How to Understand Model Context Protocol

𝗠𝗖𝗣 𝗶𝘀𝗻’𝘁 𝗷𝘂𝘀𝘁 𝗮𝗯𝗼𝘂𝘁 𝘀𝘁𝗿𝘂𝗰𝘁𝘂𝗿𝗲. 𝗜𝘁’𝘀 𝗮 𝗰𝗵𝗮𝗻𝗰𝗲 𝘁𝗼 𝘀𝘁𝗮𝗻𝗱𝗮𝗿𝗱𝗶𝘇𝗲 𝘁𝗿𝘂𝘀𝘁. Right now, most conversation around Model Context Protocol (MCP) focuses on tool schemas and JSON structure. Helpful? Absolutely! It reduces glue code and makes model interoperability smoother. But the 𝗿𝗲𝗮𝗹 𝘂𝗻𝗹𝗼𝗰𝗸 isn’t formatting. It’s standardizing 𝗵𝗼𝘄 𝘁𝗿𝘂𝘀𝘁, 𝗮𝗰𝗰𝗲𝘀𝘀, 𝗮𝗻𝗱 𝗶𝗻𝗰𝗲𝗻𝘁𝗶𝘃𝗲𝘀 work between models and data sources. 𝗠𝗼𝘀𝘁 𝗲𝗻𝘁𝗲𝗿𝗽𝗿𝗶𝘀𝗲 𝗱𝗮𝘁𝗮 𝗱𝗼𝗲𝘀𝗻’𝘁 𝗿𝗲𝗮𝗰𝗵 𝘁𝗵𝗲 𝗺𝗼𝗱𝗲𝗹, 𝗻𝗼𝘁 𝗯𝗲𝗰𝗮𝘂𝘀𝗲 𝗼𝗳 𝗮𝗰𝗰𝗲𝘀𝘀, 𝗯𝘂𝘁 𝗯𝗲𝗰𝗮𝘂𝘀𝗲 𝘁𝗵𝗲𝗿𝗲’𝘀 𝗻𝗼 𝘁𝗿𝘂𝘀𝘁 𝗽𝗿𝗼𝘁𝗼𝗰𝗼𝗹. And that’s where MCP could shine. Here’s what MCP could evolve into: → 𝗚𝗿𝗮𝗻𝘂𝗹𝗮𝗿 𝗔𝗰𝗰𝗲𝘀𝘀 𝗖𝗼𝗻𝘁𝗿𝗼𝗹 Yes, MCP supports OAuth today. But enterprises need more: role-based access, policy-aware context, and identity-based permissions. → 𝗔𝘂𝗱𝗶𝘁𝗮𝗯𝗶𝗹𝗶𝘁𝘆: Usage logs, visibility controls, and compliance tracking should be built into the protocol itself. Yes, it’s a big ask, but 𝗱𝗼 𝘄𝗲 𝗿𝗲𝗮𝗹𝗹𝘆 𝘄𝗮𝗻𝘁 𝗮 𝗱𝗶𝗳𝗳𝗲𝗿𝗲𝗻𝘁 𝘀𝘁𝗮𝗻𝗱𝗮𝗿𝗱 𝗳𝗼𝗿 𝗲𝘃𝗲𝗿𝘆 𝗹𝗮𝘆𝗲𝗿 𝗼𝗳 𝘁𝗵𝗲 𝗱𝗮𝘁𝗮 𝗽𝗶𝗽𝗲𝗹𝗶𝗻𝗲? →𝗗𝗮𝘁𝗮 𝗠𝗼𝗻𝗲𝘁𝗶𝘇𝗮𝘁𝗶𝗼𝗻 & 𝗧𝗶𝗲𝗿𝗶𝗻𝗴: What if paywalled content, private APIs, or SaaS data could be exposed to LLMs 𝘣𝘢𝘴𝘦𝘥 𝘰𝘯 plan, identity, or usage credits, all described via MCP? That’s what real-world AI composability looks like. If you haven’t seen Mahesh Murag's excellent walkthrough of MCP, start here: https://lnkd.in/g3wmQxY9 He lays the foundation, and with growing adoption momentum (https://lnkd.in/g5iWD4uE), now’s the time to scale its scope. Anthropic

