Model Context Protocol - Game Changer for AI Applications

Transcript

1. Martin Lippert, Spring Tools Lead, Broadcom @martinlippert July, 2025 Model

   Context Protocol Game Changer for AI Applications Copyright © 2025 Broadcom

2. LLMs knowledge is static and “outdated” • Training data cut-off

   from a specific day • The LLM knows nothing about ◦ Personal information, private data ◦ Company-internal information ◦ What happened since the cut-off date • It can’t just “go out and look for stuff” Challenge 1

3. Feed extra information into the prompt • Add context information

   to the prompt ◦ E.g. before sending a user question to the LLM, add a section about your internal database schema, so that the LLM knows about it • This is what everybody is doing • Everything else is usually too complicated and error-prone for companies ◦ Train your own models ◦ Fine-tune existing models Prompt stuffing

4. You can’t just add everything • The context window is

   limited • You can’t just add “everything you know” (all the database schemas of your company, all the manuals, all the weather data from all locations around the globe, etc.) • This might be a very open-ended situation ◦ There might be situations where you need to search the web (for example) What exactly to feed into the prompt?

5. The LLM wants “to do” something • The answer of

   the LLM includes actions, e.g. ◦ Create an issue on GitHub ◦ Submit a PR ◦ Run some tests ◦ etc. Challenge 2

6. Model Context Protocol https://modelcontextprotocol.io/

7. We invert the control flow • Instead of adding all

   extra information to the prompt upfront, we tell the LLM what we have to offer, what we “could” do • Then, the LLM decides what it wants and “calls us” • Existed before MCP: “function calling” MCP is basically standardizing how this works Don’t call us, we call you

8. Quick reminder • The LLMs are fine-tuned to detect when

   to call a function • In that case, the output is JSON containing the function and parameters Function calling

9. Spring AI Chat Request The Flow Tool Definition Dispatch Tool

   Call Requests LLM Tool Chat Response 1 2 3 4 5 6

10. The USB-C Standard for AI applications • Generalize the function

    calling capability on the client side • Allow a separation between ◦ the part that implements a certain functionality (like “query weather data” or “create an issue”) ◦ the AI application that would like to integrate that functionality when using an LLM Model Context Protocol

11. Process Process Process Host The Bigger MCP Picture MCP Client

    MCP Client MCP Client MCP Server MCP Server MCP Server External Resource External Resource External Resource App using AI LLM MCP MCP MCP

12. Process Process Transport MCP Client MCP Client MCP Server MCP

    Server MCP over STDIO MCP over HTTP Streaming

13. client machine remote server same machine Process Process Local vs

    Remote MCP Client MCP Client MCP Server MCP Server MCP over STDIO MCP over HTTP Streaming

14. The role of the server • The MCP server… ◦

    can be implemented in any language ◦ Runs in a separate (local or remote) process ◦ Can talk to external resources ◦ “Speaks” the protocol Part 1: The MCP Server

15. The role of the client • The MCP client is

    usually part of the host application ◦ e.g. an AI application talking to an LLM ◦ an IDE using LLMs for supporting AI coding ◦ Etc. • The client “talks” to the server in a generic way (“speaks the protocol”) ◦ The client is implemented once, not for every server Part 2: The MCP Client

16. Various repos • https://github.com/modelcontextprotocol/servers • https://www.pulsemcp.com/ • … Hundreds of

    MCP servers around

17. Let’s have a look at Java • Official Java SDK:

    https://github.com/modelcontextprotocol/java-sdk ◦ Java MCP Client ◦ Java MCP Server • Spring AI MCP: https://docs.spring.io/spring-ai/reference/api/mcp/mcp-overview.html ◦ Adds Spring Boot integration • Langchain4j: https://docs.langchain4j.dev/tutorials/mcp Using MCP in an app

18. Live Coding (Consuming MCP Servers)

19. Now the agent wants “to do” stuff • The agent

    wants to execute actions (e.g. add a comment, submit a PR, create ticket) while chatting with the user or running through the flow • What exactly the agent will do, we don’t know (upfront) • We can use MCP for this as well ◦ Don’t call the MCP server to get information ◦ Call the MCP server to do something Agentic systems

20. Live Coding (Executing actions)

21. Live Coding (Writing MCP Servers)

22. SDKs for various languages • Java SDK • Spring AI

    - MCP Writing MCP servers

23. The protocol has more things than just “tools” • Prompts

    (user-driven) • Resources (application-driven) • Sampling • Roots MCP 201: The Protocol in Depth https://www.youtube.com/watch?v=C_nqAWHsldo Other things

24. Inspector • A tool to test MCP servers • https://modelcontextprotocol.io/docs/tools/inspector

    ◦ npx -y @modelcontextprotocol/inspector Debugging

25. Security

26. Various dimensions • MCP servers doing random stuff on your

    machine • MCP servers have access to internal systems / internal data • You might not know where the MCP server is coming from (marketplaces emerge) • This opens the door for a lot of security related topics Security

27. GitHub MCP Server attack • https://invariantlabs.ai/blog/mcp-github-vulnerability Example

28. Various things to keep in mind • Authentication • Confirmation

    • Sanitize data • … Security

29. Fast Moving Space

30. The spec evolves very fast • Not everything is supported

    by all the SDKs all the time • Take a look at the limitations here and there… 😉 Things change at a rapid pace

31. MCP • Model Context Protocol: https://modelcontextprotocol.io/ • Directory of Servers:

    https://github.com/modelcontextprotocol/servers • Java SDK: https://github.com/modelcontextprotocol/java-sdk • Spring AI MCP: https://docs.spring.io/spring-ai/reference/api/mcp/mcp-overview.html • Spring AI Examples: https://github.com/spring-projects/spring-ai-examples/tree/main/model-context-protocol • Craig Walls: https://github.com/habuma/spring-ai-examples Resources

32. Thank you @martinlippert © 2025 Spring. A Broadcom-backed project.