Governed Model Context Protocol (MCP)
The AI OS uses the Model Context Protocol to connect agents to tools, data, and systems through one standard interface — but every MCP tool call runs under scoped identity, policy, and audit, so the openness of MCP never becomes an open door.
One Standard Interface
MCP connects agents to tools, data, and systems through a single open protocol — instead of brittle, bespoke integrations per system.
Every Call Governed
Each MCP tool call runs under a scoped identity, is authorised by policy-as-code, and is captured in an immutable audit trail.
MCP Security Built In
Zero-trust, DLP, and least-privilege scoping address the MCP risks agencies like the NSA have flagged — no unauthenticated, over-broad tool access.
The Model Context Protocol (MCP) is an open standard that lets AI agents connect to tools, data, and systems through a single, consistent interface. The AI OS uses MCP to integrate agents with enterprise tools — but governs every call: each MCP tool invocation runs under a scoped identity, is authorised by policy-as-code, and is captured in an immutable audit trail, inside a zero-trust perimeter with DLP. MCP gives agents reach; the AI OS makes that reach safe.
The Model Context Protocol has quickly become the common way to connect AI agents to the tools and data they need, replacing a tangle of bespoke integrations with one standard. But a standard that lets agents reach anything is also a new attack surface — security researchers and agencies, including the NSA, have flagged MCP security risks such as unauthenticated servers, over-broad tool permissions, and prompt-injection through tool responses. Scrydon's answer is governed MCP: agents get the reach of the protocol, but every tool call runs under scoped identity, policy, and audit, inside a zero-trust perimeter with data loss prevention — so MCP's openness never becomes an open door.
Model Context Protocol (MCP) in the Scrydon platform
One integrated, sovereign architecture. Here is where Model Context Protocol (MCP) sits — highlighted against the full stack it works with.
The AI OS for Humans & AI Agents to enable your processes
df.plot.bar()
Link your processes, knowledge & data to ontologies.
Unified storage, structured compute, and secure multi-modal data processing.
Autonomous operatives with specialised skills executing tasks across systems.
Sovereign pipelines, federated APIs, and seamless connector meshes.
Secure domain federation, trusted data sharing, and cross-boundary intelligence.
Open protocol, closed perimeter
The AI OS uses MCP to give agents reach across tools and systems, then wraps every interaction in the platform's governance. An agent calls a tool through MCP exactly as the standard intends — but the platform decides, on every call, whether that identity is allowed to make it, screens what flows through, and records it. Reach and control are not in tension; both are enforced at once.
Standard MCP integration — Connect agents to tools, data, and systems through the open Model Context Protocol — one interface, not bespoke connectors.
Scoped identity per call — Every MCP tool call runs under a least-privilege identity, so an agent can only reach what it is explicitly authorised to.
Policy-as-code authorisation — A single policy decision point authorises each tool call across the app- and data-planes, fail-closed by default.
DLP and audit — Data loss prevention screens what passes through tool calls, and every invocation is logged immutably with actor and IP context.
Call MCP servers from inside your AI agent workflows
The AI OS lets agents in your governed agentic AI workflows call MCP servers as workflow steps — connecting to tools, systems, and data over the open Model Context Protocol. Every MCP tool call runs under the agent's scoped identity, is checked against policy, screened by DLP, and captured in the audit trail, and stays inside your perimeter. So you get the openness and reach of MCP without giving up governance or sovereignty.
Tools as workflow steps — Agents invoke MCP servers mid-workflow to act on real systems, data, and tools.
Governed every call — Each call runs under scoped identity, policy-as-code, DLP, and immutable audit.
Inside your perimeter — Connect to MCP servers you control, from air-gapped to cloud, with nothing leaving your control.
Orchestrated by the AI OS — MCP calls are composed alongside other agents, systems, and humans in the same governed workflow.
MCP's reach needs MCP security
MCP is powerful precisely because it lets agents reach almost anything — which is also why it is risky. Researchers and national agencies, including the NSA, have warned that MCP servers can be unauthenticated, that tools are often granted over-broad permissions, and that prompt injection can travel through tool responses. Ungoverned, MCP becomes an open door into your systems. The AI OS closes it: zero-trust scoping, policy-as-code, DLP, and immutable audit on every tool call mean agents keep the protocol's reach while you keep control of what they can actually do.
Frequently asked questions
What is the Model Context Protocol (MCP)?+
How does the AI OS use MCP?+
Is MCP secure?+
What MCP security risks has the NSA flagged?+
How is every MCP tool call governed?+
Explore the platform
Email us
Prefer to write? Email hello [at] scrydon.com and we will get back to you.
Partners
Building the future of Data & AI together with leading innovators. Learn more .