MCP = Model Context Protocol Model: The AI itself (like Claude, GPT-4, or Gemini) Context: The extra data or tools the AI needs to do its job (like checking your calendar, searching the web, or reading a database) Protocol: The set of rules for how the AI and these tools “talk” to each other Why do we need MCP? AI models are powerful, but they can’t access live data or external tools by themselves. Imagine asking your AI: “Does my presentation data match what’s in our database?” The AI needs access to both your presentation and the database to answer. MCP makes this possible. 𝗛𝗼𝘄 𝗱𝗼𝗲𝘀 𝗠𝗖𝗣 𝘄𝗼𝗿𝗸? Think of MCP as a universal “USB-C port” for AI: a standard way for AI to connect to anything, whether it’s your files, APIs, or cloud apps. 𝗧𝗵𝗲𝗿𝗲 𝗮𝗿𝗲 𝘁𝗵𝗿𝗲𝗲 𝗺𝗮𝗶𝗻 𝗽𝗮𝗿𝘁𝘀: Host: The AI app you use (like Claude Desktop or a chatbot) Client: The connector inside the host app that manages communication Server: The gateway to the external tool or data (like your database, file system, or a web service). 𝗪𝗵𝗮𝘁 𝗵𝗮𝗽𝗽𝗲𝗻𝘀 𝘄𝗵𝗲𝗻 𝘆𝗼𝘂 𝗺𝗮𝗸𝗲 𝗮 𝗿𝗲𝗾𝘂𝗲𝘀𝘁? The AI recognizes it needs outside help (like fetching the weather). It asks the MCP client to connect to the right server. The server grabs the data and sends it back, so the AI can answer you with up-to-date info. 𝗪𝗵𝘆 𝗶𝘀 𝘁𝗵𝗶𝘀 𝗮 𝗯𝗶𝗴 𝗱𝗲𝗮𝗹? Standardization: No more custom code for every tool. MCP makes integrations faster and safer. Modularity: You can swap out tools or data sources without breaking your AI app. Security: You control what the AI can access, and MCP handles permissions and privacy. In short: MCP is the behind-the-scenes helper that lets AI apps connect to the real world, safely and efficiently. It’s making AI more useful, flexible, and connected than ever before.

If you have been wondering why did we need MCP in the first place, let me give you a detailed breakdown of why, and how AI engineers can leverage it. As AI tools grow more powerful, one big limitation has held us back: models aren’t useful unless they can take action in the real world. They need access to tools, data, and systems, whether that’s your file system, calendar, GitHub, Slack, or database. Until recently, we used function calling to wire these tools to LLMs. But as use cases evolved, function calling started to crack under pressure. What was broken with function calling? ❌ Developers had to handwrite JSON schemas and glue code for each function, even across similar tools. ❌ Models could invoke powerful actions with minimal user oversight or approval paths. ❌ No standard format or API. Each vendor had its own logic. No interoperability. Reuse was hard. ❌ No shared context. Every tool call was stateless- no history, no memory, no continuity. Tada, hence "MCP" was built. MCP is a open standard pioneered by Anthropic that makes LLMs context-aware and action-ready. It turns your AI assistant into a secure, modular system that can reason, act, and communicate with the world around it, safely. How AI Engineers Can Use MCP (You can connect your models to 👇 ): 📂 Document tools (e.g., read, summarize, and extract from files) 🧠 Dev tools (e.g., analyze code changes, open PRs, file issues) 🗓 Productivity tools (e.g., draft emails, schedule meetings) 📣 Communication tools (e.g., post to Slack, log tasks in Notion) All using a standardized, context-rich protocol. And it’s model-agnostic, so you’re not locked into one provider. 🧰 Here’s how MCP works: 1. Host: The user-facing entry point, like Claude Desktop, Cursor, or your own AI app, where prompts are entered and responses rendered. 2. MCP Client: A lightweight middleware inside the host that translates prompts into structured API calls. Think of it as the traffic router, directing requests to the right subsystem. 3. MCP Servers: Containerized or standalone services that expose specific tools, e.g., one talks to your file system, another to Slack or GitHub, each using a consistent protocol schema. 4. Tools: Functions the model can call, like read_file, send_slack_message, or query_database. Think of them like REST or gRPC endpoints. 5. Resources: The actual data the model acts on, docs, PRs, events, tickets, stored locally or accessed remotely. MCP enables safe, context-aware interaction with them. So, if you're building agentic AI systems or AI-native apps, understanding MCP is becoming table stakes. PS: If you want to go deeper into how you can use MCP in your applications, I highly recommend that you checkout this upcoming webinar on 7th May by Reid Robinson, Tal Peretz, and Matt Brown. It’s a free webinar and you will get a recording too. Link in comments 👇 ♻️ Share this with your network to spread knowledge :)

