Agent Packaging and Distribution: Creating Portable AI Agent Bundles
Learn how to package AI agents into portable, versioned bundles with dependency management, configuration schemas, and reproducible deployments. Build a packaging format that works across teams and environments.
The Portability Problem
An AI agent that works on one developer's machine but fails to deploy elsewhere is not a product — it is a prototype. Agent portability requires more than copying Python files. You need to capture the agent's model configuration, tool dependencies, prompt templates, environment requirements, and runtime constraints in a single distributable unit.
Traditional software solved this with package managers and container images. Agents need an equivalent packaging format that captures the unique requirements of LLM-powered systems: model provider configuration, tool schemas, guardrail definitions, and credential requirements.
Defining the Agent Package Format
A well-designed agent package is a directory with a manifest file that declares everything needed to instantiate the agent:
import json
import hashlib
from pathlib import Path
from dataclasses import dataclass, field, asdict
from typing import Optional
@dataclass
class ToolDependency:
name: str
version: str
source: str # "builtin", "mcp", "registry"
config_schema: dict = field(default_factory=dict)
@dataclass
class ModelRequirement:
provider: str # "openai", "anthropic", "local"
min_model: str # minimum capable model
recommended_model: str
max_tokens: int = 4096
temperature: float = 0.7
@dataclass
class AgentManifest:
name: str
version: str
description: str
author: str
license: str = "MIT"
model: ModelRequirement = field(
default_factory=lambda: ModelRequirement(
provider="openai",
min_model="gpt-4o-mini",
recommended_model="gpt-4o",
)
)
tools: list[ToolDependency] = field(default_factory=list)
python_dependencies: list[str] = field(default_factory=list)
required_env_vars: list[str] = field(default_factory=list)
config_schema: dict = field(default_factory=dict)
entry_point: str = "agent.py"
min_python_version: str = "3.11"
def to_json(self) -> str:
return json.dumps(asdict(self), indent=2)
@classmethod
def from_json(cls, data: str) -> "AgentManifest":
parsed = json.loads(data)
parsed["model"] = ModelRequirement(**parsed["model"])
parsed["tools"] = [
ToolDependency(**t) for t in parsed["tools"]
]
return cls(**parsed)
The manifest declares the agent's identity, its model requirements, tool dependencies, Python package dependencies, required environment variables, and an entry point. This is everything a deployment system needs to instantiate the agent in any environment.
Building the Package
Packaging combines the manifest, agent code, prompt templates, and any static assets into a single archive with integrity verification:
See AI Voice Agents Handle Real Calls
Book a free demo or calculate how much you can save with AI voice automation.
import tarfile
import io
from datetime import datetime
class AgentPackager:
def __init__(self, source_dir: str):
self.source_dir = Path(source_dir)
self.manifest_path = self.source_dir / "agent.manifest.json"
def validate(self) -> list[str]:
errors = []
if not self.manifest_path.exists():
errors.append("Missing agent.manifest.json")
return errors
manifest = AgentManifest.from_json(
self.manifest_path.read_text()
)
entry = self.source_dir / manifest.entry_point
if not entry.exists():
errors.append(
f"Entry point {manifest.entry_point} not found"
)
# Check for required prompt templates
prompts_dir = self.source_dir / "prompts"
if prompts_dir.exists():
for f in prompts_dir.iterdir():
if f.suffix not in (".txt", ".md", ".jinja2"):
errors.append(
f"Unexpected prompt file format: {f.name}"
)
return errors
def build(self, output_path: str) -> str:
errors = self.validate()
if errors:
raise ValueError(
f"Validation failed: {'; '.join(errors)}"
)
manifest = AgentManifest.from_json(
self.manifest_path.read_text()
)
archive_name = (
f"{manifest.name}-{manifest.version}.agentpkg.tar.gz"
)
full_output = Path(output_path) / archive_name
with tarfile.open(full_output, "w:gz") as tar:
for file_path in self.source_dir.rglob("*"):
if file_path.is_file() and not self._is_excluded(
file_path
):
arcname = file_path.relative_to(self.source_dir)
tar.add(file_path, arcname=str(arcname))
# Generate checksum
file_hash = self._compute_hash(full_output)
checksum_path = full_output.with_suffix(
full_output.suffix + ".sha256"
)
checksum_path.write_text(file_hash)
return str(full_output)
def _is_excluded(self, path: Path) -> bool:
excludes = {
"__pycache__", ".git", ".env", "node_modules",
".venv", ".pytest_cache",
}
return any(part in excludes for part in path.parts)
def _compute_hash(self, file_path: Path) -> str:
sha = hashlib.sha256()
with open(file_path, "rb") as f:
for chunk in iter(lambda: f.read(8192), b""):
sha.update(chunk)
return sha.hexdigest()
The packager validates the source directory, creates a compressed archive excluding development artifacts, and generates a SHA-256 checksum for integrity verification during distribution.
