OpenAI Agents SDK: Transparent Workflows with Agentic Radar

Explore how Agentic Radar scans OpenAI Agents SDK workflows to visualize agent interactions and detect risks in a customer support example.

Josip Srzić

We're excited to share that Agentic Radar, our open-source AI transparency scanner, now supports agentic workflows built with the newly released OpenAI Agents SDK. This open-source SDK makes it easier for developers to build and manage both single-agent and multi-agent systems, offering a streamlined way to orchestrate AI workflows using OpenAI's Responses API. It also comes with out-of-the-box support for tools like web search, file retrieval, and code execution.

To see how this works in practice, let’s explore a simple workflow built with the OpenAI Agents SDK and walk through how Agentic Radar scans it for transparency.

Workflow Example

In this example, we’ll take a look at an agentic workflow designed to provide customer support for an airline. You can find the full, runnable code example below:

from __future__ import annotations as _annotations

import asyncio
import random
import uuid

from pydantic import BaseModel

from agents import (
   Agent,
   HandoffOutputItem,
   ItemHelpers,
   MessageOutputItem,
   RunContextWrapper,
   Runner,
   ToolCallItem,
   ToolCallOutputItem,
   TResponseInputItem,
   function_tool,
   handoff,
   trace,
)
from agents.extensions.handoff_prompt import RECOMMENDED_PROMPT_PREFIX


### CONTEXT

class AirlineAgentContext(BaseModel):
   passenger_name: str | None = None
   confirmation_number: str | None = None
   seat_number: str | None = None
   flight_number: str | None = None


### TOOLS

@function_tool(
   name_override="faq_lookup_tool", description_override="Lookup frequently asked questions."
)
async def faq_lookup_tool(question: str) -> str:
   if "bag" in question or "baggage" in question:
       return (
           "You are allowed to bring one bag on the plane. "
           "It must be under 50 pounds and 22 inches x 14 inches x 9 inches."
       )
   elif "seats" in question or "plane" in question:
       return (
           "There are 120 seats on the plane. "
           "There are 22 business class seats and 98 economy seats. "
           "Exit rows are rows 4 and 16. "
           "Rows 5-8 are Economy Plus, with extra legroom. "
       )
   elif "wifi" in question:
       return "We have free wifi on the plane, join Airline-Wifi"
   return "I'm sorry, I don't know the answer to that question."

@function_tool
async def update_seat(
   context: RunContextWrapper[AirlineAgentContext], confirmation_number: str, new_seat: str
) -> str:
   """
   Update the seat for a given confirmation number.


   Args:
       confirmation_number: The confirmation number for the flight.
       new_seat: The new seat to update to.
   """
   # Update the context based on the customer's input
   context.context.confirmation_number = confirmation_number
   context.context.seat_number = new_seat
   # Ensure that the flight number has been set by the incoming handoff
   assert context.context.flight_number is not None, "Flight number is required"
   return f"Updated seat to {new_seat} for confirmation number {confirmation_number}"


### HOOKS

async def on_seat_booking_handoff(context: RunContextWrapper[AirlineAgentContext]) -> None:
   flight_number = f"FLT-{random.randint(100, 999)}"
   context.context.flight_number = flight_number


### AGENTS

faq_agent = Agent[AirlineAgentContext](
   name="FAQ Agent",
   handoff_description="A helpful agent that can answer questions about the airline.",
   instructions=f"""{RECOMMENDED_PROMPT_PREFIX}
   You are an FAQ agent. If you are speaking to a customer, you probably were transferred to from the triage agent.
   Use the following routine to support the customer.
   # Routine
   1. Identify the last question asked by the customer.
   2. Use the faq lookup tool to answer the question. If the question is not in the FAQ, try to look it up using FileSearchTool.
   3. If you cannot answer the question, transfer back to the triage agent.""",
   tools=[
           faq_lookup_tool,
           FileSearchTool(
               max_num_results=3,
               vector_store_ids=["vs_67bf88953f748191be42b462090e53e7"],
               include_search_results=True
           )
       ],
)

seat_booking_agent = Agent[AirlineAgentContext](
   name="Seat Booking Agent",
   handoff_description="A helpful agent that can update a seat on a flight.",
   instructions=f"""{RECOMMENDED_PROMPT_PREFIX}
   You are a seat booking agent. If you are speaking to a customer, you probably were transferred to from the triage agent.
   Use the following routine to support the customer.
   # Routine
   1. Ask for their confirmation number.
   2. Ask the customer what their desired seat number is.
   3. Use the update seat tool to update the seat on the flight.
   If the customer asks a question that is not related to the routine, transfer back to the triage agent. """,
   tools=[update_seat],
)

triage_agent = Agent[AirlineAgentContext](
   name="Triage Agent",
   handoff_description="A triage agent that can delegate a customer's request to the appropriate agent.",
   instructions=(
       f"{RECOMMENDED_PROMPT_PREFIX} "
       "You are a helpful triaging agent. You can use your tools to delegate questions to other appropriate agents."
   ),
   handoffs=[
       faq_agent,
       handoff(agent=seat_booking_agent, on_handoff=on_seat_booking_handoff),
   ],
)

faq_agent.handoffs.append(triage_agent)
seat_booking_agent.handoffs.append(triage_agent)

