Inferensys

Glossary

MCP Tool

An MCP Tool is an executable function exposed by an MCP server, defined by a name, description, and an input JSON Schema, which a client can invoke to perform actions like calling an API, running a script, or modifying data.
Developer demonstrating multi-agent tool use, agent tool selection interface on laptop, casual tech demo moment.
MODEL CONTEXT PROTOCOL

What is an MCP Tool?

A core executable component within the Model Context Protocol framework that enables AI agents to perform actions in external systems.

An MCP Tool is an executable function exposed by an MCP server, defined by a name, description, and an input JSON Schema, which a client can invoke to perform actions like calling an API, running a script, or modifying data. It is the fundamental mechanism within the Model Context Protocol for extending an AI agent's capabilities beyond its internal knowledge, allowing it to interact with and manipulate the external digital world through a standardized, schema-defined interface.

Each tool's definition acts as a contract, ensuring the MCP client (e.g., an AI assistant) provides correctly structured arguments. Upon invocation, the server executes the corresponding tool handler—the backend logic—and returns a structured result. This pattern decouples the AI's reasoning from implementation details, enabling secure, validated, and observable integration with databases, APIs, and other enterprise services through a unified protocol.

ARCHITECTURE

Core Components of an MCP Tool Definition

An MCP Tool is an executable function exposed by a server, defined by a formal specification that enables AI clients to perform external actions. Its definition is composed of several key, standardized components.

01

Name and Identifier

The name field is a unique, machine-readable string identifier for the tool within the server's namespace. It follows a reverse domain-like naming convention (e.g., github.search_issues) to ensure global uniqueness and avoid collisions when multiple servers are connected. This name is used by the client in the JSON-RPC tools/call request to specify which function to execute.

02

Description and Intent

The description is a human-readable, natural language explanation of the tool's purpose and behavior. It is critically consumed by the AI client's language model to understand when and how to use the tool. A well-written description includes:

  • The tool's primary action (e.g., 'Searches for repositories').
  • The expected outcome.
  • Any important preconditions or side effects. This text directly influences the agent's reasoning and tool selection accuracy.
03

Input JSON Schema

The inputSchema is a JSON Schema object that rigorously defines the structure, types, and validation rules for the tool's arguments. This schema acts as a contract between the client and server, enabling:

  • Structured Output Guarantees: The LLM is constrained to generate arguments that match the defined properties (e.g., query of type string).
  • Request/Response Validation: The server validates incoming requests against this schema before execution.
  • Automatic Documentation: Clients can introspect the schema to understand required and optional parameters, their data types, and any constraints (like enums or pattern matching).
04

Tool Handler Implementation

The handler is the server-side function or method that contains the business logic executed when the tool is invoked. It is not part of the definition sent to the client but is its essential counterpart on the server. The handler:

  • Receives the validated input arguments.
  • Executes the intended action (e.g., calls a REST API, queries a database, runs a script).
  • Returns a result (or error) that conforms to the MCP result specification.
  • Manages authentication, error handling, and side effects securely within the server's execution environment.
05

Capability Advertisement

During the initial capability negotiation handshake, the MCP server advertises its available tools to the client via the tools list in the initialize result. Each entry in this list is the complete tool definition (name, description, inputSchema). This allows the client to dynamically discover and register the tool's specification, enabling the AI to plan its use without prior hard-coded integration. The set of tools can be static or change dynamically based on server state or user permissions.

EXECUTION FLOW

How MCP Tool Invocation Works

The process by which an AI client securely requests an MCP server to execute an external function.

MCP tool invocation is a client-initiated JSON-RPC request where an AI application calls a predefined function on a remote server. The client sends a tools/call request containing the tool's name and arguments validated against its input JSON Schema. The server executes the corresponding tool handler—a function containing the business logic for actions like API calls or data manipulation—and returns a structured result.

This request-response cycle is managed over a secure MCP transport like stdio or SSE. The server performs schema validation on incoming arguments, and the client can inject the tool's result as dynamic context into the model's session. The entire transaction is logged for audit and observability, ensuring deterministic execution within the agent's workflow.

MCP TOOL

Frequently Asked Questions

Common questions about MCP Tools, the executable functions that enable AI agents to securely interact with external systems through the Model Context Protocol.

An MCP Tool is an executable function exposed by an MCP server, defined by a name, description, and an input JSON Schema, which a client can invoke to perform actions like calling an API, running a script, or modifying data. It is the fundamental mechanism within the Model Context Protocol for enabling AI agents to take action in the external world. Unlike a static MCP Resource which provides read-only data, a tool is an operation that can have side effects. Its formal specification, or Tool Definition, allows an MCP client (like an AI assistant) to understand its purpose and how to call it correctly, enabling secure and structured integration with backend services, databases, and command-line utilities.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.