12 Comments
User's avatar
Michał Trojanowski's avatar

Thanks for the post, it describes the problems of MCP and agents really well. Personally, I don't quite understand why people are so excited by this, knowing that there are such issues with working with agents and MCP — not only usability issues but the security ones.

I think that the problem you describe in "MCP assumes tools are assistant agnostic and handle retrieval" practically renders AI agents useless for now. On one hand, we say that LLMs give us the universal interface, where we can tell the agent in plain human language what needs to be done. On the other hand, you say that we need to tailor prompts both to the MCP tools in use and to the LLM, which basically means that I need to learn from scratch how to operate the agent. I already know how to operate the browser and post on a LInkedIn. What benefit do I get from learning another tool that does the same?

Expand full comment
Shrivu Shankar's avatar

Ironically, as the author writing about everything wrong with it, I'm pretty excited about this. Not what exists now but what I expect to be able to do as the standard, applications, and models mature.

> practically renders AI agents useless for now...What benefit do I get from learning another tool that does the same

In terms of my own uses cases, I'm often approaching it from the mindset of not "here's all the reasons it can't do xyz like me" and more so "how can I change my workflow to make it stable enough for an LLM to do it instead so I can do other things". I think that's also huge "catch" to all the AI hype which makes it seems like AI is going to do all these magical things out of the box. It doesn't and yet AI writes most of my code nowadays (at work!) and automates a lot of the other less interesting day to day things. I can just do a lot more in less time and I expect this to only expand over time -- that's pretty exciting to me.

Expand full comment
alex's avatar

its true that MCP is not great. similarly, HTTP was worse more at begin, but ruled the web.

Expand full comment
Nikhil Maddirala's avatar

Great post!

> I think Google’s new Agent2Agent protocol might solve a lot of these but that’s for a separate post.

Looking forward to this! 😊

Expand full comment
Alfred Lua's avatar

Thanks for writing this, Shrivu! I have been exploring MCP recently and am aware of some of the risks with using MCP servers but I learned many more from your article. You mentioned you use "an assistant connected to an MCP server literally every day". Curious, which MCP server is that?

Expand full comment
Shrivu Shankar's avatar

Thanks! It's all custom ones which allow me to plugin specialized tools into existing apps like Cursor and Claude Desktop.

We'll have a post soon (~2 weeks) on my work eng blog going through how it works and what specifically we do with our internal MCP server: https://abnormalsecurity.com/blog

Expand full comment
Alfred Lua's avatar

Ah got it. Will keep an eye out for it!

Expand full comment
Ben's avatar

There is so much talk about MCP at the moment. I've been pull in this topic recently and tried a few servers but have found the experience quite confusing. Most of my attempts either didn't work or didn't add much value. Is MCP just a "trendy new thing" or will it really become a new standard and a breakthrough in AI usage?

What are some real world use cases where MCP truly shine and add value in your day-to-day AI usage?

Expand full comment
Shrivu Shankar's avatar

There's definitely a long way to go for MCP to extend from the experimental power users to folks wanting something to work right out the box. I think it can both be a pretty fundamental protocol while also being extremely over hyped as a "trendy new thing" which ends up being the case with a lot of AI technologies.

I personally don't code without my Cursor MCP which integrate some other dev dbs (jira, github, etc) along with some refactor power tools. Expect the bring-your-own-tools paradigm will likely continue to gain popularity as more folks use agents in their day to day and want to connect things up.

related: https://abnormal.ai/blog/abnormal-accelerates-developer-velocity-with-mcp

Expand full comment
anghunk's avatar

MCP is still in its early stages of development, and I believe it will be a breakthrough point in the field of AI.

Expand full comment
Tylney Taylor's avatar

When I see MCP I see Trons MCP

Expand full comment
olivier refalo's avatar

Excellent article.

I considered discussing how HTTP, REST/JSON, and GraphQL also lack built-in security, but you went beyond just the basics.

IMHO, the risk is comparable to adding an IDE plugin or an code dependency (npm, maven..etc). Personally, I believe an proofed MCP ecosystem is lacking.

Expand full comment