### RUN

async def main():
   current_agent: Agent[AirlineAgentContext] = triage_agent
   input_items: list[TResponseInputItem] = []
   context = AirlineAgentContext()


   # Normally, each input from the user would be an API request to your app, and you can wrap the request in a trace()
   # Here, we'll just use a random UUID for the conversation ID
   conversation_id = uuid.uuid4().hex[:16]


   while True:
       user_input = input("Enter your message: ")
       with trace("Customer service", group_id=conversation_id):
           input_items.append({"content": user_input, "role": "user"})
           result = await Runner.run(current_agent, input_items, context=context)

           for new_item in result.new_items:
               agent_name = new_item.agent.name
               if isinstance(new_item, MessageOutputItem):
                   print(f"{agent_name}: {ItemHelpers.text_message_output(new_item)}")
               elif isinstance(new_item, HandoffOutputItem):
                   print(
                       f"Handed off from {new_item.source_agent.name} to {new_item.target_agent.name}"
                   )
               elif isinstance(new_item, ToolCallItem):
                   print(f"{agent_name}: Calling a tool")
               elif isinstance(new_item, ToolCallOutputItem):
                   print(f"{agent_name}: Tool call output: {new_item.output}")
               else:
                   print(f"{agent_name}: Skipping item: {new_item.__class__.__name__}")
           input_items = result.to_input_list()
           current_agent = result.last_agent

if __name__ == "__main__":
   asyncio.run(main())

Let's take a closer look at some key components, one step at a time.

Agents

Agents are the fundamental building blocks of an agentic workflow. In the OpenAI Agents SDK, each agent is defined with a name and a set of instructions that describe its role and capabilities within the system. In our airline customer support scenario, the workflow consists of three agents:

FAQ Agent – handles common questions about airline policies, such as baggage allowances, seating options, and onboard services
Seat Booking Agent – helps customers modify or update their seat selections
Triage Agent – serves as the central router, directing each customer request to the appropriate agent

Agents are instantiated using the Agent constructor, as shown in the example below.

seat_booking_agent = Agent[AirlineAgentContext](
   name="Seat Booking Agent",
   handoff_description="A helpful agent that can update a seat on a flight.",
   instructions=f"""{RECOMMENDED_PROMPT_PREFIX}
   You are a seat booking agent. If you are speaking to a customer, you probably were transferred to from the triage agent.
   Use the following routine to support the customer.
   # Routine
   1. Ask for their confirmation number.
   2. Ask the customer what their desired seat number is.
   3. Use the update seat tool to update the seat on the flight.
   If the customer asks a question that is not related to the routine, transfer back to the triage agent. """,
   tools=[update_seat],
)

Tools

Tools are essential to how agents interact with the outside world. In the OpenAI Agents SDK, tools allow agents to call external functions, access APIs, or even delegate tasks to other agents. There are three main types of tools supported:

Hosted (predefined) tools – built-in tools provided and managed by OpenAI
Function calling (custom) tools – custom tools created with regular Python functions
Agents as tools – allow agents to call other agents without handing over control to them

We detect Python functions decorated with @function_tool as custom tools. Here’s an example:

@function_tool(
   name_override="faq_lookup_tool", description_override="Lookup frequently asked questions."
)
async def faq_lookup_tool(question: str) -> str:
   if "bag" in question or "baggage" in question:
       return (
           "You are allowed to bring one bag on the plane. "
           "It must be under 50 pounds and 22 inches x 14 inches x 9 inches."
       )
   elif "seats" in question or "plane" in question:
       return (
           "There are 120 seats on the plane. "
           "There are 22 business class seats and 98 economy seats. "
           "Exit rows are rows 4 and 16. "
           "Rows 5-8 are Economy Plus, with extra legroom. "
       )
   elif "wifi" in question:
       return "We have free wifi on the plane, join Airline-Wifi"
   return "I'm sorry, I don't know the answer to that question."

