MCP servers

An MCP server is how your site offers tools to agents instead of forcing them to scrape it. Here is what it is, what to expose first, and how to keep it safe.

Back to the MCP guide

An MCP server exposes a menu of tools an AI agent can read and call. Each tool says, in plain language, what it does, what it needs, and what it returns. The agent picks from the menu. Usually the server sits in front of an API you already have, translating it into something an agent that has never met you can use.

This is the action layer of agent legibility. Being cited gets you mentioned. Exposing tools gets you used.

What to expose first

  • Search your catalog or knowledge base
  • Get current pricing or a quote
  • Check availability or inventory
  • Retrieve a document, spec, or policy
  • Start a booking or an order, once auth is solid

Lead with high-value, low-risk reads. Add writes and transactions once authentication and scoping are tight.

Security, in one breath

Authenticate callers, grant the least access a tool needs, rate-limit, and treat all agent input as untrusted. Done right, MCP is safer than letting agents scrape, because you define exactly what they can and cannot do. For the browser side of this, see WebMCP, and for the commerce angle, agentic commerce.

MCP servers, answered

What is an MCP server?
An MCP server is a small service that exposes a set of tools to AI agents through the Model Context Protocol. Each tool is described in natural language the model can understand, with its inputs and outputs, so an agent can discover and call it without custom integration code. It typically sits in front of your existing API or data.
What should a brand expose through MCP?
Start with your highest-value, low-risk actions: search your catalog, get pricing, check availability, retrieve a document, or start a quote. Expose the things an agent would want to do on a customer's behalf, and hold back anything sensitive until you have the auth and scoping right.
Is building an MCP server hard?
If you already have an API, wrapping a few key endpoints as MCP tools is a modest project, not a rebuild. The work is less about code volume and more about describing each tool clearly and deciding what to expose, to whom, with what limits.

Read the agent legibility framework

⋅ View this page as Markdown for AI agents