Practical agent architecture: state, failure recovery, and delta variables
Shovon Saha breaks down the hidden variables — collectively called "delta" — that determine whether real-world LLM agents behave reliably across stateless, ReAct, and multi-tool planner architectures.
Score breakdown
The framework concretely names the constructs — evidence lane, loop contract, side-effect guard — whose absence causes agents to hallucinate or falsely claim task completion when tool calls fail.
- 01Saha defines delta (δ) as the full set of conditions needed for a self-developing autonomous agent to work correctly, and argues no team has the complete set yet.
- 02Three properties required for autonomy: dynamic growth pattern, direction, and decision pattern.
- 03A stateless LLM's key delta variables include system_prompt, user_message, temperature, and context_window.
Shovon Saha frames autonomous agent reliability around a concept he calls delta (δ): the complete set of conditions — words, rules, patterns, tool schemas, attention biases — that must be satisfied for an agent to behave correctly. No system prompt covers all of delta, so every team building agents today is discovering only a subset of it. The post models this as `formula = δ ∩ { a, b, c }`, where each variable is a discrete condition such as "every time new code is implemented, run tests; if bugs found, send to the bug triage agent." For an agent to be genuinely autonomous, Saha argues it needs three properties: a dynamic growth pattern, a sense of direction, and a decision pattern.
The article then traces how delta size grows across three concrete architectures.
The article then traces how delta size grows across three concrete architectures. A stateless LLM has a small delta — key variables are `system_prompt`, `user_message`, `temperature`, and `context_window` — and fails when the user message lacks a clear referent. A single-turn ReAct loop adds `tool_schema`, an `evidence_lane` (a priority score for tool results), a `loop_contract` (emit one valid tool call or answer, no looping without new evidence), and a `side_effect_guard` (no claiming completion without a supporting tool result). The multi-tool planner architecture — demonstrated with MS Graph API calls for reading emails and fetching a document — has a large delta and introduces additional failure modes: a 403 Forbidden on one endpoint leaves partial evidence, and a naive agent invents the missing document contents rather than disclosing the gap. The post also flags prompt injection as an attack surface, noting that untrusted content such as email bodies can carry adversarial instructions into the agent's context.
Key facts
- 01Saha defines delta (δ) as the full set of conditions needed for a self-developing autonomous agent to work correctly, and argues no team has the complete set yet.
- 02Three properties required for autonomy: dynamic growth pattern, direction, and decision pattern.
- 03A stateless LLM's key delta variables include system_prompt, user_message, temperature, and context_window.
- 04The ReAct loop architecture adds an evidence_lane, a loop_contract (one valid tool call or answer per turn, no looping without new evidence), and a side_effect_guard.
- 05In the multi-tool planner example, a 403 Forbidden on the MS Graph files endpoint causes a naive agent to invent document contents rather than report the access failure.
- 06Prompt injection is flagged as an attack vector, with email body content cited as an example of untrusted input that can carry adversarial instructions.
Topics
Summary and scoring are generated automatically from the original article. We always link back to the publisher and never republish images or paywalled content. Last processed Jun 12, 2026 · 10:05 UTC. How this works →