🧠 What I Learned About Model Context Protocol (MCP) — And Why It Matters This week, I dove into Model Context Protocol (MCP), and wow — it's a powerful way to orchestrate intelligent agents like LLMs with tool-capable servers. Think of it as a structured handshake between an AI brain and the real-world tools it needs to act. Here’s a quick breakdown using a recent sequence diagram I explored: 1. Cline (MCP host & client) initiates a request on behalf of user — think "What's the weather in New York tomorrow?" 2. It spins up an MCP Server, which responds like an API gateway: “I have get_forecast and get_alerts.” 3. An LLM interprets the user’s intent and selects the right tool (get_forecast), builds the parameters, and triggers the action through Cline. 4. The result flows back through the MCP pipeline — the user gets their answer, powered by real-time tool execution. 💡 One neat detail: the MCP Server can either run locally alongside the Host, or be a remote service running somewhere else in your architecture. That flexibility makes it incredibly useful for both lightweight prototyping and production-scale integrations. My biggest takeaway? MCP standardizes the way how LLMs can integrate different tools, a step forward beyond LLM function calling. It bridges language understanding and tool execution with clarity and modularity. It’s like giving your chatbot superpowers — not just to talk, but to do. If you’re building agentic systems or orchestrating toolchains with LLMs, MCP is worth exploring. Curious to hear how others are integrating it! #AI #LLM #MCP #AgenticSystems #ToolUse #WeatherAPI

8 Core MCP Implementation Patterns: How AI Agents Really Connect to the World. Many still think of AI agents as just chatbots or text generators. But if you want Agents to take real action like updating CRMs, Processing files, or Running workflows they need intelligent protocols to interface seamlessly with real-world systems. This is where Model Context Protocol(MCP) implementation patterns come in. Below is a breakdown of 8 core patterns that show how Agents integrate, act, and reason across enterprise systems: 𝟏. 𝐃𝐢𝐫𝐞𝐜𝐭 𝐀𝐏𝐈 𝐖𝐫𝐚𝐩𝐩𝐞𝐫 𝐏𝐚𝐭𝐭𝐞𝐫𝐧: - The simplest approach. - The agent calls external APIs directly through an MCP server and wraps them as needed. 𝟐. 𝐂𝐨𝐦𝐩𝐨𝐬𝐢𝐭𝐞 𝐒𝐞𝐫𝐯𝐢𝐜𝐞 𝐏𝐚𝐭𝐭𝐞𝐫𝐧: - The MCP server combines multiple APIs or tools into one unified service. - The agent talks to this single service instead of juggling many separate calls. 𝟑. 𝐌𝐂𝐏-𝐭𝐨-𝐀𝐠𝐞𝐧𝐭 𝐏𝐚𝐭𝐭𝐞𝐫𝐧: - The agent triggers tools via the MCP server. - Outputs are handed off to a specialist agent for deeper or domain-specific reasoning. 𝟒. 𝐄𝐯𝐞𝐧𝐭-𝐃𝐫𝐢𝐯𝐞𝐧 𝐈𝐧𝐭𝐞𝐠𝐫𝐚𝐭𝐢𝐨𝐧 𝐏𝐚𝐭𝐭𝐞𝐫𝐧: - Designed for asynchronous workflows. - The MCP listens to event streams and triggers processes based on those events. 𝟓. 𝐂𝐨𝐧𝐟𝐢𝐠𝐮𝐫𝐚𝐭𝐢𝐨𝐧 𝐔𝐬𝐞 𝐏𝐚𝐭𝐭𝐞𝐫𝐧: - The agent dynamically manages or configures tools through a configuration management service. - Enables adaptive and self-tuning behaviors. 𝟔. 𝐀𝐧𝐚𝐥𝐲𝐭𝐢𝐜𝐬 𝐃𝐚𝐭𝐚 𝐀𝐜𝐜𝐞𝐬𝐬 𝐏𝐚𝐭𝐭𝐞𝐫𝐧: - The agent pulls data from analytics or OLAP systems through the MCP. - Helps inform smarter decisions with real-time data. 𝟕. 𝐇𝐢𝐞𝐫𝐚𝐫𝐜𝐡𝐢𝐜𝐚𝐥 𝐌𝐂𝐏 𝐏𝐚𝐭𝐭𝐞𝐫𝐧: - A domain-level MCP coordinates multiple smaller, domain-specific MCPs such as customer, payments, or wallet. - Useful for complex and layered architectures. 𝟖. 𝐋𝐨𝐜𝐚𝐥 𝐑𝐞𝐬𝐨𝐮𝐫𝐜𝐞 𝐀𝐜𝐜𝐞𝐬𝐬 𝐏𝐚𝐭𝐭𝐞𝐫𝐧: - The agent accesses local files or on-device tools through the MCP. - Ideal for secure file handling and local processing. 𝐖𝐡𝐲 𝐭𝐡𝐢𝐬 𝐦𝐚𝐭𝐭𝐞𝐫𝐬: These patterns are not just technical choices. They are the foundation for building scalable, secure, and flexible agent architectures. If you want AI agents to move beyond chat and actually work inside your business, this is the playbook. Which of these patterns do you see as most important for your projects? Share your thoughts below. #Agentic #AI #MCP #AgenticProtocol

