Canteen
The AI Agent Landscape in 2026
The AI agent space has matured rapidly. What was experimental in 2024 is production infrastructure in 2026. Frameworks like LangGraph and CrewAI have converged on similar orchestration primitives. Coding agents like OpenHands and Goose are solving the hard problems of loop detection and context management. Memory systems like Letta are making architectural bets on durable execution that could reshape how we think about agent state.
This post breaks down the landscape, highlights the interesting technical patterns emerging, and identifies what’s worth watching as the space continues to evolve.
The Landscape · Loop Detection · Context Management · Memory · Security · Sandboxes · Structured Generation · Where This Is Heading
¶The Landscape
A few categories worth understanding, with some notable projects in each.
Agent Frameworks
The orchestration layer—tool calling, conversation management, multi-agent coordination.
LangGraph offers graph-based workflows with checkpointing. CrewAI focuses on role-based multi-agent patterns and is pushing hard on Flows for event-driven orchestration. OpenAI’s Agents SDK is lightweight and opinionated. Pydantic AI brings strong typing to agent development. smolagents from Hugging Face is minimal (~1000 LOC) and code-first. AutoGen from Microsoft pioneered multi-agent conversations.
Coding Agents
Autonomous agents for software development—where the most innovation is concentrated right now.
OpenHands (formerly OpenDevin) has sophisticated stuck detection and multi-backend runtime support. SWE-agent from Princeton focuses on GitHub issue resolution. Goose from Block takes a security-first, local-first approach. Closed-source competitors include Cursor and Devin.
Structured Generation
Constraining LLM outputs to valid schemas.
guidance from Microsoft uses a full CFG parser backed by Rust. outlines uses FSM-based logits processing. Both production-ready with different tradeoffs.
Supporting Infrastructure
The pieces that make agents work in production: sandboxes, memory, workflows, observability.
e2b provides Firecracker microVMs for isolated code execution. Letta (formerly MemGPT) implements three-tier memory (core, archival, recall). Beads offers git-backed task graphs with dependency tracking. n8n handles workflow automation with a unique $fromAI pattern for making nodes AI-accessible. Langfuse is the open-source observability alternative to LangSmith.
¶Loop Detection
The first thing that separates production agent systems from demos: handling stuck states. Most frameworks punt on this with simple iteration counters.
The problem with counters: they miss alternating patterns. An agent calling tool_A then tool_B then tool_A then tool_B counts as 4 unique iterations. Semantic detection catches the A→B→A→B loop.
The patterns worth detecting:
- Repeating action-observation pairs (4+ identical cycles)
- Error loops (same action causing same error 3+ times)
- Agent monologue (consecutive messages without tool calls)
- Alternating patterns (A→B→A→B over 6+ steps)
- Context window thrashing (repeated context limit errors)
LLM-Based Meta-Analysis
Gacua implements a three-tier approach, with the most interesting piece being LLM-based meta-analysis:
// gacua/packages/core/src/services/loopDetectionService.ts
private async checkForLoopWithLLM(signal: AbortSignal) {
const recentHistory = this.config.getGeminiClient().getHistory().slice(-20);
const prompt = `An unproductive state is characterized by:
1. Repetitive Actions: tool_A, tool_A, tool_A OR alternating patterns
(tool_A, tool_B, tool_A, tool_B)
2. Cognitive Loop: Unable to determine next logical step. Expresses confusion,
repeatedly asks same questions, or generates illogical responses.
CRUCIALLY differentiate between:
- TRUE LOOP: repeatedly replacing same text with same content
- FORWARD PROGRESS: series of tool calls making small distinct changes
(e.g., adding docstrings one by one) — this is NOT a loop`;
const result = await this.config.getGeminiClient()
.generateJson(contents, schema, signal, 'gemini-flash');
if (result['confidence'] > 0.9) {
return true;
} else {
// ADAPTIVE: Adjust check frequency based on confidence
this.llmCheckInterval = Math.round(
MIN_LLM_CHECK_INTERVAL +
(MAX_LLM_CHECK_INTERVAL - MIN_LLM_CHECK_INTERVAL) * (1 - result['confidence'])
);
}
}
Using gemini-flash for meta-analysis with adaptive frequency. When confidence is low, check less often. The distinction between “true loop” and “forward progress” matters—adding docstrings one by one looks repetitive but isn’t stuck.
