions. Useful for 'remember when we debugged that auth issue?' • Semantic memory — Learned facts and preferences. 'The user prefers bun over npm.' • Procedural memory — Learned workflows. 'To deploy, run tests first, then build, then push.' Implementation: Claude Code uses CLAUDE.md files for procedural memory and the Memory MCP server for semantic memory. Vector databases (Pinecone, Weaviate) are common for episodic memory at scale.