AI Agent Architecture Best Practices: MCP, Sandboxing & Skills Framework

What's in This Guide?

The AI agent landscape is rapidly evolving with new architectural patterns emerging across the industry. This comprehensive guide covers four foundational patterns that are becoming standard practices in production AI agent development: MCP code execution, filesystem/network sandboxing, skills frameworks, and production-grade SDKs.

These patterns collectively improve the developer experience for building production-grade AI agents, enhance security for automated workflows, and introduce new approaches for scalable tool execution. While examples draw from industry implementations (including Anthropic's Claude platform), these architectural principles are being adopted across various AI agent frameworks and platforms. Let's explore each pattern and understand how they contribute to building robust, secure, and scalable AI agents.

Timeline Overview

1

September 29, 2025

Agent SDK Release - Production-grade agent development toolkit

2

October 16, 2025

Agent Skills Framework - Files and folders for organizational context

3

October 20, 2025

Claude Code Security - Filesystem/network sandboxing enhancements

4

November 4, 2025

MCP Code Execution - Agents write code to call tools for scalability

1. Code Execution with MCP (Nov 4, 2025)

The Problem: Tool Overload

Traditional agentic systems pass tool definitions directly to the LLM via tool use APIs. Each tool consumes prompt space, limiting how many tools an agent can access. For complex systems with 50+ tools, this becomes a bottleneck.

The Solution: Instead of calling tools directly, agents write code that calls tools programmatically. The code execution environment (via MCP) handles tool invocation, drastically reducing prompt overhead.

How It Works

❌ Old Approach (Direct Tool Use)

• Define 50 tools in prompt
• Each tool schema consumes tokens
• Limited scalability
• Context window fills quickly

✅ New Approach (Code Execution)

• Agent writes Python code
• Code imports and calls tools
• Only code executor in prompt
• Supports 100s of tools

Example: Agent-Generated Code

# Agent writes this code to search database
from mcp_tools import database_search, format_results

# Search for users matching criteria
results = database_search(
    table="users",
    filters={"status": "active", "role": "admin"},
    limit=10
)

# Format and return
formatted = format_results(results, format="json")
print(formatted)

Key Insight: The agent doesn't need tool schemas in its prompt. It only needs to know the code execution API. Tools are imported dynamically, enabling massive scalability.

Benefits

Scalability: Support 100s of tools without prompt bloat
Flexibility: Agents can compose complex workflows with loops, conditionals, error handling
Debugging: Inspect generated code to understand agent reasoning
MCP Integration: Works seamlessly with Model Context Protocol servers

2. Claude Code Security Enhancements (Oct 20, 2025)

Filesystem & Network Sandboxing

Claude Code (CLI and web) now includes filesystem and network sandboxing to balance autonomy with safety. Agents can read/write files and make network requests, but with intelligent guardrails.

This update reduces permission prompts while preventing accidental or malicious actions like deleting system files or accessing sensitive networks.

Sandboxing Features

Filesystem Sandboxing

• Limited to project directory by default
• Read-only access to system libraries
• Explicit permission for sensitive paths
• Prevents accidental deletions
• Temporary file isolation

Network Sandboxing

• Whitelist approved API endpoints
• Block localhost access by default
• Rate limiting on external requests
• HTTPS enforcement
• Request logging for auditing

Web-Based Claude Code Access

Claude Code is now accessible via web browser (in addition to CLI), with the same sandboxing guarantees. This enables:

Zero-setup development: Code from any device without installing CLI
Team collaboration: Share Claude Code sessions via URL
Secure execution: Web sandbox inherits CLI security model

Impact: Safer Autonomy

These enhancements allow Claude Code to operate more autonomously without constant user permission prompts. The system is smart enough to know what's safe (reading project files) vs. risky (deleting system directories), reducing friction while maintaining security.

3. Agent Skills Framework (Oct 16, 2025)

What Are Agent Skills?

Agent Skills are files and folders that provide organizational context to Claude agents. Think of them as on-demand knowledge injections for specific domains or workflows.

Unlike traditional prompts (which are ephemeral), Skills are persistent documents that agents can reference throughout a session. They enable domain-specific expertise without bloating the base prompt.

