What Is MCP?

MCP -- Model Context Protocol -- is how you give LLMs real capabilities. What it is, why it exists, the difference between tools/resources/prompts, and why every developer needs to understand this now.

April 1, 20268 min read1 / 2

Every language model has a problem: it's frozen in time. It was trained on data up to a cutoff date, it lives inside its context window, and it has no idea what's happening right now -- your database, your file system, today's weather, your GitHub issues.

MCP -- Model Context Protocol -- is how you fix that.

Released by Anthropic in mid-2024, MCP is an open standard that gives LLMs a structured, secure way to reach outside themselves and interact with the real world through tools, data, and instructions you control.

ℹ️ Think of it this way. An LLM without MCP is like a brilliant expert locked in a room with only old textbooks. MCP is the door that lets them pick up the phone, access your files, and take action in the real world -- but only for the things you explicitly allow.

The Problem MCP Solves

Before MCP, if you wanted to connect an LLM to your systems, you'd write custom glue code for every integration. Want Claude to check your database? Build a custom connector. Want it to read your files? Write another adapter. Want to share that setup with a colleague? Start over.

Every integration was one-off. Nothing was reusable.

MCP defines a single, universal protocol. Any MCP-compatible client can talk to any MCP-compatible server -- without custom glue code each time. It's like USB-C for AI integrations.

Diagram

The Two Problems LLMs Have (That MCP Fixes)

Problem 1: Knowledge Cutoff

An LLM doesn't know what's happening right now. Ask it today's weather -- it'll apologize. Ask it what's in your database -- it has no idea. Ask it what issues are open in your GitHub repo -- it can't tell you.

MCP lets you attach live data sources to the LLM through tools and resources.

Problem 2: Inconsistency

Left to its own devices, an LLM might handle the same task differently every time. Ask it to "clean up the database" without constraints, and on a bad day it might drop the whole table. It's not malicious -- it's optimizing for the goal you gave it, without the guardrails you forgot to specify.

Brian Holt, who built Neon's MCP server, hit exactly this:

"We used to say: run whatever SQL you feel like against the database. One day, an agent decided that data didn't fit the schema -- so it dropped the database and recreated it from scratch. It had done exactly what we asked, just... not how we meant."

MCP tools let you expose only the specific capabilities you want the LLM to have. No drop-database tool? Then it can't drop the database.

⚠️ MCP doesn't make LLMs smarter about what to do. It makes the boundary of what they can do explicit and enforceable. The LLM still decides when to use a tool. Your code decides what happens when it does.

The Three Primitives

MCP servers expose three types of things to an LLM:

Diagram

Tools -- What the LLM Can Do

Tools are functions. The LLM reads their names and descriptions, decides when to call them, and your code runs deterministically.

JavaScript
// A tool for adding two numbers server.registerTool("add", { title: "Addition Tool", description: "Add two numbers together. Use when the user wants to sum two numeric values.", inputSchema: { a: z.number(), b: z.number() } }, async ({ a, b }) => ({ content: [{ type: "text", text: String(a + b) }] }));

The LLM sees: "I have a tool that adds numbers. The user wants to add 2 and 3. I should call this."

Resources -- Context You Push to the LLM

Resources are read-only context. You attach a resource to a conversation, and the LLM can read from it. It's like adding a document to the chat -- except it comes from your MCP server, not manual paste.

Good use cases: database schemas, style guides, README files, Google Docs.

Prompts -- Canned Instructions

Prompts are reusable instruction templates. Your MCP server registers a prompt with optional parameters, and the user can invoke it from the client. Think of it as a fill-in-the-blank instruction card.

MCP vs. True "Agents"

The word agent gets used for everything now. It helps to know exactly what it means -- and what MCP is not.

A true agent is a network of multiple specialized LLMs all working on the same problem:

Diagram

Products like Replit, v0, and create.app implement this pattern. Each "brain" specializes and hands off to the next.

MCP is not this. MCP is simpler: one LLM, augmented with deterministic tools. That simplicity is a feature -- it's predictable, auditable, and fast to build.

ℹ️ Brian's honest admission: "I somewhat use the words LLM and agent interchangeably, which isn't totally accurate -- but that's what everyone's marketing is doing, so it's kind of burned into my brain." Don't stress the terminology. What matters: understand what's an LLM, what's a tool, and what's a true multi-agent pipeline.

How MCP Fits into the Ecosystem

When Brian's company Neon launched their MCP server 6 days after Anthropic announced the protocol, they could do it that fast for two reasons:

  1. They had a small, nimble team
  2. MCP servers are actually simple to build

The complexity you imagine when you first hear "protocol" dissolves quickly. An MCP server is mostly just:

  • A running process
  • A list of tools you register
  • A transport layer for communication

That's it. By the end of this course you'll have built 5–6 of them.

Diagram

Three Transport Options

MCP servers communicate with clients through one of three transports:

TransportWhen to UseStatus
stdioLocal servers -- desktop clients, file accessCurrent standard
SSE (Server-Sent Events)Remote servers -- deprecated pathDeprecated March 2025
Streamable HTTPRemote servers -- the modern wayCurrent standard for remote

You'll learn all three. stdio is where we start because it's the simplest mental model and still the most widely used.

The Responsibility Rule

One thing Brian emphasizes throughout this course -- and it's worth anchoring early:

"Regardless of whether you wrote it or your AI agent wrote it -- you are responsible for all code you ship."

Using MCP tools, Claude Code, Cursor, or any AI agent doesn't transfer accountability. The best developers take personal responsibility for everything they ship, regardless of origin. For low-stakes utilities, a quick scan is enough. For critical systems -- auth, billing, data mutations -- give it real review.

Lab -- Your Mental Model Check

Before writing any code, let's make sure the core distinction is clear. Run this and read the output:

JavaScript · Live Editor
Loading editor...
✅ The fundamental contract: The LLM is the router. Your MCP tool is the executor. The LLM picks which tool and what inputs. Your code decides what happens. This separation is what makes MCP systems reliable.

Key Takeaways

  • MCP = standard protocol for giving LLMs access to external tools, data, and instructions
  • Three primitives: Tools (LLM calls them), Resources (user pushes them), Prompts (user triggers them)
  • You define the boundaries -- LLMs can only do what you expose through your MCP server
  • Not the same as agents -- MCP augments a single LLM with tools; a true agent is a network of LLMs
  • You own everything shipped -- AI-generated code is still your responsibility

What's Next

Time to see the clients that consume MCP servers -- Claude Desktop, Tome, and how Ollama lets you run models locally with zero API costs.

Keep reading

Your First MCP Server

8 min read

JSON-RPC in MCP

8 min read

Connecting Your MCP Server to Claude Desktop

7 min read
Back to seriesIntroductionNext MCP Clients & Running Models Locally