Skip to main content

MCP Toolkit — Reality, Dream, Bridge

Which MCP is commissioned for this job, and which visible connector is only environmental noise?

The MCP Toolkit separates observed connector reality from the desired operating model. Agents can inspect, classify, and explain MCP state. Humans own host-level credentials, permissions, and cleanup.

Reality Layers

Project-declared:

  • connectors named by the current project.
  • agent move: prefer these when they fit the job.

Host-visible:

  • connectors exposed by the local host, browser, plugins, or cache.
  • agent move: treat visibility as evidence, not permission.

Runtime state:

  • auth, proxy, timeout, tab, or permission state at execution time.
  • agent move: report the condition and choose a smaller path when possible.

Classification

Keep:

  • commissioned, working, scoped, and better than a command-line path.

Auth:

  • useful, but blocked on human-owned credentials or consent.

Defer:

  • potentially useful, but not needed for this loop.

Disable:

  • no named job, stale, noisy, or too broad for the value returned.

Replace with command:

  • a deterministic command is cheaper, clearer, and sufficient.

Checks

  • The connector has a named job.
  • The trust level is visible.
  • The auth owner is visible.
  • The read and write scope is visible.
  • Proof shows the connector works.
  • A kill switch or disable path exists.

Failure Modes

  • Visibility equals permission — the agent uses a connector because it can see it.
  • Auth drift — credentials fail and the agent tries to repair human-owned state.
  • Novelty shelf — tools stay enabled without a job.
  • Token drag — unused connectors increase context and risk.

Context

  • depends-on DDL Nomenclature — connector jobs and trust states need canonical language.
  • risk-governed-by Delegation — host remediation belongs behind human authority.
  • applies-to Agent Operating Model — tools must sit inside intent, authority, action, and receipt.
  • proved-by Performance — a connector earns its place through better outcome or lower cost.

Questions

Which visible connector deserves to stay commissioned?

  • What job does it do?
  • Who owns auth?
  • What can it read?
  • What can it write?
  • What proof shows it earns its cost?