¶Context Management
When context windows fill up, frameworks diverge significantly.
Fallback Cascades
Letta implements graceful degradation:
# letta/services/summarizer/summarizer.py
try:
summary = await _run_summarizer_request(request_data, input_messages_obj)
except Exception as e:
# Fallback A: Clamp tool return values
logger.warning("Context window exceeded. Applying clamping fallbacks.")
summary_transcript = simple_formatter(
messages,
tool_return_truncation_chars=TOOL_RETURN_TRUNCATION_CHARS,
)
try:
summary = await _run_summarizer_request(request_data, input_messages_obj)
except Exception as fallback_error_a:
# Fallback B: Hard-truncate with middle-cut
logger.warning("Clamped tool returns overflowed. Falling back to truncation.")
budget_chars = int(summarizer_llm_config.context_window * 0.6 * 4)
# Middle-truncation preserves head AND tail
truncated_transcript, _ = middle_truncate_text(
summary_transcript,
budget_chars=budget_chars,
head_frac=0.3, # Keep 30% from start
tail_frac=0.3 # Keep 30% from end
)
Middle truncation preserves both instructions (head) and recent context (tail). The naive approach—truncating from the start—loses the original task description.
Progressive Compaction
Goose takes a different approach: progressively remove tool responses:
// goose/crates/goose/src/context_mgmt/mod.rs
let removal_percentages = [0, 10, 20, 50, 100];
for (attempt, &remove_percent) in removal_percentages.iter().enumerate() {
let filtered_messages = filter_tool_responses(&agent_visible_messages, remove_percent);
match provider.complete_fast(&system_prompt, &summarization_request, &[]).await {
Ok((response, usage)) => return Ok((response, usage)),
Err(ProviderError::ContextLengthExceeded(_)) => {
if attempt < removal_percentages.len() - 1 {
continue; // Try with more removed
}
}
}
}
Try 0% removal first, then 10%, 20%, 50%, finally 100% of tool responses. The insight: tool outputs are often verbose and compressible without losing essential context.
Structured Summaries
OpenHands uses function calling to force structured output when condensing:
# openhands/memory/condenser/impl/structured_summary_condenser.py
class StateSummary(BaseModel):
"""16-field structured representation of agent state."""
user_context: str = Field(description='Essential user requirements...')
completed_tasks: str = Field(description='List of tasks completed...')
pending_tasks: str = Field(description='List of tasks still needed...')
current_state: str = Field(description='Current variables, data structures...')
files_modified: str = Field(description='Files created or modified...')
code_state: str = Field(description='Current code implementation state...')
testing_status: str = Field(description='Tests run and their results...')
version_control: str = Field(description='Git branch, commits, status...')
# ... 8 more semantic fields
def get_condensation(self, view: View) -> Condensation:
response = self.llm.completion(
messages=self.llm.format_messages_for_llm(messages),
tools=[StateSummary.tool_description()],
tool_choice={
'type': 'function',
'function': {'name': 'create_state_summary'},
},
)
summary = StateSummary.model_validate(args_dict)
return Condensation(summary=str(summary), ...)
Semantic fields capture what matters: tasks completed, files modified, git state. The model can reference specific fields later.
¶Memory Architecture
Most frameworks handle short-term context adequately. Long-term memory is where the interesting work is happening.
Three-Tier Memory
Letta separates memory into three distinct tiers:
# letta/schemas/memory.py
class Memory(BaseModel):
"""In-context memory (Core memory) of the agent."""
blocks: List[Block] = Field(..., description="Memory blocks in agent's in-context memory")
def update_block_value(self, label: str, value: str) -> Block:
"""Update block content (triggers system prompt rebuild)."""
block = self.get_block(label)
block.value = value
return block
Core Memory: In-context blocks (persona, human info) that persist in the system prompt.
