The Rise and Reassessment of MCP: What Comes Next?

From tool catalogs to code generation and agentic teams

In 2024, Anthropic introduced the Model Context Protocol (MCP), a standardized way for language models to describe and call tools using clear, documented interfaces. Before MCP, every project invented its own schema and conventions, which made tools hard to share and reason about.

See Anthropic’s MCP overview: https://www.anthropic.com/news/model-context-protocol

A year on, MCP has seen impressive adoption and its share of growing pains. Many teams embraced MCP as a “gold standard” for tool calling -running demos where models read email, query databases, search files, and browse the web using well-described, interoperable tools. But like any early abstraction, MCP has trade-offs.

Where MCP shines

• Standardized tool definitions and documentation
• Better ergonomics for tool builders and client developers

• Ecosystem momentum and shared mental models

Where MCP strains in practice

• Context overhead: Tool descriptions, input/output schemas, and examples all consume tokens. At scale, this adds up. For example, if you ship 50 tools at ~250–400 tokens each, you may spend 12,500–20,000 tokens before you’ve even processed user content.

• Tool selection ambiguity: Models can still mis-select tools or hallucinate parameters, leading to retries and cost/latency spikes.

• Operational complexity: Versioning tool definitions, coordinating changes across services, and keeping descriptions in sync with behavior are nontrivial.

An alternative: Cloudflare’s “Code Mode”

Cloudflare proposes a different approach they call Code Mode: don’t inject a large catalog of tool definitions into the model. Instead, expose a typed TypeScript API and let the model write the small snippets of code needed to call that API. Execute the code server-side in a sandbox and return structured results.

Cloudflare’s article: https://blog.cloudflare.com/code-mode/

Why this resonates:

• Lower token pressure: short, on-demand code replaces long, ever-present tool descriptions.

• Determinism: code execution is deterministic given the same inputs, which simplifies debugging and repeatability. See “Deterministic algorithm”: https://en.wikipedia.org/wiki/Deterministic_algorithm

• Mature security primitives: when interactions happen via APIs, we can leverage well-established auth, rate limits, and auditing instead of inventing new patterns inside the prompt.

Security comes first: in Code Mode, run code in a tight sandbox, enforce allowlists and schema checks, use scoped credentials, set per-tenant quotas and rate limits, and log code and calls for audit.

Another path: agent-to-agent orchestration

See Googles A2A Framework: https://a2a-protocol.org/latest/

There’s also a structural alternative: instead of one “everything model” carrying a huge toolset, use a team of specialised agents plus an orchestrator.

• Orchestrator LLM: holds minimal context, routes tasks, and composes results

• Specialist agents: each owns a small, focused toolset (data access, search, email, billing, etc.)

• Narrow context: pass only the information needed for each task, reducing confusion and token waste

This approach can reduce errors, improve observability, and make scaling safer (each agent has a smaller blast radius). It also plays nicely with both MCP (for small, stable toolsets) and Code Mode (for dynamic integrations).

So where does MCP fit now?

MCP isn’t “Over” It remains a strong choice when you have a small, stable set of predictable tools—think fewer than ten—where portability, clear shared documentation, and consistent low-latency calls matter more than spinning up execution sandboxes.

Code Mode shines when your integrations are diverse, fast-changing, or vendor-specific; when you need to compose multi-step workflows on the fly; and when token or latency budgets make large tool catalogs impractical. Agentic orchestration is most useful when you want specialization and separation of concerns, stronger observability and safer scaling, and the ability to mix different calling strategies.

We’re not choosing between them; the real pattern is to merge all three. Keep a slim, high-frequency core in MCP, generate on-demand calls with Code Mode for long-tail or rapidly evolving APIs (executed in a sandbox with mature security), and use an orchestrator LLM to route tasks, pass only the necessary context, and compose results. This hybrid approach reduces errors and costs while preserving flexibility and speed.

The Takeaway

The center of gravity is shifting from “ship every tool definition to the model” to “generate code on demand” and “compose teams of specialized agents.” Expect tool calling to become cheaper, faster, and more capable as these patterns mature-and to lean more on classic API security and software engineering practices.

What will you build with this?

Further reading

Anthropic’s MCP overview: https://www.anthropic.com/news/model-context-protocol
Anthropic on code execution with MCP: https://www.anthropic.com/engineering/code-execution-with-mcp
Cloudflare Code Mode: https://blog.cloudflare.com/code-mode/
Cloudflare Agents SDK: https://developers.cloudflare.com/agents/
Building agents in TypeScript: https://adk.iqai.com/docs/framework/get-started/quickstart
MCP Authorization: https://modelcontextprotocol.io/docs/tutorials/security/authorization