Skip to content

model_context_protocol

Directory actions

More options

Directory actions

More options

Latest commit

 

History

History

model_context_protocol

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
basic_server_example.py
basic_server_example.py
 
 
model-context-protocol-1.png
model-context-protocol-1.png
 
 
server.py
server.py
 
 

README.md

Model Context Protocol

General

  • serves as standard way of comunicating LLMs with external world, like data sources and stuff
  • introduced by Anthropic as open standard

Protocol

  • uses standard RPC under the hood, specifically JSON-RPC 2.0, example messages:
    • Requests
interface Request {
    method: string; 
}
  • Errors
interface Error {
    code: number;
    message: string;
    data?: unknown;
}
  • core concepts include:
    • Server -> provide context, tools, prompts, etc. to clients
    • Client -> maintain 1:1 conntection with servers, inside the host app
    • Host -> LLM application initiating connections

Architecture

architecture

Design

  • servers should be extremely easy to build
  • servers should be highly composable
  • servers should not be able to read the whole conversation, nor see into other servers
  • features can be added to servers and clients progressively

Security

  • need to be careful with MCP security, because servers have quite vast capabilities
  • ... so RCEs and similar problems may be present
  • confused deputy problem
    • a malicious program may trick other program with higher privileges to abuse it's authority in the system
    • ... so a subclass of privilege escalation attacks
    • originaly, it was a compiler which had write permission to certain system directory, which also contained important data, thus by feeding the compiler specific payload (language to compile) malicious actor was able to overwrite certain data in system directory

References