MCP Explained: The Universal ‘Connector’ Turning AI Models into Extensible Agents

What Is MCP?

The Model Context Protocol (MCP) is an open, language‑agnostic standard that lets AI models communicate with external systems such as databases, APIs, local files, or third‑party services. It abstracts the connection problem so any model can invoke tools without custom plugins.

Why a Unified Protocol?

Before MCP each model required its own bespoke integration, leading to duplicated effort and isolated "ability islands." MCP was first proposed by Anthropic in late 2023 and released as a full open‑source specification in 2024 to provide a common integration layer for Claude, ChatGPT, Gemini, Azure AI and other developer tools.

Architecture

MCP follows a client‑server model with three cooperating components:

Server : Exposes tools and resources, receives commands from the client, invokes the external system, and returns results.

Client : Discovers available MCP servers, manages connections, forwards tool‑call requests, and processes responses. It is typically embedded in an AI application.

Host : Provides the runtime environment (e.g., Claude Desktop, Cursor, Windsurf) that hosts the client and serves as the user‑facing entry point.

Interaction flow: user → Host → Client → Server → external system → Server → Client → Host → user.

Core Primitives

MCP defines three primitive types that constitute the interaction language:

Tools : Executable functions described with JSON‑Schema for parameters and return values. Example tool definition for a SQL query:

{
  "name": "query_database",
  "description": "Execute SQL query on the database and return results",
  "inputSchema": {
    "type": "object",
    "properties": {"sql": {"type": "string", "description": "SQL query to execute"}},
    "required": ["sql"]
  }
}

Resources : Contextual data sources such as local files or remote documents. Example resource definition for a README file:

{
  "uri": "file:///Users/project/README.md",
  "name": "project_readme",
  "description": "Project README file",
  "mimeType": "text/markdown"
}

Prompts : Pre‑defined templates that structure the AI’s interaction. Example prompt for code review:

{
  "name": "code_review",
  "description": "Review code for bugs and security issues",
  "arguments": [{"name": "code", "description": "Code snippet to review", "required": true}]
}

MCP vs. Function Calling

Function Calling decides *what* to call. MCP standardises *how* the call is described, discovered, invoked, and returned. In practice an LLM selects a tool via Function Calling, then MCP handles the protocol‑level exchange and result formatting.

Quick Start: Building a Simple MCP Server in Python

from mcp.server import Server, NotificationOptions
from mcp.server.models import InitializationOptions
import mcp.server.stdio
import mcp.types as types

app = Server("example-server")

# Define a weather‑query tool
@app.list_tools()
async def handle_list_tools() -> list[types.Tool]:
    return [
        types.Tool(
            name="get_weather",
            description="Get current weather for a city",
            inputSchema={
                "type": "object",
                "properties": {"city": {"type": "string", "description": "City name"}},
                "required": ["city"]
            }
        )
    ]

# Implement the tool logic
@app.call_tool()
async def handle_call_tool(name: str, arguments: dict | None) -> list[types.TextContent]:
    if name == "get_weather":
        city = arguments.get("city", "unknown")
        return [types.TextContent(type="text", text=f"Weather in {city}: Sunny, 25°C")]
    raise ValueError(f"Unknown tool: {name}")

async def main():
    async with mcp.server.stdio.stdio_server() as (read_stream, write_stream):
        await app.run(
            read_stream,
            write_stream,
            InitializationOptions(server_name="example", server_version="0.1.0")
        )

if __name__ == "__main__":
    import asyncio
    asyncio.run(main())

This server exposes a single get_weather tool that any MCP‑compatible client can call.

Costs and Risks

Token consumption : Each tool description occupies model context; many servers can quickly exhaust tokens.

Connection stability : Server downtime, network failures, or expired credentials directly affect AI capabilities. Implement health‑checks, reconnection logic, and graceful degradation.

Security : Untrusted servers may inject malicious prompts, leak data, or be compromised. Mitigations include using trusted servers, strict input validation, sandboxed execution, comprehensive logging and audit.

Comparison with Alternative Approaches

OpenAI Plugins : Proprietary, limited to OpenAI ecosystem, lower standardisation.

LangChain Tools : Framework‑centric, high cross‑platform support but adds dependency complexity.

Custom APIs : Fully flexible but require bespoke integration for each model.

Future Outlook

Standardised tool marketplaces (e.g., “MCP Hub”) for discovery and reuse.

Dynamic tool loading to minimise context load.

Enhanced authentication, authorization, and audit mechanisms for enterprise security.

Performance optimisations such as batching, latency reduction, and parallel execution.

Resources

Official specification: https://spec.modelcontextprotocol.io

GitHub repository: https://github.com/modelcontextprotocol

Community server list: https://mcp.servershub.com

Quick‑start guide: https://modelcontextprotocol.io/quickstart