N apps × M sources = custom integrations everywhere. REST APIs weren't built for LLMs to discover tools.
Open-source vendor-agnostic protocol. Bidirectional AI to data. JSON-RPC 2.0. Anthropic, OpenAI, Google, MSFT.
Three components: MCP Hosts (the AI app), MCP Clients (protocol impl), and MCP Servers (capability providers).
Resources = read-only context. Tools = executable state-changing functions. Prompts = pre-defined templates.
Use MCP for dynamic tool discovery and multi-step workflows. Direct APIs for deterministic high-volume ops.
Input validation. Output sanitization. Human-in-the-loop. Defend prompt injection, rug pulls, tool poisoning.
Don't over-permission. Validate inputs. Log calls. Avoid 'security theater', use parameterized queries.
DevOps: 30min → 5min incident response. Support: 40% more tickets. Finance: 4hr → 45min research.
Start read-only. Narrow tools. Audit logging. Gradual deployment. Structured monitoring. Strict approval flows.
Launched Nov 2024. 1,000+ servers. ChatGPT integrated March 2025. Gemini April 2025. Enterprise features next.