Most MCP Servers Are Just API Wrappers: Observe Built Something Different Companies implementing Model Context Protocol servers typically wrap existing APIs behind MCP tools and call it done. This approach proves brittle when AI agents lack the contextual understanding needed to navigate complex observability data effectively. Observe's MCP server addresses this limitation through an AI-first architecture that leverages their Knowledge Graph, a vector store containing infrastructure relationships, metadata, and field definitions. This enables agents to understand what "prod" means in the context of a specific Kubernetes cluster, rather than generating generic queries that miss critical context. Instead of forcing agents to generate OPAL queries directly, the system uses a validated JSON schema approach. Agents create structured JSON objects that get converted to proper queries server-side, ensuring syntactic correctness while the Knowledge Graph provides semantic accuracy. The hosted architecture allows dynamic tool configuration and faster iteration cycles. The difference becomes apparent during incident response scenarios. Traditional MCP implementations require agents to make multiple API calls and manually correlate disparate data sources. Observe's approach allows agents to automatically surface relevant visualizations, correlate metrics across services, and provide actionable insights without requiring deep observability expertise. Enterprise environments with mixed public and private data particularly benefit from this contextual approach, enabling agents that understand both SaaS observability data and internal business metrics simultaneously. 🔗https://lnkd.in/e-CGmJ-z

The Model Context Protocol (MCP) is not just "another API lookalike." If you think, "Bro, these two ideas are the same," it means you still don't get it. Let's start with a traditional API: An API exposes its functionality using a set of fixed and predefined endpoints. For example, /products, /orders, /invoices. If you want to add new capabilities to an API, you must create a new endpoint or modify an existing one. Any client that requires this new capability will also need modifications to accommodate the changes. That issue alone is a colossal nightmare, but there's more. Let's say you need to change the number of parameters required for one endpoint. You can't make this change without breaking every client that uses your API! This problem brought us "versioning" in APIs, and anyone who's built one knows how painful this is to maintain. Documentation is another issue. If you are building a client to consume an API, you need to find its documentation, which is separate from the API itself (and sometimes nonexistent.) MCP works very differently: First, an MCP server will expose its capabilities as "tools" with semantic descriptions. This is important! Every tool is self-describing and includes information about what the tool does, the meaning of each parameter, expected outputs, and constraints and limitations. You don't need separate documentation because the interface itself is that documentation! One of my favorite parts is when you need to make changes: Let's say you change the number of parameters required by one of the tools in your server. Contrary to the API world, with MCP, you won't break any clients using your server. They will adapt dynamically to the changes! If you add a new tool, you don't need to modify the clients either. They will discover the tool automatically and start using it when appropriate! But this is just the beginning of the fun: You can set your tools so they are available based on context. For example, an MCP server can expose a tool to send messages only to those clients who have logged in first. There's a ton more, but I don't think I need to keep beating this dead horse. AI + MCP > AI + API *micdrop*

