MCP: An (Accidentally) Universal Plugin System

Original Article ↗ Hacker News Discussion ↗

What MCP Actually Adds

  • Many see MCP as “just APIs” with one key twist: a built‑in, mandatory discovery mechanism (list-tools) plus schemas and human‑readable descriptions.
  • Clients can enumerate tools, see JSON schemas for parameters (and now outputs), and call them through a uniform envelope, regardless of underlying transport (stdio, SSE, HTTP).
  • This makes runtime introspection and generic tooling easier, especially for LLMs, but also for human users or custom clients.

Continuities with Existing Standards

  • Multiple commenters note strong parallels to REST+OpenAPI, SOAP/WSDL, CORBA, gRPC reflection, GraphQL introspection, COM/ActiveX/OLE Automation, ARexx, AppleScript, Winsock, etc.
  • MCP is often described as a JSON‑RPC flavored redo of earlier IDL/self‑describing systems, with less formality and more natural‑language documentation.
  • Some argue the only genuinely new ingredient is the LLM‑driven demand, not the protocol itself.

Dependence on LLMs vs “Just APIs”

  • There’s tension over whether MCP is useful without AI. Critics say: without an LLM to interpret tool docs and free‑form outputs, MCP collapses to a weaker, unstable API.
  • Supporters argue you can still treat tools like any other functions: discover them once, then call them directly, or let users choose tools at runtime.
  • Others point out a practical problem: MCP servers assume AI clients and may change schemas and outputs freely, making hard‑coded, non‑LLM integrations brittle.

Hype, History, and Business Incentives

  • Several commenters see MCP hype as analogous to Web 2.0 mashups, semantic web, SOAP, GraphQL, blockchain, etc.: a recurring “universal interoperability” boom likely followed by lock‑in and paid access.
  • Others argue AI agents genuinely increase pressure for standardized, user‑level APIs (e.g., for Slack, Jira, email, calendars), at least temporarily.
  • There’s speculation about future “MCP app stores,” paid MCP endpoints, and big vendors using MCP primarily to deepen their own ecosystems or monopolize “model access.”

Security, Complexity, and Practical Concerns

  • Serious worries around security: LLMs calling arbitrary tools that themselves fetch and execute untrusted content is likened to pre‑sandboxed browsers or JS with no origin boundaries.
  • Enterprise‑scale APIs with hundreds of endpoints remain hard to expose meaningfully; MCP doesn’t remove underlying domain complexity.
  • Implementation reports are mixed: libraries make simple tools easy, but integrating real backends, IAM, and bidirectional messaging is described as non‑trivial, with documentation called confusing or incomplete.

Current Usage and Potential

  • Despite skepticism, some are already using MCP for audit‑log querying, government data, mapping APIs, Slack scraping, RSS workflows, and local filesystem access.
  • Advocates highlight a lower barrier for non‑technical users and see MCP+LLMs as a plausible threat to low‑code orchestration tools like Zapier or IFTTT.