Upgrade to Pro — share decks privately, control downloads, hide ads and more …

The Great (Interface) Escape. MCP's Promise & P...

Avatar for David Denton David Denton
October 16, 2025
Technology
0
2

The Great (Interface) Escape. MCP's Promise & Precautions

We spend countless hours navigating poorly designed interfaces, searching for information, and completing tedious tasks like digital form filling—fighting with systems that should serve us, not consume our time. What if we could eliminate these frustrating interfaces entirely?

This talk explores how Model Context Protocol (MCP) is transforming our relationship with digital systems by letting AI agents handle the grunt work directly, without forcing humans through clunky UIs and broken processes. We'll cover:

- The Interface Problem: Why we're drowning in bad UIs and manual processes that waste our lives
- Enter MCP: How standardised agent communication could end the tyranny of terrible interfaces
- Reimagining Interaction: Real examples of tasks transforming from multi-step manual nightmares into seamless agent automation
- The Dark Side: Security vulnerabilities, data exposure risks, and the new attack vectors MCP introduces

You'll see live demonstrations of MCP eliminating interface friction, understand the protocol's core primitives, and confront the uncomfortable reality of what happens when agents have too much access to your systems.

This isn't just about efficiency—it's about the next wave of technological change that could fundamentally reshape how we interact with digital services. But are we ready for the security implications?

Avatar for David Denton

David Denton

October 16, 2025
Tweet

More Decks by David Denton

See All by David Denton
Functional Intelligence: Agents, MCP and maybe the end of the Web?
Avatar for David Denton daviddenton
1
26
Server as a Function. In Kotlin. _____________
Avatar for David Denton daviddenton
0
14
Full Stream Ahead: Breaking the protocol barrier with http4k
Avatar for David Denton daviddenton
1
44
Kotlin's Elegant Deceptions: Simple APIs, Unusual Tactics
Avatar for David Denton daviddenton
0
80
Exploring the Testing Hyperpyramid with Kotlin & http4k
Avatar for David Denton daviddenton
2
550
http4k - the Swiss Army Knife for Kotlin HTTP apps
Avatar for David Denton daviddenton
0
46
Smash your adapter monolith with the Connect pattern
Avatar for David Denton daviddenton
0
67
Productivity by a thousand cuts: The Kotlin Way
Avatar for David Denton daviddenton
0
48
Writing Test Driven Apps with http4k
Avatar for David Denton daviddenton
0
160

Other Decks in Technology

See All in Technology
自己的售票系統自己做!
Avatar for 高見龍 eddie
0
430
Flutter DevToolsで発見! 本番アプリのパフォーマンス問題と改善の実践
Avatar for GOTO-TSL goto_tsl
1
380
AIを前提に、業務を”再構築”せよ IVRyの9ヶ月にわたる挑戦と未来の働き方 (BTCONJP2025)
Avatar for chama yueda256
1
160
“それなりに”安全なWebアプリケーションの作り方
Avatar for Ryusei Ishikawa xryuseix
0
290
Spring Boot利用を前提としたJavaライブラリ開発方法の提案
Avatar for Koki Hoshihara kokihoshihara
PRO
2
140
嗚呼、当時の本番環境の状態で AI Agentを再評価したいなぁ...
Avatar for po3rin po3rin
0
400
隙間ツール開発のすすめ / PHP Conference Fukuoka 2025
Avatar for meihei meihei3
0
350
ubuntu-latest から ubuntu-slim へ移行しよう!コスト削減うれしい~!
Avatar for asumikam asumikam
0
470
CloudFormationコンソールから、 実際に作られたリソースを辿れるようになろう!
Avatar for amixedcolor amixedcolor
1
170
バクラクの AI-BPO を支える AI エージェント 〜とそれを支える Bet AI Guild〜
Avatar for Tomoaki tomoaki25
2
660
AWS IAM Identity Centerによる権限設定をグラフ構造で可視化+グラフRAGへの挑戦
Avatar for Yuta Kimi ykimi
2
730
【AWS reInvent 2025 関西組 事前勉強会】re:Inventの“感動と興奮”を思い出してモチベ爆上げしたいです
Avatar for Toshiki Terai ttelltte
0
140

