In November 2024, Anthropic open-sourced a small spec called the Model Context Protocol. Eighteen months later, OpenAI, Google DeepMind, and Microsoft have all shipped first-party support for it. That's not a typical adoption curve for a vendor-born standard.
For developers who spend their weekends wiring Claude or GPT into Notion, Postgres, or a custom CRM, MCP is the thing that finally killed the bespoke integration treadmill. And for operators running lean AI businesses, it's quietly reshaping what one person can build in a weekend.
What MCP actually is (without the marketing)
Model Context Protocol is an open specification that defines how AI applications talk to external data sources and tools. Think of it as a shared socket. Instead of writing custom glue code every time you want Claude to read your Linear tickets or query a Snowflake warehouse, you point it at an MCP server and it just works.
Anthropic describes it as "a universal standard for connecting AI systems with data sources." The USB-C analogy gets thrown around a lot, and for once it fits. One protocol. Many clients. Many servers. No more N-times-M integration nightmare.
The spec covers three primitives: resources (data the model can read), tools (functions the model can call), and prompts (reusable templates). It runs over JSON-RPC and supports both local stdio transport and remote HTTP with SSE.
Why developers stopped scrolling past it
The honest answer: because it saved them time on day one.
Before MCP, hooking an LLM to a new data source meant writing a function-calling schema, handling auth, building a retrieval layer, and praying the next model release didn't break your prompt. Every integration was a small project. Multiply that by ten internal tools and you have a maintenance burden no solo founder wants.
With MCP, the integration lives once, in a server. Any MCP-compatible client—Claude Desktop, Cursor, Zed, Windsurf, Continue, and now ChatGPT's desktop app—can use it. The community has already published hundreds of open-source servers covering GitHub, Slack, Stripe, Postgres, Google Drive, and Brave Search, among others.
MCP vs. traditional function calling
| Capability | Function calling | MCP |
|---|---|---|
| Vendor lock-in | High (per-model schema) | None (open spec) |
| Reusable across clients | No | Yes |
| Local + remote transport | Remote only | Both |
| Discovery of tools at runtime | Manual | Built-in |
| Setup time for a new source | Hours to days | Minutes if a server exists |
What this unlocks for operators and indie hackers
If you sell AI-powered services, MCP changes your unit economics. A freelance automation builder charging $2,500 to integrate a client's internal tools with Claude used to spend a week on plumbing. Now most of that week is configuration, not code.
A few patterns showing up in the wild:
- Internal copilots for SMBs. Connect Claude to QuickBooks, Gmail, and a Postgres CRM through existing MCP servers. Charge for the assembly and the prompts, not the plumbing.
- Vertical agents. Real estate, law, and accounting micro-SaaS products are shipping with two or three MCP servers bundled in.
- Personal productivity stacks. Developers are running local MCP servers against Obsidian, Apple Notes, and their own shell history, turning Claude Desktop into a true second brain.
Claude Pro and Team plans ($20 and $30 per user per month respectively, per Anthropic's pricing page) include MCP support in Claude Desktop. The API charges normal token rates—MCP itself adds no extra cost.
How to start using MCP this week
- Install Claude Desktop (free) or a compatible client like Cursor ($20/month).
- Browse the official server registry at modelcontextprotocol.io and pick one—filesystem is the easiest first win.
- Edit your client's config file to register the server (it's a small JSON block; Anthropic's docs walk through it).
- Restart the client and ask Claude to read or modify a file in the directory you exposed.
- Once that clicks, add a second server—Postgres or GitHub are good next steps.
- When you hit a gap, fork an existing server. The TypeScript and Python SDKs make custom servers a few-hundred-line affair.
The risks worth naming
MCP is still young. The spec is evolving, auth patterns for remote servers are improving but not yet bulletproof, and prompt injection through compromised data sources remains a real concern. Anthropic published security guidance in 2025 recommending sandboxing untrusted servers and reviewing tool calls before execution. Take it seriously.
There's also the standard open-standard risk: a protocol that everyone supports is a protocol no one fully owns, which can mean slow movement on contentious features. So far, governance through the MCP working group has been functional but not fast.