In this example, the faq_lookup_tool enables the FAQ Agent to search for a relevant answer to the user’s question. Each agent is given access to a specific set of tools it can call when needed. Tools are assigned to agents via the tools keyword argument in the Agent constructor, as shown below:

faq_agent = Agent[AirlineAgentContext](
   name="FAQ Agent",
   handoff_description="A helpful agent that can answer questions about the airline.",
   instructions=f"""{RECOMMENDED_PROMPT_PREFIX}
   You are an FAQ agent. If you are speaking to a customer, you probably were transferred to from the triage agent.
   Use the following routine to support the customer.
   # Routine
   1. Identify the last question asked by the customer.
   2. Use the faq lookup tool to answer the question. If the question is not in the FAQ, try to look it up using FileSearchTool.
   3. If you cannot answer the question, transfer back to the triage agent.""",
   tools=[
           faq_lookup_tool,
           FileSearchTool(
               max_num_results=3,
               vector_store_ids=["vs_67bf88953f748191be42b462090e53e7"],
               include_search_results=True
           )
       ],
)

In our example, the FAQ Agent is also equipped with FileSearchTool – a hosted (predefined) tool provided by OpenAI – which it can use to search through a document-based knowledge base of frequently asked questions.

Handoffs

Handoffs make it possible for agents to delegate tasks to other specialized agents, helping ensure that each query is handled efficiently. In our airline customer support workflow, the Triage Agent uses handoffs to route customer requests based on intent:

To the FAQ Agent, for general questions about baggage, seating, or onboard services
To the Seat Booking Agent, when a customer wants to change their seat

Handoffs are defined using the handoffs parameter, which accepts either an agent instance or a Handoff object for more advanced customizations. The SDK also includes a handoff() helper function that lets developers fine-tune routing behavior by specifying the target agent, applying input filters, or setting custom overrides.

triage_agent = Agent[AirlineAgentContext](
   name="Triage Agent",
   handoff_description="A triage agent that can delegate a customer's request to the appropriate agent.",
   instructions=(
       f"{RECOMMENDED_PROMPT_PREFIX} "
       "You are a helpful triaging agent. You can use your tools to delegate questions to other appropriate agents."
   ),
   handoffs=[
       faq_agent,
       handoff(agent=seat_booking_agent, on_handoff=on_seat_booking_handoff),
   ],
)

Why use Agentic Radar?

While each agent operates within clear instructions and defined constraints, complexity increases quickly as workflows scale. As agents begin to interact, delegate tasks, and call tools, it becomes critical to maintain transparency and control.

That’s where Agentic Radar comes in.

Agentic Radar helps developers visualize agent interactions and uncover potential risks in multi-agent systems. By analyzing the structure and execution flow of a workflow, it provides insights into:

Handoff Loops – detects situations where agents might repeatedly hand off control without resolving the user’s request
Tool Misuse – highlights instances where agents may invoke the wrong tool or use a tool in unintended ways
Tool Vulnerabilities – maps tools to known risks from the OWASP frameworks for LLMs and Agentic AI and flags possible security concerns, and offers actionable remediation steps

With Agentic Radar, developers gain a clearer understanding of how their agentic systems behave – and what potential vulnerabilities might be hidden in them.

Detecting Workflow Vulnerabilities with Agentic Radar

Let’s run Agentic Radar on our airline customer support example.

Install Agentic Radar by following the steps in the official GitHub repository.
Copy the full Python example into a folder – for example: ./airline_customer_support/main.py
Run the scanner using the following command: agentic-radar -i ./airline_customer_support -o report.html openai-agents
Open the generated report.html file in your browser.

At the top of the report, you’ll see an interactive graph showing the agentic workflow – nodes represent agents, tools, and handoffs, while connections show how they interact. You can zoom, pan, and rearrange nodes to explore the structure more easily.

Just below the visualization, you’ll find a summary of Agentic Radar’s findings – this includes a breakdown of detected agents, tools, and any potential vulnerabilities identified in the workflow.

What's next for Agentic Radar?

As agentic workflows grow in complexity and adoption, transparency and security become mission-critical. Agentic Radar will continue to evolve – offering deeper visibility into multi-agent interactions, surfacing emerging vulnerabilities, and strengthening alignment with security frameworks like OWASP.

Looking ahead, we’re working on expanding Agentic Radar’s capabilities to cover even more critical areas of agentic systems, including:

Analyzing and visualizing system prompts
Tracking agent data sources and tool inputs
Mapping integrations with MCP servers and external endpoints
Supporting additional orchestration frameworks like PydanticAI and Dify

There’s a lot more on the horizon. In the meantime, if you have feedback or feature requests, we’d love to hear from you – join our Community Discord Server or open an issue on GitHub.

And if Agentic Radar helps you build safer, more transparent AI systems, consider giving the project a ⭐ on GitHub – it goes a long way in supporting the community and our efforts in creating a future of trusted and secure agentic workflows.