How Skills Work

1. Define a Skill

Create a markdown file with domain knowledge:

skills/frontend-design.md - Typography, color systems, motion design principles

2. Activate on Demand

Agent loads skill when needed: "Use the frontend-design skill for this landing page."

3. Context Injection

Claude uses skill content to guide responses, then discards it after task completion (no persistent context bloat).

Example: Customer Support Skill

skills/customer-support.md

# Customer Support Agent Skill

## Company Policies
- Refund window: 30 days from purchase
- Escalation criteria: Issue unresolved after 3 messages
- Priority customers: Enterprise tier, VIP badge

## Tone Guidelines
- Professional but friendly
- Never use corporate jargon
- Acknowledge frustration empathetically

## Tools Available
- `check_order_status(order_id)`: Get real-time order info
- `issue_refund(order_id, reason)`: Process refund (max $500)
- `escalate_to_human(ticket_id)`: Route to human agent

## Common Scenarios
- Shipping delays: Check tracking, offer 10% discount code
- Product defects: Issue refund + replacement shipment
- Account access: Reset password, verify identity first

When activated, this skill teaches the agent company-specific policies, tone, available tools, and common workflows—without hardcoding everything into the base prompt.

Benefits of Skills

✅ Modularity: Swap skills for different tasks (frontend design → customer support)
✅ Reusability: Share skills across team members and projects
✅ Maintainability: Update skill files without changing agent code
✅ Context Management: Load only relevant knowledge per task

4. Claude Agent SDK (Sept 29, 2025)

Production-Grade Agent Development

The Claude Agent SDK provides best practices, patterns, and utilities for building production-grade AI agents. Released alongside Claude Sonnet 4.5, it codifies lessons learned from Anthropic's internal agent deployments.

This isn't just documentation—it's a complete toolkit with sample code, error handling patterns, state management, and testing frameworks.

SDK Components

Core Agent Loop

Standardized loop for message handling, tool execution, state updates, and error recovery.

• Message parsing and validation
• Tool orchestration
• State persistence
• Graceful error handling

Tool Integration

Utilities for defining, validating, and executing tools with proper error boundaries.

• Schema validation
• Retry logic with backoff
• Tool chaining patterns
• Parallel execution

State Management

Patterns for maintaining agent state across sessions and handling long-running tasks.

• Session persistence
• Checkpoint/restore
• Multi-turn conversations
• Context pruning

Testing & Debugging

Test harnesses, mock tools, and debugging utilities for agent development.

• Unit test helpers
• Mock tool frameworks
• Conversation replay
• Performance profiling

Quick Start Example

Using the Agent SDK:

from anthropic import AgentSDK
from anthropic.tools import Tool

# Define custom tool
class WeatherTool(Tool):
    name = "get_weather"
    description = "Get current weather for a location"

    def execute(self, location: str) -> dict:
        # Tool implementation
        return {"location": location, "temp": 72, "condition": "sunny"}

# Initialize agent
agent = AgentSDK(
    model="claude-sonnet-4-5",
    tools=[WeatherTool()],
    system_prompt="You are a helpful weather assistant."
)

# Run agent loop
response = agent.run(
    user_message="What's the weather in San Francisco?",
    max_turns=5
)

print(response.final_answer)

The SDK handles message routing, tool execution, error recovery, and state management—you just define tools and system prompts.

Impact Summary

Update	Key Benefit	Use Case
MCP Code Execution	Scalability (100s of tools)	Complex multi-tool workflows
Claude Code Security	Safe autonomy	Filesystem/network operations
Agent Skills	Domain expertise on demand	Customer support, design, coding
Agent SDK	Production-ready patterns	Enterprise agent deployments

The Bottom Line

These four engineering updates represent Anthropic's commitment to making Claude a production-grade platform for agentic AI. From scalable tool execution (MCP code patterns) to secure autonomy (sandboxing) to modular expertise (Skills) to battle-tested patterns (Agent SDK), each update addresses real pain points in agent development.

The trajectory is clear: Anthropic is building infrastructure for a world where AI agents handle increasingly complex, long-running, and autonomous tasks. The combination of these features enables developers to build agents that are scalable, secure, intelligent, and reliable.

If you're building AI agents for production, these updates should be on your radar. They're not just nice-to-haves—they're essential building blocks for the next generation of agentic applications.

Tech Bytes Engineering

Modern AI Agent Architecture: Production Best Practices