MCP (Model Context Protocol)

What Is MCP (Model Context Protocol)?

Introduction

AI tools like Claude Code, Cursor, OpenClaw, and Windsurf are quickly becoming part of everyday development workflows.

They can write code, deploy infrastructure, automate tasks, and interact with services. But until recently, these tools had a major limitation: they couldn’t easily connect to external systems.

They couldn’t access:

  • databases
  • APIs
  • internal tools
  • password managers
  • company data sources

Every integration had to be built separately for each AI tool.

That’s the problem Model Context Protocol (MCP) solves.

TL;DR

Model Context Protocol (MCP) is an open standard that allows AI tools to connect to external services through a unified interface.

Instead of building separate integrations for every AI client, developers can create one MCP server that works across multiple AI tools like Claude Code, Cursor, OpenClaw, and others.

The problem MCP solves

AI agents are powerful reasoning systems, but they operate in isolation.

Out of the box, they can:

  • analyze code
  • generate text
  • answer questions
  • plan workflows

But they don’t know anything about your environment.

They can’t access:

  • your databases
  • your infrastructure
  • your internal tools
  • your credentials

Before MCP, connecting an AI tool to external services required custom plugins or APIs for each platform.

For example, an integration built for one AI tool would not work for another. Every ecosystem had its own plugin system, configuration format, and API structure.

This fragmentation slowed down the development of AI-powered workflows.

How MCP works

MCP uses a client–server architecture.

There are two main components.

MCP client

The AI tool you interact with.

Examples include:

  • Claude Code
  • Cursor
  • OpenClaw
  • Windsurf
  • Claude Cowork

The client is responsible for deciding when to call tools during a conversation.

MCP server

A small program that exposes tools to the AI client.

Each MCP server defines capabilities such as:

  • retrieving credentials
  • querying a database
  • accessing files
  • calling APIs
  • performing system actions

When the AI client connects to the server, it automatically discovers the available tools.

The agent can then call those tools whenever needed.

Example: connecting an AI agent to a password manager

One practical example of MCP is connecting an AI agent to a password manager.

For instance, passwd-mcp is an MCP server that allows AI agents to interact with a Passwd vault.

The server exposes tools like:

Tool Function
list_secrets Search the vault
get_secret Retrieve credentials
create_secret Store new passwords or API keys
get_totp_code Generate a two-factor authentication code
share_secret Create or revoke a share link

Once connected, the AI agent can retrieve credentials as part of its workflow.

For example, during a deployment the agent might:

  1. search the vault for the database credentials
  2. retrieve the password
  3. use the credential during deployment

All without leaving the conversation.

Which AI tools support MCP?

MCP adoption has grown rapidly.

Major tools that support MCP include:

  • Claude Code
  • Cursor
  • OpenClaw
  • Windsurf
  • Claude Cowork
  • Continue

Because MCP is an open standard, any AI client can implement it.

This means integrations built once can work across multiple tools.

Types of MCP servers

Developers are already building MCP servers for many different use cases.

Examples include:

Password managers

Allow AI agents to retrieve credentials and generate authentication codes.

Databases

Enable agents to query tables and inspect schemas.

File systems

Let agents read and search local files.

APIs

Expose company services or external APIs.

Dev tools

Integrate CI/CD systems, Git repositories, or deployment pipelines.

The MCP ecosystem is growing quickly because creating an MCP server is relatively simple.

Why MCP matters for teams

For individual developers, MCP allows AI tools to interact with the systems they already use.

For teams, the benefits are larger.

One integration works everywhere

Instead of building separate integrations for every AI tool, developers can build one MCP server.

That server works across any compatible AI client.

Consistent access control

MCP servers typically rely on existing authentication systems such as OAuth or API keys.

The AI agent operates using the same permissions as the user.

Local execution

Most MCP servers run locally on the user’s machine.

Data flows directly between the tool and the service — not through the AI provider.

Security considerations

Because MCP servers can access sensitive systems, security is important.

Best practices include:

  • running MCP servers locally
  • enforcing encrypted connections
  • using existing authentication models
  • limiting access based on user permissions

Well-designed MCP servers act as a controlled interface between AI agents and external systems.

Getting started with MCP

If you want to try MCP with a real-world tool, passwd-mcp connects AI agents to a Passwd password vault.

After installation, agents can:

  • retrieve credentials
  • generate TOTP codes
  • create new secrets
  • share credentials securely

All directly from their workflow.

Key takeaways

  • MCP is an open standard for connecting AI tools to external services
  • It allows one integration to work across multiple AI clients
  • MCP servers expose tools that agents can call during conversations
  • The ecosystem is growing quickly as AI workflows become more common