An introduction to AI agents

Wed, 03 Jun 2026 09:40:00 +0100

What are AI agents?

Wikipedia definition: AI agents are a class of intelligent agents that can pursue goals, use tools, and take actions with varying degrees of autonomy.
My definition in 2026: AI agents are the interface between human and foundation models.

How are AI agents different from using web chats?

Ability to use local tools e.g., read, edit, grep, bash to edit your your local files or run bash Rscript agent_written_r_script.R.
Delegate specific projects to specialist subagents.
More consistent prompts via skills.

Should I use AI agents?

Compared to just using chat-boxes, using AI agents raise additional risks:

Security: AI agents might change your local files without permission.
Privacy: AI agents will give local files to foundation models, and providers of those models might use your data for training or other purposes.
Loss of human agency: It is always tempting to give AI agents more autonomy so they do their tasks better.

Managing the risks

Security

Manage the permission for different AI agents very carefully. Never allow AI agents to edit their configuration files.

This is not always possible. For example, even if the agent is not allowed to use the edit tool, but if you allow it to use python to test your conjecture, a malicious agent can still edit your local files through python.

Privacy

This can be addressed by deploying open-weights models on a trusted server.

Open-weights models (e.g. GLM-5.1, DeepSeek V4 Pro) are getting quite good but still behind closed models for extremely demanding tasks (e.g. GPT-5.5 Pro, Opus 4.8).
The ability to deploy local models is limited by the local computing environment (in particular, the available GPUs).

Loss of human agency

We need to think about (at least the current) AI agents as an human-LLM interface (a form of human-computer interaction) instead of another human being or super-intelligence.

For this reason, I much prefer open-source agents (e.g. OpenCode) over proprietary agents (Claude Code), so I fully own my interface with LLMs.
A good general principle to follow: spend at least 80% of your time on planning and at most 20% on execution (just like how you spend 80% of your time understanding and solving a mathematical problem and 20% of your time writing down your solution).
An event better principle (which I haven’t been able to follow): do not share any file that is not hand-written by you to anyone else.

OpenCode: How to get started

https://opencode.ai/
You can download and install the agent easily — if there are technical issues, ask your web-based chatbots.
The built-in Plan agent cannot edit any files without your permission. So it’s relatively safe to explore with it.

Recommended configuration

Copy this to ~/.config/opencode/opencode.json. This implements my risk management recommendations above.

{
  "$schema": "https://opencode.ai/config.json",
  "default_agent": "plan",
  "permission": {
    "external_directory": "ask",
    "edit": {
      "/Users/qyzhao/.config/opencode/opencode.json": "deny",
      "/Users/qyzhao/.config/opencode/agents/*.md": "deny"
    }
  }
}

I am spending a lot of time on developing an agent (human-LLM interface) for scientific researchers based on the philosophy of Charles Sanders Peirce. Watch this space!

AI | Qingyuan Zhao