MCP Server

MCP servers wrap concrete services such as databases, ticketing systems, code repositories, and SaaS APIs. An agent connects to one or more MCP servers, discovers the tools each advertises, and calls them as part of its plan.

MCP servers expose three primitives:

• Tools: Callable actions the agent can invoke with structured arguments.
• Resources: Read-only data such as documents, search results, or schemas.
• Prompts: Reusable templates the agent loads to shape its behavior.
• Transports: STDIO, HTTP, or SSE channels over which the server communicates.
• Metadata: Names, descriptions, and schemas the agent uses to choose tools.

Because servers are easy to write and easy to deploy, the MCP ecosystem includes both rigorously maintained services and one-off scripts. Treating each server as a first-class component, with provenance, ownership, and risk score, is the practical foundation of MCP security.

Server-level inventory is also the place where supply chain risk decisions are most actionable, because the server is the smallest unit that organizations realistically approve or deny.

How PointGuard AI Helps

PointGuard's MCP Security Gateway inventories every MCP server, validates its identity, and enforces tool-level authorization on every invocation, while AI Discovery continuously surfaces newly stood-up MCP servers across cloud and developer environments. The combined view ensures no server is in use longer than its risk posture justifies.

Learn More

• Wikipedia: Model Context Protocol
• OWASP Top 10 for Agentic Applications
• Anthropic: Model Context Protocol Specification (specification document)