Featured

See All Featured
Performance Is Good for Brains [We Love Speed 2024]
Avatar for Tammy Everts tammyeverts
12
1.3k
Gamification - CAS2011
Avatar for David Bonilla davidbonilla
81
5.5k
Music & Morning Musume
Avatar for Bryan Veloso bryan
46
6.9k
Optimizing for Happiness
Avatar for Tom Preston-Werner mojombo
379
70k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
37
2.6k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
Avatar for Sam Stephenson sstephenson
162
15k
10 Git Anti Patterns You Should be Aware of
Avatar for Lemi Orhan Ergin lemiorhan
PRO
658
61k
Fashionably flexible responsive web design (full day workshop)
Avatar for Andy Clarke malarkey
407
66k
YesSQL, Process and Tooling at Scale
Avatar for Rocio Delgado rocio
174
15k
Improving Core Web Vitals using Speculation Rules API
Avatar for Sergey Chernyshev sergeychernyshev
21
1.2k
No one is an island. Learnings from fostering a developers community.
Avatar for Antonio thoeni
21
3.5k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
Avatar for Chris Coyier chriscoyier
508
140k

Transcript

  1. The Great (Interface) Escape: MCP's Promise and Precautions AI for

    the rest of us, London, October 2025
  2. None

  3. London: Saturday morning.

  4. London: Saturday morning. A man sits peacefully in his kitchen,

    blissfully unaware of his fate.

  5. London: Saturday morning. A voice: “David? Can you come in

    here for a moment?” A man sits peacefully in his kitchen, blissfully unaware of his fate.

  6. Hi. I’m David.

  7. Hi. I’m David. https://type fl ows.io https://clockwork.ing https://mcp.http4k.org GoogleDevExpert

  8. “Just fill in this form”* Me *Names have been changed

    to protect the guilty

  9. “Just fill in this form”* Me My Mac 1. Get

    my details *Names have been changed to protect the guilty

  10. “Just fill in this form”* Me My Mac 1. Get

    my details Acme Insurance.com 2 . Search for the form *Names have been changed to protect the guilty

  11. “Just fill in this form”* Me My Mac 1. Get

    my details Acme Insurance.com 2 . Search for the form *Names have been changed to protect the guilty 3 . Phone the call centre

  12. “Just fill in this form”* Me My Mac 1. Get

    my details Acme Insurance.com 2 . Search for the form 4. Lookup orders Rainforest.com *Names have been changed to protect the guilty 3 . Phone the call centre

  13. “Just fill in this form”* Me My Mac 1. Get

    my details Acme Insurance.com 2 . Search for the form 5. Get invoice 4. Lookup orders Rainforest.com *Names have been changed to protect the guilty 3 . Phone the call centre

  14. “Just fill in this form”* Me My Mac 1. Get

    my details Acme Insurance.com 2 . Search for the form 5. Get invoice 4. Lookup orders Rainforest.com *Names have been changed to protect the guilty 3 . Phone the call centre 6. Convert fi le to PDF

  15. “Just fill in this form”* Me My Mac 1. Get

    my details Acme Insurance.com 2 . Search for the form 7. Raise claim, attach invoice 5. Get invoice 4. Lookup orders Rainforest.com *Names have been changed to protect the guilty 3 . Phone the call centre 6. Convert fi le to PDF

  16. “Just fill in this form”* Me My Mac 1. Get

    my details Acme Insurance.com 2 . Search for the form 8. Add a todo to track it 7. Raise claim, attach invoice 5. Get invoice 4. Lookup orders Rainforest.com *Names have been changed to protect the guilty 3 . Phone the call centre 6. Convert fi le to PDF

  17. The waste here is legion! •Missing/impenetrable instructions •Dumb chatbots/call centres

    •Bad UIs and user hostile forms •Manual data gruntwork

  18. The waste here is legion! •Missing/impenetrable instructions •Dumb chatbots/call centres

    •Bad UIs and user hostile forms •Manual data gruntwork

  19. AI will save us! LLMs are smart!

  20. AI will save us! LLMs are smart!

  21. .. but LLMs are also very stupid!

  22. .. but LLMs are also very stupid!

  23. .. but LLMs are also very stupid!

  24. .. but LLMs are also very stupid!

  25. Conclusions •LLMs are logical and can visualise contextually •But they

    are too naive to be trusted •To be truly useful, they need to be connected to: 1. Real world data 2. Some decent instructions!