Dependency Resolution
When installing a packaged agent, the runtime must resolve and install its dependencies — both Python packages and tool connections:
import subprocess
import sys
class AgentInstaller:
def __init__(self, registry_client, tool_manager):
self.registry = registry_client
self.tool_manager = tool_manager
async def install(self, package_path: str, target_dir: str):
extracted = self._extract_package(package_path, target_dir)
manifest = AgentManifest.from_json(
(Path(extracted) / "agent.manifest.json").read_text()
)
# Install Python dependencies
if manifest.python_dependencies:
subprocess.check_call([
sys.executable, "-m", "pip", "install",
"--target", str(Path(extracted) / "vendor"),
*manifest.python_dependencies,
])
# Resolve tool dependencies
for tool in manifest.tools:
if tool.source == "registry":
await self.registry.ensure_installed(
tool.name, tool.version
)
elif tool.source == "mcp":
await self.tool_manager.register_mcp_server(
tool.name, tool.config_schema
)
# Validate environment variables
missing_vars = [
var for var in manifest.required_env_vars
if var not in __import__("os").environ
]
if missing_vars:
raise EnvironmentError(
f"Set these env vars before running: "
f"{', '.join(missing_vars)}"
)
return extracted
def _extract_package(
self, package_path: str, target_dir: str
) -> str:
with tarfile.open(package_path, "r:gz") as tar:
tar.extractall(path=target_dir)
return target_dir
Version Compatibility
Semantic versioning helps consumers understand upgrade risk. The packaging system should enforce version compatibility rules:
from packaging.version import Version
def is_compatible(installed: str, required: str) -> bool:
inst = Version(installed)
req = Version(required)
# Major version must match; installed minor >= required
return inst.major == req.major and inst.minor >= req.minor
FAQ
What should be included in an agent package versus configured at deploy time?
Include everything that defines the agent's behavior: code, prompts, tool schemas, and the manifest. Configure environment-specific values at deploy time: API keys, model endpoints, database URLs, and feature flags. The boundary is determinism — if changing a value changes the agent's behavior semantics, it belongs in the package.
How do you handle prompt template versioning?
Store prompt templates inside the package and version them with the agent. Never load prompts from external sources at runtime unless you also pin and checksum them. Prompt drift is a major source of agent regression bugs.
Should agents declare minimum model capability requirements?
Yes. An agent designed for GPT-4o-class reasoning will produce garbage output on a smaller model. The manifest should declare both a minimum model and a recommended model, and the installer should warn or block deployment if the target environment cannot meet the minimum requirement.
#AgentPackaging #AgentDistribution #Versioning #DependencyManagement #AgenticAI #LearnAI #AIEngineering
CallSphere Team
Expert insights on AI voice agents and customer communication automation.
Try CallSphere AI Voice Agents
See how AI voice agents work for your industry. Live demo available -- no signup required.