# letta/functions/function_sets/base.py
async def archival_memory_insert(self: "Agent", content: str, tags: Optional[list[str]] = None):
"""Add to long-term archival memory. Use for: meeting notes, project updates."""
async def archival_memory_search(
self: "Agent",
query: str,
tags: Optional[list[str]] = None,
tag_match_mode: Literal["any", "all"] = "any",
start_datetime: Optional[str] = None,
end_datetime: Optional[str] = None,
):
"""Search archival memory using semantic similarity."""
Archival Memory: Vector DB for long-term storage with semantic search and tag filtering.
Recall Memory: Conversation history with hybrid search (text + semantic).
The key design decision: tools decide what to store. No auto-memory management. This avoids the problem of agents filling memory with irrelevant context.
Git-Backed Task Graphs
Beads takes a different approach: structured memory for coding agents via dependency-aware task graphs stored in git.
// internal/types/types.go
type Issue struct {
ID string `json:"id"` // e.g., "bd-a3f8"
Title string `json:"title"`
Status Status `json:"status"`
Priority int `json:"priority"`
Dependencies []string `json:"dependencies"` // Blocks/related/parent-child
}
# Agent asks: "What can I work on next?"
bd ready --json
# Returns only tasks with no open blockers, sorted by priority
Hash-based IDs prevent merge conflicts in multi-agent/multi-branch workflows. The dependency graph enables “what can I work on next?” queries that respect task ordering.
// cmd/bd/compact.go
// Summarizes old closed tasks to save context window
// Preserves dependency graph structure while reducing token count
func compactOldIssues(threshold time.Duration) {
// Issues closed > threshold ago get summarized
// Original detail preserved in git history
}
Semantic compaction: old closed tasks get summarized, but the dependency structure is preserved. Full detail remains in git history.
¶Security Architecture
Most frameworks rely on prompt engineering for safety. Goose implements layered inspection:
// goose/crates/goose/src/agents/agent.rs
fn create_default_tool_inspection_manager() -> ToolInspectionManager {
let mut manager = ToolInspectionManager::new();
// Layer 1: Security (highest priority - runs first)
manager.add_inspector(Box::new(SecurityInspector::new()));
// Layer 2: Permissions (medium-high priority)
manager.add_inspector(Box::new(PermissionInspector::new(
GooseMode::SmartApprove,
readonly_tools,
regular_tools,
)));
// Layer 3: Repetition (lower priority)
manager.add_inspector(Box::new(RepetitionInspector::new(None)));
manager
}
Security runs first, then permissions, then repetition detection. Each layer can block or require approval:
// security_inspector.rs
let action = if security_result.is_malicious && security_result.should_ask_user {
InspectionAction::RequireApproval(Some(format!(
"Security Alert: This tool call has been flagged as potentially dangerous.\n\
Confidence: {:.1}%\n\
Explanation: {}\n\
Finding ID: {}",
security_result.confidence * 100.0,
security_result.explanation,
security_result.finding_id
)))
}
Structured security findings with confidence scores. User approval required for flagged actions.
¶Sandbox Execution
Isolated code execution is table-stakes for coding agents. The approaches differ.
Firecracker MicroVMs
e2b uses Firecracker microVMs with Connect RPC:
// e2b SDK pattern
static async create(template?: string, opts?: SandboxOpts): Promise<Sandbox> {
// 1. Create via E2B API (REST)
const sandboxInfo = await SandboxApi.createSandbox(template, timeoutMs, opts)
// 2. Initialize with envd connection (Connect RPC)
const sandbox = new Sandbox({
sandboxId,
envdAccessToken, // Per-sandbox auth
...connectionConfig
})
return sandbox
}
Security layers: network isolation with allowlist/blocklist, per-sandbox access tokens, signature-based file URLs with expiration.
Multi-Backend Runtime
OpenHands supports multiple isolation backends:
Agent → Runtime (Docker | K8s | Remote | Local) → ActionExecutionServer → BashSession
# openhands/runtime/impl/docker/docker_runtime.py
EXECUTION_SERVER_PORT_RANGE = (30000, 39999)
# openhands/runtime/impl/action_execution/action_execution_client.py
self.action_semaphore = threading.Semaphore(1) # One action at a time
with self.action_semaphore:
response = self._send_action_server_request(...)