  26. Enter MCP: •Created by Anthropic in 2024 •De fi nes

    a common uni fi ed API for clients to connect •Standardises message format •Reimagines interaction model as capabilities “Enables seamless integration between LLM applications and external data sources and tools”

  27. Credit: Norah Sakal @norahsakal

  28. There is a type bit of hype! •Number of servers

    16517* •SDKs in Go, Java, TS, Python…. •Rapid adoption by big-tech - the below were announced whilst I wrote this talk *At time of slide

  29. • Functional web toolkit in pure Kotlin • Best-in-class Testing

    support • Support for latest MCP speci fi cation • Multi-deployment feature-set • Kotlin Foundation Supported an entire HTTP ecosystem https://http4k.org

  30. MCP Essentials •Standardised message format for interactions (JSON-RPC) •Reimagines interaction

    model as capabilities: Completions Prompts Tools Resources Elicitations Sampling

  31. MCP Essentials •Standardised message format for interactions (JSON-RPC) •Reimagines interaction

    model as capabilities: Completions Prompts Tools Resources Elicitations Sampling Completions Prompts Tools Resources

  32. Local MCP Server MCP Setup Workstation LLM Client HTTP LLM

    Cloud Service HTTP (API) Remote (LLM API) HTTP MCP Server = File access Remote IO HTTP StdIo Meat-based Worker IO (JSONRPC) (JSONRPC)

  33. Provide text options for an input Client Server Completion reference

    + argument “method”: “completion/complete” “ref”: “recipe-ingredients” “argument”: "br” Completions

  34. Provide text options for an input Client Server Completion reference

    + argument Completion options “values”: [ "broccoli", “brown sugar", “briny olives” ] “method”: “completion/complete” “ref”: “recipe-ingredients” “argument”: "br” Completions

  35. Templated instructions for an LLM Prompts Client Server Prompt Name

    + Arguments “method”: “prompts/get” “name": “recipe-instructions” “arguments”: [“chicken”, “rice”]

  36. Templated instructions for an LLM Prompts Client Server Prompt Name

    + Arguments Prompt content “Create a healthy dinner recipe using chicken and rice. Include cooking time, servings, and step-by- step instructions.” “method”: “prompts/get” “name": “recipe-instructions” “arguments”: [“chicken”, “rice”]

  37. List/Retrieve/subscribe to URI-based data Client Server Resource URL “method”: ”resources/read”

    “url”: “recipe://chicken-biryani" Resources

  38. List/Retrieve/subscribe to URI-based data Client Server Resource URL Resource content

    “url”: “recipe://chicken-biryani" “mimeType” “application/json, “Text”: “first, slice the chicken……" “method”: ”resources/read” “url”: “recipe://chicken-biryani" Resources

  39. Perform an (user authorised) structured interaction Client Server Tool name

    + typed arguments “method”: “tools/call” “name”: “create-shopping-list” “arguments”: “recipe”: “chicken-biryani” “servings”: 4 Tools

  40. Perform an (user authorised) structured interaction Client Server Tool name

    + typed arguments Text or Structured response “items”: [ “chicken”: 450, “rice": 100, “all-spice”: 15 ] “unit”: “grams” “method”: “tools/call” “name”: “create-shopping-list” “arguments”: “recipe”: “chicken-biryani” “servings”: 4 Tools

  41. Let’s revisit our process LLM (supervised by me) *Names have

    been changed to protect the guilty

  42. Let’s revisit our process LLM (supervised by me) My Mac

    1. Completion (Details) *Names have been changed to protect the guilty

  43. Let’s revisit our process LLM (supervised by me) My Mac

    1. Completion (Details) Acme Insurance.com 2 . Prompt (Instructions) *Names have been changed to protect the guilty

  44. Let’s revisit our process LLM (supervised by me) My Mac

    1. Completion (Details) Acme Insurance.com 2 . Prompt (Instructions) *Names have been changed to protect the guilty 3 . Have a nice cup of tea

  45. Let’s revisit our process LLM (supervised by me) My Mac

    1. Completion (Details) Acme Insurance.com 2 . Prompt (Instructions) *Names have been changed to protect the guilty 3 . Have a nice cup of tea

  46. Let’s revisit our process LLM (supervised by me) My Mac

    1. Completion (Details) Acme Insurance.com 2 . Prompt (Instructions) *Names have been changed to protect the guilty 3 . Have a nice cup of tea

  47. Let’s revisit our process LLM (supervised by me) My Mac

    1. Completion (Details) Acme Insurance.com 2 . Prompt (Instructions) 4. Read Resource (Orders) Rainforest.com *Names have been changed to protect the guilty 3 . Have a nice cup of tea

  48. Let’s revisit our process LLM (supervised by me) My Mac

    1. Completion (Details) Acme Insurance.com 2 . Prompt (Instructions) 5. Tool call (Invoice) 4. Read Resource (Orders) Rainforest.com *Names have been changed to protect the guilty 3 . Have a nice cup of tea

  49. Let’s revisit our process LLM (supervised by me) My Mac

    1. Completion (Details) Acme Insurance.com 2 . Prompt (Instructions) 5. Tool call (Invoice) 4. Read Resource (Orders) Rainforest.com *Names have been changed to protect the guilty 6. Tool call (Convert) 3 . Have a nice cup of tea

