Building a LangChain agent is easy; running one safely in production is not. Once agents start invoking tools and writing to real systems, you hit hard problems: managing agent identity across calls, preventing tool responses from derailing task execution, containing prompt-injection vectors, and ensuring tool calls don’t exceed what a human with the same permissions could do.
This talk covers practical patterns for making LangChain agents production-ready: designing tool interfaces that are typed and auditable, enforcing per-tool authorization with real permissions, authenticating agent identity end-to-end, capturing and analyzing agent actions for drift detection, and applying dynamic least privilege as tasks evolve.
Based on work across multiple production deployments, we’ll outline the architecture and controls needed to move LangChain agents from prototype to reliable, permission-aware systems.
Vijay is an engineer dedicated to empowering other engineers to build faster and more easily. He has a background in programming language design and implementation, with a publication in OOPSLA and prior work at Meta on the open-source programming language Flow. He is now at Oso, a company focused on helping people solve the challenges of implementing and maintaining authorization in their applications and for their agents.
