Articles Posted in Model Context Protocol (MCP)

Posted
By and

As a stakeholder considering the implementation of an MCP connector, it may be difficult to glean from product documentation or marketing materials alone how the tool is functioning, and what must be done to manage its implementation.

MCP connectors provide a standardized way to connect AI models to external systems, allowing for easier proliferation of agentic AI. However, these connections also introduce new risks, including data access and privacy liability; unauthorized or erroneous actions; security vulnerabilities; accountability and governance; and third-party mismanagement.

Continue reading

Posted
By and

Before reading the first three installments of Pillsbury’s MCP connector series, you may have thought MCP-connected agentic architecture was too complicated to understand. But now that you have wrapped your mind around what MCP connectors are, what legal and operational risks they pose, and how to practically mitigate those risks, you may feel ready to deploy them in your organization. But not so fast…

Continue reading

Posted
By , and

In the most recent installment of our series on Model Context Protocol (MCP) connectors, we closed with this observation: Organizations that will manage MCP connector technology effectively are those that treat deployment as an enterprise risk concern. We promised a practical starting framework for how to think about mitigating those enterprise risks.

In this installment, we provide that framework through a hypothetical (and associated risk incidents) that illustrate how the risks may manifest in practice, annotated with suggested mitigants that may have prevented—or meaningfully limited—each issue.

Continue reading

Posted
By , and

Any time a new technology emerges that includes the ability for an AI model to autonomously “reach out and interact with the world,” legal and operations teams take notice. And rightly so, the legal and operational implications of any AI autonomy deserve careful consideration. MCP connectors are powerful precisely because they reduce friction between AI models and databases, and between each prompt and the resulting action, resulting in a proliferation of agentic AI. But reduced friction cuts both ways. The same architecture that makes MCP efficient also makes it a meaningful source of risk that requires appropriate governance.

Below, we examine the key legal and operational risks that an organization should consider before and during any MCP connector deployment in its AI portfolio. It is worth noting that risks inherent in generative AI use more broadly persist when an MCP connector conduits to an LLM, but the below analysis focuses on the risk specific to the new MCP connection infrastructure.

Continue reading