Port range management and semaphore serialization handle the multi-session case that trips up simpler implementations.
¶Structured Generation
Two approaches for constraining LLM outputs to valid schemas.
CFG Parsing
guidance uses a full Context-Free Grammar parser backed by Rust:
# guidance/_ast.py
from llguidance import LLMatcher # Rust-based CFG parser
@dataclass(frozen=True)
class GrammarNode(Tagged, ASTNode):
def ll_grammar(self, enforce_max_tokens: bool = True) -> str:
"""Converts AST to Lark grammar for llguidance."""
lark_str = LarkSerializer(enforce_max_tokens=enforce_max_tokens).serialize(self.simplify())
return lark_str
# guidance/models/_base/_model.py
class Model:
def __add__(self, other: str | Function | ASTNode) -> Self:
self = self.copy() # ALWAYS COPY - immutable pattern
if isinstance(other, ASTNode):
self = self._apply_node(other)
return self
Immutable model objects enable branching. Token fast-forward skips already-matched tokens.
FSM-Based Logits Processing
outlines uses finite state machines:
# outlines/backends/outlines_core.py
class OutlinesCoreLogitsProcessor(OutlinesLogitsProcessor):
def _bias_logits_torch(self, batch_size: int, logits: TensorType) -> TensorType:
from outlines_core.kernels.torch import apply_token_bitmask_inplace, fill_next_token_bitmask
for i in range(batch_size):
fill_next_token_bitmask(self._guides[i], self._bitmasks[i])
apply_token_bitmask_inplace(logits[i], self._bitmasks[i])
return logits
Bitmask for efficiency. Route to different backends (regex, JSON schema, CFG) based on constraint type:
# outlines/generator.py
if isinstance(term, CFG):
self.logits_processor = get_cfg_logits_processor(backend_name, model, term.definition)
elif isinstance(term, JsonSchema):
self.logits_processor = get_json_schema_logits_processor(backend_name, model, term.schema)
else:
regex_string = to_regex(term)
self.logits_processor = get_regex_logits_processor(backend_name, model, regex_string)
guidance for complex nested structures, outlines for JSON schemas and enums.
¶Where This Is Heading
What’s Converging
Multi-agent support is table-stakes. In 2023, single-agent was the default. Now every major framework supports handoffs, supervisor patterns, or flows. The question isn’t whether to support multi-agent, but what orchestration primitives to expose.
MCP is basically universal. The Model Context Protocol has broadly won. Most major frameworks now support it: CrewAI, smolagents, AutoGen, LiveKit, Goose (native Rust implementation), and OpenAI’s agent SDK (4 transports including Hosted MCP where OpenAI’s infrastructure calls MCP servers directly). The tool integration problem is solved at the protocol level.
Human-in-the-loop is required for production. Tool approval patterns are universal. Interrupts (LangGraph), @human_feedback (CrewAI), permissions (Goose). This moved from “nice to have” to “required” over the past year.
Observability is built-in. LangSmith for the LangChain ecosystem, Langfuse as the open-source alternative. OpenTelemetry adoption increasing. Tracing is expected, not optional.
What’s Diverging
Memory philosophy. This is the key differentiator right now:
- Letta: Memory-first. Explicit archival, recall, and core memory tiers. The agent decides what to remember.
- LangGraph: State-first. Checkpointed graph state. Memory is a byproduct of workflow execution.
- Goose: Context-first. Intelligent compaction, no persistent memory. Each session starts fresh.
- CrewAI: Task-first. Memory is optional. Execution is primary.
These aren’t just implementation differences. They reflect different philosophies about what agents should be.
Autonomy level. The spectrum runs from:
- Full autonomy: Goose, OpenHands (run until done, minimal interruption)
- Guided autonomy: CrewAI, LangGraph (structured workflows with checkpoints)
- Tool calling: Most SDKs (human drives, agent assists)
Deployment philosophy. Local-first (Goose: “your computer, your rules”) vs cloud-first (OpenHands Cloud, Letta Cloud) vs hybrid (n8n). The local-first segment is real and growing—not everyone wants cloud-deployed agents.
