Agent-to-agent protocols, Claude's evolving capabilities, responsible AI principles, framework choices, and your 90-day roadmap to continued growth.
Course Position: You've built agents. Now see where the field is heading and how to keep growing after this course ends.
Tap to jump to any concept.
Most agents today are isolated islands — they do their one thing but can't discover or collaborate with other agents. The emerging A2A (Agent2Agent) specification is the "API moment" for agent interoperability: a universal wire format that lets any agent discover, negotiate with, and delegate to any other, regardless of which framework or vendor built it.
The key distinction: MCP (Model Context Protocol) governs how one agent connects to its tools — databases, APIs, filesystems. A2A governs how one agent talks to another agent across process or organizational boundaries. Two protocols, two scopes — not competitors.
Google launched A2A in April 2025 (now Linux Foundation governed). Anthropic, Salesforce, SAP, Atlassian, MongoDB already ship A2A endpoints. MCP + A2A is the production stack.
The early internet was isolated websites. You wanted flight status + hotel rates + car rental pricing for one trip? You opened three browser tabs, copied data between them, and compared manually. You were the integration layer.
Every cross-site query required a human in the middle. Services couldn't automatically delegate to each other. Integration was manual copy-paste — expensive, error-prone, and unscalable.
Then REST APIs arrived. Suddenly your calendar talked to your email, your store to your shipper. That integration layer became automated code. A2A is the same inflection point for agents: the universal plug that lets any agent discover and delegate to any other agent without custom glue code per pair.
/.well-known/agent.json listing the agent's name, capabilities, skills, and auth requirements./tasks/send with auth token and task payload. Task enters submitted → working → completed lifecycle./tasks/{id} to poll, or use SSE stream if the card advertises streaming: true.MCP, A2A, or neither?
FUNCTION choose_protocol(scenario): # Connect agent to a tool/database IF scenario == "agent needs a tool (DB, API, FS)": RETURN "MCP" # One agent delegates to another agent IF scenario == "cross-org or cross-process agent call": RETURN "A2A" # In-process subagent (M14 style) IF scenario == "subagent inside same process": RETURN "function call — no protocol needed" # Enterprise specialist marketplace IF scenario == "team publishes specialist agents": RETURN "A2A — Agent Cards are the registry"
They solve different layers. MCP = agent↔tool. A2A = agent↔agent. A production multi-agent system uses BOTH: A2A between orchestrator and specialist, MCP inside the specialist to reach its databases and APIs.
A function call is enough for in-process subagents (M14 style). Protocols add HTTP overhead and auth complexity. Only reach for A2A when crossing process, org, or trust boundaries.
A2A is to agents what REST APIs were to websites — the universal interoperability layer. Build to A2A for cross-boundary agent calls; use MCP for tool connections; use function calls for in-process subagents.
The A2A protocol has two halves. Publishing means exposing three HTTP endpoints: a static Agent Card at /.well-known/agent.json, a POST /tasks/send endpoint, and a GET /tasks/{id} endpoint. That's the entire surface area — your existing Claude agent loop lives inside /tasks/send unchanged.
Consuming means: fetch the card, verify the skill exists, verify auth, post the task, then poll (or stream) until the task reaches a terminal state. The consuming code is the same for any A2A-compliant agent, regardless of whether it was built with the Claude SDK, LangGraph, or a Go service.
You want to hire a specialist — a tax accountant. Without a standard format, every firm has a different way to request work: email one, call another, use a proprietary portal for a third. Every engagement starts from scratch.
Your orchestrating business needs a different integration for each vendor. One uses gRPC, another uses HTTP with a custom auth scheme, a third uses a message bus. The orchestrator grows a different client per vendor — snowflake integrations, maintenance nightmare.
Publishing an Agent Card is printing business cards — one standard format tells anyone exactly what you do, how to reach you, and what auth you accept. Consuming is dialing the number on someone else's card using the same phone. One protocol, one client, any specialist.
