Agentic AI: the new wave of AI assistants that execute

Agentic AI is the next step after “chatbots”: instead of only answering questions, it can act toward a goal—planning steps, using tools (apps/APIs), checking results, and iterating until it finishes (or asks you for help).

What “agentic” means (in plain language)

A normal AI assistant is like a smart coworker who talks well: you ask, it responds. An agent is more like a junior operator: you give it an objective (“find flights under HKD 4,000 and draft a plan”), and it tries to complete the task by taking multiple steps on purpose.

The key difference is not “smarter text.” The difference is control flow: the system keeps running in a loop—deciding what to do next—rather than stopping after one response.

A helpful mental model is:

• Chatbot: Input → Output.

• Agent: Goal → (Think → Do → Check) repeated → Result.

The core loop: perceive, plan, act, verify

Most agents, no matter the framework, boil down to a loop with four jobs.

1) Perceive (get context)

The agent gathers the info it needs: your request, constraints, what's already known, and what tools/data are available. This can include reading files, pulling database rows, or fetching a webpage (if allowed).

2) Plan (choose steps)

It breaks the goal into smaller tasks and decides an order: “First get requirements, then search options, then compare, then draft output.” This “plan” can be explicit (a checklist) or implicit (internal reasoning).

3) Act (use tools)

This is what makes it agentic. The agent might call:

• A calendar API to find free time.

• A SQL query to pull customer records.

• A trading data endpoint to fetch prices.

• A code runner to transform data.

• A browser-like tool to navigate a website.

4) Verify (check and adjust)

After acting, the agent evaluates whether it worked. If not, it retries, changes strategy, asks you a clarifying question, or stops safely.

That verify step is important because real environments are messy: APIs fail, pages change, data is incomplete, and the model can be confidently wrong unless you force it to check.

What makes agentic AI feel “magical” (and what's actually happening)

When people see a good agent demo, it looks like the AI “understands the world.” Usually, it's three simpler things working together:

• Tool use: It can do things, not just talk.

• Memory/state: It can keep track of what it already tried (so it doesn't loop forever).

• Iteration: It can take multiple shots and refine.

A concrete example: “Plan my weekend trip to Taipei”

A chatbot might give a generic itinerary. An agent might:

• Ask your budget and interests.

• Pull your preferred flight times from your calendar.

• Search flights and hotels (through allowed tools).

• Compare options, pick top 3, and explain tradeoffs.

• Draft a day-by-day plan and a packing list.

• Ask for approval before booking.

Notice the pattern: the output isn't just text; it's a sequence of actions coordinated by text.

Common architectures (the ones you'll actually run into)

You'll hear many labels, but most systems fall into a few buckets.

1) Single-agent with tools

One model is responsible for planning and tool calls. It's simple to build and easy to debug at first, but can become brittle as tasks get complex.

Good for: internal automation, small workflows, “do a task with a handful of tools.”

2) Planner–executor split

One component plans, another executes. Sometimes the “planner” is a model prompt, sometimes a separate model. This can reduce chaos: the planner focuses on strategy, the executor focuses on correctness.

Good for: reliability, repeatable workflows, more controlled behavior.

3) Multi-agent teams

Different agents take roles: “researcher,” “coder,” “reviewer,” “compliance checker.” This can improve quality, but it can also add cost and complexity fast.

Good for: complex research tasks, long-running projects, tasks needing different expertise.

4) Workflow-first (agent inside guardrails)

Instead of a free-form agent, you build a deterministic workflow (a state machine / directed graph), and the AI fills in specific steps. This often wins in production because it's easier to test.

Good for: production systems, regulated environments, anything that must be stable.

Where agents go wrong (and why it matters)

Agentic AI introduces failure modes that plain chat doesn't.

• Tool mistakes: The agent calls the wrong endpoint, uses wrong parameters, or misreads the response.

• Goal drift: It starts optimizing for something you didn't ask (“make it impressive”) instead of the goal (“make it correct”).

• Infinite loops: If the system keeps retrying without a stop condition, it can burn tokens/time.

• Silent corruption: The agent “fills gaps” with plausible data instead of admitting uncertainty.

• Security risks: If it can execute actions (send emails, move money, run code), you must treat it like a powerful automation script that can be tricked.

The scary part is that many of these failures don't look dramatic—they look like a confident output that is subtly wrong.

The practical guardrails (what good agent systems add)

If you ever build or deploy an agent, these are the guardrails that separate a toy from something you can trust.

1) Clear permissions

Give the agent only the tools and data it needs. Don't let it “browse everything” or “execute anything” unless absolutely required.

2) Human-in-the-loop checkpoints

For high-impact actions (booking, emailing customers, trading, deleting data), require explicit approval.

3) Logging and replay

Record tool calls, inputs, outputs, and decisions. If something goes wrong, you need to reproduce it.

4) Stop conditions and budgets

Set limits: max steps, max retries, max cost, timeouts. A good agent knows when to stop.

5) Verification steps

Add simple validators:

• Recompute totals with code.

• Cross-check extracted facts.

• Ask the model to cite evidence from retrieved data (not from memory).

• Run a “critic” pass that tries to find mistakes.

6) Good tool design

Tools should be:

• Deterministic.

• Well-typed (schemas).

• Explicit about errors.

• Narrow in scope.

Agents behave much better when tools behave like clean functions rather than messy web pages.

Where agentic AI is being used right now

Agentic AI tends to deliver value when the work is repetitive, multi-step, and already semi-structured.

• Customer support: draft replies, fetch account context, propose resolutions.

• Sales ops: update CRM, summarize calls, create follow-ups.

• Data/engineering: generate code changes, run tests, open PRs (with review).

• Finance research: pull filings, compute metrics, generate a report draft.

• Personal productivity: calendar coordination, email triage, meeting preparation.

The sweet spot is “assistant that can do actions,” but with guardrails and review.

How to think about it (if you're building one)

If you're a developer, treat an agent like a program that happens to use a model for decisions.

A simple starting template:

• State: goal, constraints, history, intermediate results.

• Loop: decide next action → call tool → store result → evaluate progress.

• Controls: step limit, allowed tools, approval gates.

• Output: final artifact + audit trail of what it did.

One good “first agent” project is an internal research assistant:

• Input: ticker list + questions.

• Tools: market data API, filings fetcher, calculator, report template generator.

• Output: draft report + links + computed metrics.

• Guardrails: no trading actions, strict citation-from-retrieval rule, step budget.