Model Context Protocol Blog

MCP tool annotations were introduced nearly a year ago as a way for servers to describe the behavior of their tools — whether they’re read-only, destructive, idempotent, or reach outside their local environment. Since then, the community has filed five independent Specification Enhancement Proposals (SEPs) proposing new annotations, driven in part by a sharper collective understanding of where risk actually lives in agentic workflows. This post recaps where tool annotations are today, what they can and can’t realistically do, and offers a framework for evaluating new proposals. ...

You’ve built an MCP server that works quite well, but now you’re wondering: How do I add richer UI elements? Custom auth flows? What about domain-specific conventions, like those for finance or healthcare? This is where extensions come in. They let developers layer new capabilities on top of the baseline MCP implementation without touching the core protocol. This allows us to keep things stable while also opening up room to experiment, learn, and build with the community’s needs in mind. ...

MCP’s current spec release came out in November 2025. We haven’t cut a new version since, but the project hasn’t stood still. Over the past year MCP has moved well past its origins as a way to wire up local tools. It now runs in production at companies large and small, powers agent workflows, and is shaped by a growing community through Working Groups, Spec Enhancement Proposals (SEPs), and a formal governance process. None of that is news, but it’s the foundation we’re building on. ...