Answer
Common mistakes: giving broad tool access, mixing secrets into prompts, and shipping without a tool boundary. Another mistake is building one-off integrations per model/tool instead of standardizing via a tool protocol + gateway.
Nuances & Considerations
If your agent can write to systems, assume adversarial inputs and require user-scoped authorization.