What Are AI Agents?

Definition: What Is an AI Agent?

An AI agent is a software-based system built on a (Large) Language Model that autonomously pursues a predefined goal: it perceives its environment, plans across multiple steps, independently selects and uses external tools (tools, APIs, data sources), observes the results, and iteratively adapts its plan — until the goal is reached or the process is aborted.

This definition aligns with the canonical descriptions of the leading providers. Anthropic draws an architectural line between agents (the LLM dynamically controls the path and tool-use) and workflows (predefined code paths). OpenAI describes agents as "systems that independently accomplish tasks on behalf of users." IBM emphasizes the autonomous completion of tasks by designing workflows with tools, while Microsoft adds the aspect of "context awareness."

The Four Mandatory Properties

A system is only a true agent if it fulfills all four of the following properties. If any one is missing, it is a chatbot, a workflow, or an assistant:

1. LLM-driven control — The language model makes the control decisions, not deterministic code as the primary control authority.
2. Multi-step planning — The process follows the pattern Perceive → Reason → Act → Observe, often across multiple iterations.
3. Tool-use — The agent independently uses external functions, APIs, or databases.
4. Goal-oriented autonomy — The agent pursues a goal on its own, but within defined guardrails.

It is precisely this point that gives rise to "agent washing" in practice: many products marketed as an "agent" are in truth chatbots with a single tool-call or classic RPA scripts.

Differentiation: Agent vs. Chatbot vs. RPA vs. Workflow vs. Assistant

The following matrix shows how an agent differs from related concepts. The columns describe the typical behavior in each case — in practice the boundaries are fluid.

The most important dividing line: a workflow or RPA bot follows a predefined path, whereas an agent decides the order of the steps and the choice of tools dynamically. A chatbot responds primarily with text; an agent acts in multiple steps and autonomously.

The 5 Components of an AI Agent

Technically, an agent consists of five core components that work together:

1. LLM core — the reasoning engine. It selects the next step and controls the function-calling. This is where it is decided whether a tool is used at all, and which one.
2. Memory — the memory. Short-term memory is the conversational context of the current run; long-term memory is realized via vector databases, RAG (Retrieval-Augmented Generation), or files.
3. Tools — the agent's hands. These include function-calls, APIs, MCP servers, browsers, or code sandboxes.
4. Planner — breaks the goal down into sub-steps. The planning can run implicitly within the LLM or be modeled explicitly as a graph.
5. Executor — executes the tool-calls, manages the individual turns as well as loop limits, and enforces the guardrails.

The Reasoning Loop: Perceive → Reason → Act → Observe

The heart of every agent is an iterative loop mechanism. Conceptually, it traces back to the ReAct pattern (Yao et al. 2022), which connects reasoning and acting:

1. Perceive — The agent perceives the input and goal, the current context, and its memory.
2. Reason — The LLM plans: which tool or which step makes sense next?
3. Act — The agent executes the action (tool-call, API call, code execution).
4. Observe — The agent reads the result and writes it to memory.

After that, the agent checks: has the goal been reached? If not, the loop begins again at Perceive. It is precisely this dynamic repetition — and not a hard-wired sequence — that constitutes the difference from classic automation. Safety mechanisms such as loop limits, token budgets, and human-in-the-loop checkpoints thereby prevent endless looping or irreversible misactions.

Maturity Levels: L1 to L5

Not every system that uses LLMs is equally autonomous. A useful maturity model distinguishes five levels:

• L1 — Reflex agent: Rule-based, without real reasoning (e.g., an FAQ bot).
• L2 — Augmented LLM: An LLM with a single tool-call, purely reactive.
• L3 — Workflow agent: The LLM operates within a deterministic pipeline (prompt-chaining, routing). The path is largely predetermined.
• L4 — Autonomous agent: The LLM dynamically controls the order and tool choice and runs through the full loop (e.g., coding agents such as Claude Code or deep-research systems).
• L5 — Multi-agent system: Several autonomous agents coordinate with one another, for example via A2A protocols (agent-to-agent), with an orchestrator and specialist agents.

For most production B2B applications, the "sweet spot" today lies between L3 and L4. L5 systems are powerful but prone to compounding errors — small mistakes by individual agents that build up across the chain.