/.well-known/agent.json: name, description, capabilities (streaming, pushNotifications), auth schemes, and skill definitions.POST /tasks/send runs your existing Claude agent and stores results. The only domain-specific code — everything else is A2A boilerplate./tasks/{id} (or use SSE), handle failed/canceled states explicitly.# Consumer side: discover → verify → send → poll FUNCTION call_agent(base_url, question, timeout=30): # Step 1: Discover card = GET(base_url + "/.well-known/agent.json") # Step 2: Verify skill + auth skill = find_skill(card, id="deduction-analysis") IF skill is NULL: RAISE "Skill not available" IF "bearer" not IN card.auth.schemes: RAISE "Unacceptable auth scheme" # Step 3: Send task task = POST(base_url + "/tasks/send", { "skillId": skill.id, "message": { "role": "user", "text": question } }, auth=BEARER_TOKEN) # Step 4: Poll until terminal deadline = now() + timeout WHILE task.state IN ["submitted", "working"]: IF now() > deadline: POST("/tasks/" + task.id + "/cancel") RAISE TimeoutError SLEEP(0.5) task = GET("/tasks/" + task.id) IF task.state != "completed": RAISE task.error RETURN task.artifacts[0].text
The only domain-specific code in the publisher is one function: your existing Claude agent loop wrapped in a /tasks/send endpoint. All the boilerplate — task lifecycle, auth checks, state storage — is generic A2A plumbing you write once.
If the Agent Card sets capabilities.streaming: true, you can use SSE on /tasks/{id}/events for real-time updates. For long tasks, the card may also offer pushNotifications webhook callbacks — no polling at all.
Publishing A2A = Agent Card + 2 endpoints. Consuming A2A = discover → verify → send → poll. The same four-step consumer works with any compliant agent regardless of its internal stack.
A2A is the most widely adopted agent-to-agent spec, but two others appear in vendor docs and research: AGNTCY (Cisco-led "Internet of Agents" — a full stack above A2A) and ANP (Agent Network Protocol — a decentralized, DID-based research spec). Knowing which is which prevents confusion when you read framework announcements.
The good news: all three converge on the same shape — agents have cards, tasks have lifecycles, auth is mandatory. Code targeting A2A is largely portable to the others.
TCP/IP is the wire protocol — how bits travel between machines. The internet is the global network built on TCP/IP. Intranets are private networks also built on TCP/IP. All different scope, same underlying protocol.
When people say "the internet protocol," do they mean TCP/IP? HTTP? The web? Confusion about scope leads to wrong architectural choices — you'd design an intranet differently than the public internet even though both use TCP/IP.
A2A = the wire protocol (HTTP + JSON, task lifecycle). AGNTCY = a broader stack built on A2A-compatible wire (adds identity, discovery directory, observability). ANP = an alternative wire with a more decentralized design. Same analogy: wire → platform → network.
Which spec to target?
| Spec | Reach for when | Avoid when |
|---|---|---|
| A2A | Any cross-org agent integration today | – |
| AGNTCY | You need enterprise identity (DID) + global directory | Your team is just starting with agent interop |
| ANP | Your design requires no central registry | Production — still maturing, limited tooling |
FUNCTION pick_spec(requirements): IF requirements.needs_central_registry == FALSE: RETURN "ANP" # decentralized IF requirements.needs_did_identity: RETURN "AGNTCY" # full stack RETURN "A2A" # safe default for most teams
AGNTCY is a stack built on top of an A2A-compatible wire. The bottom layer is interoperable. You can adopt A2A now and later layer AGNTCY's identity/directory features on top without a rewrite.
All three converge on the same shape. If your code follows the A2A surface (Agent Card, tasks/send, tasks/{id}), porting to AGNTCY or ANP later is mostly a redirect — not a rewrite. Pick A2A now, watch the others.
Build to A2A today. Watch AGNTCY for the broader stack story. Read ANP if you need decentralized architecture. All three share the same fundamental shape.
Each new Claude capability doesn't just add a feature — it unlocks entire categories of applications that were previously impossible. Four capabilities are reshaping what agents can do: Computer Use (GUI automation without APIs), Extended Thinking (dedicated reasoning compute), Skills (just-in-time instruction loading), and larger context windows (less need for RAG on smaller corpora).
Your foundation — tool use, RAG, multi-agent orchestration — multiplies in value as each new capability lands. Developers who understood the raw loop before Computer Use shipped adopted it in hours. Starting from scratch takes weeks.
Early smartphones made calls and sent texts. That was the entire use case universe. Developers building for phones could only imagine within those constraints.
Before cameras, you couldn't imagine snapping a whiteboard and texting it to your team. Before GPS, you couldn't imagine turn-by-turn navigation. The capability ceiling was invisible until it was raised.
Each new Claude capability — Computer Use (camera), Extended Thinking (GPS), Skills (app store) — opens application categories nobody built before because the capability didn't exist. You build on each wave. The agents you design today will ride capabilities that don't exist yet.
thinking: {type: "enabled", budget_tokens: 10000} parameter. NOT chain-of-thought prompting — model-native reasoning compute. Dramatically improves math, architecture planning, multi-constraint problems.SKILL.md in .claude/skills/. Only the description frontmatter loads into base context. The procedure body loads only when the agent decides it's relevant — zero cost in steady state.Tool vs MCP vs Skill vs Subagent vs A2A?
