M Awesome MCP

MCP Specification

About the Specification

The Model Context Protocol (MCP) specification defines the authoritative protocol requirements for enabling seamless integration between LLM applications and external data sources and tools. Whether you're building an AI-powered IDE, enhancing a chat interface, or creating custom AI workflows, MCP provides a standardized way to connect LLMs with the context they need.

Key Protocol Details

Base Protocol

  • JSON-RPC message format
  • Stateful connections
  • Server and client capability negotiation

Features

Servers offer any of the following features to clients:

  • Resources: Context and data, for the user or the AI model to use
  • Prompts: Templated messages and workflows for users
  • Tools: Functions for the AI model to execute

Clients may offer the following feature to servers:

  • Sampling: Server-initiated agentic behaviors and recursive LLM interactions

Additional Utilities

Configuration
Progress tracking
Cancellation
Error reporting
Logging

Security and Trust & Safety

The Model Context Protocol enables powerful capabilities through arbitrary data access and code execution paths. With this power comes important security and trust considerations that all implementors must carefully address.

Key Principles

User Consent and Control
  • Users must explicitly consent to and understand all data access and operations
  • Users must retain control over what data is shared and what actions are taken
  • Implementors should provide clear UIs for reviewing and authorizing activities
Data Privacy
  • Hosts must obtain explicit user consent before exposing user data to servers
  • Hosts must not transmit resource data elsewhere without user consent
  • User data should be protected with appropriate access controls
Tool Safety
  • Tools represent arbitrary code execution and must be treated with appropriate caution
  • Hosts must obtain explicit user consent before invoking any tool
  • Users should understand what each tool does before authorizing its use
LLM Sampling Controls
  • Users must explicitly approve any LLM sampling requests
  • Users should control whether sampling occurs, the actual prompt, and what results the server can see
  • The protocol intentionally limits server visibility into prompts

For the full specification documentation, visit the official MCP specification .