Jump to section
An AI assistant that only talks is nice but limited. You ask it about a bug and it guesses, because it can't see your code, your logs, or your tickets. MCP (Model Context Protocol) changes that — it's a standard way to connect an agent to your team's real tools and data. Instead of an assistant that chats, you get an agent that can act.
What MCP is and why it exists
MCP is an open protocol that defines how an AI assistant talks to external tools and data sources. Think of it as USB-C for AI: one standard through which an agent connects to a repo, docs, a ticketing system, a database, or monitoring. Without MCP, every tool had to write a custom integration for every assistant. With MCP, you write a server once and any MCP-compatible client can use it.
The architecture is simple. On one side is the client (Claude Code, Cursor, your IDE, or a desktop assistant), on the other an MCP server that exposes specific capabilities. A server offers three kinds of things: tools (actions the agent can take), resources (data it can read), and prompts (prepared templates). At startup the agent asks for the list of available tools, then calls them as needed.
- Tools — actions: 'create a ticket', 'run a query', 'restart a deployment'
- Resources — data to read: files, DB rows, documentation content
- Prompts — templates: prepared workflows the team shares
- Key idea: the agent sees nothing the server doesn't explicitly expose
Why this is a real difference for a dev team
The gap between 'an agent that chats' and 'an agent that acts' is the same as between a colleague on the phone and a colleague at your monitor. An agent without context gives generic advice. An agent with MCP access reads the actual ticket, looks at the log, checks the database schema, and proposes a fix that matches your real state — not the average of the internet.
A typical moment where MCP pays off: a production alert fires. Without MCP you paste the stack trace into chat and the agent guesses. With MCP the agent reads the log itself, finds the related commit, identifies which deployment broke it, and writes a summary — all from one prompt.
Real use cases for a dev team
Context from Jira / Linear
The most common first step. The agent connects to ticketing and reads the task straight from the source — description, comments, acceptance criteria. Instead of 'implement PROJ-431' (where the agent has no idea what that is), you get an agent that pulls the ticket, understands the requirement, and starts working. Add write access (creating and updating tickets) later, carefully.
Read-only database queries
Extremely useful and equally risky — hence read-only. The agent can discover the schema itself, count how many rows a table has, verify a migration went through. Never give an agent write access to a production database. Use a read-only replica or a dedicated DB user scoped to SELECT only.
Reading logs and monitoring
An agent wired into logs (Sentry, Grafana, ELK) can correlate an error with the deployment timeline and find the likely cause. This is where the value shows most: debugging that would take you 20 minutes of clicking through dashboards, the agent does in a few seconds of reading.
Searching internal documentation
Confluence, Notion, an internal wiki. An agent that can search your ADRs (architecture decision records) and runbooks stops inventing conventions and starts following yours. That's the difference between code you have to rewrite and code that fits the project.
How to get started
You don't have to build anything from scratch. Most major tools already ship an official MCP server — GitHub, Sentry, Linear, Notion, Slack, plenty of databases. You start by adding the server to your client's config and setting up credentials (typically via OAuth or an API token in an environment variable).
// Example: configuring MCP servers for a client
// (e.g. .mcp.json in your project)
{
"mcpServers": {
"github": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-github"],
"env": { "GITHUB_TOKEN": "${GITHUB_TOKEN}" }
},
"postgres-readonly": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-postgres"],
"env": { "DATABASE_URL": "${READONLY_DB_URL}" }
}
}
}A practical approach: start with one read-only server (docs or logs, say), confirm the agent understands what it has available, and only then add more. Don't wire up ten servers at once — the agent gets lost in too many tools and you lose track of where it can actually reach.
Share the MCP config in the repo (e.g. .mcp.json), but never the tokens. Reference environment variables, and handle secrets through your existing secret manager. That way the whole team has the same tools, but each person keeps their own permissions.
Security and governance
This is where a toy separates from a production deployment. An MCP server runs with the permissions you give it — and the agent can do anything through it that the server allows. So treat it like any other system access, not like a harmless AI feature.
- Scope minimally — each server gets only the permissions it genuinely needs
- Read vs write — start read-only; turn on write actions deliberately, one at a time
- Secrets — never in the prompt or the config; only via a secret manager and env vars
- Audit — log which tools the agent called and with what parameters
- Human-in-the-loop — require confirmation for destructive actions (delete, deploy, DB write)
Golden rule: an agent should not have broader access through MCP than a junior would in their first week. If you wouldn't give a junior write access to the production DB, don't give it to the agent either. MCP doesn't change security principles — it just increases the speed at which a mistake plays out.
Where to start in practice
Don't start with the most ambitious scenario. Pick one pain the team hits daily — pulling context from tickets, or reading logs during an incident — and put one read-only MCP server on it. Prove the value on real work, earn the team's trust, and only then expand to write actions and more systems.
MCP won't turn a mediocre agent into a miracle. It turns it into a team member who sees what you see — and that's most of the difference between advice from an outsider and a solution from a colleague.
Within a few weeks you'll find the most value doesn't come from the mightiest integrations, but from the most boring ones: read the ticket, look at the log, find it in the docs. Exactly what you'd otherwise be clicking through yourself.
Karel Čech
Developer and AI consultant. I help technical teams adopt AI in their daily workflow — from workshops to long-term strategies.
LinkedIn →Stay ahead with AI insights
Practical tips on AI for dev teams. No spam, unsubscribe anytime.
Liked this post? Dive deeper with our course:
Related posts
Local LLMs on your own hardware: a practical 2026 guide
Open-weight models have matured enough that they often just work for everyday dev tasks. No token bill, no code leaving for a vendor. Here's when self-hosting makes sense — and when it doesn't.
AI agents write code, review PRs, and deploy: what's happening in March 2026
Autonomous agents in your terminal, durable workflows, MCP as USB for AI, and vibe coding as a legitimate method. A look at what's actually changing the game right now.
AI Agents in 2026: What Changed and How Developers Use Them
From chat to autonomous agents. 55% of developers regularly use AI agents. What this means for your workflow and how to get started.
Ready to start?
Start a free course or explore training options for your team.
Book a free consultation