FUNCTION pick_capability(need): # Single function call, structured I/O IF need == "one function (verb)": RETURN "Tool (M05)" # Connect to a system (DB, GitHub, Jira) IF need == "connect to a system": RETURN "MCP server (M07)" # Procedure with branches, used occasionally IF need == "domain procedure, rarely triggered": RETURN "Skill (.claude/skills/)" # Parallel specialist, own context window IF need == "parallel specialist": RETURN "Subagent (M14)" # Cross-org / cross-process IF need == "capability from another team/org": RETURN "A2A agent" # No API — legacy system GUI IF need == "no API exists": RETURN "Computer Use (sandbox required)"
Computer Use is slower (each step round-trips a full screenshot), more expensive (~1,500-2,500 vision tokens per screenshot vs. cents for an API call), and less reliable. Only reach for it when the target system has no API, no MCP server, and no scriptable interface.
Chain-of-thought is a prompt trick — you ask Claude to "think step by step" using the same compute. Extended thinking is model-native: dedicated reasoning compute is allocated before the response generation begins. Different mechanism, dramatically better results on complex tasks.
Each new capability unlocks new application categories. Your foundation multiplies in value with every wave. Use Computer Use for no-API software, Extended Thinking for complex planning, Skills for just-in-time procedures.
Capable agents without safety are not fast — they're dangerous. Five principles separate trustworthy agents from impressive-but-fragile demos: Human-in-the-Loop by design, Transparency, Bias Awareness, Scope Limitation, and Fail-Safe Defaults.
The mark of a senior agent developer is knowing when NOT to automate. Responsible design is not a constraint on capability — it is what makes deployment possible. Teams that build guardrails from the start deploy faster because they spend less time firefighting production failures.
A powerful car: 600 horsepower, 0-60 in 3 seconds. Pure speed. Nobody installs brakes because they plan to crash. They install brakes because safety features are what make speed useful.
A fast car without brakes is not impressive — it is a liability. Every major AI incident (chatbots endorsing harmful advice, agents making unauthorized transactions, automated systems amplifying bias) happened because the builder assumed the happy path was the only path.
Guardrails (M16), evaluation (M18), monitoring (M19-M20), and HITL (M17) are the brakes, seatbelts, and airbags. They are not separate from capability — they ARE capability. An agent you can safely trust to run is infinitely more capable than one you can only demo in a sandbox.
Responsible agent decision triage
FUNCTION responsible_decision(request, context): # Safety critical → always human IF context.is_safety_critical: RETURN escalate_to_human(request, reason="safety") # Out of scope → refuse gracefully IF request.domain NOT IN agent.allowed_domains: RETURN refuse("Outside my scope. Try: " + suggest_resource()) # High-stakes → require approval IF context.stakes == "HIGH": plan = build_plan(request) RETURN request_approval(plan) # Uncertain → fail open IF confidence < 0.7: RETURN { "partial": what_i_know, "escalate": TRUE, "reason": "low confidence" } # Normal path — proceed RETURN execute(request)
Teams with guardrails and evaluation from the start deploy faster because they spend less time firefighting production failures. Retrofitting safety costs 4× more than building it in initially. "Move fast and break things" doesn't work when the thing you break is a medical or financial decision.
Claude has excellent built-in safety, but it cannot know your business rules, compliance requirements, or users' specific vulnerabilities. Your guardrails and Claude's safety complement each other — one does not replace the other.
The 5 principles (HITL, transparency, bias awareness, scope limitation, fail-safe defaults) are not constraints on capability — they make deployment possible. An agent you can trust is more capable than one you can only demo.
This course taught raw API first — client.messages.create() inside a while loop. Then the Claude Agent SDK. Then spec-driven generation. That order matters: the developer who understands the raw loop can learn any framework in a day. The developer who learned a framework first often can't debug without it.
By 2026, each major model vendor ships their own first-party agent SDK. If you've committed to a primary model, the vendor SDK usually beats a cross-provider framework on developer ergonomics, latency, and feature coverage.
Three kitchens: a bare pro kitchen with stove, knives, and pans (full control, slow). A meal-kit service with pre-portioned ingredients and a recipe card (faster, limited menu). A microwave dinner (one button, one dish).
Skip straight to the meal-kit and when something tastes off, you can't tell whether the problem is the recipe, the ingredients, or your technique. You never understood the underlying steps. You're dependent on the kit.
