MCP Integration
Model Context Protocol (MCP) is an open standard that enables agents to interact with external tools, resources, and prompts in a standardized way. Instead of custom integrations for each service, MCP provides a universal protocol that works everywhere.
What is MCP?
MCP provides a unified interface for three types of capabilities:
| Capability | Description | Examples |
|---|---|---|
| Tools | Actions agents can perform | API calls, calculations, file operations |
| Resources | Data agents can read | Files, databases, APIs |
| Prompts | Pre-defined prompt templates | Code review, analysis, summarization |
How MCP Works
Agent needs to act --> Calls MCP tool via standard protocol --> MCP server translates to native API --> Results returned in standard format
The agent does not need to know the details of each external service. It speaks MCP, and the MCP server handles the translation.
Built-in MCP Tools
MeetLoyd includes several built-in tools available to all agents:
| Tool | Description |
|---|---|
| Calculator | Mathematical operations (add, subtract, multiply, divide, power, sqrt) |
| Current Time | Get current date and time in any timezone |
| HTTP Request | Make HTTP requests (GET, POST, PUT, DELETE, PATCH) |
| Memory | Store and retrieve persistent data across conversations |
| Random | Generate random numbers, UUIDs, or pick from choices |
| JSON | Parse, stringify, query, and transform JSON data |
Assigning Tools to Agents
Tools are assigned to agents through authorization grants. When you grant a permission, the associated MCP tools become available to the agent automatically.
Via Dashboard (Recommended)
- Go to the Authorization page
- Select an agent and resource
- Pick a permission template (e.g., "Contributor")
- Click Grant -- the agent immediately gets access to the corresponding tools
Or use the Agent Wizard when creating or editing an agent -- the "Access & Permissions" step configures grants visually.
Tools are managed through authorization grants, not a direct tools array on the agent. This ensures consistent security enforcement.
Best Practices
Assign purpose-built tools (CRM lookup, email send) rather than generic ones (HTTP request). Specific tools have better input validation and security constraints.
Restrict filesystem access to specific directories. Use read-only mode for databases. The principle of least privilege applies to agents too.
Never hardcode API keys or tokens. Use the secrets system so credentials are encrypted at rest and injected securely at runtime.
Define strict input schemas with required fields, types, and bounds. This prevents agents from sending invalid or dangerous data to external services.
Next: Explore Integrations for pre-built connections to popular services.