Agent structure
An agent is a Markdown file placed in .claude/agents/ with a YAML frontmatter. Claude Code discovers it automatically at session startup.
---name: code-reviewerdescription: Use to review code before any commitmodel: sonnettools: Read, Grep, Globmemory: project---The file body contains instructions in Markdown: role, methodology, examples, constraints.
Frontmatter fields
| Field | Required | Role |
|---|---|---|
name | Yes | kebab-case identifier |
description | Yes | Activation trigger (50-100 chars) |
model | No | haiku, sonnet (default), opus |
tools | No | Whitelist of accessible tools |
memory | No | Persistent memory scope |
maxTurns | No | Agentic turn limit |
permissionMode | No | Permission control |
isolation | No | worktree for git isolation |
color | No | CLI color for visual distinction |
The tools field: isolation by default
Limiting tools to what the agent actually needs reduces the exposure surface and accidental errors. A code review agent only needs Read, Grep, Glob — no reason to give it Bash or Write.
Persistent memory (v2.1.32+)
memory: project # .claude/agent-memory/<name>/memory: user # ~/.claude/agent-memory/<name>/memory: local # .claude/agent-memory-local/<name>/project memory is committed with the repo — useful for the agent to accumulate knowledge shared across the entire team. local memory stays private to the machine.
Agent vs User-Invocable Skill
| Criterion | Agent | User-Invocable Skill |
|---|---|---|
| Specialty | Yes, specific domain | No, generic workflow |
| Own memory | Yes (v2.1.32+) | No |
| Isolated tools | Yes, whitelist | Via allowed-tools |
| Invocation | Automatic or manual | Manual only (/name) |
| Format | .claude/agents/ + frontmatter | .claude/skills/ + disable-model-invocation: true |
Create an agent when the task recurs regularly with stable context and tools. Create a user-invocable skill when it is a one-off workflow or a procedure to follow — since CC 2.1.3 these live in .claude/skills/ rather than .claude/commands/.
Concrete example: code review agent
---name: code-reviewerdescription: Use PROACTIVELY after every code modification to verify quality, security, and conventionsmodel: sonnettools: Read, Grep, Globmemory: project---
# Code Reviewer
Systematically verify: OWASP security, test coverage,project convention compliance, and introduced technical debt.The keyword PROACTIVELY in the description encourages Claude to invoke the agent without waiting for an explicit request.
Non-interactive agent invocation (v2.1.119)
Two improvements for headless pipelines:
--print honors agent frontmatter: when using -p / --print with an agent, the agent’s tools whitelist and permissionMode are respected — not bypassed. This means CI pipelines get the same safety constraints as interactive sessions.
--agent honors permissionMode: the permissionMode field in the agent frontmatter now applies when invoking via --agent flag:
---name: security-scannerpermissionMode: readonlytools: Read, Grep, Glob---# permissionMode: readonly applies even in CIclaude --agent security-scanner -p "Scan src/ for OWASP issues"Enter your email to read the full card and get the complete PDF bundle.
All content is free and open-source. We just ask for your email.