Time moves differently in the AI era. Right now, one year packs roughly half a decade of standard tech cycles.
We used to watch software patterns run their full lifecycle in slow motion. Think about jQuery, Angular, or the Next.js Pages Router. Each of them took about five years to complete the arc: peak hype, messy real-world adoption, the slow-motion collision with technical debt, and finally, the quiet retreat back to what actually works.
MCP (Model Context Protocol) just did that entire speedrun in under twelve months.
When Anthropic launched it in late 2024, the LinkedIn crowd immediately crowned it the "USB-C for AI." By mid-2025, every major IDE had integrated it, the ecosystem hit nearly 100 million monthly SDK downloads, and developers were shipping demo servers in an afternoon, happily declaring the agent-integration problem solved.
Then everyone actually tried to run it in production.
Once the hype cleared, three massive cracks appeared in the foundation.
The token math is brutal
Every tool you expose to an LLM eats tokens. Not a little. A lot.
Cloudflare recently did the math on this. To expose their API's 2,500 endpoints via a standard MCP server, the schema definitions alone would consume 1.17 million tokens. That’s more than the entire context window of today's frontier models, completely nuked before the user even types a prompt.
You don't even need to be Cloudflare to hit the wall. Apideck documented a real-world deployment where just three MCP servers (GitHub, Slack, and Sentry) loaded roughly 40 tools. That consumed 143,000 tokens out of a 200,000-token window. That is 72% of the model's working memory, gone.
The irony here is structural. The more capable you want your agent to be—the more tools you give it—the dumber it gets, because the tool schemas literally crowd out the model's ability to reason.
Auth doesn't survive the enterprise
MCP's specification openly leaves consent and authorization flows up to the implementor. In practice, this means every dev team is currently reinventing auth from scratch, usually poorly, and usually under a deadline.
The production reality is grim. Enterprises building on REST APIs solved rate limiting, tamper-proof audit logs, and role-based access control a decade ago. MCP threw those lessons out the window to make tool-calling feel elegant in local demos.
As a result, MCP holds zero certifications for SOC 2, PCI DSS, or FedRAMP. The OAuth specification conflicts with modern enterprise practices. At the RSA Conference recently, researchers demonstrated how an MCP vulnerability could enable remote code execution and a full takeover of an Azure tenant. It's an auditor's worst nightmare.
Tool calling is the wrong primitive entirely
This is the deepest crack, and the one that took the industry the longest to admit.
LLMs have an enormous amount of real-world TypeScript and Python in their training data. They have almost no training data on blindly navigating a bespoke menu of native MCP tools. The implication is obvious in hindsight: LLMs are fundamentally better at writing code than they are at clicking buttons.
Cloudflare proved this empirically. They compared an agent using direct tool-calling to an agent using "Code Mode" to create 31 calendar events. The tool-calling agent fired off 30+ individual, sequential calls, forcing the model to re-process the context every single time. The Code Mode agent just wrote a simple loop and iterated over the dates in a single execution.
By converting their 2,500 endpoints from a traditional MCP approach down to a typed SDK that the model just writes code against, Cloudflare dropped token usage by 81%.
The tool-calling paradigm treats LLMs as dumb orchestrators. Code generation treats them as what they actually are: very good programmers.
The 12-Month Reversal
Over the last few weeks, the public reckoning finally arrived.
At the Ask 2026 conference a couple of weeks ago, Perplexity CTO Denis Yarats announced the company is abandoning MCP internally in favor of traditional APIs and CLIs. They cited context window consumption and clunky auth. The kicker? Perplexity had just shipped their own MCP server four months prior. They built it, ran it in production, hated it, and reversed course inside a single quarter.
Y Combinator president Garry Tan put it bluntly on X: "MCP sucks honestly... I got sick of it and vibe coded a CLI wrapper instead," citing reliability and speed. Over on Hacker News, a tool called mcp2cli—which literally converts MCP tools back into plain CLI commands—hit the front page, boasting a 99% token reduction.
Meanwhile, Cloudflare officially shipped Code Mode as their direct answer. Instead of exposing thousands of tools, the model writes code against a typed API. Two tools. Under 1,000 tokens. The entire Cloudflare API, instantly accessible.
The pendulum snaps back
If you've been in web development long enough, you know the joke: we went from server-rendered pages, to complex client-rendered SPAs, right back to server-rendering. A clean, decade-long circle that cost the industry millions of hours.
We just watched AI tooling do the exact same loop in one year.
We scrambled from basic APIs, to a highly sophisticated tool-calling protocol, only to slam into its limitations and land right back on 30-year-old ideas: the command line, the REST endpoint, the typed SDK. Julien Simon flagged these exact problems publicly in mid-2025—session models failing to scale horizontally, auth as an afterthought, JSON overhead—and was rewarded with angry messages for being a hater. Eight months later, Perplexity's CTO stood on stage and said the exact same things.
This is what building in the post-AI era actually looks like. The pendulum still swings, it just swings violently fast. Hype cycles that once took five years now complete in a single product cycle. The lessons are the same, the tuition just gets collected faster.
If you're building agents right now, the question isn't how to wedge the newest protocol into your stack. The question is: what is the absolute simplest primitive that actually solves my problem?
Nine times out of ten, somebody already invented it decades ago.
A typed SDK. A REST endpoint. An API key. A CLI. The frameworks we build on top of them are valuable, but when the framework starts fighting the foundation, the foundation always wins.
The teams that figure this out fastest, who resist the siren call of the elegant new abstraction until it's actually earned its place, are the ones who will ship agents that actually work in production. Everyone else will spend the next twelve months debugging context overflow errors and OAuth flows while the cycle repeats itself, faster than ever.
Top comments (0)