MCP Security is so new and brings a whole new attack surface risk. 5000+ MCP Servers running in prod today already I thought of discussing it here and have started a 10 Days of MCP Security series. 𝗗𝗮𝘆 𝟭 𝗼𝗳 𝗠𝗖𝗣 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆: 𝗪𝗵𝗮𝘁 𝗶𝘀 𝗠𝗖𝗣 (𝗠𝗼𝗱𝗲𝗹 𝗖𝗼𝗻𝘁𝗲𝘅𝘁 𝗣𝗿𝗼𝘁𝗼𝗰𝗼𝗹)? Most people think of AI agents like ChatGPT and Copilot as chat interfaces. But behind the scenes, what makes these agents actually useful is something far more powerful. It’s called MCP: the Model Context Protocol. 𝘔𝘊𝘗 𝘪𝘴 𝘵𝘩𝘦 𝘭𝘢𝘺𝘦𝘳 𝘵𝘩𝘢𝘵 𝘭𝘦𝘵𝘴 𝘈𝘐 𝘢𝘨𝘦𝘯𝘵𝘴: ̲→ Discover tools (i.e. APIs) → Understand how to call them → Share real-time context (who’s asking, what task, what permissions) → And execute workflows autonomously In traditional software, a user triggers an API call. In MCP-based systems, the AI model decides what to call, based on the prompt and its reasoning. 𝘌𝘹𝘢𝘮𝘱𝘭𝘦: ̲You say, “Send this report to my boss.” The AI agent, through MCP, may: → Call a calendar API to check availability → Use an email API to draft and send the message → Trigger a policy API to check if data can be shared externally All without you explicitly saying how to do it. 𝘞𝘩𝘺 𝘥𝘰𝘦𝘴 𝘵𝘩𝘪𝘴 𝘮𝘢𝘵𝘵𝘦𝘳? ̲MCP is what enables “agentic” AI, intelligent, autonomous, and responsive. But it also creates a new security layer that barely existed before. Because now, your AI model is: → Acting as a dynamic client → Making API decisions at runtime → Carrying user context that can be leaked, spoofed, or misused This is a new layer of security risk, and most AppSec teams aren’t prepared for it. Tomorrow, I’ll go deeper into how MCP changes the AppSec model.

What is MCP — and why should you care? As LLMs evolve beyond text completion into full-blown agents, one thing has become painfully clear: our infrastructure hasn't kept up. Today’s developers are juggling brittle prompts, bloated token usage, and toolchains tightly coupled to proprietary formats. Enter MCP (Model Context Protocol) — a low-level, open JSON-RPC protocol originally proposed by Anthropic, and quickly becoming a foundational layer in agentic architectures. At its core, MCP standardizes how LLMs (or agents) interact with the real world. It introduces a structured, interoperable way to call tools, read from resources, and retrieve reusable prompts — without locking you into a single vendor or breaking context with every integration. With MCP: - You define tools, resources, and prompts once — and reuse them anywhere. - Communication between clients (apps, agents, runtimes) and servers is bidirectional — enabling smarter, more dynamic workflows. - You can embed the protocol into any environment — desktop apps, agent frameworks, or even your own LLM client. Instead of hardcoding prompts or overloading context windows: 1. Your agent parses the task. 2. It uses an embedded MCP client to call the right tool. 3. The MCP server fetches data, returns structured results. 4. Your agent integrates the results into the next step — efficiently, predictably, and at scale. This isn’t some far-off future — it’s here now, and it’s composable, language-agnostic, and open. #mcp #llm #ai