How to Build an AI Agent for Your Business: A Developer's Tutorial

AI has moved beyond basic chat boxes. In 2026, the standard for automation is the AI Agent—a software system that doesn't just generate text, but acts autonomously: planning its own steps, selecting tools (like calling external APIs, executing database writes, or reading files), and checking its own outputs for errors.

Building an AI agent requires a structured engineering approach to prevent the agent from looping indefinitely or executing unauthorized actions on your servers.

This tutorial provides a complete step-by-step guide to building a secure, tool-calling AI agent using Next.js, Node, and an LLM API.

1. The Core Architecture of an AI Agent

An autonomous agent operates inside a Planning Loop (often referred to as the ReAct pattern: Reason + Act):

` +---------------------------------------------------+ | 1. Receive Request | +-------------------------+-------------------------+ | +-------------------------v-------------------------+ | 2. Plan / Reason | | (LLM decides next action) | +-------------------------+-------------------------+ | +-------------------------v-------------------------+ | 3. Call Tool | | (Script executes database/API write) | +-------------------------+-------------------------+ | +-------------------------v-------------------------+ | 4. Check Output | | (LLM checks results and loops/exits) | +---------------------------------------------------+ `

• Memory/Session Context: A persistent log of the conversation history and previous tool outputs, typically saved in a PostgreSQL database.
• Tools/APIs: Predefined JavaScript or Python functions that the LLM is authorized to call (e.g., sendEmail(), updateInvoice(), queryCatalog()).
• Orchestration Script: The backend glue code that handles routing between the LLM API and your local database systems.

2. Setting Up the Agent Project (Step-by-Step)

Step 1: Define the Tool Schemas

Tell the LLM what tools are available and what inputs they expect. We define these as structured JSON schemas:

`typescript import { z } from 'zod';

// Define our tools list export const tools = [ { name: 'checkInvoiceStatus', description: 'Retrieves payment status of an invoice from the database.', parameters: z.object({ invoiceId: z.string().uuid(), }), }, { name: 'sendPaymentReminder', description: 'Sends an email notification to the customer regarding an unpaid invoice.', parameters: z.object({ invoiceId: z.string().uuid(), recipientEmail: z.string().email(), }), } ]; `

Step 2: Implement the Execution Layer

Write the actual javascript functions that run when the LLM decides to call a tool:

`typescript async function executeTool(name: string, args: any) { switch (name) { case 'checkInvoiceStatus': // Query the database securely using parameterized parameters const result = await db.query('SELECT status FROM invoices WHERE id = $1', [args.invoiceId]); return JSON.stringify(result.rows[0]);

case 'sendPaymentReminder': await emailService.send({ to: args.recipientEmail, subject: 'Payment Reminder', text: Your invoice ${args.invoiceId} is currently unpaid. }); return JSON.stringify({ success: true, message: 'Email dispatched successfully.' });

default: throw new Error(Tool ${name} not found.); } } `

Step 3: Implement the Planning Loop

Create the core loop that calls the LLM, parses the returned tool call request, executes it, and feeds the output back into the conversation context until the LLM exits:

`typescript export async function runAgent(userMessage: string, history: any[]) { history.push({ role: 'user', content: userMessage });

let keepLooping = true; let iterations = 0; const MAX_ITERATIONS = 5;

while (keepLooping && iterations < MAX_ITERATIONS) { iterations++;

// Call the LLM API const response = await fetchLLM(history, tools); const message = response.choices[0].message;

if (message.tool_calls) { // The LLM wants to call a tool history.push(message);

for (const toolCall of message.tool_calls) { const toolOutput = await executeTool(toolCall.function.name, JSON.parse(toolCall.function.arguments));

// Append the tool output to history history.push({ role: 'tool', tool_call_id: toolCall.id, name: toolCall.function.name, content: toolOutput }); } } else { // No tool calls requested, the LLM has compiled the final answer history.push(message); keepLooping = false; } }

return history[history.length - 1].content; } `

3. Hardening Agent Security

AI agents are vulnerable to executing malicious requests if prompt injection occurs. Implement these safeguards:

• Constrained Tool Parameters: Use libraries like Zod to strictly validate arguments. If a tool expects a UUID invoiceId, reject any string that contains SQL commands or scripting tags.
• Human Gatekeepers for Sensitive Tools: For high-impact tools (like deleting databases or initiating bank transfers), halt execution and send a Slack request to a manager, requiring a manual button click to authorize the transaction.
• Database Level Segregation (RLS): Ensure the database user account running the agent's tool queries can only view records belonging to that specific tenant, preventing the agent from leaking cross-tenant data.

4. Agent Architecture Scorecard

| Feature | Standard App | AI Agent | Benefit | |---|---|---|---| | Workflow Logic | Hardcoded branching | Dynamic tool selection | Handles unexpected edge cases autonomously | | Data Fetching | Rigid API schedules | Intent-driven queries | Only queries the database when needed | | User Interface | Fixed inputs and forms | Conversational commands | Simplifies complex workflows for administrators |

Build Secure AI Agents with Trustoryx

At Trustoryx, we build production-ready autonomous AI agents. We construct robust planning loops, design secure tool schemas, implement database-level RLS isolation, and configure human-in-the-loop validation barriers to protect your systems from injection attacks.

Contact us today to speak with our AI engineering team and schedule a technical roadmap session for your custom AI agent project.