By the end of 2024, every AI team was building the same plumbing: M separate applications, N separate tools, M×N bespoke integrations. That's not engineering; that's a tax. Anthropic's Model Context Protocol turned M×N into M+N, and within roughly 18 months it became the industry-wide socket for plugging AI into anything.
The USB-C Logic That Made MCP Stick
MCP doesn't make the model smarter — models get smarter every quarter. What it standardizes is the connection. Before USB-C, every device had its own port and dongle. After, the connection itself stopped being the problem. MCP does the same for AI: one protocol, one spec, and any compliant client talks to any compliant server. That's why OpenAI, Google DeepMind, Microsoft, and half the developer-tool ecosystem shipped support within a year.
Three Roles, Three Primitives, One Wire Protocol
MCP splits the world into three roles. Host: the application (Claude Desktop, Cursor, VS Code Copilot, ChatGPT). Client: a lightweight connector inside the host that maintains a 1:1 link with a server. Server: an independent process that exposes capabilities. The capability owner ships one server; every MCP-compatible host instantly knows how to use it. No more per-app bindings.
Servers expose three primitives — tools (actions the model invokes, e.g. send_slack_message), resources (addressable, cacheable data), and prompts (pre-baked templates). APIs for function calling give you tools. RAG gives you resources. Prompt libraries give you prompts. MCP gives you all three behind one interface with runtime discovery — the host connects, asks "what have you got?", and gets a typed capability surface. New tools appear without redeploying anything client-side.
The wire protocol is JSON-RPC 2.0 over a persistent bidirectional channel. A typical request: handshake, list tools, model picks one, user approves (permission UI), server runs it, result streams back into context. The patterns stay consistent across all three primitives.
Not a Replacement — Connective Tissue
Function calling is a model capability (the model says "I want to call X"). MCP is the layer below it — the protocol to discover what exists and route calls. RAG works for static, chunkable data; it breaks on live Slack threads or changing order status. MCP composes with both: you can build a RAG-backed MCP server or a function-calling host that uses MCP to discover functions. They are not substitutes.
The Ugly Truth: 13,000 Servers, But Most Are Not Ready for Production
Real-world patterns already exist: AI assistants on Notion + Gmail + Calendar, AI-driven CI/CD via GitHub MCP servers, enterprise chat-over-data with live database queries. Even creative pipelines — a Blender server that lets the model design and print objects.
But the security posture is rough. A 2026 audit found only ~8.5% of public MCP servers implement OAuth 2.1 (the November 2025 spec revision). Roughly 25% have zero authentication; over half rely on long-lived static API keys. SSRF vulnerabilities appear in over a third of public servers. Permission UX is almost universally broken — most hosts ship a blanket "allow X server" toggle that users auto-approve. Treat unknown MCP servers like unknown npm packages.
Discovery flipped from "hard to find any server" to "50 Slack servers, guess which one is real." The official MCP Registry, Glama, Smithery, and mcp.so collectively list well over 13,000 servers. The community is still figuring out conventions, and quality varies wildly.
Why It Matters: The Compounding Phase
In December 2025, Anthropic donated MCP to the Linux Foundation under the new Agentic AI Foundation — turning a company protocol into vendor-neutral infrastructure. That's the same arc HTTP and TCP followed. When the integration layer is open and governed by no one in particular, it compounds. We are in that phase now. The era where every AI application had to rebuild every integration is over.
Source: MCP Explained: One Protocol for All Your AI Applications
Domain: hackernoon.com
Comments load interactively on the live page.