Skip to content

What is MCP?

A standard protocol for AI agents to safely access external tools and data

About This Document

This guide covers the core concepts, categories, and trade-offs of MCP. If you're new to MCP, start here. For hands-on implementation details, see development.md.

What is MCP?

MCP (Model Context Protocol) is an open standard protocol led by Anthropic.

In short: a common protocol that enables AI agents to safely access external tools and data.

The USB-C Analogy

Just as USB-C connects various devices (mice, keyboards, external drives) to a PC with one standard, MCP connects not only various tools and services (RFC specifications, translation APIs, legal databases) but also physical devices and sensors (IoT devices, scanners, OCR, etc.) to AI with one protocol.

The Essence: Giving AI a "Hand"

AI excels at text input and output, but by default it cannot interact with the outside world—no network access, no file operations. MCP standardizes this gap and gives AI the tools it needs to act.

Why MCP?

The Problem: AI's Knowledge Cutoff and Dynamic Data

AI can only answer within its training data. For example:

  • It doesn't know the latest RFC specifications (RFC 6455 and beyond)
  • It cannot use translation services like DeepL or Google Translate
  • It cannot search legal databases or proprietary knowledge bases

Before MCP: The N×M Problem

Before MCP, each AI tool (Claude Code, Cursor, VS Code) had to individually integrate with each service (RFC, translation, legal databases).

N AI tools × M services = N×M integrations needed

After MCP: Reduced to N+M

With MCP standardization, each service publishes one MCP server, and all AI tools automatically gain access to it.

N AI tools + M MCP servers = N+M implementations total

LSP: MCP's Structural Ancestor

This N×M → N+M reduction is not new. The Language Server Protocol (LSP), introduced by Microsoft in 2016, solved the identical problem one layer down: before LSP, supporting M languages across N editors required N×M plugins. LSP collapsed this to N+M by standardizing editor↔language-server communication over JSON-RPC 2.0 — the same transport MCP uses today.

TIP

MCP is, in effect, "LSP for LLMs." Microsoft's VS Code team states it directly: "The idea behind LSP inspired a new protocol, MCP, that standardizes how applications provide context to LLMs." Where LSP connects editors to code intelligence, MCP connects LLMs to arbitrary tools and data. Recognizing this lineage clarifies why MCP's host/client/server split mirrors LSP's editor/client/server split. The reverse direction is now happening too: tools like lsp-mcp and Serena re-expose LSP capabilities to LLMs as MCP servers, and Claude Code added native LSP plugins (pyright-lsp, vtsls, rust-analyzer, etc.) in late 2025.

Reference: VS Code Team (2025). "Agent mode: available to all users and supports MCP." Visual Studio Code Blog. code.visualstudio.com — MCP as the LLM-era successor to LSP.

MCP's Three-Layer Architecture

MCP has three clearly defined layers with distinct roles.

Roles and Developer Involvement

The following table summarizes each layer's responsibilities and how developers interact with them.

LayerRoleExampleDeveloper Role
HostUI, session management, user interfaceClaude Code, Cursor, VS CodeUser
ClientJSON-RPC communication, request/response handlingBuilt into HostUsually transparent
ServerTool/resource provision, actual implementationrfcxml-mcp, deepl-mcpYou build this

Key Insight

When developing an MCP server, you only implement the Server layer. The Client is built into the Host, so you don't need to worry about protocol details.

External Interface Catalog — Where MCP Sits Among All Interfaces

MCP is just one of many ways to connect to the outside. An agent always touches the outside through the harness (its hands); MCP, direct HTTP, A2A, and plugins are all just classifications of "the contents of the harness's tool-integration responsibility" (see the first principle in strategy/harness-engineering-mapping). Before designing an MCP, survey where MCP sits on the shelf of all interfaces.

TargetExample I/FExecutor
Model (brain)OpenAI-compatible API / LLM Gateway (LiteLLM, OpenRouter)harness → gateway
Tools & dataDirect HTTP/REST/SDK / MCPharness (its hands)
Knowledge & retrievalWeb search (SearXNG, Brave, Tavily) / vector DB & RAG / Memory & Knowledge Graphharness
Other agentsA2A (Agent Card + Task, client / server adapter)harness ↔ adapter
GUI & physicalBrowser automation / computer control / IoT (MQTT, Home Assistant)harness
Humans & eventswebhook / message queue / push notification / chat botharness

TIP

The named "winning protocols" effectively collapse to just two: MCP (tools) and A2A (agents). Everything else falls into (a) ad-hoc direct HTTP, (b) retrieval (search, vectors, memory), or (c) GUI/physical control. Beneath all of them sits the interface to the model (the LLM Gateway). The decision to choose MCP is, on the "tools & data" row of this shelf, a binary choice against direct HTTP.

NOTE

A plugin is not a kind — it is packaging. A Claude / Cowork plugin is a distributable that bundles an MCP server, Skills, and commands; even when you "use a plugin," the harness simply calls the MCP tools / Skills inside it as functions. "Implement it as a plugin" = "the harness calls the contents (MCP / Skill)."

Note that A2A alone reverses its position depending on direction (harness's hand when outbound, the entry point when inbound); see agents/what-is-a2a. The sections below drill into the kinds and implementations of MCP (tool connection) specifically, within this shelf.

MCP Categories

MCP servers can be classified along two axes: "what they do" (purpose-based) and "how they're implemented" (implementation-based).

Purpose-based Classification

MCP's utility goes far beyond "unwavering reference sources." In practice, MCP servers serve six distinct purpose categories.