Durable Execution: The Missing Piece
One pattern notably absent from the landscape: durable execution. Agents that crash lose their state. Long-running tasks (hours/days) are fragile. Human-in-the-loop workflows that wait indefinitely don’t fit the request/response model.
Durable workflow engines solve this for backend services. The pattern hasn’t crossed over to agent frameworks yet—a gap worth watching.
Async-First Is Coming
Async support is spreading across frameworks. CrewAI now has kickoff_async, Letta is refactoring core paths. The drivers: concurrent tool execution, non-blocking streaming, connection pooling for multi-model support. Required for real-time voice/video agents. Sync-only APIs will feel increasingly legacy.
Flows vs ReAct Loops
CrewAI is leading a shift from ReAct loops to event-driven orchestration:
from crewai.flow import Flow, start, listen, router
class EnterpriseAnalysisFlow(Flow[AnalysisState]):
@start()
async def ingest_data(self) -> DataPackage:
return await self.data_crew.kickoff()
@listen(ingest_data)
async def analyze_with_agents(self, data: DataPackage) -> Analysis:
return await self.analysis_crew.kickoff(inputs=data)
@router(analyze_with_agents)
def route_by_confidence(self, analysis: Analysis) -> str:
if analysis.confidence > 0.9:
return "high_confidence_path"
return "low_confidence_path"
@listen("low_confidence_path")
async def request_human_review(self, analysis: Analysis) -> Result:
return await self.hitl_handler.request_review(analysis)
Event-driven (not poll-based), explicit routing logic, built-in HITL integration, telemetry at each transition. The simple “while not done: think → act → observe” loop is giving way to explicit workflow graphs.
WASM/Edge: Orchestration in the Browser
LangGraph has an active branch (mdrxy/pyodide-wasm-support) making the orchestration layer run in Pyodide (Python compiled to WASM). The work replaces native serialization libraries with pure Python fallbacks that compile to WASM.
This enables:
- Graph execution logic running client-side
- Checkpoint storage in IndexedDB
- State management without server round-trips for orchestration
Decoupling orchestration from the server opens interesting possibilities: offline-resumable workflows, reduced latency for state transitions, client-side tool execution. Early exploration, but worth watching.
What’s Not Being Built
Cross-framework memory. Agents lose context when switching frameworks. No portable memory format standard. Beads is one attempt (git-backed), but framework-agnostic memory remains unsolved.
Agent marketplace. No “npm for agents” yet. MCP servers are fragmented. Agent composition is still manual.
Cost optimization routing. Most frameworks use a single model for everything. Gacua’s use of gemini-flash for loop detection is a rare example of routing to cheaper models for auxiliary tasks.
Evaluation and testing standards. SWEBench for coding agents exists, but there’s no universal agent benchmark. Each framework has ad-hoc testing. This is a significant gap.
Agent governance. Enterprise audit trails are fragmented. No standard for agent action logging. Langfuse is observability, not compliance.
What to Watch in 2026
Memory differentiation. Most frameworks handle short-term context adequately. Long-term memory—what Letta is building, what Beads is attempting with git-backed task graphs—is where the competitive differentiation will happen.
Durable execution. The first framework to properly solve crash recovery and long-running workflows will have a significant advantage. Agents that lose state aren’t viable for serious production use.
MCP ecosystem growth. The tool integration problem is being solved. Watch for MCP server proliferation and the frameworks that best leverage it.
Local-first agents. Goose’s positioning shows real demand. Privacy-focused, local-first agents are a distinct segment, not just a deployment option.
Coding agent competition. OpenHands, Goose, SWE-agent, plus closed-source Cursor and Devin. This is where the most innovation (and funding) is concentrated. The semantic loop detection patterns emerging here will propagate to other agent types.
Infrastructure commoditization. Sandboxing (e2b), observability (Langfuse), and workflow automation (n8n) are mature. The opportunity has shifted to the application layer.
The framework wars are settling. Multi-agent, state management, and observability are expected features. Differentiation now happens at the memory layer, the deployment philosophy, and the developer experience. The interesting technical problems—durable execution, semantic loop detection, intelligent context management—are being solved. The question is which patterns will become standard and which will remain niche.