Framework Overview

A diverse, vendor-neutral ecosystem has established itself for building agents. The following selection covers the most common options:

• LangGraph — graph- or state-machine approach, suited to complex, controlled workflows.
• CrewAI — geared toward multi-agent systems with defined roles.
• OpenAI Agents SDK — minimalist, with tools, handoffs, guardrails, and tracing.
• Anthropic Claude Agent SDK — toolkit for building agents based on the Claude models.
• Microsoft Agent Framework — unites AutoGen and Semantic Kernel, with native MCP and A2A support.
• n8n — low-code platform, especially widespread in the DACH SME landscape.
• Pydantic AI — focus on type safety for robust, well-testable agents.

Important: the choice of framework should be made after the use case has been clarified — not before.

AI Agents in the DACH Context: Compliance and Sovereignty

Anyone deploying agents in production in the DACH region should plan for several regulatory frameworks early:

• EU AI Act, Art. 50 (transparency): The disclosure obligation toward users (e.g., that they are interacting with an AI system) applies unchanged from 02 Aug 2026.
• High-risk (Annex III): According to the Digital Omnibus agreement of 07 May 2026, the obligations may potentially only take effect from 02 Dec 2027 — but until formal adoption, 02 Aug 2026 continues to apply legally.
• EU AI Act, Art. 4 (AI literacy): The training obligation for staff has applied since 02 Feb 2025.
• GDPR, Art. 22: For automated individual decisions, a human override must be possible.
• GDPR, Art. 28: A data processing agreement (DPA) is required with LLM providers.
• GDPR, Art. 35: For new technology or systematic processing, a data protection impact assessment (DPIA) is generally necessary — when introducing agents, it is usually required.
• Co-determination: In Germany, BetrVG §87 para. 1 no. 6 applies; in Austria, ArbVG §96. The works council must therefore be involved early.

For organizations with high demands for digital sovereignty, EU-based options exist, such as Aleph Alpha Pharia (on STACKIT), Mistral, IONOS, or OVHcloud.

Common Mistakes (Pitfalls)

In practice, agent projects rarely fail on the technology alone. The most common pitfalls:

• Agent washing: A chatbot or RPA bot is sold as an "agent."
• Choosing a framework before use case clarity: Leads into "pilot purgatory" — around two-thirds of pilots fail to reach scaling.
• Underestimated data preparation and a skipped DPIA.
• Ignored co-determination (BetrVG / ArbVG).
• Token cost explosion through uncontrolled reasoning and tool loops.
• Treating agents as deterministic, even though they work probabilistically.
• Missing observability and no audit trail.
• Vendor lock-in as well as using an "agent" for simple retrieval, where a workflow or assistant would be a better fit.
• No human-in-the-loop for irreversible actions, and compounding errors in multi-agent systems.

That these risks are real is shown by the market data: according to Gartner (June 2025), over 40% of agentic AI projects will be cancelled by the end of 2027. At the same time, according to Bitkom (2026), 33% of companies report higher costs than expected.

When Does an Agent Pay Off?

The central decision rule is: an agent only pays off when the solution path cannot be planned in advance and an LLM decision is required. If the process can be fully modeled in advance, workflow automation or a copilot is cheaper, faster, and more robust.

A pragmatic entry point looks like this:

• Select 1 to 3 use cases with a clear, measurable ROI.
• Start with a low-risk or read-only pilot.
• Provide for a human-in-the-loop for all irreversible actions.
• Factor in DPIA and works council from day 1.
• Bet on a vendor-agnostic stack to avoid lock-in.

The maturity of the market underlines this caution: according to McKinsey State of AI 2025, only 23% of companies are scaling at least one agentic use case, with another 39% experimenting — together, that is 62%. In no single function, however, does the share of scaled agents exceed 10%.

Outlook

Agentic AI is rapidly moving from the experimentation phase into the standardization phase. Two protocols are driving interoperability forward: the Model Context Protocol (MCP) was further developed in spec version 2025-11-25 and, in December 2025, donated to the Linux Foundation and the Agentic AI Foundation respectively; it already counts over 10,000 active MCP servers. The A2A protocol (agent-to-agent) has likewise been with the Linux Foundation since June 2025 and is supported by over 150 organizations.

This standardization lowers the barriers for multi-agent systems and vendor-agnostic architectures. At the same time, the regulatory maturity is rising — particularly in the DACH region with the EU AI Act and the GDPR. For decision-makers, this means: those who start today with clearly scoped, well-governed pilots create the foundation to avoid getting stuck in "pilot purgatory" at the next maturity leap.