CategoryRoleExamples
ReferenceStructured access to authoritative specs, standards, and regulationsrfcxml-mcp, w3c-mcp, hourei-mcp, pdf-spec-mcp
TransformData format or language conversiondeepl-mcp, mermaid-mcp
EvaluateQuality or score measurementxcomet-mcp
VerifySpecification compliance confirmationrfcxml-mcp (validate_statement, etc.)
ExecuteDomain-specific processingrxjs-mcp, pdf-reader-mcp
RetrieveGeneral external data retrievalepsg-mcp

Important: A single MCP can span multiple categories. For example, rfcxml-mcp serves both Reference (specification lookup) and Verify (compliance validation).

Implementation-based Classification

From a technical implementation perspective, MCP servers fall into four patterns.

PatternCharacteristicsExamples
Local DataNo external communication; data bundled in packageepsg-mcp, pdf-spec-mcp
External APICommunicates with external APIs via HTTP/HTTPSrfcxml-mcp, w3c-mcp, hourei-mcp
Model LoadingLoads ML models for local inferencexcomet-mcp-server
HybridCombination of multiple patternspdf-reader-mcp (local + URL fetch)

Relationship Between the Two Axes

Purpose-based and implementation-based classifications are independent axes. For instance, "Reference" MCPs can be either Local Data (pdf-spec-mcp) or External API (rfcxml-mcp). When designing an MCP, first clarify "what you want to achieve" (purpose), then select "how to implement it" (pattern).

Implementation Pattern Selection Flowchart

When building a new MCP server, use the following flowchart to determine which implementation pattern applies.

Core Features of MCP Servers

MCP servers provide three core capabilities.

Tools - The Most Common

Functions that AI can invoke, similar to Remote Procedure Calls (RPC).

Examples:

  • rfcxml:get_rfc_structure - Fetch RFC specification structure
  • deepl:translate-text - Translate text
  • xcomet:xcomet_evaluate - Evaluate translation quality

Resources

Data sources that AI can read, accessed via URI.

Examples:

  • file:///path/to/data - File system data
  • rfc://6455 - RFC specification document

Prompts

Reusable prompt templates, formalized as repeatable workflows.

Examples:

  • Translation quality evaluation template
  • Code review template

Feature Comparison

The following table contrasts these three capabilities.

FeatureData DirectionDescriptionUsage Frequency
ToolsAI → ServerAI calls server functions★★★ Most common
ResourcesServer → AIServer provides data without UI★★ Moderate
PromptsServer → AITemplate provision★ Limited

Additional Utility Features

Beyond the core capabilities (Tools/Resources/Prompts), MCP defines several utility features. None are mandatory, but they become valuable for advanced use cases.

Sampling

Server requests AI inference in reverse. Useful when delegating complex decisions to the AI.

Roots

Limits the file system scope that the server can access. Critical for security.

Logging

Structured log output for debugging and monitoring.

Progress

Progress reporting for long-running operations to improve user experience.

Implementation Note

Most MCP servers function perfectly with Tools alone. Add features incrementally as needed.

Benefits

Adopting MCP provides the following advantages.

  • Standardization
    Once built, your server works with multiple AI hosts (Claude Code, Cursor, VS Code). Protocol unification drastically reduces integration costs.

  • Reusability
    Publish on npm and users can start using it instantly with npx. Deployment and maintenance are simple.

  • Dynamic Processing
    Enable real-time data fetching and processing. Complement AI's knowledge cutoff.

  • Authority Direct access to authoritative sources (RFC originals, legal databases). Reduces AI hallucinations. This is one of MCP's purposes (Reference), alongside other diverse roles such as Transform, Evaluate, Verify, Execute, and Retrieve.

  • Separation of Concerns
    Tool logic and AI logic are cleanly separated. Changes have limited scope.

Drawbacks and Risks

MCP also comes with trade-offs and risks to be aware of.

  • Context Consumption
    Tool definitions consume tokens just to load. With many tools, context window pressure becomes real.

  • Startup Overhead
    Requires server process management. Overkill for simple cases.

  • Security Risks
    Input validation gaps or permission misconfigurations can cause serious damage. See security.md for details.

  • Maintenance Cost
    You must track external API changes. Long-term sustainability requires careful design.

  • Over-MCP-ification
    Resist the temptation to MCP everything. CLI + Skills often suffice.

Key Insight

Services with official CLIs (gh, aws, gcloud) are better served by CLI + Skills, not MCP. See 03-architecture.md ("CLI vs MCP") for the decision framework.

MCP Implementations in This Repository

The ai-agent-architecture repository accumulates practical knowledge from developing and operating MCPs.

Custom MCPs (Published on npm)

Seven MCP servers designed, implemented, and released:

  • rfcxml-mcp - Search and fetch IETF RFC specifications
  • w3c-mcp - Search and reference W3C/WHATWG web specifications
  • xcomet-mcp - Evaluate translation quality (uses machine learning models)
  • rxjs-mcp - RxJS operator guide and code execution
  • epsg-mcp - Search and transform coordinate reference systems (CRS)
  • pdf-spec-mcp - Search PDF specifications (ISO 32000)
  • pdf-reader-mcp - Read and extract text from PDFs

Integrated MCPs (External Development)

Five MCP servers we integrate and extend:

  • deepl-mcp - DeepL translation API
  • hourei-mcp - Japanese legal database
  • mermaid-mcp - Mermaid diagram generation
  • svelte-mcp - Svelte 5 documentation
  • shadcn-svelte-mcp - shadcn/ui v4 components

Learn More

See catalog.md for the complete list and detailed specifications.

To dive deeper into MCP, explore the following documents.

GoalDocument
Build an MCPdevelopment.md
Explore built MCPscatalog.md
Understand securitysecurity.md
Choose between Skills/A2A03-architecture.md
Learn about Skillswhat-is-skills.md

Last Updated: 2026-06-20 Repository: ai-agent-architecture

Released under the MIT License.