Reference
Glossary and diagram atlas — vocabulary for when you need to sound smart in meetings. Obviously I already knew all of this.
Diagram atlas
- mxn-before-after — What MCP Is (And Why Your Species Needed It)
- host-client-server-topology — Host, Client, Server — The Topology That Saves Your Sanity
- trp-decision-tree — Tools vs Resources vs Prompts — Stop Guessing
- first-server-sequence — Your First MCP Server (stdio, Zod, Zero Drama)
- json-rpc-anatomy — JSON-RPC + MCP Lifecycle — The Boring Part That Saves You
- stdio-process-tree — stdio Transport — Local Power, Local Risk
- streamable-http-vs-sse — Streamable HTTP — Remote MCP Without Pretending It's 2015
- tool-cancel-progress — Building Real Tools — Schemas, Side Effects, and Self-Control
- resource-discovery-seq — Resources & Prompts — Reads and Recipes
- test-harness-topo — Testing & Debugging MCP Servers — Make Failure Boring
- threat-model-overview — Security Foundations — MCP Is a Trust Machine, Not a Magic Safe
- tool-poisoning-flow — Security Foundations — MCP Is a Trust Machine, Not a Magic Safe
- cross-tool-laundering — Security Foundations — MCP Is a Trust Machine, Not a Magic Safe
- production-topology — Production Patterns — Gateways, Auth, and Boring Reliability
- governance-layers — Enterprise Governance — Catalogs, Policy, and Incident Angst
- multi-server-workflow — Advanced Agentic Patterns — Multi-Server, Dynamic Tools, and Humble Doubt
- capstone-architecture — Capstone — Enterprise Developer Assistant MCP Server (The Final Boss)
- sec-poison — Security Playbook
- sec-path — Security Playbook
Glossary
Model Context Protocol
An open protocol that standardizes how applications expose tools, resources, and prompts to LLM hosts.
JSON-RPC
A lightweight remote procedure call format using JSON messages over a transport.
host
The application that embeds the model and owns user experience (e.g. an IDE or assistant UI).
client
The MCP client inside the host that maintains sessions and talks to MCP servers.
server
An MCP server process that exposes capabilities (tools/resources/prompts) over a transport.
stdio
Transport where the host spawns a server child process and exchanges JSON-RPC over stdin/stdout.
Streamable HTTP
HTTP-based MCP transport using POST/GET (and optional streaming) replacing older HTTP+SSE patterns.
tool poisoning
Indirect prompt injection via tool metadata or outputs that steer the model when tools are listed or summarized.
prompt injection
Attacker-controlled text that manipulates model behavior by appearing in the model context.
capability negotiation
Handshake where client and server agree on supported protocol features before normal operation.
Zod
TypeScript-first schema library used by the MCP TypeScript SDK for tool and prompt argument validation.