How to Build Robust LLM Agents with OpenAI’s Open‑Source Guide

Agent definition

LLM‑driven agent is an autonomous system that can execute multi‑step workflows on behalf of a user, unlike simple chatbots or single‑turn LLM calls.

When to build an agent

Agents are appropriate for workflows that are difficult to automate with deterministic or rule‑based methods, such as payment‑fraud analysis, where nuanced reasoning over unstructured data is required. Verify that a use case meets these criteria before investing.

Design fundamentals – Agent Design Iron Triangle

Three core components:

Model – the decision brain.

Tools – standardized APIs or UI‑automation actions that extend capability.

Instructions – a precise operating manual that guides the model.

Choosing a model

Models differ in capability, latency, and cost. Recommended workflow: prototype with the most capable model to establish a performance baseline, then replace with smaller models to see if they meet the accuracy target while reducing cost.

Establish evaluation metrics and baseline.

Target accuracy with the best available model.

Iterate with smaller models to optimise cost and latency.

Defining tools

Tools are defined with a standard schema, documented, tested, and reusable. Example using OpenAI Agents SDK:

from agents import Agent, WebSearchTool, function_tool
import datetime, db

@function_tool
def save_results(output):
    db.insert({"output": output, "timestamp": datetime.datetime.now()})
    return "File saved"

search_agent = Agent(
    name="Search Agent",
    instructions="Help users search the web and save results when asked.",
    tools=[WebSearchTool(), save_results],
)

Crafting instructions

High‑quality prompts reduce ambiguity. Recommended practices: reuse existing documentation, decompose tasks into granular steps, define explicit actions, and include conditional branches for edge cases. The guide provides an example prompt for automatic instruction generation.

Orchestration patterns

Single‑agent system : start with one agent and incrementally add tools.

Manager (central) pattern : a manager agent coordinates specialized child agents via tool calls, preserving context.

Decentralized pattern : peer agents hand off work to each other through a handoff tool.

Manager pattern example:

from agents import Agent, Runner

manager_agent = Agent(
    name="manager_agent",
    instructions={"You are a translation agent. Use the tools given to you to translate."},
    tools=[
        spanish_agent.as_tool("translate_to_spanish", "Translate to Spanish"),
        french_agent.as_tool("translate_to_french", "Translate to French"),
        italian_agent.as_tool("translate_to_italian", "Translate to Italian"),
    ],
)

async def main():
    msg = input("Translate 'hello' to Spanish, French and Italian for me! ")
    output = await Runner.run(manager_agent, msg)
    for m in output.new_messages:
        print(f"- Translation step: {m.content}")

Decentralized handoff example:

from agents import Agent, Runner

technical_support_agent = Agent(
    name="Technical Support Agent",
    instructions="Provide expert assistance for technical issues.",
    tools=[search_knowledge_base],
)

sales_assistant_agent = Agent(
    name="Sales Assistant Agent",
    instructions="Recommend solutions and facilitate purchases.",
    tools=[initiate_purchase_order],
)

triage_agent = Agent(
    name="Triage Agent",
    instructions="First point of contact; route queries to the appropriate specialized agent.",
    handoffs=[technical_support_agent, sales_assistant_agent],
)

await Runner.run(triage_agent, "Could you provide an update on the delivery timeline for our recent purchase?")

Guardrails

Guardrails are layered defenses that address relevance, safety, PII, moderation, tool‑risk ratings, rule‑based protections, and output verification. They can be integrated with the Agents SDK using decorators such as @input_guardrail. Example churn‑detection guardrail:

from agents import Guardrail, input_guardrail, GuardrailTripwireTriggered

@input_guardrail
async def churn_detection_tripwire(ctx, agent, input):
    result = await Runner.run(churn_detection_agent, input, context=ctx.context)
    return GuardrailFunctionOutput(
        output_info=result.final_output,
        tripwire_triggered=result.final_output.is_churn_risk,
    )

Human‑in‑the‑loop

Set failure thresholds and route high‑risk actions (e.g., refunds) to human operators for manual review.

Conclusion

Reliable agents are built on a strong model, well‑defined tools, and precise instructions, followed by appropriate orchestration and layered guardrails. Incremental development, continuous testing with real users, and iterative enhancement of guardrails and human‑in‑the‑loop mechanisms enable safe, predictable production deployments.