Connecting 3 AI apps to 3 tools used to require 9 custom integrations. Each model vendor needed its own connector format. MCP changes that by standardizing the interface between AI hosts and external tools.
What MCP standardizes
MCP is an open protocol for AI-to-system connectivity, typically transported over JSON-RPC 2.0.
It standardizes:
- Tools (callable functions)
- Resources (read-only references)
- Prompts (reusable templates)
The practical result: build once, reuse across hosts.
Architecture
- Host: Claude Desktop, Claude Code, Cursor, etc.
- Client: per-server session manager inside the host
- Server: wraps external systems like GitHub, Postgres, Drive
Lifecycle: initialize → exchange messages → close.
MCP and function calling
MCP does not replace function calling. It unifies it across vendors. Tool schemas, parameters, and result envelopes become portable.
MCP vs RAG
- RAG = retrieval-first knowledge augmentation (mostly read path)
- MCP = operational orchestration (read/write/call side effects)
Advanced systems use both: MCP for action, RAG for context.
Security
Known risks include prompt injection, over-permissioned tools, and lookalike tool attacks. Even with OAuth 2.1/PKCE and least-privilege patterns, production hardening still requires:
- strict permission scopes
- HITL on critical operations
- auditable tool logs
AI value is not just model quality. It’s the reachable system surface.
Top comments (2)
Some comments may only be visible to logged-in visitors. Sign in to view all comments.