  50. Let’s revisit our process LLM (supervised by me) My Mac

    1. Completion (Details) Acme Insurance.com 2 . Prompt (Instructions) 7. Tool call (RaiseClaim) 5. Tool call (Invoice) 4. Read Resource (Orders) Rainforest.com *Names have been changed to protect the guilty 6. Tool call (Convert) 3 . Have a nice cup of tea

  51. Let’s revisit our process LLM (supervised by me) My Mac

    1. Completion (Details) Acme Insurance.com 2 . Prompt (Instructions) 8. Tool call (Track) 7. Tool call (RaiseClaim) 5. Tool call (Invoice) 4. Read Resource (Orders) Rainforest.com *Names have been changed to protect the guilty 6. Tool call (Convert) 3 . Have a nice cup of tea

  52. MCP + http4k Demo

  53. MCP + http4k Demo

  54. There are 16517* servers to install… *At time of slide

    …. so let’s go! 🚀 Client MCPs
  55. None

  56. NOT SO FAST…

  57. NOT SO FAST…

  58. NOT SO FAST…

  59. NOT SO FAST…

  60. NOT SO FAST…

  61. The Lethal Trifecta Ability to Externally Communicate Access to Private

    Data Exposure to Untrusted Content

  62. The Lethal Trifecta Ability to Externally Communicate Access to Private

    Data Bad times! Exposure to Untrusted Content

  63. How does Tool Calling work? LLM Client MCP

  64. How does Tool Calling work? LLM Client MCP ModelParameters Message

    Message Message Tools Message Query

  65. How does Tool Calling work? LLM Client MCP ToolCall Usage

    ModelParameters Message Message Message Tools Message Query

  66. How does Tool Calling work? LLM Client MCP ToolCall Usage

    ToolCall Approve ModelParameters Message Message Message Tools Message Query

  67. How does Tool Calling work? LLM Client MCP ToolCall Usage

    Result ToolCall Approve ModelParameters Message Message Message Tools Message Query

  68. How does Tool Calling work? LLM Client MCP ToolCall Usage

    Result Message Message Result ModelParameters Message Message Message Tools ToolCall Approve ModelParameters Message Message Message Tools Message Query

  69. How does Tool Calling work? LLM Client MCP ToolCall Usage

    Result Usage Message Message Message Content Result Message Message Result ModelParameters Message Message Message Tools ToolCall Approve ModelParameters Message Message Message Tools Message Query

  70. We can create EvilCalendarMCP™ The LLM treats tool descriptions as

    trusted input

  71. Tool poisoning attack Client EvilMCP™ LLM Tool description Tool description

    = File access EmailMCP

  72. Tool poisoning attack Client EvilMCP™ LLM “How many days until

    Christmas? Tool description Tool description = File access EmailMCP

  73. Tool poisoning attack Client EvilMCP™ LLM Query with Email +

    Evil tool instructions LLM requests Tool usage “How many days until Christmas? Tool description Tool description = File access EmailMCP

  74. Tool poisoning attack Client EvilMCP™ LLM Approves usage Query with

    Email + Evil tool instructions LLM requests Tool usage “How many days until Christmas? Tool description Tool description = File access EmailMCP

  75. Tool poisoning attack Client EvilMCP™ LLM Approves usage Query with

    Email + Evil tool instructions LLM requests Tool usage “How many days until Christmas? Tool description Tool description = File access EmailMCP Get days until 25/12

  76. Tool poisoning attack Client EvilMCP™ LLM Approves usage Query with

    Email + Evil tool instructions LLM requests Tool usage “How many days until Christmas? Tool description Tool description = File access Read .ssh/id_rsa EmailMCP Get days until 25/12

  77. Tool poisoning attack Client EvilMCP™ LLM Approves usage Query with

    Email + Evil tool instructions LLM requests Tool usage “How many days until Christmas? Tool description Tool description = File access Read .ssh/id_rsa EmailMCP Send email with id_rsa Get days until 25/12

  78. Conclusion: MCP is a game of 2 halves •MCPs give

    LLMs superpowers •Contextual user interfaces •Agents + MCP could replace the web •Signi fi cant novel attack vectors •All so new that we cannot defend •99% of all servers are “uno ff i cial” YAY! ✅ NAY! ⚠

  79. Thank you! Questions? David Denton ([email protected]) Engineering Lead | CICD

    | Security | Advisory | Training https://clockwork.ing/ https://mcp.http4k.org