This course put you in the bare kitchen first — raw API, your own loop, your own dispatcher. Now you can choose any kitchen with eyes open. The framework is a tool; you are the cook. You understand what the framework is doing because you've done it by hand.
| Framework | Best for | Trade-off |
|---|---|---|
| Anthropic Agent SDK | Claude-native; hooks, sessions, subagents | Claude-only |
| LangChain / LangGraph | Multi-provider; large integration ecosystem | Heavy abstractions, frequent breaking changes |
| CrewAI | Team-of-specialists pattern, fast prototyping | Less flexibility for custom flows |
| Raw SDK | Learning, simple agents, debugging prod issues | More boilerplate to write |
| Claude Code (long-horizon) | Repository-scoped coding tasks | Buy not build — not a framework to extend |
FUNCTION pick_framework(team, use_case): # Standardized on Claude? Use native SDK IF team.primary_model == "claude": RETURN "Anthropic Agent SDK" # Need to swap models routinely? IF team.needs_model_agnostic: RETURN "LangChain / LangGraph" # Team-of-specialists pattern? IF use_case == "role-based multi-agent": RETURN "CrewAI for prototyping" # Repository coding work? IF use_case == "codebase tasks": RETURN "Claude Code (buy not build)" # Learning / debugging / custom domain? RETURN "Raw SDK — maximum control"
LangChain's abstraction layer adds dependencies, hides what's happening under the hood, and introduces frequent breaking changes. If your team is standardized on one model, the vendor SDK beats a cross-provider framework on ergonomics, latency, and feature coverage.
Claude Code, Aider, Devin — you use these, you don't extend them. They're pre-built agents for repository-scoped work. Buy them for code tasks; build your own for non-code domains (medical, legal, data engineering) where no pre-built tool covers your domain.
Understand the raw loop first. Then choose your kitchen. The vendor SDK wins for Claude-committed teams. LangChain only when you genuinely need multi-provider. Raw SDK for learning and debugging. Long-horizon tools: buy, don't build, for code.
Developers who finish a course with enthusiasm but no plan build nothing in the following month. "I'll start this weekend" becomes "I'll start next month" becomes "I should retake the course." A structured 90-day plan breaks this cycle.
Five milestones, each building on the previous. The milestones are checkpoints, not deadlines. The goal is a compass bearing: build more capable, more reliable agents. Developers who set a concrete 90-day goal are 3× more likely to ship a project than those with vague intentions.
A hiker heading north checks their compass every hour. They detour around a swamp, climb over a ridge, follow a stream for half a mile. The specific path changes constantly. The direction stays constant.
Without a bearing, hikers wander. Without a concrete plan, developers drift. Enthusiasm fades in two weeks. Vague goals ("build something cool with agents") evaporate under the pressure of actual work and competing priorities.
Your compass bearing: build more capable, more reliable agents. The milestones below are the checkpoints, not the path. If terrain intervenes, reroute — but keep pointing north. Small, specific, and shipped beats large, vague, and unfinished every time.
# 90-day agent developer roadmap FUNCTION run_roadmap(): # Weeks 1-2: finish capstone capstone = complete_and_evaluate(m23_project) IF capstone.score < passing_threshold: iterate(capstone) # Month 1: first real deploy deploy = ship_to_production(capstone) observe(deploy, metrics=["latency", "cost", "errors"]) # Months 2-3: novel project problem = pick_problem_you_care_about() novel_agent = build(problem) # no brief given # Months 3-6: give back contribute_one_of([ "open_source_tool", "blog_post_about_hard_problem", "help_someone_in_community" ]) # Ongoing: go deep on one thread thread = pick_one(["multi-agent", "eval", "safety", "domain-specific"]) LOOP every_90_days: review_progress(thread) set_next_goal(thread)
"Deploy a document analysis agent that handles 10 queries/day for my team" is better than "build a revolutionary AI product." Small, specific, and shipped beats large, vague, and unfinished every single time. The ambition compounds once you're shipping regularly.
Following even one community (Anthropic Developer Forum, AI Engineer Discord) for 30 minutes per week keeps you 6-12 months ahead of developers who only learn from courses and docs. MCP went from proposal to widespread adoption in under 6 months in 2024. You don't miss those waves reading one thread on Friday morning.
Finish the capstone. Deploy something real. Build for a problem you care about. Contribute to the community. Go deep on one thread. Small and shipped beats large and planned. Your compass bearing: build more capable, more reliable agents.
Tap each answer to reveal.
The full desktop module includes working A2A publish/consume code in Python and Node.js, Computer Use sandbox examples, a live agent frameworks comparison table, and an interactive quiz with 5 questions.
Open Full Module on Desktop →