Model Context Protocol (MCP): The Standard Interface for AI Agent Tools

What Is Model Context Protocol?#

Model Context Protocol (MCP) is an open standard that defines how AI agents discover and invoke external tools. Think of it as the USB-C of agentic AI — one interface, any tool.

Before MCP, every AI integration was bespoke. OpenAI function calling, LangChain tools, and custom REST wrappers all solved the same problem differently. MCP provides a single protocol so any compliant client (Claude, Cursor, your own agent) can connect to any compliant server.

Why MCP Matters#

• Standardization — Build a tool once, use it with any MCP client
• Discovery — Agents query servers for available tools, resources, and prompts at runtime
• Security — Transport-layer isolation between the AI model and your infrastructure
• Composability — Chain multiple MCP servers together for complex workflows

Architecture#

MCP follows a client-server model with three layers:

AI Agent (Host)
  └─ MCP Client
       └─ Transport (stdio | HTTP+SSE)
            └─ MCP Server
                 ├─ Tools (actions the agent can invoke)
                 ├─ Resources (read-only data the agent can access)
                 └─ Prompts (reusable prompt templates)

Host: The AI application (Claude Desktop, your CLI agent). Client: Maintains a 1:1 session with a server, handles protocol negotiation. Server: Exposes tools, resources, and prompts over a transport. Transport: stdio for local processes, HTTP+SSE for remote servers.

Building an MCP Server (TypeScript)#

import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
import { z } from "zod";

const server = new McpServer({
  name: "my-db-server",
  version: "1.0.0",
});

// Define a tool
server.tool(
  "query_database",
  "Run a read-only SQL query against the analytics database",
  {
    sql: z.string().describe("The SQL query to execute"),
    limit: z.number().optional().default(100),
  },
  async ({ sql, limit }) => {
    const rows = await db.query(`${sql} LIMIT ${limit}`);
    return {
      content: [{ type: "text", text: JSON.stringify(rows, null, 2) }],
    };
  }
);

// Define a resource
server.resource("schema", "db://schema", async () => ({
  contents: [{ uri: "db://schema", text: schemaDefinition, mimeType: "text/plain" }],
}));

// Define a prompt template
server.prompt("analyze_table", { table: z.string() }, ({ table }) => ({
  messages: [
    { role: "user", content: { type: "text", text: `Analyze the ${table} table for anomalies.` } },
  ],
}));

const transport = new StdioServerTransport();
await server.connect(transport);

Configuring MCP Clients#

Most MCP clients use a JSON config to register servers. Here is a typical mcp.json:

{
  "mcpServers": {
    "database": {
      "command": "npx",
      "args": ["tsx", "./servers/db-server.ts"],
      "env": { "DATABASE_URL": "postgres://localhost:5432/analytics" }
    },
    "filesystem": {
      "command": "npx",
      "args": ["-y", "@modelcontextprotocol/server-filesystem", "/home/user/projects"]
    },
    "browser": {
      "url": "http://localhost:3001/sse"
    }
  }
}

command + args launches a local stdio server. url connects to a remote HTTP+SSE server.

MCP vs Function Calling#

Function calling is the mechanism inside one API. MCP is the protocol across all of them. You can use both — an MCP client can translate tool calls into the host model's function-calling format.

Real-World Use Cases#

Database Access#

Expose read-only query tools so agents can answer questions against your data warehouse without direct credentials.

File System Operations#

The reference @modelcontextprotocol/server-filesystem server lets agents read, write, and search project files within sandboxed directories.

API Wrappers#

Wrap any REST or GraphQL API as an MCP server. Your agent gets typed tool definitions with descriptions — no prompt-engineering the schema.

Browser Control#

MCP servers like Playwright-MCP give agents the ability to navigate pages, click elements, fill forms, and extract content from live websites.

CI/CD and DevOps#

Expose deployment triggers, log search, and infrastructure status as tools. Agents can diagnose incidents by querying multiple MCP servers in sequence.

Best Practices#

1. Keep tools focused — one action per tool, clear descriptions
2. Validate inputs — use Zod schemas, reject dangerous operations
3. Return structured data — JSON over free text for downstream parsing
4. Limit blast radius — read-only by default, require explicit write scopes
5. Version your servers — clients may cache tool schemas across sessions

Getting Started#

# Scaffold a new MCP server
npx @modelcontextprotocol/create-server my-server
cd my-server
npm install
npm run build

Add it to your client config, restart, and your AI agent can immediately discover and invoke your tools.

---

Generate MCP configs for your architecture at codelit.io.

122 articles on system design at codelit.io/blog.