How It Works4-layer execution boundary
Proving GroundLive interactive demo
ArchitectureDeep technical dive
WhitepaperThe official PDF thesis
New
Protocol (EAAP)Open protocol spec
IntegrationsMCP, ChatGPT, REST API
Code AnalyzerCheck your code risk
New
Use CasesFinTech, Healthcare, SaaS, Legal
SOC 2 Audit TrailsAI Agent Compliance
Stop AI SQL InjectionDatabase Governance
Compare ToolsExogram vs 18 alternatives
vs Guardrails AIAction Filtering vs Execution
vs LangChainOrchestration vs Control
Trust CenterCompliance & Security
API ReferenceREST API endpoints
CLI ReferenceTerminal commands
New
MCP SetupClaude Desktop integration
Docs HubAll documentation
Glossary52 AI governance terms
52
Learning HubGuides & deep-dives
BlogLatest posts & insights
Failure CasesReal AI agent failures
RFC-0001Full protocol spec
PricingGetting Started
Log inGet Started Free →

What Is MCP (Model Context Protocol)?

Anthropic's open standard for AI tool use — and why it needs governance.

Model Context Protocol (MCP) is an open protocol developed by Anthropic that standardizes how AI models connect to external data sources and tools. MCP provides a universal interface — rather than building custom integrations for each tool, developers implement one protocol. MCP servers expose capabilities; MCP clients (AI models) consume them.

How MCP Works

MCP defines a client-server architecture: MCP Servers expose tools, resources, and prompts through a standardized API. MCP Clients (AI models like Claude) discover and invoke these capabilities. The protocol handles authentication, capability discovery, and structured communication. A single MCP server can be used by any MCP-compatible model. A single model can connect to multiple MCP servers simultaneously.

The Security Challenge

MCP standardizes tool access, which also standardizes the attack surface. Every MCP server an agent connects to is a potential target for: unauthorized tool access, data exfiltration via tool calls, prompt injection through retrieved context, and privilege escalation through tool chaining. MCP provides the connection protocol. It does not provide governance over what actions are taken through those connections.

MCP + Exogram

Exogram ships a native MCP server that integrates directly with Claude Desktop and any MCP-compatible client. Every tool call that passes through the MCP server is evaluated by the deterministic policy engine before execution. This provides: schema validation for MCP tool calls, boundary control for MCP actions, loop protection for MCP-driven workflows, and full audit trail of every MCP interaction. The protocol provides the connection. Exogram provides the governance.

Beyond MCP: Universal Tool Governance

MCP is one protocol among many. OpenAI uses function calling. Anthropic uses tool use. Google uses function calling. Custom agents use REST APIs. Exogram governs all of them through the same execution boundary — one governance layer, every protocol, every framework, every model.

Frequently Asked Questions

Is MCP only for Claude?

No. MCP is an open protocol that any model can implement. While Anthropic developed it for Claude, MCP servers are model-agnostic — any MCP client can connect to any MCP server.

Does Exogram require MCP?

No. Exogram works with any tool-use mechanism — MCP, OpenAI function calling, Anthropic tool use, REST APIs, and custom integrations. MCP is one supported protocol, not a requirement.

How do I set up Exogram with MCP?

Exogram ships a native MCP server. Add it to your MCP client configuration (Claude Desktop, etc.) and every tool call is automatically governed by the deterministic policy engine. See the integration guide at /integrations/mcp.

Try the Proving GroundAI Governance Glossary →