MCP + NLWeb: Talk to the Web (Part 1) by Seth Carney

MCP, or Model Context Protocol, is an open source standard for connecting artificially intelligent agents to external systems, automating interactions and transactions with the internet, APIs, or various business tools.

MCP was developed in order to enable agents to perform outside tasks, take advantage of 3rd party APIs, and access additional data. The relatively new protocol, released by Anthropic towards the end of 2024, provides a simple and standardized way to give AI systems access to data and tools. Aligned developers can help prevent unique integrations from becoming common and ensure that all tools are model agnostic.

Microsoft recently released a capable open sourced MCP server NLWeb at MSBuild.

NLWeb is an project developed by Microsoft to provide a natural language website, including a chat interface for websites using the model of their choice and their own data. In addition to providing a chat UI, the project can also be used configured as an MCP server to expose APIs and data to outside agents, if configured. Part 2 of this article will explore NLWeb further, but for now, let’s examine the underlying protocol it uses.

In the article image above,

• Hosts are LLM applications (like Claude Desktop or IDEs) that initiate connections

• Clients maintain 1:1 connections with servers, inside the host application

• Servers provide context, tools, and prompts to clients

Using a consistent protocol prevents developers from having to maintain separate connection configurations between different sources and allows companies to begin to expose their products and services to be used by AI. There is support for a wide variety of languages to use to protocol, including Python, Typescript, C#, Java, amongst others.

There are now thousands of servers that have been created to improve the AI experience since this protocol was released this past year. This number is destined to grow. It almost feels like this will develop into another interface that all public facing products will want to offer to stay competitive. Alongside web and mobile apps, MCP servers will be needed to best meet the needs of customers. Imagine a direct competitor in automated booking or scheduling services exposing their APIs via MCP while your company has not. The competitor’s ability to operate more efficiently could provide a significant edge, leaving your organization behind in a growing market of AI-driven customers.

This type of rapid development always sparks security concerns, as it rightfully should. Ensuring proper authentication and authorization is used will be a necessity. There have already been instances of prompt injection attacks targeting servers. These types of attacks will only become more common as the protocol gains popularity.

I for one am super excited about the idea of an open protocol that will help further enable AI development. It’s a bit of cautious optimism, as I will also will be properly vetting any MCP servers before use.