From Anthropic and Microsoft: where possible, build on open protocols for how models communicate with tools and other agents. The reason is twofold — security properties get designed into the infrastructure once rather than patched per deployment, and competition stays focused on agent quality rather than on who controls the integrations.
Current state:
- Model Context Protocol (MCP) — open standard for how models communicate with external data sources and tools. Now stewarded by the Linux Foundation's Agentic AI Foundation. Default to MCP for tool integration where available.
- Agent-to-Agent (A2A) — emerging open standard for inter-agent communication. Track and adopt as it matures. Apply the same governance to A2A communications that we apply to tool calls (allowlists, auth, logging).
External integrations restricted to trusted, allowlisted MCP servers that meet our security and compliance baseline. Treat external agents and tools as untrusted by default.